Skip to content

pkgsrc bash has problems with locale #8

Closed
risto3 opened this Issue Oct 23, 2012 · 1 comment

2 participants

@risto3
risto3 commented Oct 23, 2012

fighting the better part of the day trying to sort locale issues with ssh/sshd in a oi_151a7 local zone, and finally I believe the culprit is pkgsrc bash.
If I sudo pkgin install bash, then add /opt/pkg/bin/bash to /etc/shells and finally do a
usermod -s /opt/pkg/bin/bash , then when I log in (in this case via ssh) it ignores LANG and LC_ALL.
Is there something special to do here, or is this the reason /usr/bin/bash is forced in /etc/opt/pkg/mk.conf?

@jperkin
Joyent member
@jperkin jperkin pushed a commit that referenced this issue Feb 14, 2013
taca Update ruby-diff-lcs to 1.2.1.
== 1.2.1 / 2013-02-09

* Bugs Fixed:
  * As seen in rspec/rspec-expectations#200, the
    release of Diff::LCS 1.2 introduced an unnecessary public API change to
    Diff::LCS::Hunk (see the change at
    rspec/rspec-expectations@3d6fc82 for details).
    The new method name (and behaviour) is more correct, but I should not have
    renamed the function or should have at least provided an alias. This
    release restores Diff::LCS::Hunk#unshift as an alias to
    #merge. Note that the old #unshift behaviour was incorrect and will not be
    restored.

== 1.2.0 / 2013-01-21
* Minor Enhancements:
  * Added special case handling for Diff::LCS.patch so that it handles patches
    that are empty or contain no changes.
  * Added two new methods (#patch\_me and #unpatch\_me) to the includable
    module.
* Bugs Fixed:
  * Fixed issue #1 patch direction detection.
    halostatue/diff-lcs#1
  * Resolved issue #2 by handling string[string.size, 1] properly (it returns
    "" not nil). halostatue/diff-lcs#2
  * Michael Granger (ged) fixed an implementation error in Diff::LCS::Change
    and added specs in pull request #8. Thanks!
    halostatue/diff-lcs#8
  * Made the code auto-testable.
  * Vít Ondruch (voxik) provided the latest version of the GPL2 license file in
    pull request #10. Thanks! halostatue/diff-lcs#10
  * Fixed a documentation issue with the includable versions of #patch! and
    #unpatch! where they implied that they would replace the original value.
    Given that Diff::LCS.patch always returns a copy, the documentation was
    incorrect and has been corrected. To provide the behaviour that was
    originally documented, two new methods were added to provide this
    behaviour. Found by scooter-dangle in issue #12. Thanks!
    halostatue/diff-lcs#12
* Code Style Changes:
  * Removed trailing spaces.
  * Calling class methods using '.' instead of '::'.
  * Vít Ondruch (voxik) removed unnecessary shebangs in pull request #9.
    Thanks! halostatue/diff-lcs#9
  * Kenichi Kamiya (kachick) removed some warnings of an unused variable in
    lucky pull request #13. halostatue/diff-lcs#13
    Thanks!
  * Embarked on a major refactoring to make the files a little more manageable
    and understand the code on a deeper level.
  * Adding to http://travis-ci.org.
2670083
@risto3 risto3 closed this Mar 6, 2013
@jperkin jperkin pushed a commit that referenced this issue Sep 16, 2013
taca Update heel to 3.1.0.
# Changelog
## Version 3.1.0 - 2013-07-07
* Update dependencies
* Switch to template contributed by brianflanagan [#8]
* Add support for multiple independent heel servers [#9]
ab08014
@jperkin jperkin pushed a commit that referenced this issue Sep 16, 2013
taca Update ruby-net-http-digest_auth to 1.4.
=== 1.4 / 2013-07-23

* Minor enhancements
  * Relaxed parser to accept quoted algorithm to work with Linksys SPA922.
    Pull request #8 by Ismail Hanli, Issue #5 by bearded

=== 1.3 / 2012-03-28

* Minor enhancements
  * The cnonce is regenerated for every request to improve security.
  * SecureRandom is used to generate the cnonce instead of Kernel#rand
* Bug fix
  * cnonce and nonce-count are no longer sent when qop was not provided per
    RFC 2617 section 3.2.2.
78b069e
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
obache Update ruby-rcairo to 1.10.2.
Release 1.10.2 (2011-11-20) Kouhei Sutou <kou@cozmixng.org>)
============================================================

Fixes
-----

  * Added missing pkg-config dependency. #8 [Will Bryant]
29029aa
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
joerg Update to Botan 1.8.13:
* 1.8.13, 2011-07-02
 - A race in Algorithm_Factory that could cause crashes in multithreaded
   code has been fixed.

* 1.8.12, 2011-06-20
 - If EMSA3(Raw) was used for more than one signature, it would produce
   incorrect output.
 - Fix the --enable-debug option to configure.py
 - Improve OS detection on Cygwin
 - Fix compilation under Sun Studio 12 on Solaris
 - Fix a memory leak in the constructors of DataSource_Stream and
   DataSink_Stream which would occur if opening the file failed. PR 144

* 1.8.11, 2010-11-02
 - Fix a number of CRL encoding and decoding bugs
 - When building a debug library under VC++, use the debug runtime
 - Fix compilation under Sun Studio on Linux and Solaris
 - Add several functions for compatability with 1.9
 - In the examples, read most input files as binary
 - The Perl build script has been removed in this release

* 1.8.10, 2010-08-31
 - Switch default PKCS #8 encryption algorithm from 3DES to AES-256
 - Increase default hash iterations from 2048 to 10000 in PBES1 and
PBES2
 - Use small tables in the first round of AES
 - Add PBKDF typedef and get_pbkdf for better compatability with 1.9
 - Add version of S2K::derive_key taking salt and iteration count
 - Enable the /proc-walking entropy source on NetBSD
 - Fix the doxygen makefile target

* 1.8.9, 2010-06-16
 - Use constant time multiplication in IDEA
 - Avoid possible timing attack against OAEP decoding
 - Add new X509::BER_encode and PKCS8::BER_encode
 - Enable DLL builds under Windows
 - Add Win32 installer support
 - Add support for the Clang compiler
 - Fix problem in semcem.h preventing build under Clang or GCC 3.4
 - Fix bug that prevented creation of DSA groups under 1024 bits
 - Fix crash in GMP_Engine if library is shutdown and reinitialized
 - Work around problem with recent binutils in x86-64 SHA-1
 - The Perl build script is no longer supported and refuses to run by
   default

* 1.8.8, 2009-11-03
 - Alter Skein-512 to match the tweaked 1.2 specification
 - Fix use of inline asm for access to x86 bswap function
 - Allow building the library without AES enabled
 - Add 'powerpc64' alias to ppc64 arch for Gentoo ebuild
9d552ed
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
taca Update www/ruby-net-http-persistent package to 2.3.2.
=== 2.3.2

* Bug fix
  * Finish connections that were closed by Net::HTTP so they can be restarted.

=== 2.3.1 / 2011-10-26

* Bug fix
  * If a request object already contains a Connection header it will no longer
    be overridden.  This allows keep-alive connections to be disabled on a
    per-request basis.

=== 2.3 / 2011-10-25

* Minor Enhancement
  * The time since last use for a connection is now recorded in error
    messages for the connection.

=== 2.2 / 2011-10-24

* Minor Enhancements
  * Added timeouts for idle connections which are set through #idle_timeout.
    The default timeout is 5 seconds.  Reducing the idle timeout is preferred
    over setting #retry_change_requests to true if you wish to avoid the "too
    many connection resets" error when POSTing data.
  * Documented tunables and settings in one place in Net::HTTP::Persistent

=== 2.1 / 2011-09-19

* Minor Enhancement
  * For HTTPS connections, SSL sessions are now reused avoiding the extra
    round trips and computations of extra SSL handshakes.  If you have
    problems with SSL session reuse it can be disabled by
    Net::HTTP::Persistent#reuse_ssl_sessions

* Bug Fixes
  * The default certificate store is now used even if #verify_mode was not
    set.  Issue #7, Pull Request #8 by Matthew M. Boedicker
c79f3ac
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
obache Update ruby-rack-protection to 1.2.0.
Changes:
* Show warnings for JsonCsrtf attacks.
* do not enable parameter escaping by default, fixes #8.
* Use more specific namespace declaration in Rack::Builder configuration.
* NotimpelentedError typo fix
* add test that makes sure passingin on :track option works. related to #6.
* deal with PATH_INFO being nil, fixes #7.
* do not track HTTP_VERSION, fixes #6.
d16850e
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
obache Update ruby-pkg-config to 1.1.3.
== 1.1.3 - 2012/01/29

  * [GitHub #8] fix test broken by libpng version.
    (Patch by Bohuslav Kabrda.)
  * Used RbConfig instead of Config.


== 1.1.2 - 2011/07/04

  * [GitHub #2] fix test broken.
    (Reported by Mamoru Tasaka.)
  * [GitHub #4] update project descripton.
    (Patch by Antonio Terceiro.)
  * [GitHub #4] use setup.rb instead of extconf.rb.
    (Patch by Antonio Terceiro.)
  * [GitHub #3] add Copyright notice to README.
    (Suggested by Antonio Terceiro.)
  * [GitHub #7] supported non i386 and amd64 architectures.
    (Reported by Antonio Terceiro.)
7d69d67
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
taca Update ruby-mime-types to 1.18.
== MIME::Types 1.18 / 2012-03-20
* New MIME Types:
  * Types reported in Issue #6
    (https://github.com/halostatue/mime-types/issues/6):
    * CoffeeScript (text/x-coffeescript; .coffee; 8bit).
    * AIR
      (application/vnd.adobe.air-applicationinstaller-package+zip, .air;
      base64).
    * WOFF (application/font-woff; .woff; base64).
    * TrueType (application/x-font-truetype; .ttf; base64).
    * OpenType (application/x-font-opentype; .otf; base64).
  * WebM (audio/webm, video/webm; .webm). Issue #11
    (https://github.com/halostatue/mime-types/issues/11).
* New extensions:
  * f4v/f4p (video/mp4, used by Adobe); f4a/fb4 (audio/mp4, used by Adobe).
* Bug Fixes:
  * It was pointed out that Licence.txt was incorrectly named. Fixed by
    renaming to Licence.rdoc (from Issue/Pull Request #8,
    https://github.com/halostatue/mime-types/issues/8).
  * It was pointed out that a plan to have the test output generated
    automatically never went through. Issue #10
    (https://github.com/halostatue/mime-types/issues/10)
caef141
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
gls Update sysutils/fabric to 1.4.1
Upstream changes:
-----------------

2012-04-04: released Fabric 1.4.1
2012-04-04: released Fabric 1.3.6

[Bug] #608: Add capture kwarg to rsync_project to aid in debugging rsync
problems.

[Bug] #607: Allow local to display stdout/stderr when it warns/aborts, if it
was capturing them.

[Bug] #395: Added an FAQ entry detailing how to handle init scripts which
misbehave when a pseudo-tty is allocated.

[Bug] #568: execute allowed too much of its internal state changes (to
variables such as env.host_string and env.parallel) to persist after execution
completed; this caused a number of different incorrect behaviors. execute has
been overhauled to clean up its own state changes - while preserving any state
changes made by the task being executed.

[Bug] #584: upload_project did not take explicit remote directory location into
account when untarring, and now uses cd to address this. Thanks to Ben Burry
for the patch.

[Bug] #458: with_settings did not perfectly match settings, re: ability to
inline additional context managers. This has been corrected. Thanks to Rory
Geoghegan for the patch.

[Bug] #499: contrib.files.first used an outdated function signature in its
wrapped exists call. This has been fixed. Thanks to Massimiliano Torromeo for
catch & patch.

[Bug] #551: --list output now detects terminal window size and truncates (or
doesn't truncate) accordingly. Thanks to Horacio G. de Oro for the initial pull
request.

[Bug] #572: Parallel task aborts (as oppposed to unhandled exceptions) now
correctly print their abort messages instead of tracebacks, and cause the
parent process to exit with the correct (nonzero) return code. Thanks to Ian
Langworth for the catch.

[Bug] #306: Remote paths now use posixpath for a separator. Thanks to Jason
Coombs for the patch.

2012-02-13: released Fabric 1.4.0
2012-02-13: released Fabric 1.3.5
2012-02-13: released Fabric 1.2.6
2012-02-13: released Fabric 1.1.8

[Bug] #495: Fixed documentation example showing how to subclass Task. Thanks to
Brett Haydon for the catch and Mark Merritt for the patch.

[Bug] #410: Fixed a bug where using the task decorator inside/under another
decorator such as hosts could cause that task to become invalid when invoked by
name (due to how old-style vs new-style tasks are detected.) Thanks to Dan
Colish for the initial patch.

[Feature] #559: rsync_project now allows users to append extra SSH-specific
arguments to rsync`s --rsh flag.

[Feature] #138: env.port may now be written to at fabfile module level to set a
default nonstandard port number. Previously this value was read-only.

[Feature] #3: Fabric can now load a subset of SSH config functionality directly
from your local ~/.ssh/config if env.use_ssh_config is set to True. See
Leveraging native SSH config files for details. Thanks to Kirill Pinchuk for
the initial patch.

[Feature] #12: Added the ability to try connecting multiple times to
temporarily-down remote systems, instead of immediately failing. (Default
behavior is still to only try once.) See env.timeout and
env.connection_attempts for controlling both connection timeouts and total
number of attempts. reboot has also been overhauled (but practically deprecated
- see its updated docs.)

[Feature] #474: execute now allows you to access the executed task's return
values, by itself returning a dictionary whose keys are the host strings
executed against.

[Bug] #487: Overhauled the regular expression escaping performed in append and
contains to try and handle more corner cases. Thanks to Neilen Marais for the
patch.

[Support] #532: Reorganized and cleaned up the output of fab --help.

[Feature] #8: Added --skip-bad-hosts/env.skip_bad_hosts option to allow
skipping past temporarily down/unreachable hosts.

[Feature] #13: Env vars may now be set at runtime via the new --set
command-line flag.

[Feature] #506: A new output alias, commands, has been added, which allows
hiding remote stdout and local "running command X" output lines.

[Feature] #72: SSH agent forwarding support has made it into Fabric's SSH
library, and hooks for using it have been added (disabled by default; use -A or
env.forward_agent to enable.) Thanks to Ben Davis for porting an existing
Paramiko patch to ssh and providing the necessary tweak to Fabric.
f5bbd8b
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
taca Update ruby-logging to 1.7.2.
== 1.7.2 / 2012-04-03

Bug Fixes
- Fixed segmentation fault on exit [issue #30]
- Fixed syswrite warning when IO contains unflushed data in buffer [issue #31]
- Added "mingw" to the list of Windows host versions

== 1.7.1 / 2012-03-05

Bug Fixes
- Fixed deprecated use of Config::* [issue #29]

== 1.7.0 / 2012-02-18

Enhancements
- Move appender factories [issue #28]
- ActionMail compatible options in the email appender [issue #27]
- Add TLS support to the email appender [issue #25]
- Refactoring appender shutdown [issue #20]
Bug Fixes
- File locking fails on windows using JRuby [issue #22]

== 1.6.2 / 2012-01-05

Bug Fixes
- Fix typo in the Readme [issue #14]
- Fix spelling in a variety of places [issue #15]
- Solaris does not have Syslog#LOG_PERROR defined [issue #17]
- Fix failing tests for Ruby 1.9.3 [issue #18]
- Check for RUBY_ENGINE for Ruby 1.8.7 [issue #19]
- Whitespace and '# EOF' cleanup
- Support for Rubinious

== 1.6.1 / 2011-09-09

Bug Fixes
- Rails compatibility methods [issue #11]
- Blocked rolling file appender [issue #12]

== 1.6.0 / 2011-08-22

Enhancements
- Adding periodic flushing of buffered messages [issue #10]
- Accessor for a logger's appenders [issue #9]
- Better support for capturing log messages in RSpec version 1 & 2

== 1.5.2 / 2011-07-07

Bug Fixes
- Changing working directory breaks rolling file appenders [issue #8]

== 1.5.1 / 2011-06-03

Bug Fixes
- IO streams cannot be buffered when using syswrite
- JRuby does not allow shared locks on write only file descriptors
- Fixing tests for JRuby 1.6.X

== 1.5.0 / 2011-03-22

Minor Enhancements
- removed mutexes in favor of IO#syswrite
- no round tripping through the buffer array when auto_flushing is true
- added a Proxy object that will log all methods called on it
- colorization of log messages
f11b736
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
drochner update to 1.12.20
changes: bugfixes:
-Fixed memory leak in PKCS #8 key import
-Check key identifiers when checking for an issuer

pkgsrc note: This is just a last checkpoint on the 2.x branch, in case
 it will be needed for the Q2 branch. Will update to 3.x RSN.
f72ad24
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
obache Update ruby-rcairo to 1.12.2.
Release 1.12.2 (2012-06-03) Kouhei Sutou <kou@cozmixng.org>)
============================================================

Improvements
------------

  * Added Cairo::Device.supported?.
    [GitHub#11] [Reported by Cédric Boutillier]
  * Added Cairo::Device.gl_texture_supported?.
  * Added Cairo::Surface.supported?.
  * Defined all surfaces even if a surface isn't available. Use
    Cairo::Surface.XXX_supported? method to check surface
    availability.
  * Added Cairo::Pattern.xxx_supported?.
    [GitHub#12] [Reported by Mamoru Tasaka]
  * [experimental] Supported auto native package install.

Thanks
------

  * Cédric Boutillier
  * Mamoru Tasaka

Release 1.12.1 (2012-03-31) Kouhei Sutou <kou@cozmixng.org>)
============================================================

Improvements
------------

  * Re-supported cairo < 1.10.0.
    [ruby-gnome2-devel-en] Help me install my own program [Eric C.]

Fixes
-----

  * Fixed a problem that an unresolved symbol is referenced.

Thanks
------

  * Eric C.

Release 1.12.0 (2012-03-25) Kouhei Sutou <kou@cozmixng.org>)
============================================================

Improvements
------------

  * Supported cairo 1.12.0.
    * Cairo::Surface#supported_mime_type?
    * Cairo::Surface#create_similar_image
    * Cairo::Surface#map_to_image
    * Cairo::Surface#unmap_to_image
    * Cairo::RecordingSurface#extents
    * Cairo::MeshPattern
    * Cairo::RasterSourcePattern
    * Cairo::MimeType::UNIQUE_ID
  * Supported glesv2 surface.

Fixes
-----

  * Fixed a bug that Cairo::HINT_METRICS_ON can't be specified. #8
    [Vasily Fedoseyev]

Thanks
------

  * Vasily Fedoseyev
a478a45
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
taca Update ruby-diff-lcs to 1.2.1.
== 1.2.1 / 2013-02-09

* Bugs Fixed:
  * As seen in rspec/rspec-expectations#200, the
    release of Diff::LCS 1.2 introduced an unnecessary public API change to
    Diff::LCS::Hunk (see the change at
    rspec/rspec-expectations@3d6fc82 for details).
    The new method name (and behaviour) is more correct, but I should not have
    renamed the function or should have at least provided an alias. This
    release restores Diff::LCS::Hunk#unshift as an alias to
    #merge. Note that the old #unshift behaviour was incorrect and will not be
    restored.

== 1.2.0 / 2013-01-21
* Minor Enhancements:
  * Added special case handling for Diff::LCS.patch so that it handles patches
    that are empty or contain no changes.
  * Added two new methods (#patch\_me and #unpatch\_me) to the includable
    module.
* Bugs Fixed:
  * Fixed issue #1 patch direction detection.
    halostatue/diff-lcs#1
  * Resolved issue #2 by handling string[string.size, 1] properly (it returns
    "" not nil). halostatue/diff-lcs#2
  * Michael Granger (ged) fixed an implementation error in Diff::LCS::Change
    and added specs in pull request #8. Thanks!
    halostatue/diff-lcs#8
  * Made the code auto-testable.
  * Vít Ondruch (voxik) provided the latest version of the GPL2 license file in
    pull request #10. Thanks! halostatue/diff-lcs#10
  * Fixed a documentation issue with the includable versions of #patch! and
    #unpatch! where they implied that they would replace the original value.
    Given that Diff::LCS.patch always returns a copy, the documentation was
    incorrect and has been corrected. To provide the behaviour that was
    originally documented, two new methods were added to provide this
    behaviour. Found by scooter-dangle in issue #12. Thanks!
    halostatue/diff-lcs#12
* Code Style Changes:
  * Removed trailing spaces.
  * Calling class methods using '.' instead of '::'.
  * Vít Ondruch (voxik) removed unnecessary shebangs in pull request #9.
    Thanks! halostatue/diff-lcs#9
  * Kenichi Kamiya (kachick) removed some warnings of an unused variable in
    lucky pull request #13. halostatue/diff-lcs#13
    Thanks!
  * Embarked on a major refactoring to make the files a little more manageable
    and understand the code on a deeper level.
  * Adding to http://travis-ci.org.
235b6e1
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
wiz Update to 3.2.1.
* Version 3.2.1 (released 2013-06-01)

** libgnutls: Allow ECC when in SSL 3.0 to work-around a bug in certain
openssl versions.

** libgnutls: Fixes in interrupted function resumption. Report
and patch by Tim Kosse.

** libgnutls: Corrected issue when receiving client hello verify requests
in DTLS.

** libgnutls: Fixes in DTLS record overhead size calculations.

** libgnutls: gnutls_handshake_get_last_in() was fixed. Reported
by Mann Ern Kang.

** API and ABI modifications:
gnutls_session_set_id: Added


* Version 3.2.0 (released 2013-05-10)

** libgnutls: Use nettle's elliptic curve implementation.

** libgnutls: Added Salsa20 cipher

** libgnutls: Added UMAC-96 and UMAC-128

** libgnutls: Added ciphersuites involving Salsa20 and UMAC-96.
As they are not standardized they are defined using private ciphersuite
numbers.

** libgnutls: Added support for DTLS 1.2.

** libgnutls: Added support for the Application Layer Protocol Negotiation
(ALPN) extension.

** libgnutls: Removed support for the RSA-EXPORT ciphersuites.

** libgnutls: Avoid linking to librt (that also avoids unnecessary
linking to pthreads if p11-kit isn't used).

** API and ABI modifications:
gnutls_cipher_get_iv_size: Added
gnutls_hmac_set_nonce: Added
gnutls_mac_get_nonce_size: Added


* Version 3.1.10 (released 2013-03-22)

** certtool: When generating PKCS #12 files use by default the
ARCFOUR (RC4) cipher to be compatible with devices that don't
support AES with PKCS #12.

** libgnutls: Load CA certificates in android 4.x systems.

** libgnutls: Optimized CA certificate loading.

** libgnutls: Private keys are overwritten on deinitialization.

** libgnutls: PKCS #11 slots are scanned only when needed, not
on initialization. This speeds up gnutls initialization when smart
cards are present.

** libgnutls: Corrected issue in the (deprecated) external key
signing interface, when used with TLS 1.2. Reported by Bjorn H. Christensen.

** libgnutls: Fixes in openpgp handshake with fingerprints. Reported by
Joke de Buhr.

** libgnutls-dane: Updated DANE verification options.

** configure: Trust store file must be explicitly set or unset when
cross compiling.

** API and ABI modifications:
gnutls_x509_crt_get_issuer_dn2: Added
gnutls_x509_crt_get_dn2: Added
gnutls_x509_crl_get_issuer_dn2: Added
gnutls_x509_crq_get_dn2: Added
gnutls_x509_trust_list_remove_trust_mem: Added
gnutls_x509_trust_list_remove_trust_file: Added
gnutls_x509_trust_list_remove_cas: Added
gnutls_session_get_desc: Added
gnutls_privkey_sign_raw_data: Added
gnutls_privkey_status: Added





* Version 3.1.9 (released 2013-02-27)

** certtool: Option --to-p12 will now ask for a password to generate
a PKCS #12 file from an encrypted key file. Reported by Yan Fiz.

** libgnutls: Corrected issue in gnutls_pubkey_verify_data().

** libgnutls: Corrected parsing issue in XMPP within a subject
alternative name. Reported by James Cloos.

** libgnutls: gnutls_pkcs11_reinit() will reinitialize all PKCS #11
modules, and not only the ones loaded via p11-kit.

** libgnutls: Added function to check whether the private key is
still available (inserted).

** libgnutls: Try to detect fork even during nonce generation.

** API and ABI modifications:
gnutls_handshake_set_random: Added
gnutls_transport_set_int2: Added
gnutls_transport_get_int2: Added
gnutls_transport_get_int: Added
gnutls_record_cork: Exported
gnutls_record_uncork: Exported
gnutls_pkcs11_privkey_status: Added


* Version 3.1.8 (released 2013-02-10)

** libgnutls: Fixed issue in gnutls_x509_privkey_import2() which didn't return
GNUTLS_E_DECRYPTION_FAILED in all cases, and affect certtool operation
with encrypted keys. Reported by Yan Fiz.

** libgnutls: The minimum DH bits accepted by priorities NORMAL and
PERFORMANCE was set to previous defaults 727 bits. Reported by Diego
Elio Petteno.

** libgnutls: Corrected issue which prevented gnutls_pubkey_verify_hash()
to operate with long keys. Reported by Erik A Jensen.

** API and ABI modifications:
No changes since last version.


* Version 3.1.7 (released 2013-02-04)

** certtool: Added option "dn" which allows to directly set the DN
in a template from an RFC4514 string.

** danetool: Added options: --dlv and --insecure. Suggested by Paul Wouters.

** libgnutls-xssl: Added a new library to simplify GnuTLS usage.

** libgnutls-dane: Added function to specify a DLV file.

** libgnutls: Heartbeat code was made optional.

** libgnutls: Fixes in server side of DTLS-0.9.

** libgnutls: DN variable 'T' was expanded to 'title'.

** libgnutls: Fixes in record padding parsing to prevent a timing attack.
Issue reported by Kenny Paterson and Nadhem Alfardan.

