http://open-source-security-software.net/releases.atom Recent releases 2021-08-05T22:05:49.750197+00:00 python-feedgen CTFd 3.3.1 CTFd 3.3.1 2021-07-15T22:46:04+00:00 # 3.3.1 / 2021-07-15 **Security** - Fixes an issue where users could join teams without knowing the team password or having a team invite 2021-07-15T22:46:04+00:00 seaweedfs 2.59 seaweedfs 2.59 2021-07-15T22:53:14+00:00 * S3 * Fixed an important bug where files larger than 4MB will fail the upload. #2195 The bug was introduced since 2.51 (June 6th, 2021). * Shell * `volume.check.disk` adds retries in case the volumes are just moved #2194 * `volume.fsck` deletes a volume if the volume has only orphaned data #2190 * Volume * Change all writes to fsync during graceful stopping. #2193 2021-07-15T22:53:14+00:00 mitmproxy v7.0.0 mitmproxy v7.0.0 2021-07-16T08:26:56+00:00 Check out our [release announcement blog post](https://mitmproxy.org/posts/releases/mitmproxy7/)! 🎉 You can find the latest release packages at https://mitmproxy.org/downloads/. 2021-07-16T08:26:56+00:00 uBlock 1.36.3b5 uBlock 1.36.3b5 2021-07-16T18:08:24+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.36.3b5...master) To install the developer build: - **Firefox**: Click [uBlock0_1.36.3b5.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3b5/uBlock0_1.36.3b5.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.36.3b5.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3b5/uBlock0_1.36.3b5.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Closed as fixed ### Core - ['$popup' not working](https://github.com/uBlockOrigin/uBlock-issues/issues/1659) - [Service worker "tabless" requests with correct context are still modified when page is whitelisted](https://github.com/uBlockOrigin/uBlock-issues/issues/1657) - [Back/Forward navigation does not work between Ublock Origin option pages](https://github.com/uBlockOrigin/uBlock-issues/issues/1648) - [csp_report filter created via logger is marked as invalid](https://github.com/uBlockOrigin/uBlock-issues/issues/1622) - [Extreme popup blocking - uBo dashboard is blocked when popups are](https://github.com/uBlockOrigin/uBlock-issues/issues/1616) - [ipv6 fe80::1%lo0 localhost from hosts file is marked as error line](https://github.com/uBlockOrigin/uBlock-issues/issues/1596) - [Whitespaces are now stripped from blocking-rule URLs, causing rules targeting whitespaces to fail and/or block extremely broadly](https://github.com/uBlockOrigin/uBlock-issues/issues/1146) - [Element picker/zapper don't work if cosmetic filtering is disabled ](https://github.com/gorhill/uBlock/issues/3212) - [Logger always highlights first match](https://github.com/gorhill/uBlock/issues/3037) - [Static filtering: Cannot prevent my filter from strict-blocking](https://github.com/gorhill/uBlock/issues/2385) ## Notable commits without en entry in the issue tracker - [Fix spurious error messages when updating contextual menu](https://github.com/gorhill/uBlock/commit/d17e22a505e4dbfb96d2ea4cf7f8a745f5109dd9) - [Make getByName() return an dummy Tracker object](https://github.com/gorhill/uBlock/commit/d3b1ca333c5a3685ada8d1afddb0030edfdf60b8) - [Add asap behavior to remove-attr scriptlet](https://github.com/gorhill/uBlock/commit/35d7406214e39fa5ad5c73cfab3eecb0eb7c8b7f) - [Ensure pending callbacks are called only once](https://github.com/gorhill/uBlock/commit/0dbe581c5bd26b0200e2879c0ffbdc519d7822ee) 2021-07-16T18:08:24+00:00 hashcat v6.2.3 hashcat v6.2.3 2021-07-16T20:44:04+00:00 Welcome to hashcat 6.2.3 release! This release adds an entire new compute backend (HIP), CPU hardware monitor support, several new hash-modes, bug fixes and improvements. This is a minor release. If you are looking for release notes please refer to docs/changes.txt. 2021-07-16T20:44:04+00:00 uBlock 1.36.3b8 uBlock 1.36.3b8 2021-07-17T18:28:40+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.36.3b8...master) To install the developer build: - **Firefox**: Click [uBlock0_1.36.3b8.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3b8/uBlock0_1.36.3b8.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.36.3b8.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3b8/uBlock0_1.36.3b8.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Closed as fixed ### Core - ['$popup' not working](https://github.com/uBlockOrigin/uBlock-issues/issues/1659) - [Service worker "tabless" requests with correct context are still modified when page is whitelisted](https://github.com/uBlockOrigin/uBlock-issues/issues/1657) - [Back/Forward navigation does not work between Ublock Origin option pages](https://github.com/uBlockOrigin/uBlock-issues/issues/1648) - [csp_report filter created via logger is marked as invalid](https://github.com/uBlockOrigin/uBlock-issues/issues/1622) - [Extreme popup blocking - uBo dashboard is blocked when popups are](https://github.com/uBlockOrigin/uBlock-issues/issues/1616) - [ipv6 fe80::1%lo0 localhost from hosts file is marked as error line](https://github.com/uBlockOrigin/uBlock-issues/issues/1596) - [Whitespaces are now stripped from blocking-rule URLs, causing rules targeting whitespaces to fail and/or block extremely broadly](https://github.com/uBlockOrigin/uBlock-issues/issues/1146) - [uBO's dashboard does not refresh custom filters in real-time](https://github.com/gorhill/uBlock/issues/3704) - [Element picker/zapper don't work if cosmetic filtering is disabled ](https://github.com/gorhill/uBlock/issues/3212) - [Logger always highlights first match](https://github.com/gorhill/uBlock/issues/3037) - [Static filtering: Cannot prevent my filter from strict-blocking](https://github.com/gorhill/uBlock/issues/2385) ## Notable commits without en entry in the issue tracker - [Add abort-current-script scriptlet](https://github.com/gorhill/uBlock/commit/ebc42ae21e7900fafeaf1041038b94488b1d50e5) - [Fix spurious error messages when updating contextual menu](https://github.com/gorhill/uBlock/commit/d17e22a505e4dbfb96d2ea4cf7f8a745f5109dd9) - [Make getByName() return an dummy Tracker object](https://github.com/gorhill/uBlock/commit/d3b1ca333c5a3685ada8d1afddb0030edfdf60b8) - [Add asap behavior to remove-attr scriptlet](https://github.com/gorhill/uBlock/commit/35d7406214e39fa5ad5c73cfab3eecb0eb7c8b7f) - [Ensure pending callbacks are called only once](https://github.com/gorhill/uBlock/commit/0dbe581c5bd26b0200e2879c0ffbdc519d7822ee) 2021-07-17T18:28:40+00:00 safety-db 2021.7.17 safety-db 2021.7.17 2021-07-18T01:13:31+00:00 2021-07-18T01:13:31+00:00 uBlock 1.36.3b9 uBlock 1.36.3b9 2021-07-18T14:15:43+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.36.3b9...master) To install the developer build: - **Firefox**: Click [uBlock0_1.36.3b9.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3b9/uBlock0_1.36.3b9.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.36.3b9.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3b9/uBlock0_1.36.3b9.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Closed as fixed ### Core - ['$popup' not working](https://github.com/uBlockOrigin/uBlock-issues/issues/1659) - [Service worker "tabless" requests with correct context are still modified when page is whitelisted](https://github.com/uBlockOrigin/uBlock-issues/issues/1657) - [Back/Forward navigation does not work between Ublock Origin option pages](https://github.com/uBlockOrigin/uBlock-issues/issues/1648) - [csp_report filter created via logger is marked as invalid](https://github.com/uBlockOrigin/uBlock-issues/issues/1622) - [Extreme popup blocking - uBo dashboard is blocked when popups are](https://github.com/uBlockOrigin/uBlock-issues/issues/1616) - [ipv6 fe80::1%lo0 localhost from hosts file is marked as error line](https://github.com/uBlockOrigin/uBlock-issues/issues/1596) - [Whitespaces are now stripped from blocking-rule URLs, causing rules targeting whitespaces to fail and/or block extremely broadly](https://github.com/uBlockOrigin/uBlock-issues/issues/1146) - [uBO's dashboard does not refresh custom filters in real-time](https://github.com/gorhill/uBlock/issues/3704) - [Element picker/zapper don't work if cosmetic filtering is disabled ](https://github.com/gorhill/uBlock/issues/3212) - [Logger always highlights first match](https://github.com/gorhill/uBlock/issues/3037) - [Static filtering: Cannot prevent my filter from strict-blocking](https://github.com/gorhill/uBlock/issues/2385) ## Notable commits without en entry in the issue tracker - [Disclose where uBO's own filter lists are hosted](https://github.com/gorhill/uBlock/commit/1d27138da9e39fc1ef090c7f32f8de3814bd0ef7) - [Add abort-current-script scriptlet](https://github.com/gorhill/uBlock/commit/ebc42ae21e7900fafeaf1041038b94488b1d50e5) - [Fix spurious error messages when updating contextual menu](https://github.com/gorhill/uBlock/commit/d17e22a505e4dbfb96d2ea4cf7f8a745f5109dd9) - [Make getByName() return an dummy Tracker object](https://github.com/gorhill/uBlock/commit/d3b1ca333c5a3685ada8d1afddb0030edfdf60b8) - [Add asap behavior to remove-attr scriptlet](https://github.com/gorhill/uBlock/commit/35d7406214e39fa5ad5c73cfab3eecb0eb7c8b7f) - [Ensure pending callbacks are called only once](https://github.com/gorhill/uBlock/commit/0dbe581c5bd26b0200e2879c0ffbdc519d7822ee) 2021-07-18T14:15:43+00:00 mkdocs 1.2.2 mkdocs 1.2.2 2021-07-18T19:32:00+00:00 MkDocs 1.2.2 is a bugfix release for [MkDocs 1.2](https://www.mkdocs.org/about/release-notes/#version-12-2021-06-04) -- make sure you've seen the "major" release notes as well. * Bugfix (regression in 1.2): Fix serving files/paths with Unicode characters (#2464) * Bugfix (regression in 1.2): Revert livereload file watching to use polling observer (#2477) This had to be done to reasonably support usages that span virtual filesystems such as non-native Docker and network mounts. This goes back to the polling approach, very similar to that was always used prior, meaning most of the same downsides with latency and CPU usage. * Revert from 1.2: Remove the requirement of a `site_url` config and the restriction on `use_directory_urls` (#2490) * Bugfix (regression in 1.2): Don't require trailing slash in the URL when serving a directory index in `mkdocs serve` server (#2507) Instead of showing a 404 error, detect if it's a directory and redirect to a path with a trailing slash added, like before. * Bugfix: Fix `gh_deploy` with config-file in the current directory (#2481) * Bugfix: Fix reversed breadcrumbs in "readthedocs" theme (#2179) * Allow "mkdocs.yaml" as the file name when '--config' is not passed (#2478) * Stop treating ";" as a special character in URLs: urlparse -> urlsplit (#2502) * Improve build performance for sites with many pages (partly already done in 1.2) (#2407) 2021-07-18T19:32:00+00:00 bcc v0.21.0 bcc v0.21.0 2021-07-19T00:06:48+00:00 * Support for kernel up to 5.13 * support for debug information from libdebuginfod * finished support for map elements items_*_batch() APIs * add atomic_increment() API * support attach_func() and detach_func() in python * fix displaying PID instead of TID for many tools * new tools: kvmexit.py * new libbpf-tools: gethostlatency, statsnoop, fsdist and solisten * fix tools ttysnoop/readahead for newer kernels * doc update and bug fixes 2021-07-19T00:06:48+00:00 pia v3.0.1 pia v3.0.1 2021-07-19T08:30:32+00:00 ## FR Cette version contient deux correctifs : - L'icône de la version GNU/Linux ne s'affichait pas - Un problème d'affichage de la vue d'ensemble du plan d'action ## EN This version contains two fixes: - The GNU / Linux version icon was not displayed - A problem with the display of the overview of the action plan 2021-07-19T08:30:32+00:00 uMatrix 1.4.2 uMatrix 1.4.2 2021-07-19T14:31:27+00:00 [Commits to master](https://github.com/gorhill/uMatrix/compare/1.4.2...master) since this release. [Commits since 1.4.0](https://github.com/gorhill/uMatrix/compare/1.4.0...1.4.2). ## Fixes - [Fix infinite recursion with maliciously crafted URL](https://github.com/gorhill/uMatrix/commit/30c12dabdce4cd957d298f49979dd359be16b030) - [Remove no longer existing hpHosts](https://github.com/gorhill/uMatrix/commit/d5cce55f1cbe5078bac7b05880da7099f8cdf3c6) - [mvps host list secure protocol http => https](https://github.com/gorhill/uMatrix/commit/d970d97e0e4ce41a573401334e9f74877f18dd81) ## Notes This version has been submitted to the [Chrome Web Store](https://chrome.google.com/webstore/detail/umatrix/ogfcmafjalglgifnmanfmnieipoejdcf) and is currently pending review. It is already available on [AMO](https://addons.mozilla.org/en-US/firefox/addon/umatrix/). 