Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
(CVE-2021-41099) Integer to heap buffer overflow handling certain string
commands and network payloads, when proto-max-bulk-len is manually configured
to a non-default, very large value [reported by yiyuaner].
(CVE-2021-32762) Integer to heap buffer overflow issue in redis-cli and
redis-sentinel parsing large multi-bulk replies on some older and less common
platforms [reported by Microsoft Vulnerability Research].
(CVE-2021-32687) Integer to heap buffer overflow with intsets, when
set-max-intset-entries is manually configured to a non-default, very large
value [reported by Pawel Wieczorkiewicz, AWS].
(CVE-2021-32675) Denial Of Service when processing RESP request payloads with
a large number of elements on many connections.
(CVE-2021-32672) Random heap reading issue with Lua Debugger [reported by
Meir Shpilraien].
(CVE-2021-32628) Integer to heap buffer overflow handling ziplist-encoded
data types, when configuring a large, non-default value for
hash-max-ziplist-entries, hash-max-ziplist-value, zset-max-ziplist-entries
or zset-max-ziplist-value [reported by sundb].
(CVE-2021-32627) Integer to heap buffer overflow issue with streams, when
configuring a non-default, large value for proto-max-bulk-len and
client-query-buffer-limit [reported by sundb].
(CVE-2021-32626) Specially crafted Lua scripts may result with Heap buffer
overflow [reported by Meir Shpilraien].
Bug fixes that involve behavior changes:
GEO* STORE with empty source key deletes the destination key and return 0 (#9271)
Previously it would have returned an empty array like the non-STORE variant.
PUBSUB NUMPAT replies with number of patterns rather than number of subscriptions (#9209)
This actually changed in 6.2.0 but was overlooked and omitted from the release notes.
Bug fixes that are only applicable to previous releases of Redis 6.2:
Fix CLIENT PAUSE, used an old timeout from previous PAUSE (#9477)
Fix CLIENT PAUSE in a replica would mess the replication offset (#9448)
Add some missing error statistics in INFO errorstats (#9328)
Other bug fixes:
Fix incorrect reply of COMMAND command key positions for MIGRATE command (#9455)
Fix appendfsync to always guarantee fsync before reply, on MacOS and FreeBSD (kqueue) (#9416)
Fix the wrong mis-detection of sync_file_range system call, affecting performance (#9371)
CLI tools:
When redis-cli received ASK response, it didn't handle it (#8930)
Improvements:
Add latency monitor sample when key is deleted via lazy expire (#9317)
Sanitize corrupt payload improvements (#9321, #9399)
Delete empty keys when loading RDB file or handling a RESTORE command (#9297, #9349)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021.10.04 -- Version 2.5.4
Antonio Quartulli (3):
route.c: pass the right parameter to IN6_IS_ADDR_UNSPECIFIED
configure: search also for rst2{man, html}.py
networking: add networking API net_addr_ll_set() and use it on Linux
Arne Schwabe (1):
Move examples into openvpn-examples(5) man page
David Korczynski (1):
Fix argv leaks in add_route() and add_route_ipv6()
David Sommerseth (2):
doc: Use generic rules for man/html generation
man: Clarify IV_HWADDR
Gert Doering (1):
Add error reporting to get_console_input_win32().
Lev Stipakov (3):
Fix console prompts with redirected log
Add building man page on Windows
GitHub Actions: remove Ubuntu 16.04 environment
Max Fillinger (1):
Update Fox e-mail address in copyright notices
Selva Nair (1):
Minor doc correction: tls-crypt-v2 key generation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This resolves openssl 3.x errors until upstream addresses them properly.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Sadly, the move to duktape has not yet happend, but it is on the
way, and meanwhile we can use modern mozjs at least.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fetch license.html rather than keep possibly stale
version in files/.
License-Update: Update copyright years; update lines used
Signed-off-by: Tim Orling <ticotimo@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1.2.6 release does not have fixes to work with setuptools 0.58+
the patches are part of github 1.2.7 pre-release, until the release
comes out switch to using github
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Release 0.8.10 is a minor release and contains two bug fixes for the HSM extension and changes how the 'self' literal string is handled.
- Feature #545: The literal 'self' (default model parameter of `Machine`) has been replaced by the class variable `Machine.self_literal = 'self'`. `Machine` now performs an identity check (instead of a value check) with `mod is self.self_literal` to determine whether it should act as a model. While 'self' should still work when passed to the `model` parameter, we encourage using `Machine.self_literal` from now on. This was done to enable easier override of `Machine.__eq__` in subclasses (thanks @VKSolovev).
- Bug #547: Introduce `HierarchicalMachine.prefix_path` to resolve global state names since the HSM stack is not reliable when `queued=True` (thanks @jankrejci).
- Bug #548: `HSM` source states were exited even though they are parents of the destination state (thanks @wes-public-apps).
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Bugfixes
Ignore blank ignored in existing Data Validations
Add support for cell protection for merged cell ranges
Timezone-aware datetimes raise an Exception
Improved normalisation of chart series
Catch OverflowError for out of range datetimes
Alignment.relativeIndent can be negative
Incorrect default value groupBy attribute
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
-License-Update: Delete the description of the license and use the license address instead.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
5.2.0 (2021-10-03)
=====================
Features
--------
- 1. Added support Python 3.10
2. Started shipping platform-specific wheels with the ``musl`` tag targeting typical Alpine Linux runtimes.
3. Started shipping platform-specific arm64 wheels for Apple Silicon. (`#629 <https://github.com/aio-libs/multidict/issues/629>`_)
Bugfixes
--------
- Fixed pure-python implementation that used to raise "Dictionary changed during iteration" error when iterated view (``.keys()``, ``.values()`` or ``.items()``) was created before the dictionary's content change. (`#620 <https://github.com/aio-libs/multidict/issues/620>`_)
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Here is a non-exhaustive list of changes,
Fixes:
async with doesn’t allow newlines PR #13090
Dynamically changing to vi mode via %config magic) PR #13091
Virtualenv handling fixes:
init_virtualenv now uses Pathlib PR #12548
Fix Improper path comparison of virtualenv directories PR #13140
Fix virtual environment user warning for lower case pathes PR #13094
Adapt to all sorts of drive names for cygwin PR #13153
New Features:
enable autoplay in embed YouTube player PR #13133
Documentation:
Fix formatting for the core.interactiveshell documentation PR #13118
Fix broken ipyparallel’s refs PR #13138
Improve formatting of %time documentation PR #13125
Reword the YouTubeVideo autoplay WN PR #13147
Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
pipewire project have config option to enable installation of systemd
user and/or system services. Before update of pipewire to current version
(02de7746) only system service files was added, after update both user
and system service files was added. This commit will make it possible to
configure which service files that is wanted. Default PACKAGECONFIG is
to add systemd service files as it was before version upgrade.
Yocto systemd class currently does not handle user service files during package
and those files are only installed in rootfs but user service is not enabled as a
system service is.
Another use case is where you want your own service files and can disable the
default ones from pipewire and add your own in a bbappend.
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
wangmy
Khem Raj
Vyacheslav Yurkov
Alexander Kanavin
Shiping Ji
Alexander Thoma
Tim Orling
zangrc
Zoltán Böszörményi
Trevor Gamblin
LiweiSong
Yi Zhao
Peter Bergin