** libgnutls: Added functions to directly set the DN in a certificate
or request from an RFC4514 string.

** libgnutls: Optimizations in the random generator. The re-seeding of
it is now explicitly done on every session deinit.

** libgnutls: Simplified the DTLS sliding window implementation.

** libgnutls: The minimum DH bits accepted by a client are now set
by the specified priority string. The current values correspond to the
previous defaults (727 bits), except for the SECURE128 and SECURE192
strings which increase the minimum to 1248 and 1776 respectively.

** libgnutls: Added the gnutls_record_cork() and uncork API to enable
buffering in sending application data.

** libgnutls: Removed default random padding, and added a length-hiding interface
instead.  Both the server and the client must support this extension. Whether
length-hiding can be used on a given session can be checked using
gnutls_record_can_use_length_hiding(). Contributed by Alfredo Pironti.

** libgnutls: Added the experimental %NEW_PADDING priority string. It enables
a new padding mechanism in TLS allowing arbitrary padding in TLS records
in all ciphersuites, which makes length-hiding more efficient and solves
the issues with timing attacks on CBC ciphersuites.

** libgnutls: Corrected gnutls_cipher_decrypt2() when used with AEAD
ciphers (i.e., AES-GCM). Reported by William McGovern.

** API and ABI modifications:
gnutls_db_check_entry_time: Added
gnutls_record_set_timeout: Added
gnutls_record_get_random_padding_status: Added
gnutls_x509_crt_set_dn: Added
gnutls_x509_crt_set_issuer_dn: Added
gnutls_x509_crq_set_dn: Added
gnutls_range_split: Added
gnutls_record_send_range: Added
gnutls_record_set_max_empty_records: Added
gnutls_record_can_use_length_hiding: Added
gnutls_rnd_refresh: Added
xssl_deinit: Added
xssl_flush: Added
xssl_read: Added
xssl_getdelim: Added
xssl_write: Added
xssl_printf: Added
xssl_sinit: Added
xssl_client_init: Added
xssl_server_init: Added
xssl_get_session: Added
xssl_get_verify_status: Added
xssl_cred_init: Added
xssl_cred_deinit: Added
dane_state_set_dlv_file: Added
GNUTLS_SEC_PARAM_EXPORT: Added
GNUTLS_SEC_PARAM_VERY_WEAK: Added


* Version 3.1.6 (released 2013-01-02)

** libgnutls: Fixed record padding parsing issue. Reported by Kenny
Patterson and Nadhem Alfardan.

** libgnutls: Several updates in the ASN.1 string handling subsystem.

** libgnutls: gnutls_x509_crt_get_policy() allows for a list of zero
policy qualifiers.

** libgnutls: Ignore heartbeat messages when received out-of-order,
instead of issuing an error.

** libgnutls: Stricter RSA PKCS #1 1.5 encoding and decoding. Reported
by Kikuchi Masashi.

** libgnutls: TPM support is disabled by default because GPL programs
cannot link with it. Use --with-tpm to enable it.

** libgnutls-guile: Fixed parallel compilation issue.

** gnutls-cli: It will try to connect to all possible returned addresses
before failing.

** API and ABI modifications:
No changes since last version.


* Version 3.1.5 (released 2012-11-24)

** libgnutls: Added functions to parse the certificates policies
extension.

** libgnutls: Handle BMPString (UCS-2) encoding in the Distinguished
Name by translating it to UTF-8 (works on windows or systems with iconv).

** libgnutls: Added PKCS #11 key generation function that returns the
public key on generation.

** libgnutls: Corrected bug in priority string parsing, that mostly
affected combined levels. Patch by Tim Kosse.

** certtool: The --pubkey-info option can be combined with the
--load-privkey or --load-request to print the corresponding public keys.

** certtool: It is able to set certificate policies via a template.

** certtool: Added --hex-numbers option which prints big numbers in
an easier to parse format.

** p11tool: After key generation, outputs the public key (useful in
tokens that do not store the public key).

** danetool: It is being built even without libgnutls-dane (the
--check functionality is disabled though).

** API and ABI modifications:
gnutls_pkcs11_privkey_generate2: Added
gnutls_x509_crt_get_policy: Added
gnutls_x509_crt_set_policy: Added
gnutls_x509_policy_release: Added
gnutls_pubkey_import_x509_crq: Added
gnutls_pubkey_print: Added
GNUTLS_CRT_PRINT_FULL_NUMBERS: Added


* Version 3.1.4 (released 2012-11-10)

** libgnutls: gnutls_certificate_verify_peers2() will set flags depending on
the available revocation data validity.

** libgnutls: Added gnutls_certificate_verification_status_print(),
a function to print the verification status code in human readable text.

** libgnutls: Added priority string %VERIFY_DISABLE_CRL_CHECKS.

** libgnutls: Simplified certificate verification by adding
gnutls_certificate_verify_peers3().

** libgnutls: Added support for extension to establish keys for SRTP.
Contributed by Martin Storsjo.

** libgnutls: The X.509 verification functions check the key
usage bits and pathlen constraints and on failure output
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE.

** libgnutls: gnutls_x509_crl_verify() includes the time checks.

** libgnutls: Added verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN
and made GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN the default.

** libgnutls: Always tolerate key usage violation errors from the side
of the peer, but also notify via an audit message.

** gnutls-cli: Added --local-dns option.

** danetool: Corrected bug that prevented loading PEM files.

** danetool: Added --check option to allow querying and verifying
a site's DANE data.

** libgnutls-dane: Added pkg-config file for the library.

** API and ABI modifications:
gnutls_session_get_id2: Added
gnutls_sign_is_secure: Added
gnutls_certificate_verify_peers3: Added
gnutls_ocsp_status_request_is_checked: Added
gnutls_certificate_verification_status_print: Added
gnutls_srtp_set_profile: Added
gnutls_srtp_set_profile_direct: Added
gnutls_srtp_get_selected_profile: Added
gnutls_srtp_get_profile_name: Added
gnutls_srtp_get_profile_id: Added
gnutls_srtp_get_keys: Added
gnutls_srtp_get_mki: Added
gnutls_srtp_set_mki: Added
gnutls_srtp_profile_t: Added
dane_cert_type_name: Added
dane_match_type_name: Added
dane_cert_usage_name: Added
dane_verification_status_print: Added
GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: Added
GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: Added
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: Added
GNUTLS_CERT_UNEXPECTED_OWNER: Added
GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Added


* Version 3.1.3 (released 2012-10-12)

** libgnutls: Added support for the OCSP Certificate Status
extension.

** libgnutls: gnutls_certificate_verify_peers2() will use the OCSP
certificate status extension in verification.

** libgnutls: Bug fixes in gnutls_x509_privkey_import_openssl().

** libgnutls: Increased maximum password length in the PKCS #12
functions.

** libgnutls: Fixed the receipt of session tickets during session resumption.
Reported by danblack at http://savannah.gnu.org/support/?108146

** libgnutls: Added functions to export structures in an allocated buffer.

** libgnutls: Added gnutls_ocsp_resp_check_crt() to check whether the OCSP
response corresponds to the given certificate.

** libgnutls: In client side gnutls_init() enables the session ticket and
OCSP certificate status request extensions by default. The flag
GNUTLS_NO_EXTENSIONS can be used to prevent that.

** libgnutls: Several updates in the OpenPGP code. The generating code
is fully RFC6091 compliant and RFC5081 support is only supported in client
mode.

** libgnutls-dane: Added. It is a library to provide DANE with DNSSEC
certificate verification.

** gnutls-cli: Added --dane option to enable DANE certificate verification.

** danetool: Added tool to generate DANE TLSA Resource Records (RR).

** API and ABI modifications:
gnutls_certificate_get_peers_subkey_id: Added
gnutls_certificate_set_ocsp_status_request_function: Added
gnutls_certificate_set_ocsp_status_request_file: Added
gnutls_ocsp_status_request_enable_client: Added
gnutls_ocsp_status_request_get: Added
gnutls_ocsp_resp_check_crt: Added
gnutls_dh_params_export2_pkcs3: Added
gnutls_pubkey_export2: Added
gnutls_x509_crt_export2: Added
gnutls_x509_dn_export2: Added
gnutls_x509_crl_export2: Added
gnutls_pkcs7_export2: Added
gnutls_x509_privkey_export2: Added
gnutls_x509_privkey_export2_pkcs8: Added
gnutls_x509_crq_export2: Added
gnutls_openpgp_crt_export2: Added
gnutls_openpgp_privkey_export2: Added
gnutls_pkcs11_obj_export2: Added
gnutls_pkcs12_export2: Added
gnutls_pubkey_import_openpgp_raw: Added
gnutls_pubkey_import_x509_raw: Added
dane_state_init: Added
dane_state_deinit: Added
dane_query_tlsa: Added
dane_query_status: Added
dane_query_entries: Added
dane_query_data: Added
dane_query_deinit: Added
dane_verify_session_crt: Added
dane_verify_crt: Added
dane_strerror: Added


* Version 3.1.2 (released 2012-09-26)

** libgnutls: Fixed bug in gnutls_x509_trust_list_add_system_trust()
and gnutls_x509_trust_list_add_trust_mem() that prevented the loading
of certificates in the windows platform.

** libgnutls: Corrected bug in OpenPGP subpacket encoding.

** libgnutls: Added support for DTLS/TLS heartbeats by Olga Smolenchuk.
(the work was done during Google Summer of Code).

** libgnutls: Added X.509 certificate verification flag
GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. This flag allows the verification
of unsorted certificate chains and is enabled by default for
TLS certificate verification (if gnutls_certificate_set_verify_flags()
does not override it).

** libgnutls: Prints warning on certificates that contain keys of
an insecure level. If the %COMPAT priority flag is not specified
the TLS connection fails.

** libgnutls: Correctly restore gnutls_record_recv() in DTLS mode
if interrupted during the retrasmition of handshake data.

** libgnutls: Better mingw32 support (patch by LRN).

** libgnutls: The %COMPAT keyword, if specified, will tolerate
key usage violation errors (they are far too common to ignore).

** libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(),
which provides a tool to counter compression-related attacks where
parts of the data are controlled by the attacker _and_ are placed in
separate records (use with care - do not use compression if not sure).

** libgnutls: Depends on libtasn1 2.14 or later.

** certtool: Prints the number of bits of the public key algorithm
parameter in a private key.

** API and ABI modifications:
gnutls_x509_privkey_get_pk_algorithm2: Added
gnutls_heartbeat_ping: Added
gnutls_heartbeat_pong: Added
gnutls_heartbeat_allowed: Added
gnutls_heartbeat_enable: Added
gnutls_heartbeat_set_timeouts: Added
gnutls_heartbeat_get_timeout: Added
GNUTLS_SEC_PARAM_WEAK: Added
GNUTLS_SEC_PARAM_INSECURE: Added

* Version 3.1.1 (released 2012-09-02)

** gnutls-serv: Listens on IPv6. Patch by Bernhard R. Link.

** certtool: Changes in password handling of certtool.
Ask password when required and only if the '--password' option is not
given. If the '--password' option is given during key generation then
assume the PKCS #8 file format, instead of ignoring the password.

** tpmtool: No longer asks for key password in registered keys.

** libgnutls: Elliptic curve code was optimized by Ilya Tumaykin.
wmNAF is now used for point multiplication and other optimizations.
(the major part of the work was done during Google Summer of Code).

** libgnutls: The default pull_timeout_function only uses select
instead of a combination of select() and recv() to prevent issues
when used in stream sockets in some systems.

** libgnutls: Be tolerant in ECDSA signature violations (e.g. using
SHA256 with a SECP384 curve instead of SHA-384), to interoperate with
openssl.

** libgnutls: Fixed DSA and ECDSA signature generation in smart
cards. Thanks to Andreas Schwier from cardcontact.de for providing
me with ECDSA capable smart cards.

** API and ABI modifications:
gnutls_sign_algorithm_get: Added
gnutls_sign_get_hash_algorithm: Added
gnutls_sign_get_pk_algorithm: Added


* Version 3.1.0 (released 2012-08-15)

** libgnutls: Added direct support for TPM as a cryptographic module
in gnutls/tpm.h. TPM keys can be used in functions accepting files
using URLs of the following types:
  tpmkey:file=/path/to/file
  tpmkey:uuid=7f468c16-cb7f-11e1-824d-b3a4f4b20343;storage=user

** libgnutls: Priority string level keywords can be combined.
For example the string "SECURE256:+SUITEB128" is now allowed.

** libgnutls: requires libnettle 2.5.

** libgnutls: Use the PKCS #1 1.5 encoding provided by nettle (2.5)
for encryption and signatures.

** libgnutls: Added GNUTLS_CERT_SIGNATURE_FAILURE to differentiate between
generic errors and signature verification errors in the verification
functions.

** libgnutls: Added gnutls_pkcs12_simple_parse() as a helper function
to simplify parsing in most PKCS #12 use cases.

** libgnutls: gnutls_certificate_set_x509_simple_pkcs12_file() adds
the whole certificate chain (if any) to the credentials structure, instead
of only the end-user certificate.

** libgnutls: Key import functions such as gnutls_pkcs12_simple_parse()
and gnutls_x509_privkey_import_pkcs8(), return consistently
GNUTLS_E_DECRYPTION_FAILED if the input structure is encrypted but no
password was provided.

** libgnutls: Added gnutls_handshake_set_timeout() a function that
allows to set the maximum time spent in a handshake.

** libgnutlsxx: Added session::set_transport_vec_push_function. Patch
by Alexandre Bique.

** tpmtool: Added. It is a tool to generate private keys in the
TPM.

** gnutls-cli: --benchmark-tls was split to --benchmark-tls-kx
and --benchmark-tls-ciphers

** certtool: generated PKCS #12 structures may hold more than one
private key. Patch by Lucas Fisher.

** certtool: Added option --null-password to generate/decrypt keys
that use a NULL password (in schemas that distinguish between NULL
an empty passwords).

** minitasn1: Upgraded to libtasn1 version 2.13.

** API and ABI modifications:
GNUTLS_CERT_SIGNATURE_FAILURE: Added
GNUTLS_CAMELLIA_192_CBC: Added
GNUTLS_PKCS_NULL_PASSWORD: Added
gnutls_url_is_supported: Added
gnutls_pkcs11_obj_list_import_url2: Added
gnutls_pkcs11_obj_set_pin_function: Added
gnutls_pkcs11_privkey_set_pin_function: Added
gnutls_pkcs11_get_pin_function: Added
gnutls_privkey_import_tpm_raw: Added
gnutls_privkey_import_tpm_url: Added
gnutls_privkey_import_pkcs11_url: Added
gnutls_privkey_import_openpgp_raw: Added
gnutls_privkey_import_x509_raw: Added
gnutls_privkey_import_ext2: Added
gnutls_privkey_import_url: Added
gnutls_privkey_set_pin_function: Added
gnutls_tpm_privkey_generate: Added
gnutls_tpm_key_list_deinit: Added
gnutls_tpm_key_list_get_url: Added
gnutls_tpm_get_registered: Added
gnutls_tpm_privkey_delete: Added
gnutls_pubkey_import_tpm_raw: Added
gnutls_pubkey_import_tpm_url: Added
gnutls_pubkey_import_url: Added
gnutls_pubkey_verify_hash2: Added
gnutls_pubkey_set_pin_function: Added
gnutls_x509_privkey_import2: Added
gnutls_x509_privkey_import_openssl: Added
gnutls_x509_crt_set_pin_function: Added
gnutls_load_file: Added
gnutls_pkcs12_simple_parse: Added
gnutls_certificate_set_x509_system_trust: Added
gnutls_certificate_set_pin_function: Added
gnutls_x509_trust_list_add_system_trust: Added
gnutls_x509_trust_list_add_trust_file: Added
gnutls_x509_trust_list_add_trust_mem: Added
gnutls_pk_to_sign: Added
gnutls_handshake_set_timeout: Added
gnutls_pubkey_verify_hash: Deprecated (use gnutls_pubkey_verify_hash2)
gnutls_pubkey_verify_data: Deprecated (use gnutls_pubkey_verify_data2)
4c023db
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
taca Update heel to 3.1.0.
# Changelog
## Version 3.1.0 - 2013-07-07
* Update dependencies
* Switch to template contributed by brianflanagan [#8]
* Add support for multiple independent heel servers [#9]
4ff9c2d
@jperkin jperkin pushed a commit that referenced this issue Dec 9, 2013
taca Update ruby-net-http-digest_auth to 1.4.
=== 1.4 / 2013-07-23

* Minor enhancements
  * Relaxed parser to accept quoted algorithm to work with Linksys SPA922.
    Pull request #8 by Ismail Hanli, Issue #5 by bearded

=== 1.3 / 2012-03-28

* Minor enhancements
  * The cnonce is regenerated for every request to improve security.
  * SecureRandom is used to generate the cnonce instead of Kernel#rand
* Bug fix
  * cnonce and nonce-count are no longer sent when qop was not provided per
    RFC 2617 section 3.2.2.
f9297d2
@jperkin jperkin pushed a commit that referenced this issue Jan 21, 2014
wiz Update to 3.2.1.
* Version 3.2.1 (released 2013-06-01)

** libgnutls: Allow ECC when in SSL 3.0 to work-around a bug in certain
openssl versions.

** libgnutls: Fixes in interrupted function resumption. Report
and patch by Tim Kosse.

** libgnutls: Corrected issue when receiving client hello verify requests
in DTLS.

** libgnutls: Fixes in DTLS record overhead size calculations.

** libgnutls: gnutls_handshake_get_last_in() was fixed. Reported
by Mann Ern Kang.

** API and ABI modifications:
gnutls_session_set_id: Added


* Version 3.2.0 (released 2013-05-10)

** libgnutls: Use nettle's elliptic curve implementation.

** libgnutls: Added Salsa20 cipher

** libgnutls: Added UMAC-96 and UMAC-128

** libgnutls: Added ciphersuites involving Salsa20 and UMAC-96.
As they are not standardized they are defined using private ciphersuite
numbers.

** libgnutls: Added support for DTLS 1.2.

** libgnutls: Added support for the Application Layer Protocol Negotiation
(ALPN) extension.

** libgnutls: Removed support for the RSA-EXPORT ciphersuites.

** libgnutls: Avoid linking to librt (that also avoids unnecessary
linking to pthreads if p11-kit isn't used).

** API and ABI modifications:
gnutls_cipher_get_iv_size: Added
gnutls_hmac_set_nonce: Added
gnutls_mac_get_nonce_size: Added


* Version 3.1.10 (released 2013-03-22)

** certtool: When generating PKCS #12 files use by default the
ARCFOUR (RC4) cipher to be compatible with devices that don't
support AES with PKCS #12.

** libgnutls: Load CA certificates in android 4.x systems.

** libgnutls: Optimized CA certificate loading.

** libgnutls: Private keys are overwritten on deinitialization.

** libgnutls: PKCS #11 slots are scanned only when needed, not
on initialization. This speeds up gnutls initialization when smart
cards are present.

** libgnutls: Corrected issue in the (deprecated) external key
signing interface, when used with TLS 1.2. Reported by Bjorn H. Christensen.

** libgnutls: Fixes in openpgp handshake with fingerprints. Reported by
Joke de Buhr.

** libgnutls-dane: Updated DANE verification options.

** configure: Trust store file must be explicitly set or unset when
cross compiling.

** API and ABI modifications:
gnutls_x509_crt_get_issuer_dn2: Added
gnutls_x509_crt_get_dn2: Added
gnutls_x509_crl_get_issuer_dn2: Added
gnutls_x509_crq_get_dn2: Added
gnutls_x509_trust_list_remove_trust_mem: Added
gnutls_x509_trust_list_remove_trust_file: Added
gnutls_x509_trust_list_remove_cas: Added
gnutls_session_get_desc: Added
gnutls_privkey_sign_raw_data: Added
gnutls_privkey_status: Added





* Version 3.1.9 (released 2013-02-27)

** certtool: Option --to-p12 will now ask for a password to generate
a PKCS #12 file from an encrypted key file. Reported by Yan Fiz.

** libgnutls: Corrected issue in gnutls_pubkey_verify_data().

** libgnutls: Corrected parsing issue in XMPP within a subject
alternative name. Reported by James Cloos.

** libgnutls: gnutls_pkcs11_reinit() will reinitialize all PKCS #11
modules, and not only the ones loaded via p11-kit.

** libgnutls: Added function to check whether the private key is
still available (inserted).

** libgnutls: Try to detect fork even during nonce generation.

** API and ABI modifications:
gnutls_handshake_set_random: Added
gnutls_transport_set_int2: Added
gnutls_transport_get_int2: Added
gnutls_transport_get_int: Added
gnutls_record_cork: Exported
gnutls_record_uncork: Exported
gnutls_pkcs11_privkey_status: Added


* Version 3.1.8 (released 2013-02-10)

** libgnutls: Fixed issue in gnutls_x509_privkey_import2() which didn't return
GNUTLS_E_DECRYPTION_FAILED in all cases, and affect certtool operation
with encrypted keys. Reported by Yan Fiz.

** libgnutls: The minimum DH bits accepted by priorities NORMAL and
PERFORMANCE was set to previous defaults 727 bits. Reported by Diego
Elio Petteno.

** libgnutls: Corrected issue which prevented gnutls_pubkey_verify_hash()
to operate with long keys. Reported by Erik A Jensen.

** API and ABI modifications:
No changes since last version.


* Version 3.1.7 (released 2013-02-04)

** certtool: Added option "dn" which allows to directly set the DN
in a template from an RFC4514 string.

** danetool: Added options: --dlv and --insecure. Suggested by Paul Wouters.

** libgnutls-xssl: Added a new library to simplify GnuTLS usage.

** libgnutls-dane: Added function to specify a DLV file.

** libgnutls: Heartbeat code was made optional.

** libgnutls: Fixes in server side of DTLS-0.9.

** libgnutls: DN variable 'T' was expanded to 'title'.

** libgnutls: Fixes in record padding parsing to prevent a timing attack.
Issue reported by Kenny Paterson and Nadhem Alfardan.

** libgnutls: Added functions to directly set the DN in a certificate
or request from an RFC4514 string.

** libgnutls: Optimizations in the random generator. The re-seeding of
it is now explicitly done on every session deinit.

** libgnutls: Simplified the DTLS sliding window implementation.

** libgnutls: The minimum DH bits accepted by a client are now set
by the specified priority string. The current values correspond to the
previous defaults (727 bits), except for the SECURE128 and SECURE192
strings which increase the minimum to 1248 and 1776 respectively.

** libgnutls: Added the gnutls_record_cork() and uncork API to enable
buffering in sending application data.

** libgnutls: Removed default random padding, and added a length-hiding interface
instead.  Both the server and the client must support this extension. Whether
length-hiding can be used on a given session can be checked using
gnutls_record_can_use_length_hiding(). Contributed by Alfredo Pironti.

** libgnutls: Added the experimental %NEW_PADDING priority string. It enables
a new padding mechanism in TLS allowing arbitrary padding in TLS records
in all ciphersuites, which makes length-hiding more efficient and solves
the issues with timing attacks on CBC ciphersuites.

** libgnutls: Corrected gnutls_cipher_decrypt2() when used with AEAD
ciphers (i.e., AES-GCM). Reported by William McGovern.

** API and ABI modifications:
gnutls_db_check_entry_time: Added
gnutls_record_set_timeout: Added
gnutls_record_get_random_padding_status: Added
gnutls_x509_crt_set_dn: Added
gnutls_x509_crt_set_issuer_dn: Added
gnutls_x509_crq_set_dn: Added
gnutls_range_split: Added
gnutls_record_send_range: Added
gnutls_record_set_max_empty_records: Added
gnutls_record_can_use_length_hiding: Added
gnutls_rnd_refresh: Added
xssl_deinit: Added
xssl_flush: Added
xssl_read: Added
xssl_getdelim: Added
xssl_write: Added
xssl_printf: Added
xssl_sinit: Added
xssl_client_init: Added
xssl_server_init: Added
xssl_get_session: Added
xssl_get_verify_status: Added
xssl_cred_init: Added
xssl_cred_deinit: Added
dane_state_set_dlv_file: Added
GNUTLS_SEC_PARAM_EXPORT: Added
GNUTLS_SEC_PARAM_VERY_WEAK: Added


* Version 3.1.6 (released 2013-01-02)

** libgnutls: Fixed record padding parsing issue. Reported by Kenny
Patterson and Nadhem Alfardan.

** libgnutls: Several updates in the ASN.1 string handling subsystem.

** libgnutls: gnutls_x509_crt_get_policy() allows for a list of zero
policy qualifiers.

** libgnutls: Ignore heartbeat messages when received out-of-order,
instead of issuing an error.

** libgnutls: Stricter RSA PKCS #1 1.5 encoding and decoding. Reported
by Kikuchi Masashi.

** libgnutls: TPM support is disabled by default because GPL programs
cannot link with it. Use --with-tpm to enable it.

** libgnutls-guile: Fixed parallel compilation issue.

** gnutls-cli: It will try to connect to all possible returned addresses
before failing.

** API and ABI modifications:
No changes since last version.


* Version 3.1.5 (released 2012-11-24)

** libgnutls: Added functions to parse the certificates policies
extension.

** libgnutls: Handle BMPString (UCS-2) encoding in the Distinguished
Name by translating it to UTF-8 (works on windows or systems with iconv).

** libgnutls: Added PKCS #11 key generation function that returns the
public key on generation.

** libgnutls: Corrected bug in priority string parsing, that mostly
affected combined levels. Patch by Tim Kosse.

** certtool: The --pubkey-info option can be combined with the
--load-privkey or --load-request to print the corresponding public keys.

** certtool: It is able to set certificate policies via a template.

** certtool: Added --hex-numbers option which prints big numbers in
an easier to parse format.

** p11tool: After key generation, outputs the public key (useful in
tokens that do not store the public key).

** danetool: It is being built even without libgnutls-dane (the
--check functionality is disabled though).

** API and ABI modifications:
gnutls_pkcs11_privkey_generate2: Added
gnutls_x509_crt_get_policy: Added
gnutls_x509_crt_set_policy: Added
gnutls_x509_policy_release: Added
gnutls_pubkey_import_x509_crq: Added
gnutls_pubkey_print: Added
GNUTLS_CRT_PRINT_FULL_NUMBERS: Added


* Version 3.1.4 (released 2012-11-10)

** libgnutls: gnutls_certificate_verify_peers2() will set flags depending on
the available revocation data validity.

** libgnutls: Added gnutls_certificate_verification_status_print(),
a function to print the verification status code in human readable text.