2021-07-19T14:31:27+00:00 uBlock 1.36.3rc0 uBlock 1.36.3rc0 2021-07-19T15:40:10+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.36.3rc0...master) To install the developer build: - **Firefox**: Click [uBlock0_1.36.3rc0.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3rc0/uBlock0_1.36.3rc0.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.36.3rc0.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3rc0/uBlock0_1.36.3rc0.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Closed as fixed ### Core - ['$popup' not working](https://github.com/uBlockOrigin/uBlock-issues/issues/1659) - [Service worker "tabless" requests with correct context are still modified when page is whitelisted](https://github.com/uBlockOrigin/uBlock-issues/issues/1657) - [Back/Forward navigation does not work between Ublock Origin option pages](https://github.com/uBlockOrigin/uBlock-issues/issues/1648) - [csp_report filter created via logger is marked as invalid](https://github.com/uBlockOrigin/uBlock-issues/issues/1622) - [Extreme popup blocking - uBo dashboard is blocked when popups are](https://github.com/uBlockOrigin/uBlock-issues/issues/1616) - [ipv6 fe80::1%lo0 localhost from hosts file is marked as error line](https://github.com/uBlockOrigin/uBlock-issues/issues/1596) - [Whitespaces are now stripped from blocking-rule URLs, causing rules targeting whitespaces to fail and/or block extremely broadly](https://github.com/uBlockOrigin/uBlock-issues/issues/1146) - [uBO's dashboard does not refresh custom filters in real-time](https://github.com/gorhill/uBlock/issues/3704) - [Element picker/zapper don't work if cosmetic filtering is disabled ](https://github.com/gorhill/uBlock/issues/3212) - [Logger always highlights first match](https://github.com/gorhill/uBlock/issues/3037) - [Static filtering: Cannot prevent my filter from strict-blocking](https://github.com/gorhill/uBlock/issues/2385) ## Notable commits without en entry in the issue tracker - [Disclose where uBO's own filter lists are hosted](https://github.com/gorhill/uBlock/commit/1d27138da9e39fc1ef090c7f32f8de3814bd0ef7) - [Add abort-current-script scriptlet](https://github.com/gorhill/uBlock/commit/ebc42ae21e7900fafeaf1041038b94488b1d50e5) - [Fix spurious error messages when updating contextual menu](https://github.com/gorhill/uBlock/commit/d17e22a505e4dbfb96d2ea4cf7f8a745f5109dd9) - [Make getByName() return an dummy Tracker object](https://github.com/gorhill/uBlock/commit/d3b1ca333c5a3685ada8d1afddb0030edfdf60b8) - [Add asap behavior to remove-attr scriptlet](https://github.com/gorhill/uBlock/commit/35d7406214e39fa5ad5c73cfab3eecb0eb7c8b7f) - [Ensure pending callbacks are called only once](https://github.com/gorhill/uBlock/commit/0dbe581c5bd26b0200e2879c0ffbdc519d7822ee) 2021-07-19T15:40:10+00:00 uMatrix 1.4.3b0 uMatrix 1.4.3b0 2021-07-19T16:00:08+00:00 [Commits to master](https://github.com/gorhill/uMatrix/compare/1.4.3b0...master) since this release To install the dev build for: - Firefox: click [`uMatrix_1.4.3b0.firefox.signed.xpi`](https://github.com/gorhill/uMatrix/releases/download/1.4.3b0/uMatrix_1.4.3b0.firefox.signed.xpi) - Chromium: install the [dev build version in the Chrome store](https://chrome.google.com/webstore/detail/umatrix-development-build/eckgcipdkhcfghnmincccnhpdmnbefki). The dev build will automatically update to a newer dev build when one becomes available. *** ## New Ability to reveal the canonical names of aliased hostnames. This is a per-scope setting: ![a](https://user-images.githubusercontent.com/585534/71643825-469d9f00-2c8c-11ea-850e-fa4358df22d7.png) The corresponding switch-based rule is: cname-reveal: [scope] true By default, the rule `cname-reveal: * true` is created in new installations of uMatrix. For existing installations, you will have to add it yourself if you want canonical names to be reported in the matrix everywhere by default. This new feature is supported only in Firefox. 2021-07-19T16:00:08+00:00 TheHive 4.1.8 TheHive 4.1.8 2021-07-19T16:36:23+00:00 ## [4.1.8](https://github.com/TheHive-Project/TheHive/milestone/77) (2021-07-19) **Implemented enhancements:** - [Feature Request] Improve SSO user auto creation [\#2127](https://github.com/TheHive-Project/TheHive/issues/2127) - [Feature Request] Add simple improvements in alerts list [\#2129](https://github.com/TheHive-Project/TheHive/issues/2129) **Closed issues:** - typo in entrypoint man for "cortex-hostnames" [\#2114](https://github.com/TheHive-Project/TheHive/issues/2114) **Fixed bugs:** - [Bug] TheHive updates an alert from an updated MISP event but not the promoted Case [\#2110](https://github.com/TheHive-Project/TheHive/issues/2110) 2021-07-19T16:36:23+00:00 rita v4.3.1 rita v4.3.1 2021-07-19T19:28:30+00:00 Changes: - Extend Zeek TCP inactivity timeout (#660) Dev changes: - Clean up TODO and NOTE markers. Remove old ip index in host collection. (#622) - Update references from Mongo 3.6 to 4.2 (#661) 2021-07-19T19:28:30+00:00 uMatrix 1.4.4 uMatrix 1.4.4 2021-07-20T10:54:30+00:00 [Commits to master](https://github.com/gorhill/uMatrix/compare/1.4.4...master) since this release. [Commits since 1.4.2](https://github.com/gorhill/uMatrix/compare/1.4.2...1.4.4). ## Fixes - [Fix exception thrown when a stock asset is removed](https://github.com/gorhill/uMatrix/commit/c2b4adb7f11e072b9213eb478dcb88a92f450071) - [Remove obsolete assets](https://github.com/gorhill/uMatrix/commit/13c45f12244453e27383c9041a76194831d81ef7) 2021-07-20T10:54:30+00:00 Loki 0.42.0 Loki 0.42.0 2021-07-20T12:36:15+00:00 - vulnerability check: local SAM database readable by every user ![Screenshot 2021-07-20 at 14 35 55](https://user-images.githubusercontent.com/2851492/126325021-6fd6be99-0baa-43eb-9671-d8ebaac3b486.png) 2021-07-20T12:36:15+00:00 uBlock 1.36.3rc1 uBlock 1.36.3rc1 2021-07-20T12:46:07+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.36.3rc1...master) To install the developer build: - **Firefox**: Click [uBlock0_1.36.3rc1.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3rc1/uBlock0_1.36.3rc1.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.36.3rc1.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.36.3rc1/uBlock0_1.36.3rc1.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Closed as fixed ### Core - ['$popup' not working](https://github.com/uBlockOrigin/uBlock-issues/issues/1659) - [Service worker "tabless" requests with correct context are still modified when page is whitelisted](https://github.com/uBlockOrigin/uBlock-issues/issues/1657) - [Back/Forward navigation does not work between Ublock Origin option pages](https://github.com/uBlockOrigin/uBlock-issues/issues/1648) - [csp_report filter created via logger is marked as invalid](https://github.com/uBlockOrigin/uBlock-issues/issues/1622) - [Extreme popup blocking - uBo dashboard is blocked when popups are](https://github.com/uBlockOrigin/uBlock-issues/issues/1616) - [ipv6 fe80::1%lo0 localhost from hosts file is marked as error line](https://github.com/uBlockOrigin/uBlock-issues/issues/1596) - [Whitespaces are now stripped from blocking-rule URLs, causing rules targeting whitespaces to fail and/or block extremely broadly](https://github.com/uBlockOrigin/uBlock-issues/issues/1146) - [uBO's dashboard does not refresh custom filters in real-time](https://github.com/gorhill/uBlock/issues/3704) - [Element picker/zapper don't work if cosmetic filtering is disabled ](https://github.com/gorhill/uBlock/issues/3212) - [Logger always highlights first match](https://github.com/gorhill/uBlock/issues/3037) - [Static filtering: Cannot prevent my filter from strict-blocking](https://github.com/gorhill/uBlock/issues/2385) ## Notable commits without en entry in the issue tracker - [Provide visual cue in popup panel when base domain has subdomains](https://github.com/gorhill/uBlock/commit/75deadd31ebe6f42ede1b789013d2ac966c9f861) - [Disclose where uBO's own filter lists are hosted](https://github.com/gorhill/uBlock/commit/1d27138da9e39fc1ef090c7f32f8de3814bd0ef7) - [Add abort-current-script scriptlet](https://github.com/gorhill/uBlock/commit/ebc42ae21e7900fafeaf1041038b94488b1d50e5) - [Fix spurious error messages when updating contextual menu](https://github.com/gorhill/uBlock/commit/d17e22a505e4dbfb96d2ea4cf7f8a745f5109dd9) - [Make getByName() return an dummy Tracker object](https://github.com/gorhill/uBlock/commit/d3b1ca333c5a3685ada8d1afddb0030edfdf60b8) - [Add asap behavior to remove-attr scriptlet](https://github.com/gorhill/uBlock/commit/35d7406214e39fa5ad5c73cfab3eecb0eb7c8b7f) - [Ensure pending callbacks are called only once](https://github.com/gorhill/uBlock/commit/0dbe581c5bd26b0200e2879c0ffbdc519d7822ee) 2021-07-20T12:46:07+00:00 tidb v4.0.10-20210720 tidb v4.0.10-20210720 2021-07-20T12:47:41+00:00 2021-07-20T12:47:41+00:00 logstash v7.13.4 logstash v7.13.4 2021-07-20T14:26:20+00:00 Downloads: https://elastic.co/downloads/logstash Release notes: https://www.elastic.co/guide/en/logstash/7.13/logstash-7-13-4.html 2021-07-20T14:26:20+00:00 traefik v2.5.0-rc3 traefik v2.5.0-rc3 2021-07-20T16:08:48+00:00 **Bug fixes:** - **[k8s,k8s/crd,k8s/ingress]** Disable ExternalName Services by default on Kubernetes providers ([#8261](https://github.com/traefik/traefik/pull/8261) by [dtomcej](https://github.com/dtomcej)) - **[k8s,k8s/crd,k8s/ingress]** Fix: malformed Kubernetes resource names and references in tests ([#8226](https://github.com/traefik/traefik/pull/8226) by [rtribotte](https://github.com/rtribotte)) - **[k8s,k8s/crd]** Disable Cross-Namespace by default for IngressRoute provider ([#8260](https://github.com/traefik/traefik/pull/8260) by [dtomcej](https://github.com/dtomcej)) - **[logs,middleware]** Accesslog: support multiple values for a given header ([#8258](https://github.com/traefik/traefik/pull/8258) by [ldez](https://github.com/ldez)) - **[logs]** Ignore http 1.0 request host missing errors ([#8252](https://github.com/traefik/traefik/pull/8252) by [dtomcej](https://github.com/dtomcej)) - **[middleware]** Headers Middleware: support http.CloseNotifier interface ([#8238](https://github.com/traefik/traefik/pull/8238) by [dtomcej](https://github.com/dtomcej)) - **[tls]** Detect certificates content modifications ([#8243](https://github.com/traefik/traefik/pull/8243) by [jbdoumenjou](https://github.com/jbdoumenjou)) **Documentation:** - **[middleware,k8s]** Fix invalid subdomain ([#8212](https://github.com/traefik/traefik/pull/8212) by [WLun001](https://github.com/WLun001)) - Add the list of available provider names ([#8225](https://github.com/traefik/traefik/pull/8225) by [WLun001](https://github.com/WLun001)) - Fix maintainers-guidelines page title ([#8216](https://github.com/traefik/traefik/pull/8216) by [kubopanda](https://github.com/kubopanda)) - Typos in contributing section ([#8215](https://github.com/traefik/traefik/pull/8215) by [kubopanda](https://github.com/kubopanda)) 2021-07-20T16:08:48+00:00 Loki 0.42.1 Loki 0.42.1 2021-07-20T16:09:25+00:00 - docs: better description of Hive Permission bug - fix: typos in some words 2021-07-20T16:09:25+00:00 Loki 0.42.2 Loki 0.42.2 2021-07-20T20:02:03+00:00 - trying to fix unicode decode issues for some users 2021-07-20T20:02:03+00:00 mattermost-server v5.31.8 mattermost-server v5.31.8 2021-07-21T14:50:55+00:00 Mattermost Platform Release v5.31.8 2021-07-21T14:50:55+00:00 Lookyloo v1.7.0 Lookyloo v1.7.0 2021-07-21T16:38:24+00:00 The two main changes in this release are: * Add support for passing a proxy to a capture, thanks to @Felalex57 - [Documentation](https://www.lookyloo.eu/docs/main/usage.html#_proxy) * Major improvement in the API using [flask-restx](https://github.com/python-restx/flask-restx) - [Documentation](https://lookyloo.circl.lu/doc/) on the demo Lookyloo instance. * Add lookup against a MISP instance - [Documentation](https://www.lookyloo.eu/docs/main/lookyloo-integration.html#_lookup_on_a_misp_instance) * Add sample config for log rotate thanks to @FafnerKeyZee - [Documentation](https://www.lookyloo.eu/docs/main/install-lookyloo-production.html#_logging_and_rotation) The other changes are mainly bugfixes and small changes: * Avoid receiving notifications from bots * Upgrade the bundled-in list of user agents * Improve generation of the pickles and avoid doing it twice * Add reference to parent in the case a capture is initiated from an other one * Improve MISP export 2021-07-21T16:38:24+00:00 redis 5.0.13 redis 5.0.13 2021-07-21T18:08:51+00:00 Upgrade urgency: SECURITY, contains fixes to security issues that affect authenticated client connections on 32-bit versions. MODERATE otherwise. Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761). An integer overflow bug in Redis version 2.2 or newer can be exploited using the BITFIELD command to corrupt the heap and potentially result with remote code execution. Bug fixes: * Fix overflows on 32-bit versions in GETBIT, SETBIT, BITCOUNT, BITPOS, and BITFIELD (#9191) * Fix ziplist length updates on big-endian platforms (#2080) 2021-07-21T18:08:51+00:00 redis 6.0.15 redis 6.0.15 2021-07-21T18:10:11+00:00 Upgrade urgency: SECURITY, contains fixes to security issues that affect authenticated client connections on 32-bit versions. MODERATE otherwise. Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761). An integer overflow bug in Redis version 2.2 or newer can be exploited using the BITFIELD command to corrupt the heap and potentially result with remote code execution. Bug fixes that involve behavior changes: * Change reply type for ZPOPMAX/MIN with count in RESP3 to nested array (#8981). Was using a flat array like in RESP2 instead of a nested array like ZRANGE does. Bug fixes: * Fail EXEC command in case a watched key is expired (#9194) * Fix SMOVE not to invalidate dest key (WATCH and tracking) when member already exists (#9244) * Fix SINTERSTORE not to delete dest key when getting a wrong type error (#9032) * Fix overflows on 32-bit versions in GETBIT, SETBIT, BITCOUNT, BITPOS, and BITFIELD (#9191) * Set TCP keepalive on inbound cluster bus connections (#9230) * Fix ziplist length updates on big-endian platforms (#2080) * Fix diskless replica loading to recover from RDB short read on module AUX data (#9199) * Fix race in client side tracking (#9116) * If diskless repl child is killed, make sure to reap the child pid (#7742) * Add a timeout mechanism for replicas stuck in fullsync (#8762) CLI tools: * redis-cli cluster import support source and target that require auth (#7994) * redis-cli cluster import command may issue wrong MIGRATE command, sending COPY instead of REPLACE (#8945) * redis-cli support for RESP3 set type in CSV and RAW output (#7338) 2021-07-21T18:10:11+00:00 redis 6.2.5 redis 6.2.5 2021-07-21T18:15:53+00:00 Upgrade urgency: SECURITY, contains fixes to security issues that affect authenticated client connections on 32-bit versions. MODERATE otherwise. Fix integer overflow in BITFIELD on 32-bit versions (CVE-2021-32761). An integer overflow bug in Redis version 2.2 or newer can be exploited using the BITFIELD command to corrupt the heap and potentially result with remote code execution. Bug fixes that involve behavior changes: * Change reply type for ZPOPMAX/MIN with count in RESP3 to nested array (#8981). Was using a flat array like in RESP2 instead of a nested array like ZRANGE does. * Fix reply type for HRANDFIELD and ZRANDMEMBER when key is missing (#9178). Was using a null array instead of an empty array. * Fix reply type for ZRANGESTORE when source key is missing (#9089). Was using an empty array like ZRANGE instead of 0 (used in the STORE variant). Bug fixes that are only applicable to previous releases of Redis 6.2: * ZRANDMEMBER WITHSCORES with negative COUNT may return bad score (#9162) * Fix crash after CLIENT UNPAUSE when threaded I/O config is enabled (#9041) * Fix XTRIM or XADD with LIMIT may delete more entries than the limit (#9048) * Fix build issue with OpenSSL 1.1.0 (#9233) Other bug fixes: * Fail EXEC command in case a watched key is expired (#9194) * Fix SMOVE not to invalidate dest key (WATCH and tracking) when member already exists (#9244) * Fix SINTERSTORE not to delete dest key when getting a wrong type error (#9032) * Fix overflows on 32-bit versions in GETBIT, SETBIT, BITCOUNT, BITPOS, and BITFIELD (#9191) * Improve MEMORY USAGE on stream keys (#9164) * Set TCP keepalive on inbound cluster bus connections (#9230) * Fix diskless replica loading to recover from RDB short read on module AUX data (#9199) * Fix race in client side tracking (#9116) * Fix ziplist length updates on big-endian platforms (#2080) CLI tools: * redis-cli cluster import command may issue wrong MIGRATE command, sending COPY instead of REPLACE (#8945) * redis-cli --rdb fixes when using "-" to write to stdout (#9136, #9135) * redis-cli support for RESP3 set type in CSV and RAW output (#7338) Modules: * Module API for getting current command name (#8792) * Fix RM_StringTruncate when newlen is 0 (#3718) * Fix CLIENT UNBLOCK crashing modules without timeout callback (#9167) 2021-07-21T18:15:53+00:00 mimikatz 2.2.0-20210721 mimikatz 2.2.0-20210721 2021-07-21T22:02:17+00:00 ![image](https://user-images.githubusercontent.com/2307945/126565440-3ce856e9-23d2-412f-b648-3b6993fd0e98.png) ![image](https://user-images.githubusercontent.com/2307945/126565962-1e3ee51f-46df-40fd-9a8c-d1eee1654708.png) 2021-07-21T22:02:17+00:00 lynis 3.0.6 lynis 3.0.6 2021-07-22T09:37:34+00:00 ## Lynis 3.0.6 (2021-07-22) ### Added - OS detection: Artix Linux, macOS Monterey, NethServer, openSUSE MicroOS - Check for outdated translation files ### Changed - DBS-1826 - Check if PostgreSQL is being used - DBS-1828 - Test multiple PostgreSQL configuration file(s) - KRNL-5830 - Sort kernels by version instead of modification date - PKGS-7410 - Don't show exception for systems using LXC - GetHostID function: fallback options added for Linux systems - Fix: macOS Big Sur detection - Fix: show correct text when egrep is missing - Fix: variable name for PostgreSQL - German and Spanish translations extended 2021-07-22T09:37:34+00:00 dictdiffer v0.9.0 dictdiffer v0.9.0 2021-07-22T13:23:41+00:00 - Adds absolute tolerance feature for floats (@adrien-berchet) (#152) - Drops support of Python<3.5 (@adrien-berchet) (#160) - Adds `assert_no_diff` helper to assist pytest users (@joesolly) (#153) - Migrates CI to gh-actions (@ParthS007 @diegodelemos) (#145) - Removes dependency on pkg_resources (@eldruin) 2021-07-22T13:23:41+00:00 influxdb v1.8.7 influxdb v1.8.7 2021-07-22T14:29:57+00:00 # v1.8.7 [2021-07-22] - [#21749](https://github.com/influxdata/influxdb/pull/21749): fix: rename arm rpms with yum-compatible names - [#21775](https://github.com/influxdata/influxdb/pull/21775): fix: convert arm arch names for rpms during builds via docker - [#21865](https://github.com/influxdata/influxdb/pull/21865): fix: systemd unit should block on startup until http endpoint is ready - [#21891](https://github.com/influxdata/influxdb/pull/21891): chore: update protobuf libraries OSS BINARY FILES | SHA256 ---------------------------------------|--------------------------------------- [influxdb-1.8.7-static_linux_amd64.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7-static_linux_amd64.tar.gz) | c71316aba702984b3efb715fda5a4590148bb001313602fe02964a1cd57db132 [influxdb-1.8.7_darwin_amd64.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7_darwin_amd64.tar.gz) | 31694d4ffe571ed385d1c24d9b48151781431bfb2eb011deb54643564b7e5b9b [influxdb-1.8.7_linux_amd64.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7_linux_amd64.tar.gz) | 3891f474a0a3aa4dab2402f38936b84632d6339b13de1a5c582a1e884017286e [influxdb-1.8.7_linux_arm64.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7_linux_arm64.tar.gz) | a0fdb2120c4075d63d540d2966cb58eaac42cc2a94dda00be91f16f1a43f455d [influxdb-1.8.7_linux_armel.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7_linux_armel.tar.gz) | 69f284bdfa93735fe1355f2fa532c0a90123ff1f9a853873da6c93b1d8ef8772 [influxdb-1.8.7_linux_armhf.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7_linux_armhf.tar.gz) | d499661391d080b59d513daf0d44eae16b3e9d23625ebb470be184697665c82d [influxdb-1.8.7_linux_i386.tar.gz](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7_linux_i386.tar.gz) | 0e4e300a9ecc46a34aaea46387ad1a03be1a57d7798b73627ba631884fd1251d [influxdb-1.8.7_windows_amd64.zip](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7_windows_amd64.zip) | b851be6840d11aa655f498077d93193858ee38cf79e248a9c1972e4c55341756 OSS UBUNTU AND DEBIAN PACKAGE FILES | SHA256 ---------------------------------------|--------------------------------------- [influxdb_1.8.7_amd64.deb](https://dl.influxdata.com/influxdb/releases/influxdb_1.8.7_amd64.deb) | 5831a8ba6ce591d62d8cd6710e1ebccdf93a3acbb52cc9b83452b8bcbda57154 [influxdb_1.8.7_arm64.deb](https://dl.influxdata.com/influxdb/releases/influxdb_1.8.7_arm64.deb) | 01e0f618001a8d7f487e9a8f6a2b98602acdab49c6da0d3ad119d2c1fb962934 [influxdb_1.8.7_armel.deb](https://dl.influxdata.com/influxdb/releases/influxdb_1.8.7_armel.deb) | 1f463a5786e0b5618b4c673261e4e6677e98dd9a3d4f113732f873e5be5116ea [influxdb_1.8.7_armhf.deb](https://dl.influxdata.com/influxdb/releases/influxdb_1.8.7_armhf.deb) | ffe8b12f0c5219b9f51eb432e64a39880d807e9ca4e60bfee03d22c33616ca98 [influxdb_1.8.7_i386.deb](https://dl.influxdata.com/influxdb/releases/influxdb_1.8.7_i386.deb) | 5d21d11fa3854eaf2aeae918c77c3d4133484977b8bfa1b659ed3465a3551eca OSS REDHAT & CENTOS PACKAGE FILES | SHA256 ---------------------------------------|--------------------------------------- [influxdb-1.8.7.aarch64.rpm](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7.aarch64.rpm) | 844372392d562390f7498ba27319f96b9fcfb4e2e4972fefcd5df264bb611a23 [influxdb-1.8.7.armel.rpm](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7.armel.rpm) | 1d624fec04ef39226bfdf7b5e3ded5049cac4f81385f2082bf1769b20a471199 [influxdb-1.8.7.armv7hl.rpm](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7.armv7hl.rpm) | 89d98a49434e943cabcded998debc1e78f53d1271d314f9877274e734ecb5890 [influxdb-1.8.7.i386.rpm](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7.i386.rpm) | 74e4780a08f7be512c012c0643ee1e1f313c59d74708ff595e583fe4564fd16a [influxdb-1.8.7.x86_64.rpm](https://dl.influxdata.com/influxdb/releases/influxdb-1.8.7.x86_64.rpm) | 301a2bd023d8ef94f30d9fb1f2dba3aec821bce115e6cc582de13e81547fea54 2021-07-22T14:29:57+00:00 application 1.2.1 application 1.2.1 2021-07-23T11:14:07+00:00 * Bump minimum Node.JS version to be 13. * Introduce configuration of locale to be used for sorting customer entered content such employees names, departments etc. So non-English language content could be sorted properly. Please [here](https://github.com/timeoff-management/timeoff-management-application#make-sorting-sensitive-to-particular-locale) for more information. * Ensure all lists of information are sorted. * Introduce notification bell into the header so any outstanding actions are visible. ![image](https://user-images.githubusercontent.com/203539/126774168-475ad042-d5bc-4630-8bbe-26a5b1aa8f67.png) 2021-07-23T11:14:07+00:00 uBlock 1.37.0 uBlock 1.37.0 2021-07-23T11:42:26+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.0...master) [Commits since last release](https://github.com/gorhill/uBlock/compare/1.36.2...1.37.0) To install the stable build: - **Firefox**: Review pending <!-- Click [uBlock0_1.36.2.firefox.signed.xpi](https://addons.mozilla.org/firefox/downloads/file/3806442/ublock_origin-1.36.2-an+fx.xpi) --> - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Review pending <!-- Install from the Chrome store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm> --> - **Edge**: Install from Microsoft Store: <https://microsoftedge.microsoft.com/addons/detail/odfafepnkmbhccpbejgmiehpchacaeak> - The Microsoft Store version of uBO is published by [Nik Rolls](https://github.com/nikrolls/uBlock-Edge) - **Opera**: Submission pending <!