** libgnutls: Added priority string %VERIFY_DISABLE_CRL_CHECKS.

** libgnutls: Simplified certificate verification by adding
gnutls_certificate_verify_peers3().

** libgnutls: Added support for extension to establish keys for SRTP.
Contributed by Martin Storsjo.

** libgnutls: The X.509 verification functions check the key
usage bits and pathlen constraints and on failure output
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE.

** libgnutls: gnutls_x509_crl_verify() includes the time checks.

** libgnutls: Added verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN
and made GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN the default.

** libgnutls: Always tolerate key usage violation errors from the side
of the peer, but also notify via an audit message.

** gnutls-cli: Added --local-dns option.

** danetool: Corrected bug that prevented loading PEM files.

** danetool: Added --check option to allow querying and verifying
a site's DANE data.

** libgnutls-dane: Added pkg-config file for the library.

** API and ABI modifications:
gnutls_session_get_id2: Added
gnutls_sign_is_secure: Added
gnutls_certificate_verify_peers3: Added
gnutls_ocsp_status_request_is_checked: Added
gnutls_certificate_verification_status_print: Added
gnutls_srtp_set_profile: Added
gnutls_srtp_set_profile_direct: Added
gnutls_srtp_get_selected_profile: Added
gnutls_srtp_get_profile_name: Added
gnutls_srtp_get_profile_id: Added
gnutls_srtp_get_keys: Added
gnutls_srtp_get_mki: Added
gnutls_srtp_set_mki: Added
gnutls_srtp_profile_t: Added
dane_cert_type_name: Added
dane_match_type_name: Added
dane_cert_usage_name: Added
dane_verification_status_print: Added
GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: Added
GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: Added
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: Added
GNUTLS_CERT_UNEXPECTED_OWNER: Added
GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Added


* Version 3.1.3 (released 2012-10-12)

** libgnutls: Added support for the OCSP Certificate Status
extension.

** libgnutls: gnutls_certificate_verify_peers2() will use the OCSP
certificate status extension in verification.

** libgnutls: Bug fixes in gnutls_x509_privkey_import_openssl().

** libgnutls: Increased maximum password length in the PKCS #12
functions.

** libgnutls: Fixed the receipt of session tickets during session resumption.
Reported by danblack at http://savannah.gnu.org/support/?108146

** libgnutls: Added functions to export structures in an allocated buffer.

** libgnutls: Added gnutls_ocsp_resp_check_crt() to check whether the OCSP
response corresponds to the given certificate.

** libgnutls: In client side gnutls_init() enables the session ticket and
OCSP certificate status request extensions by default. The flag
GNUTLS_NO_EXTENSIONS can be used to prevent that.

** libgnutls: Several updates in the OpenPGP code. The generating code
is fully RFC6091 compliant and RFC5081 support is only supported in client
mode.

** libgnutls-dane: Added. It is a library to provide DANE with DNSSEC
certificate verification.

** gnutls-cli: Added --dane option to enable DANE certificate verification.

** danetool: Added tool to generate DANE TLSA Resource Records (RR).

** API and ABI modifications:
gnutls_certificate_get_peers_subkey_id: Added
gnutls_certificate_set_ocsp_status_request_function: Added
gnutls_certificate_set_ocsp_status_request_file: Added
gnutls_ocsp_status_request_enable_client: Added
gnutls_ocsp_status_request_get: Added
gnutls_ocsp_resp_check_crt: Added
gnutls_dh_params_export2_pkcs3: Added
gnutls_pubkey_export2: Added
gnutls_x509_crt_export2: Added
gnutls_x509_dn_export2: Added
gnutls_x509_crl_export2: Added
gnutls_pkcs7_export2: Added
gnutls_x509_privkey_export2: Added
gnutls_x509_privkey_export2_pkcs8: Added
gnutls_x509_crq_export2: Added
gnutls_openpgp_crt_export2: Added
gnutls_openpgp_privkey_export2: Added
gnutls_pkcs11_obj_export2: Added
gnutls_pkcs12_export2: Added
gnutls_pubkey_import_openpgp_raw: Added
gnutls_pubkey_import_x509_raw: Added
dane_state_init: Added
dane_state_deinit: Added
dane_query_tlsa: Added
dane_query_status: Added
dane_query_entries: Added
dane_query_data: Added
dane_query_deinit: Added
dane_verify_session_crt: Added
dane_verify_crt: Added
dane_strerror: Added


* Version 3.1.2 (released 2012-09-26)

** libgnutls: Fixed bug in gnutls_x509_trust_list_add_system_trust()
and gnutls_x509_trust_list_add_trust_mem() that prevented the loading
of certificates in the windows platform.

** libgnutls: Corrected bug in OpenPGP subpacket encoding.

** libgnutls: Added support for DTLS/TLS heartbeats by Olga Smolenchuk.
(the work was done during Google Summer of Code).

** libgnutls: Added X.509 certificate verification flag
GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. This flag allows the verification
of unsorted certificate chains and is enabled by default for
TLS certificate verification (if gnutls_certificate_set_verify_flags()
does not override it).

** libgnutls: Prints warning on certificates that contain keys of
an insecure level. If the %COMPAT priority flag is not specified
the TLS connection fails.

** libgnutls: Correctly restore gnutls_record_recv() in DTLS mode
if interrupted during the retrasmition of handshake data.

** libgnutls: Better mingw32 support (patch by LRN).

** libgnutls: The %COMPAT keyword, if specified, will tolerate
key usage violation errors (they are far too common to ignore).

** libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(),
which provides a tool to counter compression-related attacks where
parts of the data are controlled by the attacker _and_ are placed in
separate records (use with care - do not use compression if not sure).

** libgnutls: Depends on libtasn1 2.14 or later.

** certtool: Prints the number of bits of the public key algorithm
parameter in a private key.

** API and ABI modifications:
gnutls_x509_privkey_get_pk_algorithm2: Added
gnutls_heartbeat_ping: Added
gnutls_heartbeat_pong: Added
gnutls_heartbeat_allowed: Added
gnutls_heartbeat_enable: Added
gnutls_heartbeat_set_timeouts: Added
gnutls_heartbeat_get_timeout: Added
GNUTLS_SEC_PARAM_WEAK: Added
GNUTLS_SEC_PARAM_INSECURE: Added

* Version 3.1.1 (released 2012-09-02)

** gnutls-serv: Listens on IPv6. Patch by Bernhard R. Link.

** certtool: Changes in password handling of certtool.
Ask password when required and only if the '--password' option is not
given. If the '--password' option is given during key generation then
assume the PKCS #8 file format, instead of ignoring the password.

** tpmtool: No longer asks for key password in registered keys.

** libgnutls: Elliptic curve code was optimized by Ilya Tumaykin.
wmNAF is now used for point multiplication and other optimizations.
(the major part of the work was done during Google Summer of Code).

** libgnutls: The default pull_timeout_function only uses select
instead of a combination of select() and recv() to prevent issues
when used in stream sockets in some systems.

** libgnutls: Be tolerant in ECDSA signature violations (e.g. using
SHA256 with a SECP384 curve instead of SHA-384), to interoperate with
openssl.

** libgnutls: Fixed DSA and ECDSA signature generation in smart
cards. Thanks to Andreas Schwier from cardcontact.de for providing
me with ECDSA capable smart cards.

** API and ABI modifications:
gnutls_sign_algorithm_get: Added
gnutls_sign_get_hash_algorithm: Added
gnutls_sign_get_pk_algorithm: Added


* Version 3.1.0 (released 2012-08-15)

** libgnutls: Added direct support for TPM as a cryptographic module
in gnutls/tpm.h. TPM keys can be used in functions accepting files
using URLs of the following types:
  tpmkey:file=/path/to/file
  tpmkey:uuid=7f468c16-cb7f-11e1-824d-b3a4f4b20343;storage=user

** libgnutls: Priority string level keywords can be combined.
For example the string "SECURE256:+SUITEB128" is now allowed.

** libgnutls: requires libnettle 2.5.

** libgnutls: Use the PKCS #1 1.5 encoding provided by nettle (2.5)
for encryption and signatures.

** libgnutls: Added GNUTLS_CERT_SIGNATURE_FAILURE to differentiate between
generic errors and signature verification errors in the verification
functions.

** libgnutls: Added gnutls_pkcs12_simple_parse() as a helper function
to simplify parsing in most PKCS #12 use cases.

** libgnutls: gnutls_certificate_set_x509_simple_pkcs12_file() adds
the whole certificate chain (if any) to the credentials structure, instead
of only the end-user certificate.

** libgnutls: Key import functions such as gnutls_pkcs12_simple_parse()
and gnutls_x509_privkey_import_pkcs8(), return consistently
GNUTLS_E_DECRYPTION_FAILED if the input structure is encrypted but no
password was provided.

** libgnutls: Added gnutls_handshake_set_timeout() a function that
allows to set the maximum time spent in a handshake.

** libgnutlsxx: Added session::set_transport_vec_push_function. Patch
by Alexandre Bique.

** tpmtool: Added. It is a tool to generate private keys in the
TPM.

** gnutls-cli: --benchmark-tls was split to --benchmark-tls-kx
and --benchmark-tls-ciphers

** certtool: generated PKCS #12 structures may hold more than one
private key. Patch by Lucas Fisher.

** certtool: Added option --null-password to generate/decrypt keys
that use a NULL password (in schemas that distinguish between NULL
an empty passwords).

** minitasn1: Upgraded to libtasn1 version 2.13.

** API and ABI modifications:
GNUTLS_CERT_SIGNATURE_FAILURE: Added
GNUTLS_CAMELLIA_192_CBC: Added
GNUTLS_PKCS_NULL_PASSWORD: Added
gnutls_url_is_supported: Added
gnutls_pkcs11_obj_list_import_url2: Added
gnutls_pkcs11_obj_set_pin_function: Added
gnutls_pkcs11_privkey_set_pin_function: Added
gnutls_pkcs11_get_pin_function: Added
gnutls_privkey_import_tpm_raw: Added
gnutls_privkey_import_tpm_url: Added
gnutls_privkey_import_pkcs11_url: Added
gnutls_privkey_import_openpgp_raw: Added
gnutls_privkey_import_x509_raw: Added
gnutls_privkey_import_ext2: Added
gnutls_privkey_import_url: Added
gnutls_privkey_set_pin_function: Added
gnutls_tpm_privkey_generate: Added
gnutls_tpm_key_list_deinit: Added
gnutls_tpm_key_list_get_url: Added
gnutls_tpm_get_registered: Added
gnutls_tpm_privkey_delete: Added
gnutls_pubkey_import_tpm_raw: Added
gnutls_pubkey_import_tpm_url: Added
gnutls_pubkey_import_url: Added
gnutls_pubkey_verify_hash2: Added
gnutls_pubkey_set_pin_function: Added
gnutls_x509_privkey_import2: Added
gnutls_x509_privkey_import_openssl: Added
gnutls_x509_crt_set_pin_function: Added
gnutls_load_file: Added
gnutls_pkcs12_simple_parse: Added
gnutls_certificate_set_x509_system_trust: Added
gnutls_certificate_set_pin_function: Added
gnutls_x509_trust_list_add_system_trust: Added
gnutls_x509_trust_list_add_trust_file: Added
gnutls_x509_trust_list_add_trust_mem: Added
gnutls_pk_to_sign: Added
gnutls_handshake_set_timeout: Added
gnutls_pubkey_verify_hash: Deprecated (use gnutls_pubkey_verify_hash2)
gnutls_pubkey_verify_data: Deprecated (use gnutls_pubkey_verify_data2)
fcbba46
@jperkin jperkin pushed a commit that referenced this issue Jan 21, 2014
taca Update heel to 3.1.0.
# Changelog
## Version 3.1.0 - 2013-07-07
* Update dependencies
* Switch to template contributed by brianflanagan [#8]
* Add support for multiple independent heel servers [#9]
7445435
@jperkin jperkin pushed a commit that referenced this issue Jan 21, 2014
taca Update ruby-net-http-digest_auth to 1.4.
=== 1.4 / 2013-07-23

* Minor enhancements
  * Relaxed parser to accept quoted algorithm to work with Linksys SPA922.
    Pull request #8 by Ismail Hanli, Issue #5 by bearded

=== 1.3 / 2012-03-28

* Minor enhancements
  * The cnonce is regenerated for every request to improve security.
  * SecureRandom is used to generate the cnonce instead of Kernel#rand
* Bug fix
  * cnonce and nonce-count are no longer sent when qop was not provided per
    RFC 2617 section 3.2.2.
ef353ce
@jperkin jperkin pushed a commit that referenced this issue Jan 29, 2014
obache Update msgpack to 0.5.8.
2013-12-23 version 0.5.8:

  * Move to the new github repository msgpack/msgpack-c
  * Support the new deserialization specification
  * fixes the problem of unpack helpers for array and map with 32bit compilers (#37, #38)
  * Other bug fixes and refactoring: #46, #41, #36, #35, #33, #32, #30, #29, #28, #27, #26, #25, #8, #3
  * Update of documents: #23, #18, #17
16975cf
@jperkin jperkin pushed a commit that referenced this issue Jan 29, 2014
obache Update msgpack-python to 0.4.0.
0.4.0
=====
:release date: 2013-10-21

Inconpatible Changes
--------------------

* Raises TypeError instead of ValueError when packer receives unsupported type.

Changes
-------

* Support New msgpack spec.


0.3.0
=====

Inconpatible Changes
--------------------

* Default value of ``use_list`` is ``True`` for now. (It was ``False`` for 0.2.x)
  You should pass it explicitly for compatibility to 0.2.x.
* `Unpacker.unpack()` and some unpack methods now raise `OutOfData` instead of
  `StopIteration`. `StopIteration` is used for iterator protocol only.

Changes
-------
* Pure Python fallback module is added. (thanks to bwesterb)
* Add ``.skip()`` method to ``Unpacker`` (thanks to jnothman)
* Add capturing feature. You can pass the writable object to
  ``Unpacker.unpack()`` as a second parameter.
* Add ``Packer.pack_array_header`` and ``Packer.pack_map_header``.
  These methods only pack header of each type.
* Add ``autoreset`` option to ``Packer`` (default: True).
  Packer doesn't return packed bytes and clear internal buffer.
* Add ``Packer.pack_map_pairs``. It packs sequence of pair to map type.



0.2.4
=======
:release date: 2012-12-22

Bugs fixed
----------

* Fix SEGV when object_hook or object_pairs_hook raise Exception. (#39)

0.2.3
=======
:release date: 2012-12-11

Changes
-------
* Warn when use_list is not specified. It's default value will be changed in 0.3.

Bugs fixed
-----------
* Can't pack subclass of dict.

0.2.2
=======
:release date: 2012-09-21

Changes
-------
* Add ``use_single_float`` option to ``Packer``. When it is true, packs float
  object in single precision format.

Bugs fixed
-----------
* ``unpack()`` didn't restores gc state when it called with gc disabled.
  ``unpack()`` doesn't control gc now instead of restoring gc state collectly.
  User can control gc state when gc cause performance issue.

* ``Unpacker``'s ``read_size`` option didn't used.

0.2.1
=======
:release date: 2012-08-20

Changes
-------
* Add ``max_buffer_size`` parameter to Unpacker. It limits internal buffer size
  and allows unpack data from untrusted source safely.

* Unpacker's buffer reallocation algorithm is less greedy now. It cause perforamce
  derease in rare case but memory efficient and don't allocate than ``max_buffer_size``.

Bugs fixed
----------
* Fix msgpack didn't work on SPARC Solaris. It was because choosing wrong byteorder
  on compilation time. Use ``sys.byteorder`` to get correct byte order.
  Very thanks to Chris Casey for giving test environment to me.


0.2.0
=======
:release date: 2012-06-27

Changes
-------
* Drop supporting Python 2.5 and unify tests for Py2 and Py3.
* Use new version of msgpack-c. It packs correctly on big endian platforms.
* Remove deprecated packs and unpacks API.

Bugs fixed
----------
* #8 Packing subclass of dict raises TypeError. (Thanks to Steeve Morin.)
e692a6c
@jperkin jperkin pushed a commit that referenced this issue Feb 10, 2014
obache Update cutter to 1.2.3.
== [release-1-2-3] 1.2.3: 2014-02-09

As long time has passed since Cutter 1.2.2 release,
there are some improvements and fixed bugs.

After Cutter 1.2.2 release, you can install Cutter from
Fedora's official yum repository. No need to register Cutter yum repository on Fedora anymore.

=== Cutter

==== Improvements

  * [doc] Removed a needless period from installation link.
    [GitHub #6] [Patch by Masafumi Yokoyama]
  * Supported lcov 1.10. [cutter-users-ja:92] [Reported by Siganai SE]
  * [doc] Updated download URL on SF.net. [cutter-users-ja:91] [Reported by Siganai SE]
  * [doc] Updated XML report format. [cutter-users-ja:91] [Reported by Siganai SE]
  * Added more trace logs for loader. It helps you to investigate the case when no tests are loaded.
  * [doc] Updated Cygwin's setup.exe URL.
  * Added --log-level option. The value of default log level is "critical|error|warning|message".

==== Fixes

  * [loader] Fixed a bug that ELF loader can't collect symbol because of wrong comparison.
  * Fixed memory leaks on loading all modules.
  * Fixed a warning from GCC 4.8.1 on Ubuntu 13.10
    [GitHub #9] [Reported by Kazuhiro Yamato]

=== CppCutter

==== Improvements

  * Supported cppcut_assert_equal(const type_info &, const type_info &)
    [GitHub #4] [Patch by Kazuhiro Yamato]
  * Supported to catch unhandled C++ exception in test case.
    This change avoids to crash when unexpected exception is thrown.
    [GitHub #8] [Suggested by Kazuhiro Yamato] [Patch by Kazuhiro Yamato]
  * Supported to call destructors of objects on a stack even when an assertion is failed.
    [GitHub #10] [Patch by Kazuhiro Yamato]

==== Fixes

  * [Clang] Fixed a compile error which is caused by missing std::type_info forward declaration.
  * Fixed an invalid memory access when an exception is thrown in cutter's
    assertion function.
    [GitHub #11] [Patch by Kazuhiro Yamato]

=== GCutter

==== Fixes

  * [doc] Fixed a signal name typo about gcut-egg example.

=== Thanks

  * Kazuhiro Yamato
  * Masafumi Yokoyama
  * Siganai SE
185f6f5
@jperkin jperkin pushed a commit that referenced this issue Feb 27, 2014
wiedi Update darkice to 1.2
Forward ported the existing patches that were not upstream yet.
Also added patches for cfmakeraw and log10(int) amgiguity to fix build on SunOS.
From the changelog since 0.17.1

15-07-2013 Darkice 1.2 released
    o Issue #75: Added Ogg/Opus support. Patch by Doug Kelly
	dougk.ff7@gmail.com
    o Fix 'Ring Ruffer' reports.
      - Increased buffer for jack to 5 seconds
      - prevent darkice termination by jack, report no fatal problem when we
        have a ringbuffer overflow, can happen during startup
        If we can not handle input audio fast enough we just ignore the buffer
        and skip it, and just report it.
      - new multithreaded connector code, now handles encoders in parallel
        and does not spin waiting, cpu load will be very much lower now
        Codes uses 2 condition variables to report data availability and
        consumer thread availability
      - Hopes are that glitching reports will be a thing of the past
      - minor compiler warnings fixed
        (Fix by Edwin van den Oetelaar)
    o Issue #56: Wrong icecast2 password isn't properly reported, fixed.
	  thanks to Filipe Roque <flip.roque@gmail.com>
    o Issue #57: BufferedSink makes streams invalid, fixed.
	  thanks to Alban Peignier <alban.peignier@gmail.com>
    o Issue #30: Segmentation Fault when creating file with fileAddDate, fixed
	  thanks to Filipe Roque <flip.roque@gmail.com>

27-10-2011 Darkice 1.1 released
    o Updated aac+ encoding to use libaacplus-2.0.0 api.
	  thanks to Sergiy <piratfm@gmail.com>
    o Added pulseaudio support
	  closes ticket #25
	  thanks to Filipe Roque <flip.roque@gmail.com> and
	  and Johann Fot <johann.fot@dunkelfuerst.com>
    o Added rtprio parameter and revisited realtime priority
	  closes ticket #21
          thanks to Adrian Knoth <adi@drcomp.erfurt.thur.de>
    o Fixed a call to a deprecated jack call
	  closes ticket #22
	  thanks to Adrian Knoth again.

09-05-2010 Darkice 1.0 released
    o fixed a bug in BufferedSink.cpp that leads to some buffers
	  being written twice, causing corruption of datastream,
	  closes ticked #20
	  thanks to Edwin van den Oetelaar <oetelaar.automatisering@gmail.com>
    o implemented samplerate conversion for all codecs using libsamplerate,
	  and keeping internal aflibConverter as fallback,
          thanks to Sergiy <piratfm@gmail.com>
    o bugfix: fix for alsa driver - closes ticked #8
          thanks to Clemens Ladisch <clemens@ladisch.de>

14-11-2009 Darkice 0.20.1 released
    o added rc.darkice init script
	  thanks to Niels Dettenbach <nd@syndicat.com>
    o bugfix: fix for gcc 4.4

05-11-2009 Darkice 0.20 released

    o new maintainer: Rafael Diniz <rafael@riseup.net>
    o added AAC HEv2 encoding support (branch darkice-aacp merged) through
	  libaacplus, http://tipok.org.ua/ru/node/17
	  thanks to tipok <piratfm@gmail.com> and others for the contribution.
    o bugfix: the configure script recognizes Ogg Vorbis shared objects
	  now, not just static libraries. Thanks to omroepvenray.
    o bugfix: enabling jack source compilation on Debian Lenny,
	  thanks to Alessandro Beretta <alessandro.baretta@radiomaria.org>

07-07-2008 Darkice 0.19 released

    o added mount point option for Darwin Streaming Server
      thanks to Pierre Souchay <pierre@souchay.net>
    o fix for some reliablity issues when using a Jack source
      thanks to Pierre Souchay <pierre@souchay.net>
    o enable easier finding of jack libraries on MacOS X,
      thanks to Daniel Hazelbaker <daniel@highdesertchurch.com>
    o added ability to specify name of jack device created by darkice,
      thanks to Alessandro Beretta <alessandro.baretta@radiomaria.org>

26-04-2007 DarkIce 0.18.1 released

    o enable real-time scheduling for non-super-users, if they have
      the proper operating system permissions,
      thanks to Jens Maurer <Jens.Maurer@gmx.net>
    o fix to enable compliation of the Serial ULAW code on MacOS X,
      thanks to Elod Horvath <elod@itfais.com>
    o fix to solve Shoutcast login failures, introduced in 0.18

05-03-2007 DarkIce 0.18 released

    o added serial ulaw input device support, thanks to
      Clyde Stubbs <clyde@htsoft.com>
    o improvements on reconnecting:
      added TCP connection keep-alive to TCP sockets
      added graceful sleep when trying to reconnect
    o added user-defined date formatting for the fileAddDate options,
      thanks to dsk <derrick@csociety.org>
    o added logging facility - [file-X] targets will cut the saved file
      and rename it as needed when darkice recieves the SIGUSR1 signal
    o added default configuration file handling - if no configuration file
      is specified, /etc/darkice.cfg is used
    o fix to enable compiling on 64 bit platforms
      thanks to Alexander Vlasov <zulu@galaradio.com> and
      Mariusz Mazur <mmazur@kernel.pl>
    o fix to enable file dump feature using ogg vorbis.
      thanks to dsk <derrick@csociety.org>
    o fix to enable compiling with jack installed at arbitrary locations
abd0365
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2014
taca Update ruby-diff-lcs to 1.2.1.
== 1.2.1 / 2013-02-09

* Bugs Fixed:
  * As seen in rspec/rspec-expectations#200, the
    release of Diff::LCS 1.2 introduced an unnecessary public API change to
    Diff::LCS::Hunk (see the change at
    rspec/rspec-expectations@3d6fc82 for details).
    The new method name (and behaviour) is more correct, but I should not have
    renamed the function or should have at least provided an alias. This
    release restores Diff::LCS::Hunk#unshift as an alias to
    #merge. Note that the old #unshift behaviour was incorrect and will not be
    restored.

== 1.2.0 / 2013-01-21
* Minor Enhancements:
  * Added special case handling for Diff::LCS.patch so that it handles patches
    that are empty or contain no changes.
  * Added two new methods (#patch\_me and #unpatch\_me) to the includable
    module.
* Bugs Fixed:
  * Fixed issue #1 patch direction detection.
    halostatue/diff-lcs#1
  * Resolved issue #2 by handling string[string.size, 1] properly (it returns
    "" not nil). halostatue/diff-lcs#2
  * Michael Granger (ged) fixed an implementation error in Diff::LCS::Change
    and added specs in pull request #8. Thanks!
    halostatue/diff-lcs#8
  * Made the code auto-testable.
  * Vít Ondruch (voxik) provided the latest version of the GPL2 license file in
    pull request #10. Thanks! halostatue/diff-lcs#10
  * Fixed a documentation issue with the includable versions of #patch! and
    #unpatch! where they implied that they would replace the original value.
    Given that Diff::LCS.patch always returns a copy, the documentation was
    incorrect and has been corrected. To provide the behaviour that was
    originally documented, two new methods were added to provide this
    behaviour. Found by scooter-dangle in issue #12. Thanks!
    halostatue/diff-lcs#12
* Code Style Changes:
  * Removed trailing spaces.
  * Calling class methods using '.' instead of '::'.
  * Vít Ondruch (voxik) removed unnecessary shebangs in pull request #9.
    Thanks! halostatue/diff-lcs#9
  * Kenichi Kamiya (kachick) removed some warnings of an unused variable in
    lucky pull request #13. halostatue/diff-lcs#13
    Thanks!
  * Embarked on a major refactoring to make the files a little more manageable
    and understand the code on a deeper level.
  * Adding to http://travis-ci.org.
d5c805b
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2014
wiz Update to 3.2.1.
* Version 3.2.1 (released 2013-06-01)

** libgnutls: Allow ECC when in SSL 3.0 to work-around a bug in certain
openssl versions.

** libgnutls: Fixes in interrupted function resumption. Report
and patch by Tim Kosse.

** libgnutls: Corrected issue when receiving client hello verify requests
in DTLS.

** libgnutls: Fixes in DTLS record overhead size calculations.

** libgnutls: gnutls_handshake_get_last_in() was fixed. Reported
by Mann Ern Kang.

** API and ABI modifications:
gnutls_session_set_id: Added


* Version 3.2.0 (released 2013-05-10)

** libgnutls: Use nettle's elliptic curve implementation.

** libgnutls: Added Salsa20 cipher

** libgnutls: Added UMAC-96 and UMAC-128

** libgnutls: Added ciphersuites involving Salsa20 and UMAC-96.
As they are not standardized they are defined using private ciphersuite
numbers.