-- Install from Opera addons: <https://addons.opera.com/en/extensions/details/ublock/> --> --- ## Closed as fixed ### Core - ['$popup' not working](https://github.com/uBlockOrigin/uBlock-issues/issues/1659) - [Service worker "tabless" requests with correct context are still modified when page is whitelisted](https://github.com/uBlockOrigin/uBlock-issues/issues/1657) - [Back/Forward navigation does not work between Ublock Origin option pages](https://github.com/uBlockOrigin/uBlock-issues/issues/1648) - [csp_report filter created via logger is marked as invalid](https://github.com/uBlockOrigin/uBlock-issues/issues/1622) - [Extreme popup blocking - uBo dashboard is blocked when popups are](https://github.com/uBlockOrigin/uBlock-issues/issues/1616) - [ipv6 fe80::1%lo0 localhost from hosts file is marked as error line](https://github.com/uBlockOrigin/uBlock-issues/issues/1596) - [Whitespaces are now stripped from blocking-rule URLs, causing rules targeting whitespaces to fail and/or block extremely broadly](https://github.com/uBlockOrigin/uBlock-issues/issues/1146) - [uBO's dashboard does not refresh custom filters in real-time](https://github.com/gorhill/uBlock/issues/3704) - [Element picker/zapper don't work if cosmetic filtering is disabled ](https://github.com/gorhill/uBlock/issues/3212) - [Logger always highlights first match](https://github.com/gorhill/uBlock/issues/3037) - [Static filtering: Cannot prevent my filter from strict-blocking](https://github.com/gorhill/uBlock/issues/2385) ## Notable commits without en entry in the issue tracker - [Provide visual cue in popup panel when base domain has subdomains](https://github.com/gorhill/uBlock/commit/75deadd31ebe6f42ede1b789013d2ac966c9f861) - [Disclose where uBO's own filter lists are hosted](https://github.com/gorhill/uBlock/commit/1d27138da9e39fc1ef090c7f32f8de3814bd0ef7) - [Add abort-current-script scriptlet](https://github.com/gorhill/uBlock/commit/ebc42ae21e7900fafeaf1041038b94488b1d50e5) - [Fix spurious error messages when updating contextual menu](https://github.com/gorhill/uBlock/commit/d17e22a505e4dbfb96d2ea4cf7f8a745f5109dd9) - [Make getByName() return an dummy Tracker object](https://github.com/gorhill/uBlock/commit/d3b1ca333c5a3685ada8d1afddb0030edfdf60b8) - [Add asap behavior to remove-attr scriptlet](https://github.com/gorhill/uBlock/commit/35d7406214e39fa5ad5c73cfab3eecb0eb7c8b7f) - [Ensure pending callbacks are called only once](https://github.com/gorhill/uBlock/commit/0dbe581c5bd26b0200e2879c0ffbdc519d7822ee) 2021-07-23T11:42:26+00:00 netbox v3.0-beta1 netbox v3.0-beta1 2021-07-23T12:16:29+00:00 **NOTE:** Upgrading an existing NetBox deployment to version 3.0 **must** be done from version 2.11.0 or later. If attempting to upgrade a deployment of NetBox v2.10 or earlier, first upgrade to a NetBox v2.11 release, and then upgrade from v2.11 to v3.0. This will avoid any problems with the database migration optimizations implemented in version 3.0. ### Breaking Changes * Python 3.6 is no longer supported. NetBox v3.0 supports Python 3.7, 3.8, and 3.9. * The secrets functionality present in prior releases of NetBox has been removed. The NetBox maintainers strongly recommend the adoption of [Hashicorp Vault](https://github.com/hashicorp/vault) in place of this feature. Development of a NetBox plugin to replace the legacy secrets functionality is also underway. * The default CSV export format for all objects now includes all available data from the object list. Additionally, the CSV headers now use human-friendly titles rather than raw field names. If backward compatibility with the old format is desired, export templates can be written to reproduce it. * The `invalidate` management command (which clears cached database queries) is no longer needed and has been removed (see [#6639](https://github.com/netbox-community/netbox/issues/6639)). * Support for queryset caching configuration (`caching_config`) has been removed from the plugins API (see [#6639](https://github.com/netbox-community/netbox/issues/6639)). * The `cacheops_*` metrics have been removed from the Prometheus exporter (see [#6639](https://github.com/netbox-community/netbox/issues/6639)). * The `display_field` keyword argument has been removed from custom script ObjectVar and MultiObjectVar fields. These widgets will use the `display` value provided by the REST API. * The deprecated `display_name` field has been removed from all REST API serializers. (API clients should reference the `display` field instead.) * The redundant REST API endpoints for console, power, and interface connections have been removed. The same data can be retrieved by querying the respective model endpoints with the `?connected=True` filter applied. ### New Features #### Updated User Interface ([#5893](https://github.com/netbox-community/netbox/issues/5893)) The NetBox user interface has been completely overhauled with a fresh new look! Beyond the cosmetic improvements, this initiative has allowed us to modernize the entire front end, upgrading from Bootstrap 3 to Bootstrap 5, and eliminating dependencies on outdated libraries such as jQuery and jQuery-UI. The new user interface also features a dark mode option. A huge thank you to NetBox maintainer [Matt Love](https://github.com/thatmattlove) for his tremendous work on this! #### GraphQL API ([#2007](https://github.com/netbox-community/netbox/issues/2007)) A new [GraphQL API](https://graphql.org/) has been added to complement NetBox's REST API. GraphQL allows the client to specify which fields of the available data to return in each request. NetBox's implementation, which employs [Graphene](https://graphene-python.org/), also includes a user-friendly query interface known as GraphiQL. Here's an example GraphQL request: ``` { circuit_list { cid provider { name } termination_a { id } termination_z { id } } } ``` And the response: ``` { "data": { "circuit_list": [ { "cid": "1002840283", "provider": { "name": "CenturyLink" }, "termination_a": null, "termination_z": { "id": "23" } }, ... ``` All GraphQL requests are made at the `/graphql` URL (which also serves the GraphiQL UI). The API is currently read-only, however users who wish to disable it until needed can do so by setting the `GRAPHQL_ENABLED` configuration parameter to False. For more detail on NetBox's GraphQL implementation, see [the GraphQL API documentation](../graphql-api/overview.md). #### IP Ranges ([#834](https://github.com/netbox-community/netbox/issues/834)) NetBox now supports modeling arbitrary IP ranges, which are defined by specifying a starting and ending IP address (e.g. to denote DHCP pools). Similar to prefixes, each IP range may optionally be assigned to a VRF and/or tenant, and can be assigned a functional role. An IP range must be assigned a status of active, reserved, or deprecated. The REST API implementation for this model also includes an "available IPs" endpoint which functions similarly to the endpoint for prefixes. More information about IP ranges is available [in the documentation](../models/ipam/iprange.md). #### Custom Model Validation ([#5963](https://github.com/netbox-community/netbox/issues/5963)) This release introduces the [`CUSTOM_VALIDATORS`](../configuration/optional-settings.md#custom_validators) configuration parameter, which allows administrators to map NetBox models to custom validator classes to enforce custom validation logic. For example, the following configuration requires every site to have a name of at least ten characters and a description: ```python from extras.validators import CustomValidator CUSTOM_VALIDATORS = { 'dcim.site': ( CustomValidator({ 'name': { 'min_length': 10, }, 'description': { 'required': True, } }), ) } ``` CustomValidator can also be subclassed to enforce more complex logic by overriding its `validate()` method. See the [custom validation](../customization/custom-validation.md) documentation for more details. #### SVG Cable Traces ([#6000](https://github.com/netbox-community/netbox/issues/6000)) Cable trace diagrams are now rendered as atomic SVG images, similar to rack elevations. These images are embedded in the UI and can be easily downloaded for use outside NetBox. SVG images can also be generated directly through the REST API, by specifying SVG as the render format for the `trace` endpoint on a cable termination: ```no-highlight GET /api/dcim/interfaces/<ID>>/trace/?render=svg ``` The width of the rendered image in pixels may optionally be specified by appending the `&width=<width>` parameter to the request. The default width is 400px. #### New Views for Models Previously Under the Admin UI ([#6466](https://github.com/netbox-community/netbox/issues/6466)) New UI views have been introduced to manage the following models: * Custom fields * Custom links * Export templates * Webhooks These models were previously managed under the admin section of the UI. Moving them to dedicated views ensures a more consistent and convenient user experience. #### REST API Token Provisioning ([#5264](https://github.com/netbox-community/netbox/issues/5264)) The new REST API endpoint `/api/users/tokens/` has been added, which includes a child endpoint for provisioning new REST API tokens using a username and password. This allows a user to gain REST API access without needing to first create a token via the web UI. ``` $ curl -X POST \ -H "Content-Type: application/json" \ -H "Accept: application/json; indent=4" \ https://netbox/api/users/tokens/provision/ { "username": "hankhill", "password: "I<3C3H8", } ``` If the supplied credentials are valid, NetBox will create and return a new token for the user. #### New Housekeeping Command ([#6590](https://github.com/netbox-community/netbox/issues/6590)) A new management command has been added: `manage.py housekeeping`. This command is intended to be run nightly via a system cron job. It performs the following tasks: * Clear expired authentication sessions from the database * Delete change log records which have surpassed the configured retention period (if configured) * Check for new NetBox releases (if enabled) A convenience script for calling this command via an automated scheduler has been included at `/contrib/netbox-housekeeping.sh`. Please see the [housekeeping documentation](../administration/housekeeping.md) for further details. #### Custom Queue Support for Plugins ([#6651](https://github.com/netbox-community/netbox/issues/6651)) NetBox uses Redis and Django-RQ for background task queuing. Whereas previous releases employed only a single default queue, NetBox now provides a high-, medium- (default), and low-priority queue for use by plugins. (These will also likely be used internally as new functionality is added in future releases.) Plugins can also now create their own custom queues by defining a `queues` list within their PluginConfig class: ```python class MyPluginConfig(PluginConfig): name = 'myplugin' ... queues = [ 'queue1', 'queue2', 'queue-whatever-the-name' ] ``` Note that NetBox's `rqworker` process will _not_ service custom queues by default, since it has no way to infer the priority of each queue. Plugin authors should be diligent in including instructions for proper worker configuration in their plugin's documentation. ### Enhancements * [#2434](https://github.com/netbox-community/netbox/issues/2434) - Add option to assign IP address upon creating a new interface * [#3665](https://github.com/netbox-community/netbox/issues/3665) - Enable rendering export templates via REST API * [#3682](https://github.com/netbox-community/netbox/issues/3682) - Add `color` field to front and rear ports * [#4609](https://github.com/netbox-community/netbox/issues/4609) - Allow marking prefixes as fully utilized * [#5203](https://github.com/netbox-community/netbox/issues/5203) - Remember user preference when toggling display of device images in rack elevations * [#5806](https://github.com/netbox-community/netbox/issues/5806) - Add kilometer and mile as choices for cable length unit * [#6154](https://github.com/netbox-community/netbox/issues/6154) - Allow decimal values for cable lengths * [#6328](https://github.com/netbox-community/netbox/issues/6328) - Build and serve documentation locally ### Other Changes * [#5223](https://github.com/netbox-community/netbox/issues/5223) - Remove the console/power/interface connections REST API endpoints * [#5278](https://github.com/netbox-community/netbox/issues/5278) - Remove the secrets functionality from NetBox core * [#5532](https://github.com/netbox-community/netbox/issues/5532) - Drop support for Python 3.6 * [#5994](https://github.com/netbox-community/netbox/issues/5994) - Drop support for `display_field` argument on ObjectVar * [#6068](https://github.com/netbox-community/netbox/issues/6068) - Drop support for legacy static CSV export * [#6338](https://github.com/netbox-community/netbox/issues/6338) - Decimal fields are no longer coerced to strings in REST API * [#6471](https://github.com/netbox-community/netbox/issues/6471) - Optimize database migrations * [#6639](https://github.com/netbox-community/netbox/issues/6639) - Drop support for queryset caching (django-cacheops) * [#6713](https://github.com/netbox-community/netbox/issues/6713) - Checking for new releases is now done as part of the housekeeping routine * [#6767](https://github.com/netbox-community/netbox/issues/6767) - Add support for Python 3.9 ### Configuration Changes * The `CACHE_TIMEOUT` configuration parameter has been removed. * The `RELEASE_CHECK_TIMEOUT` configuration parameter has been removed. ### REST API Changes * Removed all endpoints related to the secrets functionality: * `/api/secrets/generate-rsa-key-pair/` * `/api/secrets/get-session-key/` * `/api/secrets/secrets/` * `/api/secrets/secret-roles/` * Removed the following "connections" endpoints: * `/api/dcim/console-connections/` * `/api/dcim/power-connections/` * `/api/dcim/interface-connections/` * Added the `/api/ipam/ip-ranges/` endpoint * Added the `/api/users/tokens/` endpoint * The `provision/` child endpoint can be used to provision new REST API tokens by supplying a valid username and password * dcim.Cable * `length` is now a decimal value * dcim.Device * Removed the `display_name` attribute (use `display` instead) * dcim.DeviceType * Removed the `display_name` attribute (use `display` instead) * dcim.FrontPort * Added `color` field * dcim.FrontPortTemplate * Added `color` field * dcim.Rack * Removed the `display_name` attribute (use `display` instead) * dcim.RearPort * Added `color` field * dcim.RearPortTemplate * Added `color` field * dcim.Site * `latitude` and `longitude` are now decimal fields rather than strings * extras.ContentType * Removed the `display_name` attribute (use `display` instead) * ipam.Prefix * Added the `mark_utilized` boolean field * ipam.VLAN * Removed the `display_name` attribute (use `display` instead) * ipam.VRF * Removed the `display_name` attribute (use `display` instead) * virtualization.VirtualMachine * `vcpus` is now a decimal field rather than a string 2021-07-23T12:16:29+00:00 uBlock 1.37.1b0 uBlock 1.37.1b0 2021-07-23T14:32:33+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.1b0...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.1b0.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.1b0/uBlock0_1.37.1b0.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.1b0.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.1b0/uBlock0_1.37.1b0.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Notable commits without en entry in the issue tracker - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-07-23T14:32:33+00:00 TheHive 4.1.9 TheHive 4.1.9 2021-07-23T15:51:56+00:00 ## [4.1.9](https://github.com/TheHive-Project/TheHive/milestone/78) (2021-07-23) **Implemented enhancements:** - [Enhancement] Add button for index rebuilding [\#2144](https://github.com/TheHive-Project/TheHive/issues/2144) **Fixed bugs:** - [Bug] MISP sync delete existing observables when updating existing Alert [\#2134](https://github.com/TheHive-Project/TheHive/issues/2134) - [Bug] Livestream emptied of audit logs after TheHive reboot [\#2135](https://github.com/TheHive-Project/TheHive/issues/2135) - [Bug] AddTagToCase operation does not work [\#2136](https://github.com/TheHive-Project/TheHive/issues/2136) 2021-07-23T15:51:56+00:00 mimikatz 2.2.0-20210723 mimikatz 2.2.0-20210723 2021-07-23T19:41:47+00:00 `misc::efs` is [MS-EFSR] and adapted of @topotam - https://github.com/topotam/PetitPotam ![pki4](https://user-images.githubusercontent.com/2307945/126833188-a9109cae-73fd-4278-8f7e-28aba66c1988.gif) 2021-07-23T19:41:47+00:00 Loki 0.42.3 Loki 0.42.3 2021-07-24T06:15:25+00:00 - refactor: making the vulnerability check optional 2021-07-24T06:15:25+00:00 uBlock 1.37.1b1 uBlock 1.37.1b1 2021-07-24T11:51:14+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.1b1...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.1b1.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.1b1/uBlock0_1.37.1b1.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.1b1.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.1b1/uBlock0_1.37.1b1.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Notable commits without en entry in the issue tracker - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-07-24T11:51:14+00:00 OpenWPM v0.17.0 OpenWPM v0.17.0 2021-07-24T17:02:26+00:00 Updates Firefox to Version 90. Also OpenWPM will no longer crash on AssertionErrors in production crawls. 2021-07-24T17:02:26+00:00 mimikatz 2.2.0-20210724 mimikatz 2.2.0-20210724 2021-07-24T22:57:13+00:00 ![pki5](https://user-images.githubusercontent.com/2307945/126882835-eb32d87d-e010-4e1f-9067-784ac838f93c.gif) 2021-07-24T22:57:13+00:00 tidb v4.0.8-20210725 tidb v4.0.8-20210725 2021-07-25T02:04:07+00:00 2021-07-25T02:04:07+00:00 seaweedfs 2.60 seaweedfs 2.60 2021-07-26T05:10:29+00:00 * Filer * Fix deletion of large directories in postgres and sqlite. * LevelDB and RocksDB add bloom filter for faster existence checking #2211 * Optimization: improve random range query read speed for large files * Shell * Adds `fs.rm` to remove files or directories #2208 * Adds `fs.mkdir` to make directories * Adds `-retry` option for `volume.fix.replication` #2191 * Adds `-retry` option for `volumeServer.evacuate` #2191 * `s3.bucket.delete` avoid waiting for large object metadata * `volume.check.disk` skips errors and check next volumes #2129 * Volume * Add `webp` extension for resizing #2217 * Master * Ensure unique ids for `snowflake` sequencer #2213 * Filer.copy * Fail early if assign request failed #2216 * `weed fuse` * Fix error handling #2209 * Minor * `weed -h` subcommand list is not sorted, makes discovery difficult #2214 * `weed scaffold -config=` should output to stdout #2212 2021-07-26T05:10:29+00:00 tidb v4.0.8-20210726 tidb v4.0.8-20210726 2021-07-26T09:18:08+00:00 2021-07-26T09:18:08+00:00 uBlock 1.37.1b2 uBlock 1.37.1b2 2021-07-26T12:36:31+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.1b2...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.1b2.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.1b2/uBlock0_1.37.1b2.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.1b2.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.1b2/uBlock0_1.37.1b2.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Notable commits without en entry in the issue tracker - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - A regression in 1.37.1b1 as a result of this commit was [fixed in 1.37.1b2](https://github.com/gorhill/uBlock/commit/f392d09a13640cd41fee091e6329421c36eaf63f), and you may need to force an update of filter lists which were updated in 1.37.1b1. - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-07-26T12:36:31+00:00 DC3-MWCP 3.3.2 DC3-MWCP 3.3.2 2021-07-26T12:37:16+00:00 2021-07-26T12:37:16+00:00 traefik v2.4.12 traefik v2.4.12 2021-07-26T16:41:54+00:00 **Bug fixes:** - **[k8s,k8s/ingress]** Get Kubernetes server version early ([#8286](https://github.com/traefik/traefik/pull/8286) by [rtribotte](https://github.com/rtribotte)) - **[k8s,k8s/ingress]** Don&#39;t remove ingress config on API call failure ([#8185](https://github.com/traefik/traefik/pull/8185) by [dtomcej](https://github.com/dtomcej)) - **[middleware]** Ratelimiter: use correct ttlSeconds value, and always call Set ([#8254](https://github.com/traefik/traefik/pull/8254) by [mpl](https://github.com/mpl)) - **[tls]** Check if defaultcertificate is defined in store ([#8274](https://github.com/traefik/traefik/pull/8274) by [dtomcej](https://github.com/dtomcej)) 2021-07-26T16:41:54+00:00 networkx networkx-2.6.2 networkx networkx-2.6.2 2021-07-27T02:13:50+00:00 2021-07-27T02:13:50+00:00 syncthing v1.18.1-rc.2 syncthing v1.18.1-rc.2 2021-07-27T07:07:12+00:00 Bugfixes: - #7704: Changing folder type from receive encrypted to a different type corrupts the database - #7706: Delete Unexpected Items in receive encrypted folder is unable to delete ".stfolder.removed-*" - #7740: Incorrect local state when using negated patterns inside ignored parent folder on both sides - #7809: Syncthing attemps IPv4 addresses for quic6:// peers - #7839: Not exposed string for translation - #7845: Strings unavailable for translation 2021-07-27T07:07:12+00:00 ICEcoder 8.1 ICEcoder 8.1 2021-07-27T07:14:34+00:00 Lots of new features, tweaks and bug fixes, main highlights being: - Regex search added to find & replace - Regex validation on find input box - Double clicking file name collapses/expands file manager - Clickable warning label if not a valid root dir set - FTP removed (there's better ways to transfer files) - Login and demo mode isolated now, first user is admin - Better password rules enforcement - Active line number highlighted - Can now set scroll speed when going to line - Can now set whether typing in find input auto-scrolls to next result - Bug reporting now setup for ICEcoders own error.log by default + lots more tweaks and bug fixes, full list on website 2021-07-27T07:14:34+00:00 tidb v4.0.14 tidb v4.0.14 2021-07-27T09:23:02+00:00 ## Compatibility changes * Change the default value of `tidb_multi_statement_mode` from `WARN` to `OFF` in v4.0. It is recommended to use the multi-statement feature of your client library instead. See [the documentation on `tidb_multi_statement_mode`](/system-variables.md#tidb_multi_statement_mode-new-in-v4011) for details. [#25749](https://github.com/pingcap/tidb/pull/25749) * Upgrade Grafana dashboard from v6.1.16 to v7.5.7 to solve two security vulnerabilities. See the [Grafana blog post](https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/) for details. * Change the default value of the `tidb_stmt_summary_max_stmt_count` variable from `200` to `3000` [#25872](https://github.com/pingcap/tidb/pull/25872) ## Improvements * Change the `LOCK` record into the `PUT` record for the index keys using `point get` or `batch point get` for `UPDATE` reads [#26223](https://github.com/pingcap/tidb/pull/26223) * Support the MySQL system variable `init_connect` and its associated features [#26031](https://github.com/pingcap/tidb/pull/26031) * Support the stable result mode to make the query results more stable [#26003](https://github.com/pingcap/tidb/pull/26003) * Support pushing down the built-in function `json_unquote()` to TiKV [#25721](https://github.com/pingcap/tidb/pull/25721) * Make the SQL Plan Management (SPM) not affected by the character set [#23295](https://github.com/pingcap/tidb/pull/23295) ## Bug fixes * Fix the issue that the `SELECT` result is incompatible with MySQL when joining a subquery with a `WHERE` clause evaluated to `false` [#24865](https://github.com/pingcap/tidb/issues/24865) * Fix the calculation error of the `ifnull` function that occurs when the argument is the `ENUM` or `SET` type [#24944](https://github.com/pingcap/tidb/issues/24944) * Fix the wrong aggregate pruning in some cases [#25202](https://github.com/pingcap/tidb/issues/25202) * Fix the incorrect result of the merge join operation that might occur when the column is the `SET` type [#25669](https://github.com/pingcap/tidb/issues/25669) * Fix the issue that TiDB returns wrong results for cartesian join [#25591](https://github.com/pingcap/tidb/issues/25591) * Fix the panic issue that occurs when `SELECT ... FOR UPDATE` works on a join operation and the join uses a partitioned table [#20028](https://github.com/pingcap/tidb/issues/20028) * Fix the issue that the cached `prepared` plan is incorrectly used for `point get` [#24741](https://github.com/pingcap/tidb/issues/24741) * Fix the issue that the `LOAD DATA` statement can abnormally import non-utf8 data [#25979](https://github.com/pingcap/tidb/issues/25979) * Fix a potential memory leak issue that occurs when accessing the statistics via an HTTP API [#24650](https://github.com/pingcap/tidb/pull/24650) * Fix a security issue that occurs when executing the `ALTER USER` statement [#25225](https://github.com/pingcap/tidb/issues/25225) * Fix a bug that the `TIKV_REGION_PEERS` table cannot correctly handle the `DOWN` status [#24879](https://github.com/pingcap/tidb/issues/24879) * Fix the issue that invalid strings are not truncated when parsing `DateTime` [#22231](https://github.com/pingcap/tidb/issues/22231) * Fix the issue that the `select into outfile` statement might have no result when the column type is `YEAR` [#22159](https://github.com/pingcap/tidb/issues/22159) * Fix the issue that the query result might be wrong when `NULL` is in the `UNION` subquery [#26532](https://github.com/pingcap/tidb/issues/26532) * Fix the issue that the projection operator in execution might cause panic in some cases [#26534](https://github.com/pingcap/tidb/pull/26534) 2021-07-27T09:23:02+00:00 MISP v2.4.147 MISP v2.4.147 2021-07-27T13:33:56+00:00 # MISP 2.4.147 released MISP 2.4.147 released including a massive number of small improvements, bug and security fixes. We strongly recommend all MISP users to upgrade as soon as possible. This release fixes [CVE-2021-37534](https://cvepremium.circl.lu/cve/CVE-2021-37534). ![](https://www.misp-project.org/assets/images/misp/blog/misp-openapi.png) # Sync improvements Many improvements were done in the synchronisation such as: - When saving sightings, only push the new sightings. - Filter out existing sightings if remote sever supports that method. - Check if event exists before pushing. - Check event existence before pushing sightings. - Optimise event filtering. # API/CLI Many improvements in the API and CLI. This release also includes refactoring of various forms to support future major improvements in MISP. # Acknowledgement We would like to thank all the [contributors](https://www.misp-project.org/contributors), reporters and users who have helped us in the past months to improve MISP and information sharing at large. This release includes multiple updates in [misp-objects](https://www.misp-project.org/objects.html), [misp-taxonomies](https://www.misp-project.org/taxonomies.html) and [misp-galaxy](https://www.misp-project.org/galaxy.html) . As always, a detailed and [complete changelog is available](https://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements. 