** libgnutls: Added support for DTLS 1.2.

** libgnutls: Added support for the Application Layer Protocol Negotiation
(ALPN) extension.

** libgnutls: Removed support for the RSA-EXPORT ciphersuites.

** libgnutls: Avoid linking to librt (that also avoids unnecessary
linking to pthreads if p11-kit isn't used).

** API and ABI modifications:
gnutls_cipher_get_iv_size: Added
gnutls_hmac_set_nonce: Added
gnutls_mac_get_nonce_size: Added


* Version 3.1.10 (released 2013-03-22)

** certtool: When generating PKCS #12 files use by default the
ARCFOUR (RC4) cipher to be compatible with devices that don't
support AES with PKCS #12.

** libgnutls: Load CA certificates in android 4.x systems.

** libgnutls: Optimized CA certificate loading.

** libgnutls: Private keys are overwritten on deinitialization.

** libgnutls: PKCS #11 slots are scanned only when needed, not
on initialization. This speeds up gnutls initialization when smart
cards are present.

** libgnutls: Corrected issue in the (deprecated) external key
signing interface, when used with TLS 1.2. Reported by Bjorn H. Christensen.

** libgnutls: Fixes in openpgp handshake with fingerprints. Reported by
Joke de Buhr.

** libgnutls-dane: Updated DANE verification options.

** configure: Trust store file must be explicitly set or unset when
cross compiling.

** API and ABI modifications:
gnutls_x509_crt_get_issuer_dn2: Added
gnutls_x509_crt_get_dn2: Added
gnutls_x509_crl_get_issuer_dn2: Added
gnutls_x509_crq_get_dn2: Added
gnutls_x509_trust_list_remove_trust_mem: Added
gnutls_x509_trust_list_remove_trust_file: Added
gnutls_x509_trust_list_remove_cas: Added
gnutls_session_get_desc: Added
gnutls_privkey_sign_raw_data: Added
gnutls_privkey_status: Added





* Version 3.1.9 (released 2013-02-27)

** certtool: Option --to-p12 will now ask for a password to generate
a PKCS #12 file from an encrypted key file. Reported by Yan Fiz.

** libgnutls: Corrected issue in gnutls_pubkey_verify_data().

** libgnutls: Corrected parsing issue in XMPP within a subject
alternative name. Reported by James Cloos.

** libgnutls: gnutls_pkcs11_reinit() will reinitialize all PKCS #11
modules, and not only the ones loaded via p11-kit.

** libgnutls: Added function to check whether the private key is
still available (inserted).

** libgnutls: Try to detect fork even during nonce generation.

** API and ABI modifications:
gnutls_handshake_set_random: Added
gnutls_transport_set_int2: Added
gnutls_transport_get_int2: Added
gnutls_transport_get_int: Added
gnutls_record_cork: Exported
gnutls_record_uncork: Exported
gnutls_pkcs11_privkey_status: Added


* Version 3.1.8 (released 2013-02-10)

** libgnutls: Fixed issue in gnutls_x509_privkey_import2() which didn't return
GNUTLS_E_DECRYPTION_FAILED in all cases, and affect certtool operation
with encrypted keys. Reported by Yan Fiz.

** libgnutls: The minimum DH bits accepted by priorities NORMAL and
PERFORMANCE was set to previous defaults 727 bits. Reported by Diego
Elio Petteno.

** libgnutls: Corrected issue which prevented gnutls_pubkey_verify_hash()
to operate with long keys. Reported by Erik A Jensen.

** API and ABI modifications:
No changes since last version.


* Version 3.1.7 (released 2013-02-04)

** certtool: Added option "dn" which allows to directly set the DN
in a template from an RFC4514 string.

** danetool: Added options: --dlv and --insecure. Suggested by Paul Wouters.

** libgnutls-xssl: Added a new library to simplify GnuTLS usage.

** libgnutls-dane: Added function to specify a DLV file.

** libgnutls: Heartbeat code was made optional.

** libgnutls: Fixes in server side of DTLS-0.9.

** libgnutls: DN variable 'T' was expanded to 'title'.

** libgnutls: Fixes in record padding parsing to prevent a timing attack.
Issue reported by Kenny Paterson and Nadhem Alfardan.

** libgnutls: Added functions to directly set the DN in a certificate
or request from an RFC4514 string.

** libgnutls: Optimizations in the random generator. The re-seeding of
it is now explicitly done on every session deinit.

** libgnutls: Simplified the DTLS sliding window implementation.

** libgnutls: The minimum DH bits accepted by a client are now set
by the specified priority string. The current values correspond to the
previous defaults (727 bits), except for the SECURE128 and SECURE192
strings which increase the minimum to 1248 and 1776 respectively.

** libgnutls: Added the gnutls_record_cork() and uncork API to enable
buffering in sending application data.

** libgnutls: Removed default random padding, and added a length-hiding interface
instead.  Both the server and the client must support this extension. Whether
length-hiding can be used on a given session can be checked using
gnutls_record_can_use_length_hiding(). Contributed by Alfredo Pironti.

** libgnutls: Added the experimental %NEW_PADDING priority string. It enables
a new padding mechanism in TLS allowing arbitrary padding in TLS records
in all ciphersuites, which makes length-hiding more efficient and solves
the issues with timing attacks on CBC ciphersuites.

** libgnutls: Corrected gnutls_cipher_decrypt2() when used with AEAD
ciphers (i.e., AES-GCM). Reported by William McGovern.

** API and ABI modifications:
gnutls_db_check_entry_time: Added
gnutls_record_set_timeout: Added
gnutls_record_get_random_padding_status: Added
gnutls_x509_crt_set_dn: Added
gnutls_x509_crt_set_issuer_dn: Added
gnutls_x509_crq_set_dn: Added
gnutls_range_split: Added
gnutls_record_send_range: Added
gnutls_record_set_max_empty_records: Added
gnutls_record_can_use_length_hiding: Added
gnutls_rnd_refresh: Added
xssl_deinit: Added
xssl_flush: Added
xssl_read: Added
xssl_getdelim: Added
xssl_write: Added
xssl_printf: Added
xssl_sinit: Added
xssl_client_init: Added
xssl_server_init: Added
xssl_get_session: Added
xssl_get_verify_status: Added
xssl_cred_init: Added
xssl_cred_deinit: Added
dane_state_set_dlv_file: Added
GNUTLS_SEC_PARAM_EXPORT: Added
GNUTLS_SEC_PARAM_VERY_WEAK: Added


* Version 3.1.6 (released 2013-01-02)

** libgnutls: Fixed record padding parsing issue. Reported by Kenny
Patterson and Nadhem Alfardan.

** libgnutls: Several updates in the ASN.1 string handling subsystem.

** libgnutls: gnutls_x509_crt_get_policy() allows for a list of zero
policy qualifiers.

** libgnutls: Ignore heartbeat messages when received out-of-order,
instead of issuing an error.

** libgnutls: Stricter RSA PKCS #1 1.5 encoding and decoding. Reported
by Kikuchi Masashi.

** libgnutls: TPM support is disabled by default because GPL programs
cannot link with it. Use --with-tpm to enable it.

** libgnutls-guile: Fixed parallel compilation issue.

** gnutls-cli: It will try to connect to all possible returned addresses
before failing.

** API and ABI modifications:
No changes since last version.


* Version 3.1.5 (released 2012-11-24)

** libgnutls: Added functions to parse the certificates policies
extension.

** libgnutls: Handle BMPString (UCS-2) encoding in the Distinguished
Name by translating it to UTF-8 (works on windows or systems with iconv).

** libgnutls: Added PKCS #11 key generation function that returns the
public key on generation.

** libgnutls: Corrected bug in priority string parsing, that mostly
affected combined levels. Patch by Tim Kosse.

** certtool: The --pubkey-info option can be combined with the
--load-privkey or --load-request to print the corresponding public keys.

** certtool: It is able to set certificate policies via a template.

** certtool: Added --hex-numbers option which prints big numbers in
an easier to parse format.

** p11tool: After key generation, outputs the public key (useful in
tokens that do not store the public key).

** danetool: It is being built even without libgnutls-dane (the
--check functionality is disabled though).

** API and ABI modifications:
gnutls_pkcs11_privkey_generate2: Added
gnutls_x509_crt_get_policy: Added
gnutls_x509_crt_set_policy: Added
gnutls_x509_policy_release: Added
gnutls_pubkey_import_x509_crq: Added
gnutls_pubkey_print: Added
GNUTLS_CRT_PRINT_FULL_NUMBERS: Added


* Version 3.1.4 (released 2012-11-10)

** libgnutls: gnutls_certificate_verify_peers2() will set flags depending on
the available revocation data validity.

** libgnutls: Added gnutls_certificate_verification_status_print(),
a function to print the verification status code in human readable text.

** libgnutls: Added priority string %VERIFY_DISABLE_CRL_CHECKS.

** libgnutls: Simplified certificate verification by adding
gnutls_certificate_verify_peers3().

** libgnutls: Added support for extension to establish keys for SRTP.
Contributed by Martin Storsjo.

** libgnutls: The X.509 verification functions check the key
usage bits and pathlen constraints and on failure output
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE.

** libgnutls: gnutls_x509_crl_verify() includes the time checks.

** libgnutls: Added verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN
and made GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN the default.

** libgnutls: Always tolerate key usage violation errors from the side
of the peer, but also notify via an audit message.

** gnutls-cli: Added --local-dns option.

** danetool: Corrected bug that prevented loading PEM files.

** danetool: Added --check option to allow querying and verifying
a site's DANE data.

** libgnutls-dane: Added pkg-config file for the library.

** API and ABI modifications:
gnutls_session_get_id2: Added
gnutls_sign_is_secure: Added
gnutls_certificate_verify_peers3: Added
gnutls_ocsp_status_request_is_checked: Added
gnutls_certificate_verification_status_print: Added
gnutls_srtp_set_profile: Added
gnutls_srtp_set_profile_direct: Added
gnutls_srtp_get_selected_profile: Added
gnutls_srtp_get_profile_name: Added
gnutls_srtp_get_profile_id: Added
gnutls_srtp_get_keys: Added
gnutls_srtp_get_mki: Added
gnutls_srtp_set_mki: Added
gnutls_srtp_profile_t: Added
dane_cert_type_name: Added
dane_match_type_name: Added
dane_cert_usage_name: Added
dane_verification_status_print: Added
GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: Added
GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: Added
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: Added
GNUTLS_CERT_UNEXPECTED_OWNER: Added
GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Added


* Version 3.1.3 (released 2012-10-12)

** libgnutls: Added support for the OCSP Certificate Status
extension.

** libgnutls: gnutls_certificate_verify_peers2() will use the OCSP
certificate status extension in verification.

** libgnutls: Bug fixes in gnutls_x509_privkey_import_openssl().

** libgnutls: Increased maximum password length in the PKCS #12
functions.

** libgnutls: Fixed the receipt of session tickets during session resumption.
Reported by danblack at http://savannah.gnu.org/support/?108146

** libgnutls: Added functions to export structures in an allocated buffer.

** libgnutls: Added gnutls_ocsp_resp_check_crt() to check whether the OCSP
response corresponds to the given certificate.

** libgnutls: In client side gnutls_init() enables the session ticket and
OCSP certificate status request extensions by default. The flag
GNUTLS_NO_EXTENSIONS can be used to prevent that.

** libgnutls: Several updates in the OpenPGP code. The generating code
is fully RFC6091 compliant and RFC5081 support is only supported in client
mode.

** libgnutls-dane: Added. It is a library to provide DANE with DNSSEC
certificate verification.

** gnutls-cli: Added --dane option to enable DANE certificate verification.

** danetool: Added tool to generate DANE TLSA Resource Records (RR).

** API and ABI modifications:
gnutls_certificate_get_peers_subkey_id: Added
gnutls_certificate_set_ocsp_status_request_function: Added
gnutls_certificate_set_ocsp_status_request_file: Added
gnutls_ocsp_status_request_enable_client: Added
gnutls_ocsp_status_request_get: Added
gnutls_ocsp_resp_check_crt: Added
gnutls_dh_params_export2_pkcs3: Added
gnutls_pubkey_export2: Added
gnutls_x509_crt_export2: Added
gnutls_x509_dn_export2: Added
gnutls_x509_crl_export2: Added
gnutls_pkcs7_export2: Added
gnutls_x509_privkey_export2: Added
gnutls_x509_privkey_export2_pkcs8: Added
gnutls_x509_crq_export2: Added
gnutls_openpgp_crt_export2: Added
gnutls_openpgp_privkey_export2: Added
gnutls_pkcs11_obj_export2: Added
gnutls_pkcs12_export2: Added
gnutls_pubkey_import_openpgp_raw: Added
gnutls_pubkey_import_x509_raw: Added
dane_state_init: Added
dane_state_deinit: Added
dane_query_tlsa: Added
dane_query_status: Added
dane_query_entries: Added
dane_query_data: Added
dane_query_deinit: Added
dane_verify_session_crt: Added
dane_verify_crt: Added
dane_strerror: Added


* Version 3.1.2 (released 2012-09-26)

** libgnutls: Fixed bug in gnutls_x509_trust_list_add_system_trust()
and gnutls_x509_trust_list_add_trust_mem() that prevented the loading
of certificates in the windows platform.

** libgnutls: Corrected bug in OpenPGP subpacket encoding.

** libgnutls: Added support for DTLS/TLS heartbeats by Olga Smolenchuk.
(the work was done during Google Summer of Code).

** libgnutls: Added X.509 certificate verification flag
GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. This flag allows the verification
of unsorted certificate chains and is enabled by default for
TLS certificate verification (if gnutls_certificate_set_verify_flags()
does not override it).

** libgnutls: Prints warning on certificates that contain keys of
an insecure level. If the %COMPAT priority flag is not specified
the TLS connection fails.

** libgnutls: Correctly restore gnutls_record_recv() in DTLS mode
if interrupted during the retrasmition of handshake data.

** libgnutls: Better mingw32 support (patch by LRN).

** libgnutls: The %COMPAT keyword, if specified, will tolerate
key usage violation errors (they are far too common to ignore).

** libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(),
which provides a tool to counter compression-related attacks where
parts of the data are controlled by the attacker _and_ are placed in
separate records (use with care - do not use compression if not sure).

** libgnutls: Depends on libtasn1 2.14 or later.

** certtool: Prints the number of bits of the public key algorithm
parameter in a private key.

** API and ABI modifications:
gnutls_x509_privkey_get_pk_algorithm2: Added
gnutls_heartbeat_ping: Added
gnutls_heartbeat_pong: Added
gnutls_heartbeat_allowed: Added
gnutls_heartbeat_enable: Added
gnutls_heartbeat_set_timeouts: Added
gnutls_heartbeat_get_timeout: Added
GNUTLS_SEC_PARAM_WEAK: Added
GNUTLS_SEC_PARAM_INSECURE: Added

* Version 3.1.1 (released 2012-09-02)

** gnutls-serv: Listens on IPv6. Patch by Bernhard R. Link.

** certtool: Changes in password handling of certtool.
Ask password when required and only if the '--password' option is not
given. If the '--password' option is given during key generation then
assume the PKCS #8 file format, instead of ignoring the password.

** tpmtool: No longer asks for key password in registered keys.

** libgnutls: Elliptic curve code was optimized by Ilya Tumaykin.
wmNAF is now used for point multiplication and other optimizations.
(the major part of the work was done during Google Summer of Code).

** libgnutls: The default pull_timeout_function only uses select
instead of a combination of select() and recv() to prevent issues
when used in stream sockets in some systems.

** libgnutls: Be tolerant in ECDSA signature violations (e.g. using
SHA256 with a SECP384 curve instead of SHA-384), to interoperate with
openssl.

** libgnutls: Fixed DSA and ECDSA signature generation in smart
cards. Thanks to Andreas Schwier from cardcontact.de for providing
me with ECDSA capable smart cards.

** API and ABI modifications:
gnutls_sign_algorithm_get: Added
gnutls_sign_get_hash_algorithm: Added
gnutls_sign_get_pk_algorithm: Added


* Version 3.1.0 (released 2012-08-15)

** libgnutls: Added direct support for TPM as a cryptographic module
in gnutls/tpm.h. TPM keys can be used in functions accepting files
using URLs of the following types:
  tpmkey:file=/path/to/file
  tpmkey:uuid=7f468c16-cb7f-11e1-824d-b3a4f4b20343;storage=user

** libgnutls: Priority string level keywords can be combined.
For example the string "SECURE256:+SUITEB128" is now allowed.

** libgnutls: requires libnettle 2.5.

** libgnutls: Use the PKCS #1 1.5 encoding provided by nettle (2.5)
for encryption and signatures.

** libgnutls: Added GNUTLS_CERT_SIGNATURE_FAILURE to differentiate between
generic errors and signature verification errors in the verification
functions.

** libgnutls: Added gnutls_pkcs12_simple_parse() as a helper function
to simplify parsing in most PKCS #12 use cases.

** libgnutls: gnutls_certificate_set_x509_simple_pkcs12_file() adds
the whole certificate chain (if any) to the credentials structure, instead
of only the end-user certificate.

** libgnutls: Key import functions such as gnutls_pkcs12_simple_parse()
and gnutls_x509_privkey_import_pkcs8(), return consistently
GNUTLS_E_DECRYPTION_FAILED if the input structure is encrypted but no
password was provided.

** libgnutls: Added gnutls_handshake_set_timeout() a function that
allows to set the maximum time spent in a handshake.

** libgnutlsxx: Added session::set_transport_vec_push_function. Patch
by Alexandre Bique.

** tpmtool: Added. It is a tool to generate private keys in the
TPM.

** gnutls-cli: --benchmark-tls was split to --benchmark-tls-kx
and --benchmark-tls-ciphers

** certtool: generated PKCS #12 structures may hold more than one
private key. Patch by Lucas Fisher.

** certtool: Added option --null-password to generate/decrypt keys
that use a NULL password (in schemas that distinguish between NULL
an empty passwords).

** minitasn1: Upgraded to libtasn1 version 2.13.

** API and ABI modifications:
GNUTLS_CERT_SIGNATURE_FAILURE: Added
GNUTLS_CAMELLIA_192_CBC: Added
GNUTLS_PKCS_NULL_PASSWORD: Added
gnutls_url_is_supported: Added
gnutls_pkcs11_obj_list_import_url2: Added
gnutls_pkcs11_obj_set_pin_function: Added
gnutls_pkcs11_privkey_set_pin_function: Added
gnutls_pkcs11_get_pin_function: Added
gnutls_privkey_import_tpm_raw: Added
gnutls_privkey_import_tpm_url: Added
gnutls_privkey_import_pkcs11_url: Added
gnutls_privkey_import_openpgp_raw: Added
gnutls_privkey_import_x509_raw: Added
gnutls_privkey_import_ext2: Added
gnutls_privkey_import_url: Added
gnutls_privkey_set_pin_function: Added
gnutls_tpm_privkey_generate: Added
gnutls_tpm_key_list_deinit: Added
gnutls_tpm_key_list_get_url: Added
gnutls_tpm_get_registered: Added
gnutls_tpm_privkey_delete: Added
gnutls_pubkey_import_tpm_raw: Added
gnutls_pubkey_import_tpm_url: Added
gnutls_pubkey_import_url: Added
gnutls_pubkey_verify_hash2: Added
gnutls_pubkey_set_pin_function: Added
gnutls_x509_privkey_import2: Added
gnutls_x509_privkey_import_openssl: Added
gnutls_x509_crt_set_pin_function: Added
gnutls_load_file: Added
gnutls_pkcs12_simple_parse: Added
gnutls_certificate_set_x509_system_trust: Added
gnutls_certificate_set_pin_function: Added
gnutls_x509_trust_list_add_system_trust: Added
gnutls_x509_trust_list_add_trust_file: Added
gnutls_x509_trust_list_add_trust_mem: Added
gnutls_pk_to_sign: Added
gnutls_handshake_set_timeout: Added
gnutls_pubkey_verify_hash: Deprecated (use gnutls_pubkey_verify_hash2)
gnutls_pubkey_verify_data: Deprecated (use gnutls_pubkey_verify_data2)
b2f9009
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2014
taca Update heel to 3.1.0.
# Changelog
## Version 3.1.0 - 2013-07-07
* Update dependencies
* Switch to template contributed by brianflanagan [#8]
* Add support for multiple independent heel servers [#9]
2bf3365
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2014
taca Update ruby-net-http-digest_auth to 1.4.
=== 1.4 / 2013-07-23

* Minor enhancements
  * Relaxed parser to accept quoted algorithm to work with Linksys SPA922.
    Pull request #8 by Ismail Hanli, Issue #5 by bearded

=== 1.3 / 2012-03-28

* Minor enhancements
  * The cnonce is regenerated for every request to improve security.
  * SecureRandom is used to generate the cnonce instead of Kernel#rand
* Bug fix
  * cnonce and nonce-count are no longer sent when qop was not provided per
    RFC 2617 section 3.2.2.
a723cf2
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2014
obache Update msgpack to 0.5.8.
2013-12-23 version 0.5.8:

  * Move to the new github repository msgpack/msgpack-c
  * Support the new deserialization specification
  * fixes the problem of unpack helpers for array and map with 32bit compilers (#37, #38)
  * Other bug fixes and refactoring: #46, #41, #36, #35, #33, #32, #30, #29, #28, #27, #26, #25, #8, #3
  * Update of documents: #23, #18, #17
8fd3b1b
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2014
obache Update msgpack-python to 0.4.0.
0.4.0
=====
:release date: 2013-10-21

Inconpatible Changes
--------------------

* Raises TypeError instead of ValueError when packer receives unsupported type.

Changes
-------

* Support New msgpack spec.


0.3.0
=====

Inconpatible Changes
--------------------

* Default value of ``use_list`` is ``True`` for now. (It was ``False`` for 0.2.x)
  You should pass it explicitly for compatibility to 0.2.x.
* `Unpacker.unpack()` and some unpack methods now raise `OutOfData` instead of
  `StopIteration`. `StopIteration` is used for iterator protocol only.

Changes
-------
* Pure Python fallback module is added. (thanks to bwesterb)
* Add ``.skip()`` method to ``Unpacker`` (thanks to jnothman)
* Add capturing feature. You can pass the writable object to
  ``Unpacker.unpack()`` as a second parameter.
* Add ``Packer.pack_array_header`` and ``Packer.pack_map_header``.
  These methods only pack header of each type.
* Add ``autoreset`` option to ``Packer`` (default: True).
  Packer doesn't return packed bytes and clear internal buffer.
* Add ``Packer.pack_map_pairs``. It packs sequence of pair to map type.



0.2.4
=======
:release date: 2012-12-22

Bugs fixed
----------

* Fix SEGV when object_hook or object_pairs_hook raise Exception. (#39)

0.2.3
=======
:release date: 2012-12-11

Changes
-------
* Warn when use_list is not specified. It's default value will be changed in 0.3.

Bugs fixed
-----------
* Can't pack subclass of dict.

0.2.2
=======
:release date: 2012-09-21

Changes
-------
* Add ``use_single_float`` option to ``Packer``. When it is true, packs float
  object in single precision format.

Bugs fixed
-----------
* ``unpack()`` didn't restores gc state when it called with gc disabled.
  ``unpack()`` doesn't control gc now instead of restoring gc state collectly.
  User can control gc state when gc cause performance issue.

* ``Unpacker``'s ``read_size`` option didn't used.

0.2.1
=======
:release date: 2012-08-20

Changes
-------
* Add ``max_buffer_size`` parameter to Unpacker. It limits internal buffer size
  and allows unpack data from untrusted source safely.

* Unpacker's buffer reallocation algorithm is less greedy now. It cause perforamce
  derease in rare case but memory efficient and don't allocate than ``max_buffer_size``.

Bugs fixed
----------
* Fix msgpack didn't work on SPARC Solaris. It was because choosing wrong byteorder
  on compilation time. Use ``sys.byteorder`` to get correct byte order.
  Very thanks to Chris Casey for giving test environment to me.


0.2.0
=======
:release date: 2012-06-27

Changes
-------
* Drop supporting Python 2.5 and unify tests for Py2 and Py3.
* Use new version of msgpack-c. It packs correctly on big endian platforms.
* Remove deprecated packs and unpacks API.

Bugs fixed
----------
* #8 Packing subclass of dict raises TypeError. (Thanks to Steeve Morin.)
292c8c5
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2014
obache Update cutter to 1.2.3.
== [release-1-2-3] 1.2.3: 2014-02-09

As long time has passed since Cutter 1.2.2 release,
there are some improvements and fixed bugs.

After Cutter 1.2.2 release, you can install Cutter from
Fedora's official yum repository. No need to register Cutter yum repository on Fedora anymore.