2021-07-27T13:33:56+00:00 tidb v4.0.12-20210727 tidb v4.0.12-20210727 2021-07-27T15:45:12+00:00 2021-07-27T15:45:12+00:00 DevSkim v0.4.242 DevSkim v0.4.242 2021-07-27T22:16:07+00:00 ## Changes: * 01fa22070acb7be760398149dfb9bd257694e632 Update Ruleset.cs (#306) * 7e200c4feed21cf9671b707796fbae5e67c3d349 Update languages.json (#301) * b66302a2358aeff5ad95d2938112f2817d715ea1 Bump css-what from 5.0.0 to 5.0.1 in /DevSkim-VSCode-Plugin (#291) * a920ff6ddaca172fc6c12f29f4774185332cf8be Add glob exclude option. (#298) [ #295 ] This list of changes was [auto generated](https://twcsecurityassurance.visualstudio.com/SecurityEngineering/_build/results?buildId=9935&view=logs). 2021-07-27T22:16:07+00:00 python_api v2.5.3 python_api v2.5.3 2021-07-27T23:50:06+00:00 ## v2.5.3 #### Enhancements - Better support for unit tests in client libraries with ability to set a session to override default request methods. - Add flexibility to library class instantiation to prefer keyword parameters over config file keys. - Support for new `create_date` Articles API data field and query parameter. Enables searching for most recent articles instead of returning all of them at once, and provides visibility to situations where an article published in the past was recently added to the Articles collection. #### Breaking Changes - Previously, calls to `analyzer.AllArticles()` would return all articles without a date limit. Now, it will return only articles created after the starting date set with `analyzer.set_date_range()`. The current module-level default for all date-bounded queries is 90 days back, so now this function will return all articles created in the last 90 days. - `age` property of an Article analyzer object is now based on `create_date` instead of publish date. #### Bug Fixes [ none ] 2021-07-27T23:50:06+00:00 binskim v1.9.0-prerelease1 binskim v1.9.0-prerelease1 2021-07-28T01:54:37+00:00 ## **v1.9.0-prerelease1** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.0-prerelease1) * FEATURE: Add BA3011.EnableBindNow. [#363](https://github.com/microsoft/binskim/pull/363) * FEATURE: Add BA2025.EnableShadowStack. [#376](https://github.com/microsoft/binskim/pull/376) * FEATURE: Add BA3005.EnableStackClashProtection. [#379](https://github.com/microsoft/binskim/pull/379) * BUGFIX: Force load PDB. [#380](https://github.com/microsoft/binskim/pull/380) * BUGFIX: Fix BA2004 for MASM compilers. [381](https://github.com/microsoft/binskim/pull/381) * FEATURE: Add BA3006.EnableNonExecutableStack. [#383](https://github.com/microsoft/binskim/pull/383) * FEATURE: Add BA2026.EnableAdditionalSecurityChecks. [#388](https://github.com/microsoft/binskim/pull/388) * FEATURE: Add BA4002.ReportDwarfCompilerData. [#394](https://github.com/microsoft/binskim/pull/394) * BUGFIX: Fix for E_PDB_MAX error. [#399](https://github.com/microsoft/binskim/pull/399) * BREAKING: Removing win-x86 support. [#401](https://github.com/microsoft/binskim/pull/401) * FEATURE: Add baseline support. [#409](https://github.com/microsoft/binskim/pull/409) * BUGFIX: Fix exception when the PDB is embedded. [#410](https://github.com/microsoft/binskim/pull/410) 2021-07-28T01:54:37+00:00 marisa-trie 0.7.6 marisa-trie 0.7.6 2021-07-28T10:29:44+00:00 * Wheels are now published for all platforms. * Fixed ``ResourceWarning: unclosed file`` in ``setup.py``. * Run ``black`` on the entire source code. * Moved the QA/CI to GitHub. * Rebuild Cython wrapper with Cython 0.29.24. * Updated ``libmarisa-trie`` to the latest version (0.2.6). * Fixed failing tests and usage of deprecated methods. * Expanded supported Python versions (2.7, 3.4 - 3.10). 2021-07-28T10:29:44+00:00 uBlock 1.37.2 uBlock 1.37.2 2021-07-28T16:49:19+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.2...master) [Commits since last release](https://github.com/gorhill/uBlock/compare/1.37.0...1.37.2) To install the stable build: - **Firefox**: Review pending <!-- Click [uBlock0_1.37.0.firefox.signed.xpi](https://addons.mozilla.org/firefox/downloads/file/3814538/ublock_origin-1.37.0-an+fx.xpi) --> - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm> - **Edge**: Install from Microsoft Store: <https://microsoftedge.microsoft.com/addons/detail/odfafepnkmbhccpbejgmiehpchacaeak> - The Microsoft Store version of uBO is published by [Nik Rolls](https://github.com/nikrolls/uBlock-Edge) - **Opera**: Submission pending <!-- Install from Opera addons: <https://addons.opera.com/en/extensions/details/ublock/> --> --- ## Closed as fixed: - [uBO 1.37 breaks at least some sites that use googletagmanager if specific filters in use](https://github.com/uBlockOrigin/uBlock-issues/issues/1671) 2021-07-28T16:49:19+00:00 uBlock 1.37.3b0 uBlock 1.37.3b0 2021-07-28T17:07:36+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3b0...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3b0.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b0/uBlock0_1.37.3b0.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3b0.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b0/uBlock0_1.37.3b0.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 65+ required) --- ## Notable commits without en entry in the issue tracker - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - A regression in 1.37.1b1 as a result of this commit was [fixed in 1.37.1b2](https://github.com/gorhill/uBlock/commit/f392d09a13640cd41fee091e6329421c36eaf63f), and you may need to force an update of filter lists which were updated in 1.37.1b1. - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-07-28T17:07:36+00:00 application 1.2.2 application 1.2.2 2021-07-28T17:09:12+00:00 - Sort employees on the employees page by last name - Fix sorting by name in reporting - Department sorting respects locale 2021-07-28T17:09:12+00:00 netbox v2.11.10 netbox v2.11.10 2021-07-28T19:57:15+00:00 ## Enhancements * [#6560](https://github.com/netbox-community/netbox/issues/6560) - Enable CSV import via uploaded file * [#6644](https://github.com/netbox-community/netbox/issues/6644) - Add 6P/4P pass-through port types * [#6771](https://github.com/netbox-community/netbox/issues/6771) - Add count of inventory items to manufacturer view * [#6785](https://github.com/netbox-community/netbox/issues/6785) - Add "hardwired" type for power port types ## Bug Fixes * [#5442](https://github.com/netbox-community/netbox/issues/5442) - Fix assignment of permissions based on LDAP groups * [#5627](https://github.com/netbox-community/netbox/issues/5627) - Fix filtering of interface connections list * [#6759](https://github.com/netbox-community/netbox/issues/6759) - Fix assignment of parent interfaces for bulk import * [#6773](https://github.com/netbox-community/netbox/issues/6773) - Add missing `display` field to rack unit serializer * [#6774](https://github.com/netbox-community/netbox/issues/6774) - Fix A/Z assignment when swapping circuit terminations * [#6777](https://github.com/netbox-community/netbox/issues/6777) - Fix default value validation for custom text fields * [#6778](https://github.com/netbox-community/netbox/issues/6778) - Rack reservation should display rack's location * [#6780](https://github.com/netbox-community/netbox/issues/6780) - Include rack location in navigation breadcrumbs * [#6794](https://github.com/netbox-community/netbox/issues/6794) - Fix device name display on device status view * [#6812](https://github.com/netbox-community/netbox/issues/6812) - Limit reported prefix utilization to 100% * [#6822](https://github.com/netbox-community/netbox/issues/6822) - Use consistent maximum value for interface MTU ## Other Changes * [#6781](https://github.com/netbox-community/netbox/issues/6781) - Database query caching is now disabled by default 2021-07-28T19:57:15+00:00 DevSkim v0.4.244 DevSkim v0.4.244 2021-07-28T21:13:01+00:00 ## Changes: * 4799220fb8ae3f87d07c06adde553606b6f8ae85 Fix #307 (#308) * 8bd0a9a730c8147c90a30ec5fa9585c3d0468aa5 Note that untrusted workspaces are not supported. (#302) [ #277 ] This list of changes was [auto generated](https://twcsecurityassurance.visualstudio.com/SecurityEngineering/_build/results?buildId=9952&view=logs). 2021-07-28T21:13:01+00:00 MOSP v0.15.0 MOSP v0.15.0 2021-07-29T08:31:26+00:00 This release introduce the versioning of objects: #35 See the changelog for more details. ![diff](https://user-images.githubusercontent.com/465400/127459026-bcee4954-d7e4-4d12-9c64-e897908819f1.png) ![list_versions](https://user-images.githubusercontent.com/465400/127459063-cfa45b9b-46c1-4e3f-9e95-3854524062ef.png) 2021-07-29T08:31:26+00:00 khal v0.10.4 khal v0.10.4 2021-07-29T17:45:27+00:00 * DROPPED support for Python 3.5 * CHANGE ikhal: tab (and shift tab) jump from the events back to the calendar * NEW Add symbol for events with at least one alarm * FIX URL can now be set/updated from ikhal * FIX Imported events without an end or duration will now last one day if `DTSTART` is a date (as per RFC) or one hour if it is a datetime. 2021-07-29T17:45:27+00:00 uBlock 1.37.3b2 uBlock 1.37.3b2 2021-07-29T21:06:17+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3b2...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3b2.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b2/uBlock0_1.37.3b2.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3b2.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b2/uBlock0_1.37.3b2.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **NodeJS**: Download and unzip [uBlock0_1.37.3b2.nodejs.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b2/uBlock0_1.37.3b2.nodejs.xpi). --- ## New A new NodeJS package will now published with every release. The package allows to import and use uBO's static network filtering engine into NodeJS. This is currently minimal and a first iteration, and issues regarding the NodeJS package are accepted in order to improve usability of uBO's filtering engine as as a NodeJS package. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. Refer to the [content of `test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js) for usage. ~~A current limitation is that the WASM code paths can't be enabled since currently the WASM modules are loaded using the [`fetch() API`](https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API), which is not available as default API in NodeJS. I will attempt to identify a solution in a future version.~~ Fixed in 1.37.3b2. Since I have little experience with dealing with NodeJS environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of some browsers has been increased to Chromium 61 and Opera 48. For Firefox 59 or less, you will have to toggle the `thedom.moduleScripts.enabled` preference to `true`. ## Notable commits without en entry in the issue tracker - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - A regression in 1.37.1b1 as a result of this commit was [fixed in 1.37.1b2](https://github.com/gorhill/uBlock/commit/f392d09a13640cd41fee091e6329421c36eaf63f), and you may need to force an update of filter lists which were updated in 1.37.1b1. - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-07-29T21:06:17+00:00 mimikatz 2.2.0-20210729 mimikatz 2.2.0-20210729 2021-07-29T22:04:28+00:00 2021-07-29T22:04:28+00:00 chipsec 1.7.0 chipsec 1.7.0 2021-07-29T23:18:41+00:00 __New or Updated Modules/UtilCmds:__ * `tools.smm.smm_ptr` - Update smm_ptr.py to use print_buffer_bytes when logging in verbose mode * `utilcmd.mmio_cmd` - Update to work with multibus enhancements * `utilcmd.tpm_cmd` - Update tpm_cmd to not use the TPM hal when running tpm_parse __New or Updated Configurations:__ * `8086/icx` - Add ICX support to Chipsec * `8086/pch_1xx` - Update PCH-Y Premium sku to pch_1xx config * `8086/skx` - Cleanup SKX config * `8086/tpm12` - Add Config definition for TPM 1.2 __Removed Modules:__ * None __Additional Changes:__ * `chipsec.chipset`: * Fixup cs print_register(_all) for multibus support * Modify cs.Cfg.BUS creation to enhance multibus support * Modify mutlibus functions to use variable `bus` vs `bus_index` * `chipsec.hal.mmio` - Update to support multibus in hal mmio functions * `chipsec.hal.tpm` - Update TPM HAL to use TPM configuration file * `chipsec.hal.uefi` - Fix HW access errors when looking for EFI tables in memory * `chipsec.logger` - Add log_error function * `drivers.win7.chipsec_hlpr` - .inf, .sln, vcxproj: Update to support Windows 11 (WDK 10.0.22000 version) __Additional Notes:__ * __For Windows, Linux and MacOS: Python2 support has been deprecated as of June 2020. Please use Python3.