=== Cutter

==== Improvements

  * [doc] Removed a needless period from installation link.
    [GitHub #6] [Patch by Masafumi Yokoyama]
  * Supported lcov 1.10. [cutter-users-ja:92] [Reported by Siganai SE]
  * [doc] Updated download URL on SF.net. [cutter-users-ja:91] [Reported by Siganai SE]
  * [doc] Updated XML report format. [cutter-users-ja:91] [Reported by Siganai SE]
  * Added more trace logs for loader. It helps you to investigate the case when no tests are loaded.
  * [doc] Updated Cygwin's setup.exe URL.
  * Added --log-level option. The value of default log level is "critical|error|warning|message".

==== Fixes

  * [loader] Fixed a bug that ELF loader can't collect symbol because of wrong comparison.
  * Fixed memory leaks on loading all modules.
  * Fixed a warning from GCC 4.8.1 on Ubuntu 13.10
    [GitHub #9] [Reported by Kazuhiro Yamato]

=== CppCutter

==== Improvements

  * Supported cppcut_assert_equal(const type_info &, const type_info &)
    [GitHub #4] [Patch by Kazuhiro Yamato]
  * Supported to catch unhandled C++ exception in test case.
    This change avoids to crash when unexpected exception is thrown.
    [GitHub #8] [Suggested by Kazuhiro Yamato] [Patch by Kazuhiro Yamato]
  * Supported to call destructors of objects on a stack even when an assertion is failed.
    [GitHub #10] [Patch by Kazuhiro Yamato]

==== Fixes

  * [Clang] Fixed a compile error which is caused by missing std::type_info forward declaration.
  * Fixed an invalid memory access when an exception is thrown in cutter's
    assertion function.
    [GitHub #11] [Patch by Kazuhiro Yamato]

=== GCutter

==== Fixes

  * [doc] Fixed a signal name typo about gcut-egg example.

=== Thanks

  * Kazuhiro Yamato
  * Masafumi Yokoyama
  * Siganai SE
b5d6ecf
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2014
wiedi Update darkice to 1.2
Forward ported the existing patches that were not upstream yet.
Also added patches for cfmakeraw and log10(int) amgiguity to fix build on SunOS.
From the changelog since 0.17.1

15-07-2013 Darkice 1.2 released
    o Issue #75: Added Ogg/Opus support. Patch by Doug Kelly
	dougk.ff7@gmail.com
    o Fix 'Ring Ruffer' reports.
      - Increased buffer for jack to 5 seconds
      - prevent darkice termination by jack, report no fatal problem when we
        have a ringbuffer overflow, can happen during startup
        If we can not handle input audio fast enough we just ignore the buffer
        and skip it, and just report it.
      - new multithreaded connector code, now handles encoders in parallel
        and does not spin waiting, cpu load will be very much lower now
        Codes uses 2 condition variables to report data availability and
        consumer thread availability
      - Hopes are that glitching reports will be a thing of the past
      - minor compiler warnings fixed
        (Fix by Edwin van den Oetelaar)
    o Issue #56: Wrong icecast2 password isn't properly reported, fixed.
	  thanks to Filipe Roque <flip.roque@gmail.com>
    o Issue #57: BufferedSink makes streams invalid, fixed.
	  thanks to Alban Peignier <alban.peignier@gmail.com>
    o Issue #30: Segmentation Fault when creating file with fileAddDate, fixed
	  thanks to Filipe Roque <flip.roque@gmail.com>

27-10-2011 Darkice 1.1 released
    o Updated aac+ encoding to use libaacplus-2.0.0 api.
	  thanks to Sergiy <piratfm@gmail.com>
    o Added pulseaudio support
	  closes ticket #25
	  thanks to Filipe Roque <flip.roque@gmail.com> and
	  and Johann Fot <johann.fot@dunkelfuerst.com>
    o Added rtprio parameter and revisited realtime priority
	  closes ticket #21
          thanks to Adrian Knoth <adi@drcomp.erfurt.thur.de>
    o Fixed a call to a deprecated jack call
	  closes ticket #22
	  thanks to Adrian Knoth again.

09-05-2010 Darkice 1.0 released
    o fixed a bug in BufferedSink.cpp that leads to some buffers
	  being written twice, causing corruption of datastream,
	  closes ticked #20
	  thanks to Edwin van den Oetelaar <oetelaar.automatisering@gmail.com>
    o implemented samplerate conversion for all codecs using libsamplerate,
	  and keeping internal aflibConverter as fallback,
          thanks to Sergiy <piratfm@gmail.com>
    o bugfix: fix for alsa driver - closes ticked #8
          thanks to Clemens Ladisch <clemens@ladisch.de>

14-11-2009 Darkice 0.20.1 released
    o added rc.darkice init script
	  thanks to Niels Dettenbach <nd@syndicat.com>
    o bugfix: fix for gcc 4.4

05-11-2009 Darkice 0.20 released

    o new maintainer: Rafael Diniz <rafael@riseup.net>
    o added AAC HEv2 encoding support (branch darkice-aacp merged) through
	  libaacplus, http://tipok.org.ua/ru/node/17
	  thanks to tipok <piratfm@gmail.com> and others for the contribution.
    o bugfix: the configure script recognizes Ogg Vorbis shared objects
	  now, not just static libraries. Thanks to omroepvenray.
    o bugfix: enabling jack source compilation on Debian Lenny,
	  thanks to Alessandro Beretta <alessandro.baretta@radiomaria.org>

07-07-2008 Darkice 0.19 released

    o added mount point option for Darwin Streaming Server
      thanks to Pierre Souchay <pierre@souchay.net>
    o fix for some reliablity issues when using a Jack source
      thanks to Pierre Souchay <pierre@souchay.net>
    o enable easier finding of jack libraries on MacOS X,
      thanks to Daniel Hazelbaker <daniel@highdesertchurch.com>
    o added ability to specify name of jack device created by darkice,
      thanks to Alessandro Beretta <alessandro.baretta@radiomaria.org>

26-04-2007 DarkIce 0.18.1 released

    o enable real-time scheduling for non-super-users, if they have
      the proper operating system permissions,
      thanks to Jens Maurer <Jens.Maurer@gmx.net>
    o fix to enable compliation of the Serial ULAW code on MacOS X,
      thanks to Elod Horvath <elod@itfais.com>
    o fix to solve Shoutcast login failures, introduced in 0.18

05-03-2007 DarkIce 0.18 released

    o added serial ulaw input device support, thanks to
      Clyde Stubbs <clyde@htsoft.com>
    o improvements on reconnecting:
      added TCP connection keep-alive to TCP sockets
      added graceful sleep when trying to reconnect
    o added user-defined date formatting for the fileAddDate options,
      thanks to dsk <derrick@csociety.org>
    o added logging facility - [file-X] targets will cut the saved file
      and rename it as needed when darkice recieves the SIGUSR1 signal
    o added default configuration file handling - if no configuration file
      is specified, /etc/darkice.cfg is used
    o fix to enable compiling on 64 bit platforms
      thanks to Alexander Vlasov <zulu@galaradio.com> and
      Mariusz Mazur <mmazur@kernel.pl>
    o fix to enable file dump feature using ogg vorbis.
      thanks to dsk <derrick@csociety.org>
    o fix to enable compiling with jack installed at arbitrary locations
e91fe86
@jperkin jperkin pushed a commit that referenced this issue Apr 15, 2014
wiz Update to 0.11.1:
libass (0.11.1)
 * Fix distfile generation
 * No functional changes

libass (0.11.0)
 * Add bitmap run combining/compositing
   This changes the text rendering model and increases compatibility with
   VSFilter. It may make rendering faster or slower in certain cases.
 * Add AVX/SSE2 implementations for \be and compositing
   This adds yasm as (optional) build dependency.
 * Add ass_library_version() API funcion (GC #113)
 * Add 'profile' program for benchmarks
 * Improve gaussian blur
 * Fix compilation with MSVC 2013
 * Speed up HarfBuzz shaper
 * Speed up cache
 * Notable compatibility bugfixes
   * Reset origin on \fay changes (GC #88)
   * Tons of parser fixes
   * Fix ascender/descender metrics (GH #8)
   * Fix \pbo sign and scaling
   * Don't reset wrap style on \r (GC #116, GH #45)
 * Notable bugfixes:
   * Correctly handle @font advance (GC #94)
   * Disable ligatures for non-zero \fsp
   * Make sure to release vector clip (GH #22)
2e86997
@jperkin jperkin pushed a commit that referenced this issue May 19, 2014
sborrill Update to fping 3.10.
Changes:
2014-05-03  David Schweikert  <david@schweikert.ch>
  * Version 3.10
  * Fix confusing error message with -g and IPv6 addresses (#58, reported by
  * Axel Beckert)
  * Allow option '-f' also for non-root (since setuid privileges are
  * dropped)
  * Do not retry twice DNS lookup on DNS lookup problem
  * Remove support for NIS groups
  * Better document -B backoff-factor and when it can be used (#33, Oleksiy
  * Zagorskyi)
  * More tests added

2014-03-08  David Schweikert  <david@schweikert.ch>
  * Version 3.9
  * Fix random output on socket error (reported by Aleksandrs Saveljevs,
  * #56)
  * Support ppc64le architecture by including alpha libtool version
    (reported by Amit Kumar Gupta and Aravinda B Thunug)
  * Fix compilation problem on FreeBSD (#57)
  * Initial test suite and continous intergration (with travis-ci.org /
  * coveralls.io)
  * Don't output usage information on error

2013-11-08  David Schweikert  <david@schweikert.ch>
  * Version 3.8
  * Fix segmentation fault introduced in version 3.7 with loop mode
  * (reported
    by Vlad Glagolev, #55)

2013-11-04  David Schweikert  <david@schweikert.ch>
  * Version 3.7
  * Allow running as non-root on Mac OS X by using non-privileged ICMP (#7)
  * Remove unnecessary IPv6 socket options
  * Fix again compatibility issue with FreeBSD (Shawn Chu)
  * Fix fping hanging forever on permanent sendto failure (Shawn Chu)
  * Fix duplicate echo reply packets causing early stop in count mode
    (reported by Ramon Schwammberger, #53)

2013-10-10  David Schweikert  <david@schweikert.ch>
  * Version 3.6
  * Fix loop issue after 65536 pings (reported by Peter Folk and GBert, #12)
  * Minimum ping data size is now 0
  * Removed setsockopt IPV6_CHECKSUM, which shouldn't be set and breaks
    compiling on Solaris (reported by Juergen Arndt)
  * Fix wrong min RTT value with -Q option (reported by Alexander Ivanov,
  * #51)

2013-05-22  David Schweikert  <david@schweikert.ch>
  * Version 3.5
  * Fix sprint_tm buffer size crash (reported by Japheth Cleaver)
  * Addded -D flag to print timestamps (Toke H�iland-J�rgensen)
  * Fix fping6 build on OS X 10.8 (unknown contributor)
  * Fix compatibility issue with FreeBSD (Alexandre Raynaud, Jason Harris,
  * #39)
  * Fping.spec: fix setuid permissions and provides fping6 (Marcus Vinicius
  * Ferreira)
  * Re-create configure script with autoconf 2.69 for aarch64 support (Chuck
  * Anderson, #45)

2012-09-04  David Schweikert  <david@schweikert.ch>
  * Version 3.4
  * Revert "Output statistics to stdout instead of stderr", because it
  * breaks
    tools assuming the output goes to stderr

2012-08-19  David Schweikert  <david@schweikert.ch>
  * Version 3.3
  * Do not output icmp errors with -q (#1)
  * Add --enable-ipv4 and --enable-ipv6 options to configure (Niclas
  * Zeising)
  * Fix removing of unreachable hosts when doing loop (Thomas Liske, #13
  * #23)
  * Fix -A for fping6 (reported by Matt LaPlante, #14)
  * Fix "options inet6" breaking IPv4 name resolution (reported by Matt
  * LaPlante, #17)
  * Output statistics to stdout instead of stderr (suggested by Simon
  * Leinen, #9)
  * Set default data size to 56 bytes on all architectures (#18)
  * Added contrib/fping.spec (Stephen Schaefer, #24)
  * Convert man-page source to POD for easier maintenance
  * Fix error message on DNS error for IPv6 hosts (#27)
  * Fix -n flag in fping6 (#28)
  * Man-page fix: TOS option typo (Thomas Liske, #23)
  * Man-page fix: inconsistency in regards to numeric arguments (Robert
  * Henney)
  * Man-page fix: better description of option -q (#15)

2012-05-29  David Schweikert  <david@schweikert.ch>
  * Version 3.2
  * Improve documentation for -g option (G.W. Haywood)
  * Performance optimization for big select timeouts (#10, Andrey
  * Bondarenko)
  * Fix restart of select call after interrupt signal (#8, Boian Bonev)
  * Fix infinite loop caused by linked list corruption (#11, Boian Bonev)

2012-04-26  David Schweikert  <david@schweikert.ch>
  * Version 3.1
  * -g option (generate): exclude network and broadcast address for cidr
    ranges (idea by Eric Brander)
  * do not explicitely check if running as root, to make it possible to
    install fping with linux capabilities instead of making it setuid
    (setcap cap_net_raw+ep fping)
  * ANSI C (C89) compiler now a requirement
  * Portability fixes
  * Reorganized source directory
  * Bugfix: fix timeout issue on Solaris (Sandor Geller)
  * Man-page fixes (Axel Beckert)
  * Added -H option to specify number of hops (Paul Duda)
  * Output usage information to stdout when called with -h (Paul Duda)

2011-12-28  David Schweikert  <david@schweikert.ch>
  * Version 3.0
  * rewritten main loop for improved performance
  * -T parameter (select timeout) now obsolete
  * Maintenance taken over from unresponsive previous maintainer
    (anybody please step up, if you disagree)
  * New homepage: www.fping.org

2009-12-21  Tobi Oetiker  <tobi@oetiker.ch>
  * Version v2.4b2-to3-ipv6
  * added -On option to set the TOS octet
  * Removed unused variables from code
  * updated to current autoconf standards
  * Merged Debian changes (see below)

----------------------------------------------------------------------

fping (2.4b2-to-ipv6-16.1) unstable; urgency=low

  * NMU during Moenchengladbach BSP
  * Fixes FTBFS on kfreebsd (Closes: #555398)
  * Fixes typo "Paramter" in binary

 -- Axel Beckert <abe@deuxchevaux.org>  Sat, 23 Jan 2010 16:22:02 +0100

fping (2.4b2-to-ipv6-16) unstable; urgency=low

  * Fix the following bugs
    - Network byte order sensitivity was missing completely.
      Added hopefully all missing calls.
    - The sequence numbering scheme used led to packet drops.
      Changed it to a more senseful numbering scheme.
    - Some minor C programming mistakes ('=' instead of '==').
    Patch by Stephan Fuhrmann; closes: #502569
  * Add support for command line select timeout setting
    Patch by Marton Balint; closes: #502575
  * Remove symlinks in /usr/sbin; closes: #377732
  * Standards-Version is 3.8.0

 -- Anibal Monsalve Salazar <anibal@debian.org>  Sat, 18 Oct 2008 12:04:52
 -- +1100

fping (2.4b2-to-ipv6-15) unstable; urgency=low

  * Added interface binding (-I) for fping
    Patch by Peter Naulls <peter@mushroomnetworks.com>
    Closes: #439014
  * Fixed a couple of typos in fping.8. Closes: #423180
  * Added homepage control header
  * Bumped Standards-Version to 3.7.3
  * Fixed the following lintian issue:
    - debian-rules-sets-DH_COMPAT

 -- Anibal Monsalve Salazar <anibal@debian.org>  Mon, 03 Mar 2008 17:46:17
 -- +1100

fping (2.4b2-to-ipv6-13) unstable; urgency=low

  * Fixed stdout flush problem, closes: #340146.
    Patch by Bart Martens <bart.martens@advalvas.be>.

 -- Anibal Monsalve Salazar <anibal@debian.org>  Fri, 30 Dec 2005 08:30:09
 -- +1100

fping (2.4b2-to-ipv6-12) unstable; urgency=low

  * Fixed "problem with option -r (retry limit)", closes: #318402.
    Patch by Qingning Huo <qingningh@lanware.co.uk>.

 -- Anibal Monsalve Salazar <anibal@debian.org>  Sat, 08 Oct 2005 21:26:35
 -- +1000

fping (2.4b2-to-ipv6-11) unstable; urgency=low

  * Fixed "would be useful to specify 'source address' like ping for multi
    homed machines", closes: #198486.
    Patch by Marc Haber <mh+debian-bugs@zugschlus.de>.

 -- Anibal Monsalve Salazar <anibal@debian.org>  Thu, 02 Jun 2005 08:14:54
 -- +1000

fping (2.4b2-to-ipv6-10) unstable; urgency=low

  * Fixed "unnecessary delay with the -c option after the last packet"
    (Closes: #293856). Patch by Niko Tyni <ntyni@iki.fi>

 -- Anibal Monsalve Salazar <anibal@debian.org>  Sun, 06 Feb 2005 23:25:57
 -- +1100

fping (2.4b2-to-ipv6-9) unstable; urgency=low

  * Fixed "fping6 always does reverse lookup" (Closes: #273647).
    Patch by Jeroen Massar and forwarded by Bernhard Schmidt
<berni@birkenwald.de>

 -- Anibal Monsalve Salazar <A.Monsalve.Salazar@IEEE.org>  Mon, 10 Jan 2005
 -- 00:01:32 +1100

fping (2.4b2-to-ipv6-7) unstable; urgency=low

  * Build fping in build/ipv[46] instead of build and build-ipv6.
  * Made DNS errors non-fatal for IPv6 (closes: #198056).

 -- Herbert Xu <herbert@debian.org>  Fri, 20 Jun 2003 21:36:30 +1000

fping (2.4b2-to-ipv6-6) unstable; urgency=low

  * Do not use incorrect linux.h file (closes: #85468).

 -- Herbert Xu <herbert@debian.org>  Sat, 17 May 2003 14:13:11 +1000

fping (2.4b2-to-ipv6-5) unstable; urgency=low

  * Fixed yet another divide by zero bug (closes: #148445).

 -- Herbert Xu <herbert@debian.org>  Tue,  4 Jun 2002 12:18:03 +1000

fping (2.4b2-to-ipv6-4) unstable; urgency=low

  * Made fping6 setuid (closes: #136386).
  * Moved fping back into bin.
  * Partially applied IPv6 patch to fix IPv6 checksums (closes: #136479).

 -- Herbert Xu <herbert@debian.org>  Sun,  7 Apr 2002 20:36:56 +1000

fping (2.4b2-to-ipv6-3) unstable; urgency=low

  * Added compatibility symlink for fping (closes: #135203).

 -- Herbert Xu <herbert@debian.org>  Sat, 23 Feb 2002 08:34:11 +1100

fping (2.4b2-to-ipv6-2) unstable; urgency=low

  * Fixed another divide by zero error (closes: #132370).

 -- Herbert Xu <herbert@debian.org>  Thu,  7 Feb 2002 20:10:48 +1100

fping (2.4b2-to-ipv6-1) unstable; urgency=low

  * New upstream release.
  * Install fping into sbin as done by upstream.
32f31e7
@jperkin jperkin pushed a commit that referenced this issue May 19, 2014
wiz Update to 6.06, add missing dependency on p5-libwww:
2014-04-18 LWP-Protocol-https 6.06

Mike Schilli (3):
      Merge pull request #12 from drieux/subjectAltName
      Merge pull request #9 from chorny/master
      Updated libwww requirement to 6.06 to fix failing t/proxy.t test cases.

Gisle Aas (2):
      Getopt::Long isn't actually used
      Merge pull request #7 from noxxi/master

Alexandr Ciornii (1):
      better diagnostics in case of failures in apache.t

Karen Etheridge (1):
      Merge pull request #8 from cpansprout/patch-1

Steffen Ullrich (1):
      correct behavior for https_proxy, this goes together with change to
      libwww-perl cb80c2ddb7, new method _upgrade_sock in LWP::Protocol::https

cpansprout (1):
      Typo fix: envirionment =~ s/io/o/

drieux (1):
      support for subjectAltName
7e2ce09
@jperkin jperkin pushed a commit that referenced this issue Jun 2, 2014
sborrill Update to fping 3.10.
Changes:
2014-05-03  David Schweikert  <david@schweikert.ch>
  * Version 3.10
  * Fix confusing error message with -g and IPv6 addresses (#58, reported by
  * Axel Beckert)
  * Allow option '-f' also for non-root (since setuid privileges are
  * dropped)
  * Do not retry twice DNS lookup on DNS lookup problem
  * Remove support for NIS groups
  * Better document -B backoff-factor and when it can be used (#33, Oleksiy
  * Zagorskyi)
  * More tests added

2014-03-08  David Schweikert  <david@schweikert.ch>
  * Version 3.9
  * Fix random output on socket error (reported by Aleksandrs Saveljevs,
  * #56)
  * Support ppc64le architecture by including alpha libtool version
    (reported by Amit Kumar Gupta and Aravinda B Thunug)
  * Fix compilation problem on FreeBSD (#57)
  * Initial test suite and continous intergration (with travis-ci.org /
  * coveralls.io)
  * Don't output usage information on error

2013-11-08  David Schweikert  <david@schweikert.ch>
  * Version 3.8
  * Fix segmentation fault introduced in version 3.7 with loop mode
  * (reported
    by Vlad Glagolev, #55)

2013-11-04  David Schweikert  <david@schweikert.ch>
  * Version 3.7
  * Allow running as non-root on Mac OS X by using non-privileged ICMP (#7)
  * Remove unnecessary IPv6 socket options
  * Fix again compatibility issue with FreeBSD (Shawn Chu)
  * Fix fping hanging forever on permanent sendto failure (Shawn Chu)
  * Fix duplicate echo reply packets causing early stop in count mode
    (reported by Ramon Schwammberger, #53)

2013-10-10  David Schweikert  <david@schweikert.ch>
  * Version 3.6
  * Fix loop issue after 65536 pings (reported by Peter Folk and GBert, #12)
  * Minimum ping data size is now 0
  * Removed setsockopt IPV6_CHECKSUM, which shouldn't be set and breaks
    compiling on Solaris (reported by Juergen Arndt)
  * Fix wrong min RTT value with -Q option (reported by Alexander Ivanov,
  * #51)

2013-05-22  David Schweikert  <david@schweikert.ch>
  * Version 3.5
  * Fix sprint_tm buffer size crash (reported by Japheth Cleaver)
  * Addded -D flag to print timestamps (Toke H�iland-J�rgensen)
  * Fix fping6 build on OS X 10.8 (unknown contributor)
  * Fix compatibility issue with FreeBSD (Alexandre Raynaud, Jason Harris,
  * #39)
  * Fping.spec: fix setuid permissions and provides fping6 (Marcus Vinicius
  * Ferreira)
  * Re-create configure script with autoconf 2.69 for aarch64 support (Chuck
  * Anderson, #45)

2012-09-04  David Schweikert  <david@schweikert.ch>
  * Version 3.4
  * Revert "Output statistics to stdout instead of stderr", because it
  * breaks
    tools assuming the output goes to stderr

2012-08-19  David Schweikert  <david@schweikert.ch>
  * Version 3.3
  * Do not output icmp errors with -q (#1)
  * Add --enable-ipv4 and --enable-ipv6 options to configure (Niclas
  * Zeising)
  * Fix removing of unreachable hosts when doing loop (Thomas Liske, #13
  * #23)
  * Fix -A for fping6 (reported by Matt LaPlante, #14)
  * Fix "options inet6" breaking IPv4 name resolution (reported by Matt
  * LaPlante, #17)
  * Output statistics to stdout instead of stderr (suggested by Simon
  * Leinen, #9)
  * Set default data size to 56 bytes on all architectures (#18)
  * Added contrib/fping.spec (Stephen Schaefer, #24)
  * Convert man-page source to POD for easier maintenance
  * Fix error message on DNS error for IPv6 hosts (#27)
  * Fix -n flag in fping6 (#28)
  * Man-page fix: TOS option typo (Thomas Liske, #23)
  * Man-page fix: inconsistency in regards to numeric arguments (Robert
  * Henney)
  * Man-page fix: better description of option -q (#15)

2012-05-29  David Schweikert  <david@schweikert.ch>
  * Version 3.2
  * Improve documentation for -g option (G.W. Haywood)
  * Performance optimization for big select timeouts (#10, Andrey
  * Bondarenko)
  * Fix restart of select call after interrupt signal (#8, Boian Bonev)
  * Fix infinite loop caused by linked list corruption (#11, Boian Bonev)

2012-04-26  David Schweikert  <david@schweikert.ch>
  * Version 3.1
  * -g option (generate): exclude network and broadcast address for cidr
    ranges (idea by Eric Brander)
  * do not explicitely check if running as root, to make it possible to
    install fping with linux capabilities instead of making it setuid
    (setcap cap_net_raw+ep fping)
  * ANSI C (C89) compiler now a requirement
  * Portability fixes
  * Reorganized source directory
  * Bugfix: fix timeout issue on Solaris (Sandor Geller)
  * Man-page fixes (Axel Beckert)
  * Added -H option to specify number of hops (Paul Duda)
  * Output usage information to stdout when called with -h (Paul Duda)

2011-12-28  David Schweikert  <david@schweikert.ch>
  * Version 3.0
  * rewritten main loop for improved performance
  * -T parameter (select timeout) now obsolete
  * Maintenance taken over from unresponsive previous maintainer
    (anybody please step up, if you disagree)
  * New homepage: www.fping.org

2009-12-21  Tobi Oetiker  <tobi@oetiker.ch>
  * Version v2.4b2-to3-ipv6
  * added -On option to set the TOS octet
  * Removed unused variables from code
  * updated to current autoconf standards
  * Merged Debian changes (see below)

----------------------------------------------------------------------

fping (2.4b2-to-ipv6-16.1) unstable; urgency=low

  * NMU during Moenchengladbach BSP
  * Fixes FTBFS on kfreebsd (Closes: #555398)
  * Fixes typo "Paramter" in binary

 -- Axel Beckert <abe@deuxchevaux.org>  Sat, 23 Jan 2010 16:22:02 +0100

fping (2.4b2-to-ipv6-16) unstable; urgency=low

  * Fix the following bugs
    - Network byte order sensitivity was missing completely.
      Added hopefully all missing calls.
    - The sequence numbering scheme used led to packet drops.
      Changed it to a more senseful numbering scheme.
    - Some minor C programming mistakes ('=' instead of '==').
    Patch by Stephan Fuhrmann; closes: #502569
  * Add support for command line select timeout setting
    Patch by Marton Balint; closes: #502575
  * Remove symlinks in /usr/sbin; closes: #377732
  * Standards-Version is 3.8.0

 -- Anibal Monsalve Salazar <anibal@debian.org>  Sat, 18 Oct 2008 12:04:52
 -- +1100

fping (2.4b2-to-ipv6-15) unstable; urgency=low

  * Added interface binding (-I) for fping
    Patch by Peter Naulls <peter@mushroomnetworks.com>
    Closes: #439014
  * Fixed a couple of typos in fping.8. Closes: #423180
  * Added homepage control header
  * Bumped Standards-Version to 3.7.3
  * Fixed the following lintian issue:
    - debian-rules-sets-DH_COMPAT

 -- Anibal Monsalve Salazar <anibal@debian.org>  Mon, 03 Mar 2008 17:46:17
 -- +1100

fping (2.4b2-to-ipv6-13) unstable; urgency=low

  * Fixed stdout flush problem, closes: #340146.
    Patch by Bart Martens <bart.martens@advalvas.be>.

 -- Anibal Monsalve Salazar <anibal@debian.org>  Fri, 30 Dec 2005 08:30:09
 -- +1100

fping (2.4b2-to-ipv6-12) unstable; urgency=low

  * Fixed "problem with option -r (retry limit)", closes: #318402.
    Patch by Qingning Huo <qingningh@lanware.co.uk>.

 -- Anibal Monsalve Salazar <anibal@debian.org>  Sat, 08 Oct 2005 21:26:35
 -- +1000

fping (2.4b2-to-ipv6-11) unstable; urgency=low

  * Fixed "would be useful to specify 'source address' like ping for multi
    homed machines", closes: #198486.
    Patch by Marc Haber <mh+debian-bugs@zugschlus.de>.

 -- Anibal Monsalve Salazar <anibal@debian.org>  Thu, 02 Jun 2005 08:14:54
 -- +1000

fping (2.4b2-to-ipv6-10) unstable; urgency=low

  * Fixed "unnecessary delay with the -c option after the last packet"
    (Closes: #293856). Patch by Niko Tyni <ntyni@iki.fi>

 -- Anibal Monsalve Salazar <anibal@debian.org>  Sun, 06 Feb 2005 23:25:57
 -- +1100

fping (2.4b2-to-ipv6-9) unstable; urgency=low

  * Fixed "fping6 always does reverse lookup" (Closes: #273647).
    Patch by Jeroen Massar and forwarded by Bernhard Schmidt
<berni@birkenwald.de>

 -- Anibal Monsalve Salazar <A.Monsalve.Salazar@IEEE.org>  Mon, 10 Jan 2005
 -- 00:01:32 +1100

fping (2.4b2-to-ipv6-7) unstable; urgency=low

  * Build fping in build/ipv[46] instead of build and build-ipv6.
  * Made DNS errors non-fatal for IPv6 (closes: #198056).

 -- Herbert Xu <herbert@debian.org>  Fri, 20 Jun 2003 21:36:30 +1000

fping (2.4b2-to-ipv6-6) unstable; urgency=low

  * Do not use incorrect linux.h file (closes: #85468).

 -- Herbert Xu <herbert@debian.org>  Sat, 17 May 2003 14:13:11 +1000

fping (2.4b2-to-ipv6-5) unstable; urgency=low

  * Fixed yet another divide by zero bug (closes: #148445).

 -- Herbert Xu <herbert@debian.org>  Tue,  4 Jun 2002 12:18:03 +1000

fping (2.4b2-to-ipv6-4) unstable; urgency=low

  * Made fping6 setuid (closes: #136386).
  * Moved fping back into bin.
  * Partially applied IPv6 patch to fix IPv6 checksums (closes: #136479).

 -- Herbert Xu <herbert@debian.org>  Sun,  7 Apr 2002 20:36:56 +1000

fping (2.4b2-to-ipv6-3) unstable; urgency=low

  * Added compatibility symlink for fping (closes: #135203).

 -- Herbert Xu <herbert@debian.org>  Sat, 23 Feb 2002 08:34:11 +1100

fping (2.4b2-to-ipv6-2) unstable; urgency=low

  * Fixed another divide by zero error (closes: #132370).

 -- Herbert Xu <herbert@debian.org>  Thu,  7 Feb 2002 20:10:48 +1100

fping (2.4b2-to-ipv6-1) unstable; urgency=low

  * New upstream release.
  * Install fping into sbin as done by upstream.
49915f0
@jperkin jperkin pushed a commit that referenced this issue Jun 2, 2014
wiz Update to 6.06, add missing dependency on p5-libwww:
2014-04-18 LWP-Protocol-https 6.06

Mike Schilli (3):
      Merge pull request #12 from drieux/subjectAltName
      Merge pull request #9 from chorny/master
      Updated libwww requirement to 6.06 to fix failing t/proxy.t test cases.

Gisle Aas (2):
      Getopt::Long isn't actually used
      Merge pull request #7 from noxxi/master

Alexandr Ciornii (1):
      better diagnostics in case of failures in apache.t

Karen Etheridge (1):
      Merge pull request #8 from cpansprout/patch-1

Steffen Ullrich (1):
      correct behavior for https_proxy, this goes together with change to
      libwww-perl cb80c2ddb7, new method _upgrade_sock in LWP::Protocol::https

cpansprout (1):
      Typo fix: envirionment =~ s/io/o/

drieux (1):
      support for subjectAltName
47bc514
@jperkin jperkin pushed a commit that referenced this issue Jun 2, 2014
wiz Update to 3.2.15:
* Version 3.2.15 (released 2014-05-30)

** libgnutls: Eliminated memory corruption issue in Server Hello parsing.
Issue reported by Joonas Kuorilehto of Codenomicon.

** libgnutls: Several memory leaks caused by error conditions were
fixed. The leaks were identified using valgrind and the Codenomicon
TLS test suite.

** libgnutls: Increased the maximum certificate size buffer
in the PKCS #11 subsystem.

** libgnutls: Check the return code of getpwuid_r() instead of relying
on the result value. That avoids issue in certain systems, when using
tofu authentication and the home path cannot be determined. Issue reported
by Viktor Dukhovni.

** gnutls-cli: if dane is requested but not PKIX verification, then
only do verify the end certificate.

** ocsptool: Include path in ocsp request. This resolves #108582
(https://savannah.gnu.org/support/?108582), reported by Matt McCutchen.

** API and ABI modifications:
No changes since last version.


* Version 3.2.14 (released 2014-05-06)

** libgnutls: Fixed issue with the check of incoming data when two
different recv and send pointers have been specified. Reported and
investigated by JMRecio.

** libgnutls: Fixed issue in the RSA-PSK key exchange, which would
result to illegal memory access if a server hint was provided.

** libgnutls: Fixed client memory leak in the PSK key exchange, if a
server hint was provided.

** libgnutls: Several small bug fixes identified using valgrind and
the Codenomicon TLS test suite.

** libgnutls: Several small bug fixes found by coverity.

** libgnutls-dane: Accept a certificate using DANE if there is at least one
entry that matches the certificate. Patch by simon [at] arlott.org.

** configure: Added --with-nettle-mini option, which allows linking
with a libnettle that contains gmp.

** certtool: The ECDSA keys generated by default use the SECP256R1 curve
which is supported more widely than the previously used SECP224R1.

** API and ABI modifications:
No changes since last version.


* Version 3.2.13 (released 2014-04-07)

** libgnutls: gnutls_openpgp_keyring_import will no longer fail silently
if there are no base64 data. Report and patch by Ramkumar Chinchani.

** libgnutls: gnutls_record_send is now safe to be called under DTLS when
in corked mode.

** libgnutls: Ciphersuites that use the SHA256 or SHA384 MACs are
only available in TLS 1.0 as SSL 3.0 doesn't specify parameters for
these algorithms.

** libgnutls: Changed the behaviour in wildcard acceptance in certificates.
Wildcards are only accepted when there are more than two domain components
after the wildcard. This drops support for the permissive RFC2818 wildcards
and adds more conservative support based on the suggestions in RFC6125. Suggested
by Jeffrey Walton.

** certtool: When no password is provided to export a PKCS #8 keys, do
not encrypt by default. This reverts to the certtool behavior of gnutls
3.0. The previous behavior of encrypting using an empty password can be
replicating using the new parameter --empty-password.

** p11tool: Avoid dual initialization of the PKCS #11 subsystem when
the --provider option is given.

** API and ABI modifications:
No changes since last version.
58b2882
@jperkin jperkin pushed a commit that referenced this issue Jul 8, 2014
schmonz Update to 2014.7.3. From the changelog:
* Fix #8: Remove ``How to do a release`` section from README.md.
* Fix #11: Include test directory markdown, html files.
* Fix memory leak in using ``handle`` while keeping the old instance
  of ``html2text``.
b27085a
@jperkin jperkin pushed a commit that referenced this issue Jul 14, 2014
cheusov Update to version 0.27.0
  Fix pkg-config support (github issue #8).
  Thanks to Andrew Shadura for the report.

  Fix support for mixed C/C++ projects.

  Fixes for Interix and Cygwin where users and groups may have spaces.
  Thanks to Michael Crogan for the report.

  Fix in mkc_imp.f_SLIST.mk (we have to restore original MKC_NOAUTO)

  mkc.lib.mk:
    - MKPIE=yes also turns on PIC

  pre_*, do_* and post_* targets were introduced. ALLTARGETS was
  introduced which lists all targets with pre_/do_/post_
  counterparts.

  examples/hello_superfs:
    - new interesting feature proposed by Michael Crogan

  As makedepend(1) is broken on Linux, {b}mkdep(1) is used for
  generating .depend by default.

  mkc_install:
    - new option -l for symlinking
    - fixes for files and directories with spaces
c09e2e3
@jperkin jperkin pushed a commit that referenced this issue Jul 23, 2014
szptvlfn Update to 0.4.2
Changes from https://github.com/dreixel/syb
0.4.2
 - Remove duplicate instance in GHC > 7.8
 - Merge pull request #8 from yallop/patch-1
   (Trivial fix): Add a type signature for 'marlow'
045adc6
@jperkin jperkin pushed a commit that referenced this issue Aug 30, 2014
szptvlfn Update to 1.0.1.3
Changes from https://github.com/haskell/random
1.0.1.3
 - Merge pull request #7 from thomie/T8899
   Fix for ghc ticket #8899: StdGen does not generate 0
 - Merge pull request #8 from thomie/memory-leaks
   Fix for memory leaks (GHC #7936 and #4218)
 - Merge pull request #4 from NovaDenizen/master
   fix for randomIvalInteger, ghc #8898
 - Use GHC.Exts.build in randoms, randomRs to achieve fusion
b569078
@jperkin jperkin pushed a commit that referenced this issue Sep 9, 2014
wiz Update to 0.11:
0.11  2014-04-03
      - drop the dep on List::MoreUtils (haarg, #8)

0.10  2013-12-17
      - we need Module::Runtime 0.009 for module_notional_filename (nnutter,
        #6)
fda662c
@jperkin jperkin pushed a commit that referenced this issue Sep 19, 2014
wen Update to 1.39
Add missing BUILD_DEPENDS
Add a patch to fix test

Upstream changes:
1.39 - Thu Sep 11 05:46:58 2014
	* Allow tests to run in parallel (RT #89908 and RT #91862)

1.38 - Thu Sep 11 04:03:42 2014
	* Add xmikew's mtime test fucntions. GitHub issue #8

1.37 - Thu Sep 11 03:46:00 2014
	* Uncomment accidently commented symlink_target_is_absolute_ok
8eafda9
@jperkin jperkin pushed a commit that referenced this issue Dec 1, 2014
jaapb Updated ocaml-react to latest version, 1.2.0. Changes include:
- Fix bug in dynamic creation of S.{diff,changes} (#8).
- Fix bug in dynamic creation of S.switch (#7).
- Add support for toplevel: automatically `open React` on `#require "react"`.
- Add `S.Bool.{flip,edge,fall,rise}`.
- Fix `S.switch` rank's initialisation.
- Add `E.l{1,2,3,4,5,6}`, lifting combinators on events.
- Add `E.Option.{some,value}`.
- Add `S.{Float,Int}.{zero,one,minus_one}`.
- Add `S.Bool.{zero,one}`.
- Add `S.Option.{none,some,value}`.
- Add `{S,E}.on` equivalent to `{S,E}.when_`.
- Deprecate `{S,E}.when_` (syntax error prone).
- Fix `S.bind`.
- Use package builder topkg for distribution.
- Add support for update steps, see the `React.Step` module. Allows to
  specify simultaneous primitive signal updates and event occurences.
  The functions returned by `{S,E}.create` now have an optional
  `?step` argument; if unused the previous semantics is preserved.
- Add support for strong stops, can be used on platforms where weak
  arrays are not to prevent leaks. The function `{E,S}.stop` now have
  an optional `?strong` argument; if unused the previous semantics is
  preserved.
- Change signature of `S.switch`. Any existing call `S.switch ~eq s es` can
  be replaced by `S.(switch ~eq (hold ~eq:( == ) s es))`.
07f6fe7
@jperkin jperkin pushed a commit that referenced this issue Dec 1, 2014
wiz Update to 0.8.1. Add comment to patch.
Sigil 0.8.1 2014.10.12
- Set minimum OS X version to 10.9.0 in Info.plist so users trying to
  run on older versions of OS X will receive an error dialog instead of
  a crash dialog.
- Set minimum Windows version to Vista in Installer so installation will
  error when trying to install on XP (which is not supported and Sigil
  binary packages won't run on).
- Fix issue #21: Use Hunspell WORDCHARS to help in tokenization of words.
- Pull request #19: Moving plugin description to ToolTips.
- Pull request #20: Preserve current file name for future save as actions
  if appropriate.
- Fix bug where save after using input plugin would fail.

Sigil 0.8.0 2014.09.27
- Plugin framework.
- Add the svg image tag as an svg inline element (not a block element) and
  add it as an empty element (TidyEmptyTags).
- Allow user defined list of entities to preserve.
- Pull request #16: Hardcode menu Plugins in UI, move it before menu Help.
- Pull request #10: Add ability to move entries in TOC up and down.
- Pull request #8: Allow pasting HTML as HTML or plain text in BookView.
d704993
@jperkin jperkin pushed a commit that referenced this issue Mar 5, 2015
taca Update ruby-xz to 0.2.1.
0.2.1 (2014-02-08)

* Build the gem properly on Ruby 2.0+ (PR #8 by Nana Sakisaka (saki7))
* Release the GIL when interfacing with liblzma (PR #7 by Lars Christensen
* (larsch))

0.2.0 (2013-06-23)

* Fix #6 (errors on JRuby) by Ben Nagy
* Remove 1.8 compatibility
6018c4b
@jperkin jperkin pushed a commit that referenced this issue Mar 14, 2015
taca Update ruby-gsl to 1.16.0.4.
* Switch to rb-gsl gem.

Fri Dec 19 2014
  * Ruby/GSL 1.16.0.4
    * Optimize and extract multiplication and division operations on Fixnum
      and Float. Pull request #8 by Veselin Vasilev.
    * Fixed division in GSL::Oper for GSL::Vector::Col. Issue #9.

Tue Oct 21 2014
  * Ruby/GSL 1.16.0.3
    * Fixed RDoc issues. Issue #6 by @bigtunacan.
    * Fixed $LOAD_PATH problem. Pull request #7 by Takahiro SATOH.

Wed Jul  9 2014
  * Ruby/GSL 1.16.0.2
    * Fixed linking problem.

Thu Apr 24 2014
  * Ruby/GSL 1.16.0.1
    * Extensive cleanup.
    * Fixed linking problems.
    * Required Ruby version >= 1.8.7.

Fri Jan 24 2014
  * Ruby/GSL 1.16.0
    * GSL-1.16 support.
4663cb2
@jperkin jperkin pushed a commit that referenced this issue Apr 16, 2015
wen Update to 1.4.3
Update DEPENDS
Add test target

Upstream changes:
2015-03-14 -- 1.4.3

    * Remove three warnings: star-args, abstract-class-little-used,
      abstract-class-not-used. These warnings don't add any real value
      and they don't imply errors or problems in the code.

    * Added a new option for controlling the peephole optimizer in astroid.
      The option ``--optimize-ast`` will control the peephole optimizer,
      which is used to optimize a couple of AST subtrees. The current problem
      solved by the peephole optimizer is when multiple joined strings,
      with the addition operator, are encountered. If the numbers of such
      strings is high enough, Pylint will then fail with a maximum recursion
      depth exceeded error, due to its visitor architecture. The peephole
      just transforms such calls, if it can, into the final resulting string
      and this exhibit a problem, because the visit_binop method stops being
      called (in the optimized AST it will be a Const node).


2015-03-11 -- 1.4.2

    * Don't require a docstring for empty modules. Closes issue #261.

    * Fix a false positive with `too-few-format-args` string warning,
      emitted when the string format contained a normal positional
      argument ('{0}'), mixed with a positional argument which did
      an attribute access ('{0.__class__}').
      Closes issue #463.

    * Take in account all the methods from the ancestors
      when checking for too-few-public-methods. Closes issue #471.

    * Catch enchant errors and emit 'invalid-characters-in-docstring'
      when checking for spelling errors. Closes issue #469.

    * Use all the inferred statements for the super-init-not-called
      check. Closes issue #389.

    * Add a new warning, 'unichr-builtin', emitted by the Python 3
      porting checker, when the unichr builtin is found. Closes issue #472.

    * Add a new warning, 'intern-builtin', emitted by the Python 3
      porting checker, when the intern builtin is found. Closes issue #473.

    * Add support for editable installations.

    * The HTML output accepts the `--msg-template` option. Patch by
      Dan Goldsmith.

    * Add 'map-builtin-not-iterating' (replacing 'implicit-map-evaluation'),
      'zip-builtin-not-iterating', 'range-builtin-not-iterating', and
      'filter-builtin-not-iterating' which are emitted by `--py3k` when the
      appropriate built-in is not used in an iterating context (semantics
      taken from 2to3).

    * Add a new warning, 'unidiomatic-typecheck', emitted when an explicit
      typecheck uses type() instead of isinstance(). For example,
      `type(x) == Y` instead of `isinstance(x, Y)`. Patch by Chris Rebert.
      Closes issue #299.

    * Add support for combining the Python 3 checker mode with the --jobs
      flag (--py3k and --jobs). Closes issue #467.

    * Add a new warning for the Python 3 porting checker, 'using-cmp-argument',
      emitted when the `cmp` argument for the `list.sort` or `sorted builtin`
      is encountered.

    * Make the --py3k flag commutative with the -E flag. Also, this patch
      fixes the leaks of error messages from the Python 3 checker when
      the errors mode was activated. Closes issue #437.


2015-01-16 -- 1.4.1

    * Look only in the current function's scope for bad-super-call.
      Closes issue #403.

    * Check the return of properties when checking for not-callable.
      Closes issue #406.

    * Warn about using the input() or round() built-ins for Python 3.
      Closes issue #411.

    * Proper abstract method lookup while checking for
      abstract-class-instantiated. Closes issue #401.

    * Use a mro traversal for finding abstract methods. Closes issue #415.

    * Fix a false positive with catching-non-exception and tuples of
      exceptions.

    * Fix a false negative with raising-non-exception, when the raise used
      an uninferrable exception context.

    * Fix a false positive on Python 2 for raising-bad-type, when
      raising tuples in the form 'raise (ZeroDivisionError, None)'.

    * Fix a false positive with invalid-slots-objects, where the slot entry
      was an unicode string on Python 2. Closes issue #421.

    * Add a new warning, 'redundant-unittest-assert', emitted when using
      unittest's methods assertTrue and assertFalse with constant value
      as argument. Patch by Vlad Temian.

    * Add a new JSON reporter, usable through -f flag.

    * Add the method names for the 'signature-differs' and 'argument-differs'
      warnings. Closes issue #433.

    * Don't compile test files when installing.

    * Fix a crash which occurred when using multiple jobs and the files
      given as argument didn't exist at all.


2014-11-23 -- 1.4.0

    * Added new options for controlling the loading of C extensions.
      By default, only C extensions from the stdlib will be loaded
      into the active Python interpreter for inspection, because they
      can run arbitrary code on import. The option
      `--extension-pkg-whitelist` can be used to specify modules
      or packages that are safe to load.

    * Change default max-line-length to 100 rather than 80

    * Drop BaseRawChecker class which were only there for backward
      compat for a while now

    * Don't try to analyze string formatting with objects coming from
      function arguments. Closes issue #373.

    * Port source code to be Python 2/3 compatible. This drops the
      need for 2to3, but does drop support for Python 2.5.

    * Each message now comes with a confidence level attached, and
      can be filtered base on this level. This allows to filter out
      all messages that were emitted even though an inference failure
      happened during checking.

    * Improved presenting unused-import message. Closes issue #293.

    * Add new checker for finding spelling errors. New messages:
      wrong-spelling-in-comment, wrong-spelling-in-docstring.
      New options: spelling-dict, spelling-ignore-words.

    * Add new '-j' option for running checks in sub-processes.

    * Added new checks for line endings if they are mixed (LF vs CRLF)
      or if they are not as expected. New messages: mixed-line-endings,
      unexpected-line-ending-format. New option: expected-line-ending-format.

    * 'dangerous-default-value' no longer evaluates the value of the arguments,
      which could result in long error messages or sensitive data being leaked.
      Closes issue #282

    * Fix a false positive with string formatting checker, when
      encountering a string which uses only position-based arguments.
      Closes issue #285.

    * Fix a false positive with string formatting checker, when using
      keyword argument packing. Closes issue #288.

    * Proper handle class level scope for lambdas.

    * Handle 'too-few-format-args' or 'too-many-format-args' for format
      strings with both named and positional fields. Closes issue #286.

    * Analyze only strings by the string format checker. Closes issue #287.

    * Properly handle nested format string fields. Closes issue #294.

    * Don't emit 'attribute-defined-outside-init' if the attribute
      was set by a function call in a defining method. Closes issue #192.

    * Properly handle unicode format strings for Python 2.
      Closes issue #296.

    * Don't emit 'import-error' if an import was protected by a try-except,
      which excepted ImportError.

    * Fix an 'unused-import' false positive, when the error was emitted
      for all the members imported with 'from import' form.
      Closes issue #304.

    * Don't emit 'invalid-name' when assigning a name in an
      ImportError handler. Closes issue #302.

    * Don't count branches from nested functions.

    * Fix a false positive with 'too-few-format-args', when the format
      strings contains duplicate manual position arguments.
      Closes issue #310.

    * fixme regex handles comments without spaces after the hash.
      Closes issue #311.

    * Don't emit 'unused-import' when a special object is imported
      (__all__, __doc__ etc.). Closes issue #309.

    * Look in the metaclass, if defined, for members not found in the current
      class. Closes issue #306.

    * Don't emit 'protected-access' if the attribute is accessed using
      a property defined at the class level.

    * Detect calls of the parent's __init__, through a binded super() call.

    * Check that a class has an explicitly defined metaclass before
      emitting 'old-style-class' for Python 2.

    * Emit 'catching-non-exception' for non-class nodes. Closes issue #303.

    * Order of reporting is consistent.

    * Add a new warning, 'boolean-datetime', emitted when an instance
      of 'datetime.time' is used in a boolean context. Closes issue #239.

    * Fix a crash which ocurred while checking for 'method-hidden',
      when the parent frame was something different than a function.

    * Generate html output for missing files. Closes issue #320.

    * Fix a false positive with 'too-many-format-args', when the format
      string contains mixed attribute access arguments and manual
      fields. Closes issue #322.

    * Extend the cases where 'undefined-variable' and 'used-before-assignment'
      can be detected. Closes issue #291.

    * Add support for customising callback identifiers, by adding a new
      '--callbacks' command line option. Closes issue #326.

    * Add a new warning, 'logging-format-interpolation', emitted when .format()
      string interpolation is used within logging function calls.

    * Don't emit 'unbalanced-tuple-unpacking' when the rhs of the assignment
      is a variable length argument. Closes issue #329.

    * Add a new warning, 'inherit-non-class', emitted when a class inherits
      from something which is not a class. Closes issue #331.

    * Fix another false positives with 'undefined-variable', where the variable
      can be found as a class assignment and used in a function annotation.
      Closes issue #342.

    * Handle assignment of the string format method to a variable.
      Closes issue #351.

    * Support wheel packaging format for PyPi. Closes issue #334.

    * Check that various built-ins that do not exist in Python 3 are not
      used: apply, basestring, buffer, cmp, coerce, execfile, file, long
      raw_input, reduce, StandardError, unicode, reload and xrange.

    * Warn for magic methods which are not used in any way in Python 3:
      __coerce__, __delslice__, __getslice__, __setslice__, __cmp__,
      __oct__, __nonzero__ and __hex__.

    * Don't emit 'assigning-non-slot' when the assignment is for a property.
      Closes issue #359.

    * Fix for regression: '{path}' was no longer accepted in '--msg-template'.

    * Report the percentage of all messages, not just for errors and warnings.
      Closes issue #319.

    * 'too-many-public-methods' is reported only for methods defined in a class,
      not in its ancestors. Closes issue #248.

    * 'too-many-lines' disable pragma can be located on any line, not only the
      first. Closes issue #321.

    * Warn in Python 2 when an import statement is found without a
      corresponding `from __future__ import absolute_import`.

    * Warn in Python 2 when a non-floor division operation is found without
      a corresponding `from __future__ import division`.

    * Add a new option, 'exclude-protected', for excluding members
      from the protected-access warning. Closes issue #48.

    * Warn in Python 2 when using dict.iter*(), dict.view*(); none of these
      methods are available in Python 3.

    * Warn in Python 2 when calling an object's next() method; Python 3 uses
      __next__() instead.

    * Warn when assigning to __metaclass__ at a class scope; in Python 3 a
      metaclass is specified as an argument to the 'class' statement.

    * Warn when performing parameter tuple unpacking; it is not supported in
      Python 3.

    * 'abstract-class-instantiated' is also emitted for Python 2.
      It was previously disabled.

    * Add 'long-suffix' error, emitted when encountering the long suffix
      on numbers.

    * Add support for disabling a checker, by specifying an 'enabled'
      attribute on the checker class.

    * Add a new CLI option, --py3k, for enabling Python 3 porting mode. This
      mode will disable all other checkers and will emit warnings and
      errors for constructs which are invalid or removed in Python 3.

    * Add 'old-octal-literal' to Python 3 porting checker, emitted when
      encountering octals with the old syntax.

    * Add 'implicit-map-evaluation' to Python 3 porting checker, emitted
      when encountering the use of map builtin, without explicit evaluation.



2014-07-26  --  1.3.0

    * Allow hanging continued indentation for implicitly concatenated
      strings. Closes issue #232.

    * Pylint works under Python 2.5 again, and its test suite passes.

    * Fix some false positives for the cellvar-from-loop warnings.
      Closes issue #233.

    * Return new astroid class nodes when the inferencer can detect that
      that result of a function invocation on a type (like `type` or
      `abc.ABCMeta`) is requested. Closes #205.

    * Emit 'undefined-variable' for undefined names when using the
      Python 3 `metaclass=` argument.

    * Checkers respect priority now. Close issue #229.

    * Fix a false positive regarding W0511. Closes issue #149.

    * Fix unused-import false positive with Python 3 metaclasses (#143).

    * Don't warn with 'bad-format-character' when encountering
      the 'a' format on Python 3.

    * Add multiple checks for PEP 3101 advanced string formatting:
      'bad-format-string', 'missing-format-argument-key',
      'unused-format-string-argument', 'format-combined-specification',
      'missing-format-attribute' and 'invalid-format-index'.

    * Issue broad-except and bare-except even if the number
      of except handlers is different than 1. Fixes issue #113.

    * Issue attribute-defined-outside-init for all cases, not just
      for the last assignment. Closes issue #262.

    * Emit 'not-callable' when calling properties. Closes issue #268.

    * Fix a false positive with unbalanced iterable unpacking,
      when encountering starred nodes. Closes issue #273.

    * Add new checks, 'invalid-slice-index' and 'invalid-sequence-index'
      for invalid sequence and slice indices.

    * Add 'assigning-non-slot' warning, which detects assignments to
      attributes not defined in slots.

    * Don't emit 'no-name-in-module' for ignored modules.
      Closes issue #223.

    * Fix an 'unused-variable' false positive, where the variable is
      assigned through an import. Closes issue #196.

    * Definition order is considered for classes, function arguments
      and annotations. Closes issue #257.

    * Don't emit 'unused-variable' when assigning to a nonlocal.
      Closes issue #275.

    * Do not let ImportError propagate from the import checker, leading to crash
      in some namespace package related cases. Closes issue #203.

    * Don't emit 'pointless-string-statement' for attribute docstrings.
      Closes issue #193.

    * Use the proper mode for pickle when opening and writing the stats file.
      Closes issue #148.

    * Don't emit hidden-method message when the attribute has been
      monkey-patched, you're on your own when you do that.

    * Only emit attribute-defined-outside-init for definition within the same
      module as the offended class, avoiding to mangle the output in some cases.

    * Don't emit 'unnecessary-lambda' if the body of the lambda call contains
      call chaining. Closes issue #243.

    * Don't emit 'missing-docstring' when the actual docstring uses `.format`.
      Closes issue #281.


2014-04-30  --  1.2.1
    * Restore the ability to specify the init-hook option via the
      configuration file, which was accidentally broken in 1.2.0.

    * Add a new warning [bad-continuation] for badly indentend continued
      lines.

    * Emit [assignment-from-none] when the function contains bare returns.
      Fixes BitBucket issue #191.

    * Added a new warning for closing over variables that are
      defined in loops. Fixes Bitbucket issue #176.

    * Do not warn about \u escapes in string literals when Unicode literals
      are used for Python 2.*. Fixes BitBucket issue #151.

    * Extend the checking for unbalanced-tuple-unpacking and
      unpacking-non-sequence to instance attribute unpacking as well.

    * Fix explicit checking of python script (1.2 regression, #219)

    * Restore --init-hook, renamed accidentally into --init-hooks in 1.2.0
      (#211)

    * Add 'indexing-exception' warning, which detects that indexing
      an exception occurs in Python 2 (behaviour removed in Python 3).



2014-04-18  --  1.2.0
    * Pass the current python paths to pylint process when invoked via
      epylint.  Fixes BitBucket issue #133.

    * Add -i / --include-ids and -s / --symbols back as completely ignored
      options. Fixes BitBucket issue #180.

    * Extend the number of cases in which logging calls are detected. Fixes
      bitbucket issue #182.

    * Improve pragma handling to not detect pylint:* strings in non-comments.
      Fixes BitBucket issue #79.

    * Do not crash with UnknownMessage if an unknown message ID/name appears
      in disable or enable in the configuration. Patch by Cole Robinson.
      Fixes bitbucket issue #170.

    * Add new warning 'eval-used', checking that the builtin function `eval`
      was used.

    * Make it possible to show a naming hint for invalid name by setting
      include-naming-hint. Also make the naming hints configurable. Fixes
      BitBucket issue #138.

    * Added support for enforcing multiple, but consistent name styles for
      different name types inside a single module; based on a patch written
      by morbo@google.com.

    * Also warn about empty docstrings on overridden methods; contributed
      by sebastianu@google.com.

    * Also inspect arguments to constructor calls, and emit relevant
      warnings; contributed by sebastianu@google.com.

    * Added a new configuration option logging-modules to make the list
      of module names that can be checked for 'logging-not-lazy' et. al.
      configurable; contributed by morbo@google.com.

    * ensure init-hooks is evaluated before other options, notably load-plugins
      (#166)

    * Python 2.5 support restored: fixed small issues preventing pylint to run
      on python 2.5. Bitbucket issues #50 and #62.

    * bitbucket #128: pylint doesn't crash when looking
      for used-before-assignment in context manager
      assignments.

    * Add new warning, 'bad-reversed-sequence', for checking that the
      reversed() builtin receive a sequence (implements __getitem__ and __len__,
      without being a dict or a dict subclass) or an instance which implements
      __reversed__.

    * Mark `file` as a bad function when using python2 (closes #8).

    * Add new warning 'bad-exception-context', checking
      that `raise ... from ...` uses a proper exception context
      (None or an exception).

    * Enhance the check for 'used-before-assignment' to look
      for 'nonlocal' uses.

    * Emit 'undefined-all-variable' if a package's __all__
      variable contains a missing submodule (closes #126).

    * Add a new warning 'abstract-class-instantiated' for checking
      that abstract classes created with `abc` module and
      with abstract methods are instantied.

    * Do not warn about 'return-arg-in-generator' in Python 3.3+.

    * Do not warn about 'abstract-method' when the abstract method
      is implemented through assignment (#155).

    * Improve cyclic import detection in the case of packages, patch by Buck
      Golemon

    * Add new warnings for checking proper class __slots__:
      `invalid-slots-object` and `invalid-slots`.

    * Search for rc file in `~/.config/pylintrc` if `~/.pylintrc`
      doesn't exists (#121)

    * Don't register the newstyle checker w/ python >= 3

    * Fix unused-import false positive w/ augment assignment (#78)

    * Fix access-member-before-definition false negative wrt aug assign (#164)

    * Do not attempt to analyze non python file, eg .so file (#122)
85eca6c
@jperkin jperkin pushed a commit that referenced this issue Apr 28, 2015
mef Update 0.9.3 to 0.9.7
---------------------
Version 0.9.7 - for a detailed log and changed files visit GitHub
----------------------------
- Reviewed and updated README
- Huge POD rewrite
- Adding a small script that generates HTML from POD and applies CSS from
  CPAN. Useful for reviewing the POD before release.
- Added a test for POD validation
- Added an example file that can test GitHub Issues #8, #9, #10
- GitHub [Issue #9] [Issue #10] Fixed cell_props applied to a different
  row when 'Repeat Headers' is enabled
- Introduced column_numbers variable to avoid using $record in a broader
  scope. Further improvement needed.
- Header row height is copied to each new page when 'Repeat Headers' is
  enabled
- Fixed messing up row height when repeat headers is enabled due to
  access by array index vs shift/unshift
- Fixed row height for rows with text blocks
- Headers_props variable has been wrongly initialised with 0 causing a
  copy of the first data row even when header props are not passed as
  parameter
- Added initialisation of header props justify param so that column and
  cell properties are not affecting the default value.
- Fixed an issue with messing up row properties when repeating the header
  row on each page.
- Examples have been formatted.
- One new example added (header.pl) for demonstrating how header row can
  be added to multiple pages.
- No need to export variables. Added one more test.
- Removed pad_w and pad_h local variable as useless
- Fixed typo causing a bug with row_height param.  Added example file for
  row_height. To be used for writing a test.
- Added POD for row_height param
- Row counting should not be skipped if it is first row.
- Added one more test(duplicates existing) but only to have base.
- Extracted PDF::API2 Mock as a separate package.  Created New test with
  the very basics.  Create a new package that will hold predefined data
  for tests so it can be reused.
- Fixed a variable that masks earlier declaration.
- Fixed Issue #4 - Row height is calculated correctly depending on font
  size.  Some variables are renamed to more meaningful.  Row counting is
  done in a new way with single counter that is used for column and cell
  props retrieval.
- Row height is now calculated for each row based on maximum font size
  from all cells.  Refactored some variable names and unified row
  counting during column size calculation phase.
- Fixed doc details in POD
- Cosmetic changes
- Decreased indent and reduced if body.  For easier review, diff with
  whitespace changes disabled.
- Added github url in readme

Version 0.9.6
----------------------------
- Fixed typo in POD. Closes #71816 Thanks to Gregor Herrmann
- Small code refactoring.
- Added patch for infinite loop fix. Closes #77376 Thanks to John Bazik
- Added patch for header justification. Closes #77566 Thanks to James
   Lance
- Added horizontal_borders, vertical_borders params to table(). Closes
  #79883 Thanks to Eric Johnson

Version 0.9.5 - 18.Oct.2011
----------------------------
- MANIFEST was missing sample pdf file.
- Accidently left alternative code for infinite loop fix commented out.
  Fixed.  Added a test for that.

Version 0.9.4 - 17.Oct.2011
----------------------------
- Don't bump row count when row spans a page.  Closes #67401.
- Fixed bug: don't call text_block if record width is exactly cell width.
- Fixed bug in text_block: bottom is (top - height), not (baseline - height).
- Example script typo fixed.  Closes #55133.
- Don't set up strokes when border is 0.  Apparently breaks Acrobat.
  Closes #40705 and #55137.
- Changed print warnings to carp.  Closes #38007.
- Added center justification for columns and cells.  Tests, too.  Closes
  #37924.
- Fixed infinite loop caused by uninitialized $2.  Thanks to Petri
  Kaurinkoski.  Closes #34017.
- Fixed perl warning if $col_prop->{min_w} is undef.  Thanks to Matthias
  Pitzl (NEPOS).  Closes #30720.
- Fixed default header background color bug, closes #28542.
- Added mock PDF::API2 packages to test script and added tests.
- Improve column width calculations so wider content gets wider columns.
  Added column width test.  Thanks to Barrie Slaymaker (RBS).  Closes
  #26158.
ff9f192
@jperkin jperkin pushed a commit that referenced this issue May 21, 2015
mef (pkgsrc)
  - Add comment on DEPENDS related, make test may fail
  # if Net::Server exists, t/60 may fail due to more test items
  # t/60_net_server.t ............... skipped: Net::Server not available
  #DEPENDS+=      p5-Net-Server-[0-9]*:../../net/p5-Net-Server
(upstream)
 - Update to 0.79
--------------
0.79    Friday May  1, 2015, 09:00:00 AM -0700

        * t/40_server.t
        * t/40_server_xmllibxml.t
        * t/41_server_hang.t
        * t/60_net_server.t
        * t/70_compression_detect.t
        * t/90_rt54183_sigpipe.t
        * t/util.pl
        Test clean-up/fixes to address CPAN test failures. Should
        address problems with having IO::Socket::IP acting in place of
        IO::Socket::INET and also address some issues with a dynloader
        bug being triggered by t/70_compression_detect.t.

        * t/00_load.t
        * t/10_data.t
        * t/11_base64_fh.t
        * t/12_nil.t
        * t/13_no_deep_recursion.t
        * t/14_datetime_iso8601.t
        * t/15_serialize.t
        * t/20_xml_parser.t
        * t/21_xml_libxml.t
        * t/25_parser_negative.t
        * t/29_parserfactory.t
        * t/30_procedure.t
        * t/35_namespaces.t
        * t/40_server.t
        * t/40_server_xmllibxml.t
        * t/41_server_hang.t
        * t/50_client.t
        * t/51_client_with_host_header.t
        * t/60_net_server.t
        * t/90_rt50013_parser_bugs.t
        * t/90_rt54183_sigpipe.t
        * t/90_rt54494_blessed_refs.t
        * t/90_rt58065_allow_nil.t
        * t/90_rt58323_push_parser.t
        * t/util.pl
        Perl::Critic clean-up of test suites.

        * lib/RPC/XML/Parser/XMLParser.pm
        Fix to prevent a new sprintf-related warning in 5.21.

        * README
        * lib/Apache/RPC/status.code
        Merge pull request #8 from jkg/docfixes (James Green). Replace
        indirect object notation with direct.
da210cf
@jperkin jperkin pushed a commit that referenced this issue Jun 17, 2015
spz update to gnutls 3.3.15
patch refresh grace of mkpatches

upstream notable changes list since the 3.2 to 3.3 branch point (excerpt
of the NEWS file):

* Version 3.3.15 (released 2015-05-03)

** libgnutls: gnutls_certificate_get_ours: will return the certificate even
if a callback was used to send it.

** libgnutls: Fix for MD5 downgrade in TLS 1.2 signatures. Reported by
Karthikeyan Bhargavan [GNUTLS-SA-2015-2].

** libgnutls: Check for invalid length in the X.509 version field. Without the check
certificates with invalid length would be detected as having an arbitrary
version. Reported by Hanno Böck.

** API and ABI modifications:
No changes since last version.


* Version 3.3.14 (released 2015-03-30)

** libgnutls: When retrieving OCTET STRINGS from PKCS #12 ContentInfo
structures use BER to decode them (requires libtasn1 4.3). That allows
to decode some more complex structures.

** libgnutls: When an end-certificate with no name is present and there
are CA name constraints, don't reject the certificate. This follows RFC5280
advice closely. Reported by Fotis Loukos.

** libgnutls: Fixed handling of supplemental data with types > 255.
Patch by Thierry Quemerais.

** libgnutls: Fixed double free in the parsing of CRL distribution points certificate
extension. Reported by Robert Święcki.

** libgnutls: Fixed a two-byte stack overflow in DTLS 0.9 protocol. That
protocol is not enabled by default (used by openconnect VPN).

** libgnutls: The maximum user data send size is set to be the same for
block and non-block ciphersuites. This addresses a regression with wine:
https://bugs.winehq.org/show_bug.cgi?id=37500

** libgnutls: When generating PKCS #11 keys, set CKA_ID, CKA_SIGN,
and CKA_DECRYPT when needed.

** libgnutls: Allow names with zero size to be set using
gnutls_server_name_set(). That will disable the Server Name Indication.
Resolves issue with wine: https://gitlab.com/gnutls/gnutls/issues/2

** API and ABI modifications:
No changes since last version.


* Version 3.3.13 (released 2015-02-25)

** libgnutls: Enable AESNI in GCM on x86

** libgnutls: Fixes in DTLS message handling

** libgnutls: Check certificate algorithm consistency, i.e.,
check whether the signatureAlgorithm field matches the signature
field inside TBSCertificate.

** gnutls-cli: Fixes in OCSP verification.

** API and ABI modifications:
No changes since last version.


* Version 3.3.12 (released 2015-01-17)

** libgnutls: When negotiating TLS use the lowest enabled version in
the client hello, rather than the lowest supported. In addition, do
not use SSL 3.0 as a version in the TLS record layer, unless SSL 3.0
is the only protocol supported. That addresses issues with servers that
immediately drop the connection when the encounter SSL 3.0 as the record
version number. See:
http://lists.gnutls.org/pipermail/gnutls-help/2014-November/003673.html

** libgnutls: Corrected encoding and decoding of ANSI X9.62 parameters.

** libgnutls: Handle zero length plaintext for VIA PadLock functions.
This solves a potential crash on AES encryption for small size plaintext.
Patch by Matthias-Christian Ott.

** libgnutls: In DTLS don't combine multiple packets which exceed MTU.
Reported by Andreas Schultz. https://savannah.gnu.org/support/?108715

** libgnutls: In DTLS decode all handshake packets present in a record
packet, in a single pass. Reported by Andreas Schultz.
https://savannah.gnu.org/support/?108712

** libgnutls: When importing a CA file with a PKCS #11 URL, simply
import the certificates, if the URL specifies objects, rather than
treating it as trust module.

** libgnutls: When importing a PKCS #11 URL and we know the type of
object we are importing, don't require the object type in the URL.

** libgnutls: fixed openpgp authentication when gnutls_certificate_set_retrieve_function2
was used by the server.

** guile: Fix compilation on MinGW. Previously only the static version of the
'guile-gnutls-v-2' library would be built, preventing dynamic loading from Guile.

** guile: Fix harmless warning during compilation of gnutls.scm
Initially reported at <https://bugzilla.redhat.com/show_bug.cgi?id=1177847>.

** certtool: --pubkey-info will also attempt to load a public key
from stdin.

** gnutls-cli: Added --starttls-proto option. That allows to specify a
protocol for starttls negotiation.

** API and ABI modifications:
No changes since last version.


* Version 3.3.11 (released 2014-12-11)

** libgnutls: Corrected regression introduced in 3.3.9 related to
session renegotiation. Reported by Dan Winship.

** libgnutls: Corrected parsing issue with OCSP responses.

** API and ABI modifications:
No changes since last version.


* Version 3.3.10 (released 2014-11-10)

** libgnutls: Refuse to import v1 or v2 certificates that contain
extensions.

** libgnutls: Fixes in usage of PKCS #11 token callback

** libgnutls: Fixed bug in gnutls_x509_trust_list_get_issuer() when used
with a PKCS #11 trust module and without the GNUTLS_TL_GET_COPY flag.
Reported by David Woodhouse.

** libgnutls: Removed superfluous random generator refresh on every call
of gnutls_deinit(). That reduces load and usage of /dev/urandom.

** libgnutls: Corrected issue in export of ECC parameters to X9.63 format.
Reported by Sean Burford [GNUTLS-SA-2014-5].

** libgnutls: When gnutls_global_init() is called for a second time, it
will check whether the /dev/urandom fd kept is still open and matches
the original one. That behavior works around issues with servers that
close all file descriptors.

** libgnutls: Corrected behavior with PKCS #11 objects that are marked
as CKA_ALWAYS_AUTHENTICATE.

** certtool: The default cipher for PKCS #12 structures is 3des-pkcs12.
That option is more compatible than AES or RC4.

** API and ABI modifications:
No changes since last version.


* Version 3.3.9 (released 2014-10-13)

** libgnutls: Fixes in the transparent import of PKCS #11 certificates.
Reported by Joseph Peruski.

** libgnutls: Fixed issue with unexpected non-fatal errors resetting the
handshake's hash buffer, in applications using the heartbeat extension
or DTLS. Reported by Joeri de Ruiter.

** libgnutls: When both a trust module and additional CAs are present
account the latter as well; reported by David Woodhouse.

** libgnutls: added GNUTLS_TL_GET_COPY flag for
gnutls_x509_trust_list_get_issuer(). That allows the function to be used
in a thread safe way when PKCS #11 trust modules are in use.

** libgnutls: fix issue in DTLS retransmission when session tickets
were in use; reported by Manuel Pégourié-Gonnard.

** libgnutls-dane: Do not require the CA on a ca match to be direct CA.

** libgnutls: Prevent abort() in library if getrusage() fails. Try to
detect instead which of RUSAGE_THREAD and RUSAGE_SELF would work.

** guile: new 'set-session-server-name!' procedure; see the manual for
details.

** certtool: The authority key identifier will be set in a certificate only
if the CA's subject key identifier is set.

** API and ABI modifications:
No changes since last version.


* Version 3.3.8 (released 2014-09-18)

** libgnutls: Updates in the name constraints checks. No name constraints
will be checked for intermediate certificates. As our support for name
constraints is limited to e-mail addresses in DNS names, it is pointless
to check them on intermediate certificates.

** libgnutls: Fixed issues in PKCS #11 object listing. Previously multiple
object listing would fail completely if a single object could not be exported.

** libgnutls: Improved the performance of PKCS #11 object listing/retrieving,
by retrieving them in large batches. Report and suggestion by David
Woodhouse.

** libgnutls: Fixed issue with certificates being sanitized by gnutls prior
to signature verification. That resulted to certain non-DER compliant modifications
of valid certificates, being corrected by libtasn1's parser and restructured as
the original. Issue found and reported by Antti Karjalainen and Matti Kamunen from
Codenomicon.

** libgnutls: Fixes in gnutls_x509_crt_set_dn() and friends to properly handle
strings with embedded spaces and escaped commas.

** libgnutls: when comparing a CA certificate with the trusted list compare
the name and key only instead of the whole certificate. That is to handle
cases where a CA certificate was superceded by a different one with the same
name and the same key.

** libgnutls: when verifying a certificate against a p11-kit trusted
module, use the attached extensions in the module to override the CA's
extensions (that requires p11-kit 0.20.7).

** libgnutls: In DTLS prevent sending zero-size fragments in certain cases
of MTU split. Reported by Manuel Pégourié-Gonnard.

** libgnutls: Added gnutls_x509_trust_list_verify_crt2() which allows
verifying using a hostname and a purpose (extended key usage). That
enhances PKCS #11 trust module verification, as it can now check the purpose
when this function is used.

** libgnutls: Corrected gnutls_x509_crl_verify() which would always report
a CRL signature as invalid. Reported by Armin Burgmeier.

** libgnutls: added option --disable-padlock to allow disabling the padlock
CPU acceleration.

** p11tool: when listing tokens, list their type as well.

** p11tool: when listing objects from a trust module print any attached
extensions on certificates.

** API and ABI modifications:
gnutls_x509_crq_get_extension_by_oid2: Added
gnutls_x509_crt_get_extension_by_oid2: Added
gnutls_x509_trust_list_verify_crt2: Added
gnutls_x509_ext_print: Added
gnutls_x509_ext_deinit: Added
gnutls_x509_othername_to_virtual: Added
gnutls_pkcs11_obj_get_exts: Added


* Version 3.3.7 (released 2014-08-24)

** libgnutls: Added function to export the public key of a PKCS #11
private key. Contributed by Wolfgang Meyer zu Bergsten.

** libgnutls: Explicitly set the exponent in PKCS #11 key generation.
That improves compatibility with certain PKCS #11 modules. Contributed by
Wolfgang Meyer zu Bergsten.

** libgnutls: When generating a PKCS #11 private key allow setting
the WRAP/UNWRAP flags. Contributed by Wolfgang Meyer zu Bergsten.

** libgnutls: gnutls_pkcs11_privkey_t will always hold an open session
to the key.

** libgnutls: bundle replacements of inet_pton and inet_aton if not
available.

** libgnutls: initialize parameters variable on PKCS #8 decryption.

** libgnutls: gnutls_pkcs12_verify_mac() will not fail in other than SHA1
algorithms.

** libgnutls: gnutls_x509_crt_check_hostname() will follow the RFC6125
requirement of checking the Common Name (CN) part of DN only if there is
a single CN present in the certificate.

** libgnutls: The environment variable GNUTLS_FORCE_FIPS_MODE can be used
to force the FIPS mode, when set to 1.

** libgnutls: In DTLS ignore only errors that relate to unexpected packets
and decryption failures.

** p11tool: Added --info parameter.

** certtool: Added --mark-wrap parameter.

** danetool: --check will attempt to retrieve the server's certificate
chain and verify against it.

** danetool/gnutls-cli-debug: Added --app-proto parameters which can
be used to enforce starttls (currently only SMTP and IMAP) on the connection.

** danetool: Added openssl linking exception, to allow linking
with libunbound.

** API and ABI modifications:
GNUTLS_PKCS11_OBJ_ATTR_MATCH: Added
gnutls_pkcs11_privkey_export_pubkey: Added
gnutls_pkcs11_obj_flags_get_str: Added
gnutls_pkcs11_obj_get_flags: Added


* Version 3.3.6 (released 2014-07-23)

** libgnutls: Use inet_ntop to print IP addresses when available

** libgnutls: gnutls_x509_crt_check_hostname and friends will also check
IP addresses, and match documented behavior. Reported by David Woodhouse.

** libgnutls: DSA key generation in FIPS140-2 mode doesn't allow 1024
bit parameters.

** libgnutls: fixed issue in gnutls_pkcs11_reinit() which prevented tokens
being usable after a reinitialization.

** libgnutls: fixed PKCS #11 private key operations after a fork.

** libgnutls: fixed PKCS #11 ECDSA key generation.

** libgnutls: The GNUTLS_CPUID_OVERRIDE environment variable can be used to
explicitly enable/disable the use of certain CPU capabilities. Note that CPU
detection cannot be overriden, i.e., VIA options cannot be enabled on an Intel
CPU. The currently available options are:
  0x1: Disable all run-time detected optimizations
  0x2: Enable AES-NI
  0x4: Enable SSSE3
  0x8: Enable PCLMUL
  0x100000: Enable VIA padlock
  0x200000: Enable VIA PHE
  0x400000: Enable VIA PHE SHA512

** libdane: added dane_query_to_raw_tlsa(); patch by Simon Arlott.

** p11tool: use GNUTLS_SO_PIN to read the security officer's PIN if set.

** p11tool: ask for label when one isn't provided.

** p11tool: added --batch parameter to disable any interactivity.

** p11tool: will not implicitly enable so-login for certain types of
objects. That avoids issues with tokens that require different login
types.

** certtool/p11tool: Added the --curve parameter which allows to explicitly
specify the curve to use.

** API and ABI modifications:
gnutls_certificate_set_x509_trust_dir: Added
gnutls_x509_trust_list_add_trust_dir: Added


* Version 3.3.5 (released 2014-06-26)

** libgnutls: Added gnutls_record_recv_packet() and gnutls_packet_deinit().
These functions provide a variant of gnutls_record_recv() that avoids
the final memcpy of data.

** libgnutls: gnutls_x509_crl_iter_crt_serial() was added as a
faster variant of gnutls_x509_crl_get_crt_serial() when coping with
very large structures.

** libgnutls: When the decoding of a printable DN element fails, then treat
it as unknown and print its hex value rather than failing. That works around
an issue in a TURKTRST root certificate which improperly encodes the
X520countryName element.

** libgnutls: gnutls_x509_trust_list_add_trust_file() will return the number
of certificates present in a PKCS #11 token when loading it.

** libgnutls: Allow the post client hello callback to put the handshake on
hold, by returning GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED.

** certtool: option --to-p12 will now consider --load-ca-certificate

** certtol: Added option to specify the PKCS #12 friendly name on command
line.

** p11tool: Allow marking a certificate copied to a token as a CA.

** API and ABI modifications:
GNUTLS_PKCS11_OBJ_FLAG_MARK_CA: Added
gnutls_x509_crl_iter_deinit: Added
gnutls_x509_crl_iter_crt_serial: Added
gnutls_record_recv_packet: Added
gnutls_packet_deinit: Added
gnutls_packet_get: Added


* Version 3.3.4 (released 2014-05-31)

** libgnutls: Updated Andy Polyakov's assembly code. That prevents a
crash on certain CPUs.

** API and ABI modifications:
No changes since last version.


* Version 3.3.3 (released 2014-05-30)

** libgnutls: Eliminated memory corruption issue in Server Hello parsing.
Issue reported by Joonas Kuorilehto of Codenomicon.

** libgnutls: gnutls_global_set_mutex() was modified to operate with the
new initialization process.

** libgnutls: Increased the maximum certificate size buffer
in the PKCS #11 subsystem.

** libgnutls: Check the return code of getpwuid_r() instead of relying
on the result value. That avoids issue in certain systems, when using
tofu authentication and the home path cannot be determined. Issue reported
by Viktor Dukhovni.

** libgnutls-dane: Improved dane_verify_session_crt(), which now attempts to
create a full chain. This addresses points from https://savannah.gnu.org/support/index.php?108552

** gnutls-cli: --dane will only check the end certificate if PKIX validation
has been disabled.

** gnutls-cli: --benchmark-soft-ciphers has been removed. That option cannot
be emulated with the implicit initialization of gnutls.

** certtool: Allow multiple organizations and organizational unit names to
be specified in a template.

** certtool: Warn when invalid configuration options are set to a template.

** ocsptool: Include path in ocsp request. This resolves #108582
(https://savannah.gnu.org/support/?108582), reported by Matt McCutchen.

** API and ABI modifications:
gnutls_credentials_get: Added


* Version 3.3.2 (released 2014-05-06)

** libgnutls: Added the 'very weak' certificate verification profile
that corresponds to 64-bit security level.

** libgnutls: Corrected file descriptor leak on random generator
initialization.

** libgnutls: Corrected file descriptor leak on PSK password file
reading. Issue identified using the Codenomicon TLS test suite.

** libgnutls: Avoid deinitialization if initialization has failed.

** libgnutls: null-terminate othername alternative names.

** libgnutls: gnutls_x509_trust_list_get_issuer() will operate correctly
on a PKCS #11 trust list.

** libgnutls: Several small bug fixes identified using valgrind and
the Codenomicon TLS test suite.

** libgnutls-dane: Accept a certificate using DANE if there is at least one
entry that matches the certificate. Patch by simon [at] arlott.org.

** libgnutls-guile: Fixed compilation issue.

** certtool: Allow exporting a CRL on DER format.

** certtool: The ECDSA keys generated by default use the SECP256R1 curve
which is supported more widely than the previously used SECP224R1.

** API and ABI modifications:
GNUTLS_PROFILE_VERY_WEAK: Added


* Version 3.3.1 (released 2014-04-19)

** libgnutls: Enforce more strict checks to heartbeat messages
concerning padding and payload. Suggested by Peter Dettman.

** libgnutls: Allow decoding PKCS #8 files with ECC parameters
from openssl.

** libgnutls: Several small bug fixes found by coverity.

** libgnutls: The conditionally available self-test functions
were moved to self-test.h.

** libgnutls: Fixed issue with the check of incoming data when two
different recv and send pointers have been specified. Reported and
investigated by JMRecio.

** libgnutls: Fixed issue in the RSA-PSK key exchange, which would
result to illegal memory access if a server hint was provided. Reported
by André Klitzing.

** libgnutls: Fixed client memory leak in the PSK key exchange, if a
server hint was provided.

** libgnutls: Corrected the *get_*_othername_oid() functions.

** API and ABI modifications:
No changes since last version.


* Version 3.3.0 (released 2014-04-10)

** libgnutls: The initialization of the library was moved to a
constructor. That is, gnutls_global_init() is no longer required
unless linking with a static library or a system that does not
support library constructors.

** libgnutls: static libraries are not built by default.

** libgnutls: PKCS #11 initialization is delayed to first usage.
That avoids long delays in gnutls initialization due to broken PKCS #11
modules.

** libgnutls: The PKCS #11 subsystem is re-initialized "automatically"
on the first PKCS #11 API call after a fork.

** libgnutls: certificate verification profiles were introduced
that can be specified as flags to verification functions. They
are enumerations in gnutls_certificate_verification_profiles_t
and can be converted to flags for use in a verification function
using GNUTLS_PROFILE_TO_VFLAGS().

** libgnutls: Added the ability to read system-specific initial
keywords, if they are prefixed with '@'. That allows a compile-time
specified configuration file to be used to read pre-configured priority
strings from. That can be used to impose system specific policies.

** libgnutls: Increased the default security level of priority
strings (NORMAL and PFS strings require at minimum a 1008 DH prime),
and set a verification profile by default.  The LEGACY keyword is
introduced to set the old defaults.

** libgnutls: Added support for the name constraints PKIX extension.
Currently only DNS names and e-mails are supported (no URIs, IPs
or DNs).

** libgnutls: Security parameter SEC_PARAM_NORMAL was renamed to
SEC_PARAM_MEDIUM to avoid confusion with the priority string NORMAL.

** libgnutls: Added new API in x509-ext.h to handle X.509 extensions.
This API handles the X.509 extensions in isolation, allowing to parse
similarly formatted extensions stored in other structures.

** libgnutls: When generating DSA keys the macro GNUTLS_SUBGROUP_TO_BITS
can be used to specify a particular subgroup as the number of bits in
gnutls_privkey_generate; e.g., GNUTLS_SUBGROUP_TO_BITS(2048, 256).

** libgnutls: DH parameter generation is now delegated to nettle.
That unfortunately has the side-effect that DH parameters longer than
3072 bits, cannot be generated (not without a nettle update).

** libgnutls: Separated nonce RNG from the main RNG. The nonce
random number generator is based on salsa20/12.

** libgnutls: The buffer alignment provided to crypto backend is
enforced to be 16-byte aligned, when compiled with cryptodev
support. That allows certain cryptodev drivers to operate more
efficiently.

** libgnutls: Return error when a public/private key pair that doesn't
match is set into a credentials structure.

** libgnutls: Depend on p11-kit 0.20.0 or later.

** libgnutls: The new padding (%NEW_PADDING) experimental TLS extension has
been removed. It was not approved by IETF.

** libgnutls: The experimental xssl library is removed from the gnutls
distribution.

** libgnutls: Reduced the number of gnulib modules used in the main library.

** libgnutls: Added priority string %DISABLE_WILDCARDS.

** libgnutls: Added the more extensible verification function
gnutls_certificate_verify_peers(), that allows checking, in addition
to a peer's DNS hostname, for the key purpose of the end certificate
(via PKIX extended key usage).

** certtool: Timestamps for serial numbers were increased to 8 bytes,
and in batch mode to 12 (appended with 4 random bytes).

** certtool: When no CRL number is provided (or value set to -1), then
a time-based number will be used, similarly to the serial generation
number in certificates.

** certtool: Print the SHA256 fingerprint of a certificate in addition
to SHA1.

** libgnutls: Added --enable-fips140-mode configuration option (unsupported).
That option enables (when running on FIPS140-enabled system):
 o RSA, DSA and DH key generation as in FIPS-186-4 (using provable primes)
 o The DRBG-CTR-AES256 deterministic random generator from SP800-90A.
 o Self-tests on initialization on ciphers/MACs, public key algorithms
   and the random generator.
 o HMAC-SHA256 verification of the library on load.
 o MD5 is included for TLS purposes but cannot be used by the high level
   hashing functions.
 o All ciphers except AES are disabled.
 o All MACs and hashes except GCM and SHA are disabled (e.g., HMAC-MD5).
 o All keys (temporal and long term) are zeroized after use.
 o Security levels are adjusted to the FIPS140-2 recommendations (rather
   than ECRYPT).

** API and ABI modifications:
GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS: Added
gnutls_certificate_verify_peers: Added
gnutls_privkey_generate: Added
gnutls_pkcs11_crt_is_known: Added
gnutls_fips140_mode_enabled: Added
gnutls_sec_param_to_symmetric_bits: Added
gnutls_pubkey_export_ecc_x962: Added (replaces gnutls_pubkey_get_pk_ecc_x962)
gnutls_pubkey_export_ecc_raw: Added (replaces gnutls_pubkey_get_pk_ecc_raw)
gnutls_pubkey_export_dsa_raw: Added (replaces gnutls_pubkey_get_pk_dsa_raw)
gnutls_pubkey_export_rsa_raw: Added (replaces gnutls_pubkey_get_pk_rsa_raw)
gnutls_pubkey_verify_params: Added
gnutls_privkey_export_ecc_raw: Added
gnutls_privkey_export_dsa_raw: Added
gnutls_privkey_export_rsa_raw: Added
gnutls_privkey_import_ecc_raw: Added
gnutls_privkey_import_dsa_raw: Added
gnutls_privkey_import_rsa_raw: Added
gnutls_privkey_verify_params: Added
gnutls_x509_crt_check_hostname2: Added
gnutls_openpgp_crt_check_hostname2: Added
gnutls_x509_name_constraints_init: Added
gnutls_x509_name_constraints_deinit: Added
gnutls_x509_crt_get_name_constraints: Added
gnutls_x509_name_constraints_add_permitted: Added
gnutls_x509_name_constraints_add_excluded: Added
gnutls_x509_crt_set_name_constraints: Added
gnutls_x509_name_constraints_get_permitted: Added
gnutls_x509_name_constraints_get_excluded: Added
gnutls_x509_name_constraints_check: Added
gnutls_x509_name_constraints_check_crt: Added
gnutls_x509_crl_get_extension_data2: Added
gnutls_x509_crt_get_extension_data2: Added
gnutls_x509_crq_get_extension_data2: Added
gnutls_subject_alt_names_init: Added
gnutls_subject_alt_names_deinit: Added
gnutls_subject_alt_names_get: Added
gnutls_subject_alt_names_set: Added
gnutls_x509_ext_import_subject_alt_names: Added
gnutls_x509_ext_export_subject_alt_names: Added
gnutls_x509_crl_dist_points_init: Added
gnutls_x509_crl_dist_points_deinit: Added
gnutls_x509_crl_dist_points_get: Added
gnutls_x509_crl_dist_points_set: Added
gnutls_x509_ext_import_crl_dist_points: Added
gnutls_x509_ext_export_crl_dist_points: Added
gnutls_x509_ext_import_name_constraints: Added
gnutls_x509_ext_export_name_constraints: Added
gnutls_x509_aia_init: Added
gnutls_x509_aia_deinit: Added
gnutls_x509_aia_get: Added
gnutls_x509_aia_set: Added
gnutls_x509_ext_import_aia: Added
gnutls_x509_ext_export_aia: Added
gnutls_x509_ext_import_subject_key_id: Added
gnutls_x509_ext_export_subject_key_id: Added
gnutls_x509_ext_export_authority_key_id: Added
gnutls_x509_ext_import_authority_key_id: Added
gnutls_x509_aki_init: Added
gnutls_x509_aki_get_id: Added
gnutls_x509_aki_get_cert_issuer: Added
gnutls_x509_aki_set_id: Added
gnutls_x509_aki_set_cert_issuer: Added
gnutls_x509_aki_deinit: Added
gnutls_x509_ext_import_private_key_usage_period: Added
gnutls_x509_ext_export_private_key_usage_period: Added
gnutls_x509_ext_import_basic_constraints: Added
gnutls_x509_ext_export_basic_constraints: Added
gnutls_x509_ext_import_key_usage: Added
gnutls_x509_ext_export_key_usage: Added
gnutls_x509_ext_import_proxy: Added
gnutls_x509_ext_export_proxy: Added
gnutls_x509_policies_init: Added
gnutls_x509_policies_deinit: Added
gnutls_x509_policies_get: Added
gnutls_x509_policies_set: Added
gnutls_x509_ext_import_policies: Added
gnutls_x509_ext_export_policies: Added
gnutls_x509_key_purpose_init: Added
gnutls_x509_key_purpose_deinit: Added
gnutls_x509_key_purpose_set: Added
gnutls_x509_key_purpose_get: Added
gnutls_x509_ext_import_key_purposes: Added
gnutls_x509_ext_export_key_purposes: Added
gnutls_digest_self_test: Added (conditionally)
gnutls_mac_self_test: Added (conditionally)
gnutls_pk_self_test: Added (conditionally)
gnutls_cipher_self_test: Added (conditionally)
gnutls_global_set_mem_functions: Deprecated
bca9e28
@jperkin jperkin pushed a commit that referenced this issue Jul 4, 2015
wiz Update to 1.9.5:
Changes from Ant 1.9.4 TO Ant 1.9.5
===================================

Changes that could break older environments:
-------------------------------------------

 * The ReplaceTokens filter can now use token-separators longer than
   one character.  This means it can be used to replace mustache-style
   {{patterns}} and similar templates.  This is going to break code
   that invokes the setters on ReplaceTokens via the Java API as their
   parameters have been changed from char to String.  It may also
   break build files that specified multi character tokens and relied
   on Ant silently ignoring all but the first character.
   Bugzilla Report 56584

 * The changes that added <get>'s support for gzip encoding
   automatically uncompressed content that would not have been touched
   before - like when downloading .tar.gz files.  A new flag has been
   added to control the behavior and its default will make <get> work
   as it did in 1.9.3.  I.e. if you want it to work like 1.9.4
   you have to explicitly set tryGzipEncoding to true.
   Bugzilla Report 57048

Fixed bugs:
-----------

 * TarArchiveInputStream failed to read archives with empty gid/uid
   fields.
   Bugzilla Report 56641

 * TarArchiveInputStream could throw IOException when reading PAX
   headers from a "slow" InputStream.

 * XMLJunitResultFormatter could throw NullPointerException if Java
   cannot determine the local hostname.
   Bugzilla Report 56593

 * URLResource#getLastModified tried to access the connection to the
   URL without making sure it was established, potentially leading to
   a NullPointerException when using FTP.
   Bugzilla Report 56873

 * Long-Name and -link or PAX-header entries in TAR archives
   always had the current time as last modfication time, creating
   archives that are different at the byte level each time an
   archive was built.

 * runant.py should now work as well when the path of the Java executable
   contains spaces.
   github pull request #1

 * <junitreport> now supports nested <classpath> and <factory> elements.
   Bugzilla Report 47002

 * complete-ant-cmd.pl now also knows about the -file option.
   Bugzilla Report 57371

 * the br-replace template inside the XSLT stylesheets used by
   <junitreport> could cause stack overflows or out-of-memory errors
   when applied to big outputs.
   Bugzilla Report 57341

 * removed spurious warning about unclosed ZipFiles when reading the
   archive failed.
   Port of https://issues.apache.org/jira/browse/COMPRESS-297

 * FileUtils.rename which is used by several tasks can throw a
   NullPointerException if the "normal" renameTo operation fails and
   an exception occurs while rename falls back to copying and deleting
   the file.
   Bugzilla Report 57533

 * complete-ant-cmd.pl would incorrectly suggest words from the build
   file description.
   Bugzilla Report 51931

 * complete-ant-cmd.pl now also completes tasks without a description.
   Bugzilla Report 57542

 * LocalPropertyStack could run into ConcurrentModificationException
   when tasks spawned new child threads that accessed the properties.
   Bugzilla Report 55074

 * TarEntry's constructor with a File and a String arg didn't
   normalize the name.

 * Between 1.8.4 and 1.9.0 TarInputStream started to parse file
   names using the platform's default encoding rather than as ASCII.
   This has been a breaking change that has never been marked as such
   (in fact it went unnoticed).  In order to allow <untar> and
   <tarfileset> to work on platforms who's encoding doesn't match the
   encoding of file names inside the archive, both now support
   encoding attributes.
   The attribute has also been added to <tar> for symmetry.
   Bugzilla Report 57822

Other changes:
--------------

 * it is now possible to provide proxy configuration to signjar
   when using the timestamped authority.
   Bugzilla Report 56678

 * complete-ant-cmd.pl now also analyzes the ANT_ARGS environment
   variable.
   Bugzilla Report 57371

 * ported some of the write-optimization of Commons Compress 1.10 to
   the ZIP package

 * adapted unit tests to Java9 and added "javac1.9" as valid option
   for javac's compiler attribute.

 * performance improvements for <intersect>
   Bugzilla Report 57588

 * MailLogger can now add CC and BCC addresses.
   Bugzilla Report 57789.

 * <scp>'s buffer size has been increased from 1k to 100k to match
   <ftp> and <get>.
   github pull requests #8 and #9

 * The tar package can now deal with group and user ids bigger than
   0x80000000.
   https://issues.apache.org/jira/browse/COMPRESS-314
   https://issues.apache.org/jira/browse/COMPRESS-315

 * <scp> has new attributes fileMode and dirMode that control the
   permissions on the remote side when sending data via SSH.
   Bugzilla Report 43271.

 * New <allbutlast> and <allbutfirst> resource collections can be used
   to select all but a given subset of a resource collection.
   Bugzilla Report 57834.
e29e664
@jperkin jperkin pushed a commit that referenced this issue Jul 17, 2015
wiz Update to 2.0.2:
2.0.2
-----

* #22: Fix improper commas in request headers in wsgi_environ (https://bitbucket.org/ianb/paste/pull-request/22/fix-improper-commas-in-request-headers-in)
  Fixes issue #4 ("WSGI environ totally borked") (https://bitbucket.org/ianb/paste/issue/4/wsgi-environ-totally-borked)

* #24: test_wsgirequest_charset: Use UTF-8 instead of iso-8859-1 (https://bitbucket.org/ianb/paste/pull-request/24/test_wsgirequest_charset-use-utf-8-instead)
  Fixes issue #7 ("Python 3 test failure") (https://bitbucket.org/ianb/paste/issue/7/python-3-test-failure)

* #23: Replace cgi.parse_qsl w/ six.moves.urllib.parse.parse_qsl (https://bitbucket.org/ianb/paste/pull-request/23/replace-cgiparse_qsl-w)
  Fixes issue #8 ("cgi.parse_qsl is pending deprecation") (https://bitbucket.org/ianb/paste/issue/8/cgiparse_qsl-is-pending-deprecation)

* #20: Escape CGI environment variables in HTTP 404 responses (https://bitbucket.org/ianb/paste/pull-request/20/escape-cgi-environment-variables-in-http)

* #6: Add HTTP exception for new code 429 "Too Many Requests" (https://bitbucket.org/ianb/paste/pull-request/6/add-http-exception-for-new-code-429-too)

* #25: replace ``has_key`` method to ``in`` operator #9 (https://bitbucket.org/ianb/paste/pull-request/25/replace-has_key-method-to-in-operator-9)
  Fixes #9 ("used methods removed from py3") (https://bitbucket.org/ianb/paste/issue/9/used-methods-removed-from-py3)

* #5: Invalid error message when the socket is already in use (https://bitbucket.org/ianb/paste/issue/5/invalid-error-message-when-the-socket-is)

2.0.1
-----

* Fix setup.py for six dependency: move the six dependency from extras_require
  to install_requires.

* Port paste.proxy to Python 3.

* Fix paste.exceptions.serial_number_generator.hash_identifier() on Python 3.

* Fix paste.util.threadedprint.uninstall(). Rename duplicated uninstall()
  function to uninstall_stdin() and fix typo in variable name (_oldstin =>
  _oldstdin).

* Add README.rst file.

2.0
---

* Experimental Python 3 support.

* paste now requires the six module.

* Drop support of Python 2.5 and older.

* Fixed ``egg:Paste#cgi``

* In ``paste.httpserver``: give a 100 Continue response even when the
  server has been configured as an HTTP/1.0 server (clients may send
  ``Expect: 100-Continue`` before they know the version), and wrap
  100 Continue ``environ['wsgi.input']`` files with LimitedLengthFile
  just like normal request bodies are wrapped, keeping WSGI
  applications from over-reading from the socket.

* Fixed parsing of paths beginning with multiple forward slashes.

* Add tox.ini to run tests with tox on Python 2.6, 2.7 and 3.4.
6db9a21
@jperkin jperkin pushed a commit that referenced this issue Aug 9, 2015
markd Update tex-standalone{,-doc} to 1.2
* Fixed build option
* Fixed quotes for auto-build feature of the package.
* Added "multido" option.
* Fixes/improvements for output convert filename for the 'multi'
  option.
* Changed \IfFileExists test for \if..tex macros to support 'htlatex'.
* Issue #12: Fixed info message for mode=buildnew if generated file is
  already newer than source file.
* Issue #8: Updated description of mode=buildnew to state that it
  doesn't work with XeLaTeX.
5bf96c5
@jperkin jperkin pushed a commit that referenced this issue Sep 13, 2015
tnn Update to libzdb-3.1 (2015-08-31)
New: Support Literal IPv6 Addresses in the Database Connection URL. Ref. RFC2732
New: Honour timezone information if provided with date-time column values in Result Sets
Fixed: Issue #7 Removed onstop handler
Fixed: #8 Do not remove trailing SQL termination charachter ';' from statement
e1652d9
@jperkin jperkin pushed a commit that referenced this issue Jan 15, 2016
wen Update to 1.27
Upstream changes:
1.27  2016-01-14 10:50:00 MANWAR
      - Added LICENSE file.

1.26  2016-01-03 00:45:00 MANWAR
      - Merged GitHub Pull Request #9 from ESERTE.

1.25  2016-01-02 01:05:00 MANWAR
      - Merged GitHub Pull Request #8 from TAISNIF.

1.24  2015-12-14 11:35:00 MANWAR
      - Documented method version().
      - Added check for version number.
      - Added unit test for method version().

1.23  2015-12-05 12:40:00 MANWAR
      - Added parameter validation check for method new_outline().
a65d8a1
@jperkin jperkin pushed a commit that referenced this issue Feb 2, 2016
mef Update 0.15 to 016
------------------
0.16  2015-09-22T00:17:07Z
      - Added new abstract class, URI::_odbc, for URIs that use ODBC in
        `dbi_dsn`.
      - The `dbi_dsn` method of URI::mssql now returns an ODBC DSN instead of
        DBD::Sybase, since the latter would require Sybase to build.
      - URI::sqlserver now inherits from URI::mssql rather than the other way
        around.
      - Fixed a bug where a URI with three slashes but no authority part after
        the first two would incorrectly think the databse name should be an
        absolute path. That is, in "db:sqlite:///foo.db", the `dbname` value
        is "foo.db", not "/foo.db". Thanks to Dan Book for the report
        (issue #8).
1827395
@jperkin jperkin pushed a commit that referenced this issue Feb 11, 2016
mef Update 0.15 to 016
------------------
0.16  2015-09-22T00:17:07Z
      - Added new abstract class, URI::_odbc, for URIs that use ODBC in
        `dbi_dsn`.
      - The `dbi_dsn` method of URI::mssql now returns an ODBC DSN instead of
        DBD::Sybase, since the latter would require Sybase to build.
      - URI::sqlserver now inherits from URI::mssql rather than the other way
        around.
      - Fixed a bug where a URI with three slashes but no authority part after
        the first two would incorrectly think the databse name should be an
        absolute path. That is, in "db:sqlite:///foo.db", the `dbname` value
        is "foo.db", not "/foo.db". Thanks to Dan Book for the report
        (issue #8).
1aa544f
@jperkin jperkin pushed a commit that referenced this issue Feb 11, 2016
kleink Update py-flask-babelex to 0.9.3.
0.9.3
-----

* Merge pull request #8 from lnielsen/lazydomainfix
  Fix lazy gettext problem with domain evaluation
bc216a3
@jperkin jperkin pushed a commit that referenced this issue Apr 11, 2016
wiz Update p5-Params-Validate to 1.23:
1.23    2016-03-26

- Fixed some Perl stack corruption bugs. Based on a proposed PR from Tony Cook
  plus some additional changes. GH #8.

- Fixed tests with Carp 1.01 (shipped with Perl 5.8.3). Patch by Andreas
  Koenig. RT #113318.
ae37031
@jperkin jperkin pushed a commit that referenced this issue Apr 11, 2016
mef Update to devel/p5-Devel-StackTrace-2.0.1
-----------------------------------------
2.01   2016-03-02
- Fixed the frames method when it is called with arguments. Previously this
  did not work if it was called before the method was called as a
  reader. Fixed by Mark Fowler. PR #8.
e7de74f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.