__ * Any modules under the `modules.tools` directory have not yet been fully validated to work with Python3. __New Module Details:__ Module Name | Supported Platforms | Flags :---: | :---: | :---: 2021-07-29T23:18:41+00:00 tidb v5.1.1 tidb v5.1.1 2021-07-30T07:33:34+00:00 ## Compatibility changes * For TiDB clusters upgrade from v4.0 to v5.1, the default value of `tidb_multi_statement_mode` is `OFF`. It is recommended to use the multi-statement feature of your client library instead. See [the documentation on `tidb_multi_statement_mode`](/system-variables.md#tidb_multi_statement_mode-new-in-v4011) for details. [#25751](https://github.com/pingcap/tidb/pull/25751) * Change the default value of the `tidb_stmt_summary_max_stmt_count` variable from `200` to `3000` [#25874](https://github.com/pingcap/tidb/pull/25874) * Require the `SUPER` privilege to access the `table_storage_stats` table [#26352](https://github.com/pingcap/tidb/pull/26352) * Require the `SELECT` privilege on `mysql.user` to access the `information_schema.user_privileges` table to show other user's privileges [#26311](https://github.com/pingcap/tidb/pull/26311) * Require the `CONFIG` privilege to access the `information_schema.cluster_hardware` table [#26297](https://github.com/pingcap/tidb/pull/26297) * Require the `PROCESS` privilege to access the `information_schema.cluster_info` table [#26297](https://github.com/pingcap/tidb/pull/26297) * Require the `PROCESS` privilege to access the `information_schema.cluster_load` table [#26297](https://github.com/pingcap/tidb/pull/26297) * Require the `PROCESS` privilege to access the `information_schema.cluster_systeminfo` table [#26297](https://github.com/pingcap/tidb/pull/26297) * Require the `PROCESS` privilege to access the `information_schema.cluster_log` table [#26297](https://github.com/pingcap/tidb/pull/26297) * Require the `CONFIG` privilege to access the `information_schema.cluster_config` table [#26150](https://github.com/pingcap/tidb/pull/26150) ## Improvements * Announce the general availability (GA) of the Stale Read feature * Avoid allocation for `paramMarker` to speed up data insertion [#26076](https://github.com/pingcap/tidb/pull/26076) * Support the stable result mode to make the query results more stable [#25995](https://github.com/pingcap/tidb/pull/25995) * Support pushing down the built-in function `json_unquote()` to TiKV [#26265](https://github.com/pingcap/tidb/pull/26265) * Support retrying MPP queries [#26480](https://github.com/pingcap/tidb/pull/26480) * Change the `LOCK` record into the `PUT` record for the index keys using `point get` or `batch point get` for `UPDATE` reads [#26225](https://github.com/pingcap/tidb/pull/26225) * Forbid creating views from stale queries [#26200](https://github.com/pingcap/tidb/pull/26200) * Thoroughly push down the `COUNT(DISTINCT)` aggregation function in the MPP mode [#26194](https://github.com/pingcap/tidb/pull/26194) * Check the availability of TiFlash before launching MPP queries [#26192](https://github.com/pingcap/tidb/pull/26192) * Do not allow setting the read timestamp to a future time [#25763](https://github.com/pingcap/tidb/pull/25763) * Print log warnings when aggregation functions cannot be pushed down in `EXPLAIN` statements [#25737](https://github.com/pingcap/tidb/pull/25737) * Add the `statements_summary_evicted` table to record the evicted count information of a cluster [#25587](https://github.com/pingcap/tidb/pull/25587) * Improve the MySQL compatibility of the built-in function `str_to_date` for the format specifiers `%b/%M/%r/%T` [#25768](https://github.com/pingcap/tidb/pull/25768) ## Bug fixes * Fix the data loss issue that might occur when changing the column type with `tidb_enable_amend_pessimistic_txn=on` [#26203](https://github.com/pingcap/tidb/issues/26203) * Fix the issue that the behavior of the `last_day` function is incompatible in the SQL mode [#26001](https://github.com/pingcap/tidb/pull/26001) * Fix the panic issue that might occur when `LIMIT` is on top of window functions [#25344](https://github.com/pingcap/tidb/issues/25344) * Fix the issue that committing pessimistic transactions might cause write conflict [#25964](https://github.com/pingcap/tidb/issues/25964) * Fix the issue that the result of index join in correlated subqueries is wrong [#25799](https://github.com/pingcap/tidb/issues/25799) * Fix a bug that the successfully committed optimistic transactions might report commit errors [#10468](https://github.com/tikv/tikv/issues/10468) * Fix the issue that an incorrect result is returned when using merge join on the `SET` type column [#25669](https://github.com/pingcap/tidb/issues/25669) * Fix a bug that the index keys in a pessimistic transaction might be repeatedly committed [#26359](https://github.com/pingcap/tidb/issues/26359) * Fix the risk of integer overflow when the optimizer is locating partitions [#26227](https://github.com/pingcap/tidb/issues/26227) * Fix the issue that invalid values might be written when casting `DATE` to timestamp [#26292](https://github.com/pingcap/tidb/issues/26292) * Fix the issue that the Coprocessor Cache metrics are not displayed on Grafana [#26338](https://github.com/pingcap/tidb/issues/26338) * Fix the issue of annoying logs caused by telemetry [#25760](https://github.com/pingcap/tidb/issues/25760) [#25785](https://github.com/pingcap/tidb/issues/25785) * Fix a bug on the query range of prefix index [#26029](https://github.com/pingcap/tidb/issues/26029) * Fix the issue that concurrently truncating the same partition hangs DDL executions [#26229](https://github.com/pingcap/tidb/issues/26229) * Fix the issue of duplicate `ENUM` items [#25955](https://github.com/pingcap/tidb/issues/25955) * Fix a bug that the CTE iterator is not correctly closed [#26112](https://github.com/pingcap/tidb/issues/26112) * Fix the issue that the `LOAD DATA` statement might abnormally import non-utf8 data [#25979](https://github.com/pingcap/tidb/issues/25979) * Fix the panic issue that might occur when using the window function on the unsigned integer columns [#25956](https://github.com/pingcap/tidb/issues/25956) * Fix the issue that TiDB might panic when resolving async commit locks [#25778](https://github.com/pingcap/tidb/issues/25778) * Fix the issue that Stale Read is not fully compatible with the `PREPARE` statements [#25800](https://github.com/pingcap/tidb/pull/25800) * Fix the issue that the ODBC-styled constant (for example, `{d '2020-01-01'}`) cannot be used as the expression [#25531](https://github.com/pingcap/tidb/issues/25531) * Fix an error that occurs when running TiDB alone [#25555](https://github.com/pingcap/tidb/pull/25555) 2021-07-30T07:33:34+00:00 application 1.2.3 application 1.2.3 2021-07-30T07:56:58+00:00 * Fix issues with sorting of Leave Types: it is locale aware now * Make notification widget to poll periodically for updates * Reflect number of notifications in the page title ![image](https://user-images.githubusercontent.com/203539/127620780-59a8f144-d79f-4b17-9302-6ae41fc35351.png) 2021-07-30T07:56:58+00:00 syncthing v1.18.1-rc.3 syncthing v1.18.1-rc.3 2021-07-30T13:02:37+00:00 Bugfixes: - #7704: Changing folder type from receive encrypted to a different type corrupts the database - #7706: Delete Unexpected Items in receive encrypted folder is unable to delete ".stfolder.removed-*" - #7740: Incorrect local state when using negated patterns inside ignored parent folder on both sides - #7809: Syncthing attemps IPv4 addresses for quic6:// peers - #7839: Not exposed string for translation - #7845: Strings unavailable for translation 2021-07-30T13:02:37+00:00 clair v4.2.0-rc.2 clair v4.2.0-rc.2 2021-07-30T14:11:54+00:00 <a name="unreleased"></a> ## [Unreleased] <a name="v4.2.0-rc.2"></a> ## [v4.2.0-rc.2] - 2021-07-29 ### Chore - [263d667](https://github.com/quay/clair/commit/263d6677e6cf661c281de6087bb93628b79c3ee0): update claircore ### Deployment - [c888a3f](https://github.com/quay/clair/commit/c888a3f21b6397355761b6eb056d95487bbf3eca): Fix microdnf install inconsistencies [Unreleased]: https://github.com/quay/clair/compare/v4.2.0-rc.2...HEAD [v4.2.0-rc.2]: https://github.com/quay/clair/compare/v4.2.0-rc.1...v4.2.0-rc.2 2021-07-30T14:11:54+00:00 traefik v2.4.13 traefik v2.4.13 2021-07-30T15:29:28+00:00 **Bug fixes:** - **[authentication,middleware]** Remove hop-by-hop headers define in connection header beore some middleware ([#8319](https://github.com/traefik/traefik/pull/8319) by [ldez](https://github.com/ldez)) 2021-07-30T15:29:28+00:00 scancode-toolkit v21.7.30 scancode-toolkit v21.7.30 2021-07-30T22:32:55+00:00 This is a minor release with several bug fixes, major performance improvements and support for new and improved package formats Many thanks to every contributors that made this possible and in particular: - Abhigya Verma @abhi27-web - Ayan Sinha Mahapatra @AyanSinhaMahapatra - Dennis Clark @DennisClark - Jono Yang @JonoYang - Mayur Agarwal @mrmayurgithub - Philippe Ombredanne @pombredanne - Pierre Tardy @tardyp ## Key changes: ### Outputs: - Add new YAML-formatted output. This is exactly the same data structure as for the JSON output - Add new Debian machine readable copyright output. - The CSV output "Resource" column has been renamed to "path". - The SPDX output now has the mandatory DocumentNamespace attribute per SPDX specs #2344 ### Copyright detection: - The copyright detection speed has been significantly improved with the tests taking roughly 1/2 of the time to run. This is achieved mostly by replacing NLTK with a the minimal and simplified subset we need in a new library named pygmars. ### License detection: - Add new licenses: now tracking 1763 licenses - Add new license detection rules: now tracking 29475 license detection rules - We have also improved license expression parsing and processing ### Package detection: - The Debian packages declared license detection has been significantly improved. - The Alpine packages declared license detection has been significantly improved. - There is new support for shell parsing and Alpine packages APKBUILD data collection. - There is new support for various Windows packages detection using multiple techniques including MSI, Windows registry and several more. - There is new support for Distroless Debian-like installed packages. - There is new support for Dart Pub package manifests. 2021-07-30T22:32:55+00:00 uBlock 1.37.3b3 uBlock 1.37.3b3 2021-07-31T18:51:52+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3b3...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3b3.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b3/uBlock0_1.37.3b3.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3b3.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b3/uBlock0_1.37.3b3.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **NodeJS**: Download and unzip [uBlock0_1.37.3b3.nodejs.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b3/uBlock0_1.37.3b3.nodejs.xpi). --- ## New A new NodeJS package will now published with every release. The package allows to import and use uBO's static network filtering engine into NodeJS. This is currently minimal and a first iteration, and issues regarding the NodeJS package are accepted in order to improve usability of uBO's filtering engine as as a NodeJS package. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. For usage, refer to the [`test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js), or [`ublock.js`](https://github.com/cliqz-oss/adblocker/blob/master/packages/adblocker-benchmarks/blockers/ublock.js) used in Cliqz's benchmark. Since I have little experience with dealing with NodeJS environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [patch by @vtriolet] [TypeError in noscript-spoof scriptlet with invalid meta refresh URL](https://github.com/uBlockOrigin/uBlock-issues/issues/1676) - [TypeError when trying to use element picker on plaintext resource](https://github.com/uBlockOrigin/uBlock-issues/issues/1675) - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of some browsers has been increased to Chromium 61 and Opera 48. For Firefox 59 or less, you will have to toggle the `thedom.moduleScripts.enabled` preference to `true`. ## Notable commits without en entry in the issue tracker - [patch by @mjethani] [Add Makefile](https://github.com/gorhill/uBlock/pull/3789) - [patch by @mjethani] [Make uAssets a submodule](https://github.com/gorhill/uBlock/commit/63591ef2aa818bced3dc5d7bd0bbb1c397e44e2f) - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-07-31T18:51:52+00:00 seaweedfs 2.61 seaweedfs 2.61 2021-08-01T22:51:50+00:00 * Shell: * `volume.tier.move` adds capability to use wildcard to specify collections #2221 * `collection.list` calculates size and file count for a collection #2224 * Add `volume.deleteEmpty` to purge empty volumes * Volume * Deletion can skip volume size checking #2225 2021-08-01T22:51:50+00:00 maltrail 0.36 maltrail 0.36 2021-08-02T00:39:44+00:00 Start-of-month release 2021-08-02T00:39:44+00:00 sleuthkit sleuthkit-4.11.0 sleuthkit sleuthkit-4.11.0 2021-08-02T11:41:54+00:00 **C/C++:** - Added checks at various layers to detect encrypted file systems and disks to give more useful error messages. - Added checks to detect file formats that are not supported (such as AD1, ZIP, etc.) to give more useful error messages. - Added tsk_imageinfo tool that detects if an image is supported by TSK and if it is encrypted. - Add numerous bound checks from @joachimmetz - Clarified licenses as pointed out by @joachimmetz **Java:** - Updated from Schema 8.6 to 9.1. - Added tables and classes for OS Accounts and Realms (Domains). - Added tables and classes for Host Addresses (IP, MAC, etc.). - Added tables and classes for Analysis Results vs Data Artifacts by adding onto BlackboardArtifacts. - Added tables and classes for Host and Person to make it easier to group data sources. - Added static types for standard artifact types. - Added File Attribute table to allow custom information to be stored for each file. - Made ordering of getting lock and connection consistent. - Made the findFile methods more efficient by using extension (which is indexed). 2021-08-02T11:41:54+00:00 uBlock 1.37.3b4 uBlock 1.37.3b4 2021-08-02T14:25:12+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3b4...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3b4.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b4/uBlock0_1.37.3b4.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3b4.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b4/uBlock0_1.37.3b4.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **NodeJS**: Download and unzip [uBlock0_1.37.3b4.nodejs.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b4/uBlock0_1.37.3b4.nodejs.xpi). --- ## New A new NodeJS package will now published with every release. The package allows to import and use uBO's static network filtering engine into NodeJS. This is currently minimal and a first iteration, and issues regarding the NodeJS package are accepted in order to improve usability of uBO's filtering engine as as a NodeJS package. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. For usage, refer to the [`test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js), or [`ublock.js`](https://github.com/cliqz-oss/adblocker/blob/master/packages/adblocker-benchmarks/blockers/ublock.js) used in Cliqz's benchmark. Since I have little experience with dealing with NodeJS environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [patch by @vtriolet] [TypeError in noscript-spoof scriptlet with invalid meta refresh URL](https://github.com/uBlockOrigin/uBlock-issues/issues/1676) - [TypeError when trying to use element picker on plaintext resource](https://github.com/uBlockOrigin/uBlock-issues/issues/1675) - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of some browsers has been increased to Chromium 61 and Opera 48. For Firefox 59 or less, you will have to toggle the `thedom.moduleScripts.enabled` preference to `true`. ## Notable commits without en entry in the issue tracker - [patch by @mjethani] [Add Makefile](https://github.com/gorhill/uBlock/pull/3789) - [patch by @mjethani] [Make uAssets a submodule](https://github.com/gorhill/uBlock/commit/63591ef2aa818bced3dc5d7bd0bbb1c397e44e2f) - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-08-02T14:25:12+00:00 BGPalerter v1.28.2 BGPalerter v1.28.2 2021-08-02T16:11:11+00:00 2021-08-02T16:11:11+00:00 wire-server v2021-08-02 wire-server v2021-08-02 2021-08-02T18:38:06+00:00 ## Release Notes If you want to set the default for file sharing in all teams to `disabled`, search for "File Sharing" in https://github.com/wireapp/wire-server/tree/develop/docs/reference/config-options.md. ## Release Notes for Wire.com Cloud operators Upgrade nginz (#1658) ## API Changes ## Features * A new team feature for classified domains is available (#1626): - a public endpoint is at `GET /teams/:tid/features/classifiedDomains` - an internal endpoint is at `GET /i/teams/:tid/features/classifiedDomains` * Extend feature config API (#1658) * `fileSharing` feature config (#1652, #1654, #1655) * `conferenceCalling` feature flag (#1683) * Add user_id to csv export (#1663) ## Bug fixes and other updates * New, hardened end-point for changing email (68b4db08) * Fix: CSV export is missing SCIM external id when SAML is also used (#1608) * Fix: sso_id field in user record (brig) was not always filled correctly in cassandra (#1334) ## Documentation * Improved Swagger documentation for endpoints with multiple responses (#1649, #1645) ## Internal changes * Improvements to local integration test setup when using buildah and kind (#1667) * The servant-swagger dependency now points to the current upstream master (#1656) * Improved error handling middleware (#1671) * Refactor function createUser for readability (#1670) * Removed explicit implementation for user HEAD endpoints (#1679) * Improved test coverage for error responses (#1680) * Introduced `MultiVerb` endpoints in Servant API (#1649). ## Federation changes (alpha feature, do not use yet) * Validate server TLS certificate between federators (#1662) * A clarification is added about listing your own domain as a classified domain (#1678) * Added a `QualifiedCapture` type to Servant for qualified paths (#1669) * Renamed `DomainHeader` type to `OriginDomainHeader` (#1689) * Added golden tests for protobuf serialisation / deserialisation (#1644). 2021-08-02T18:38:06+00:00 syncthing v1.18.1 syncthing v1.18.1 2021-08-03T06:45:27+00:00 Bugfixes: - #7704: Changing folder type from receive encrypted to a different type corrupts the database - #7706: Delete Unexpected Items in receive encrypted folder is unable to delete ".stfolder.removed-*" - #7740: Incorrect local state when using negated patterns inside ignored parent folder on both sides - #7809: Syncthing attemps IPv4 addresses for quic6:// peers - #7839: Not exposed string for translation - #7845: Strings unavailable for translation 2021-08-03T06:45:27+00:00 signature-base v2.0 signature-base v2.0 2021-08-03T08:25:46+00:00 - the last version of the rules before a general license switch to DRL 1.1 (Detection Rule License) https://github.com/SigmaHQ/sigma/blob/drl-1.1/LICENSE.Detection.Rules.md 2021-08-03T08:25:46+00:00 restic v0.12.1 restic v0.12.1 2021-08-03T10:02:58+00:00 We're very pleased to present you restic 0.12.1! restic is distributed as a standalone binary: download the correct file for your operating system and architecture, extract the file and just run it. If you run into any issues, please report them at [the GitHub issue tracker](https://github.com/restic/restic/issues/new) or visit [the forum](https://forum.restic.net). If you already have restic >= 0.9.4, you can use `restic self-update` to get the latest version in a secure way. The binaries released with each restic version are [reproducible](https://reproducible-builds.org/), which means that you can reproduce a byte identical version from the source code for that release. Instructions on how to do that in the [Developer Documentation](https://github.com/restic/restic/blob/master/doc/developer_information.rst). Changelog for restic 0.12.1 (2021-08-03) ======================================= The following sections list the changes in restic 0.12.1 relevant to restic users. The changes are ordered by importance. Summary ------- * Fix [#2742](https://github.com/restic/restic/issues/2742): Improve error handling for rclone and REST backend over HTTP2 * Fix [#3111](https://github.com/restic/restic/issues/3111): Fix terminal output redirection for PowerShell * Fix [#3214](https://github.com/restic/restic/issues/3214): Treat an empty password as a fatal error for repository init * Fix [#3267](https://github.com/restic/restic/issues/3267): `copy` failed to copy snapshots in rare cases * Fix [#3184](https://github.com/restic/restic/issues/3184): `backup --quiet` no longer prints status information * Fix [#3296](https://github.com/restic/restic/issues/3296): Fix crash of `check --read-data-subset=x%` run for an empty repository * Fix [#3302](https://github.com/restic/restic/issues/3302): Fix `fdopendir: not a directory` error for local backend * Fix [#3334](https://github.com/restic/restic/issues/3334): Print `created new cache` message only on a terminal * Fix [#3380](https://github.com/restic/restic/issues/3380): Fix crash of `backup --exclude='**'` * Fix [#3305](https://github.com/restic/restic/pull/3305): Fix possibly missing backup summary of JSON output in case of error * Fix [#3439](https://github.com/restic/restic/issues/3439): Correctly handle download errors during `restore` * Chg [#3247](https://github.com/restic/restic/issues/3247): Empty files now have size of 0 in `ls --json` output * Enh [#2780](https://github.com/restic/restic/issues/2780): Add release binaries for s390x architecture on Linux * Enh [#3293](https://github.com/restic/restic/issues/3293): Add `--repository-file2` option to `init` and `copy` command * Enh [#3312](https://github.com/restic/restic/pull/3312): Add auto-completion support for fish * Enh [#3336](https://github.com/restic/restic/issues/3336): SFTP backend now checks for disk space * Enh [#3377](https://github.com/restic/restic/issues/3377): Add release binaries for Apple Silicon * Enh [#3414](https://github.com/restic/restic/issues/3414): Add `--keep-within-hourly` option to restic forget * Enh [#3456](https://github.com/restic/restic/issues/3456): Support filtering and specifying untagged snapshots * Enh [#3167](https://github.com/restic/restic/pull/3167): Allow specifying limit of `snapshots` list * Enh [#3426](https://github.com/restic/restic/pull/3426): Optimize read performance of mount command * Enh [#3427](https://github.com/restic/restic/pull/3427): `find --pack` fallback to index if data file is missing Details ------- * Bugfix #2742: Improve error handling for rclone and REST backend over HTTP2 When retrieving data from the rclone / REST backend while also using HTTP2 restic did not detect when no data was returned at all. This could cause for example the `check` command to report the following error: Pack ID does not match, want [...], got e3b0c442 This has been fixed by correctly detecting and retrying the incomplete download. [#2742](https://github.com/restic/restic/issues/2742) [#3453](https://github.com/restic/restic/pull/3453) https://forum.restic.net/t/http2-stream-closed-connection-reset-context-canceled/3743/10 * Bugfix #3111: Fix terminal output redirection for PowerShell When redirecting the output of restic using PowerShell on Windows, the output contained terminal escape characters. This has been fixed by properly detecting the terminal type. In addition, the mintty terminal now shows progress output for the backup command. [#3111](https://github.com/restic/restic/issues/3111) [#3325](https://github.com/restic/restic/pull/3325) * Bugfix #3214: Treat an empty password as a fatal error for repository init When attempting to initialize a new repository, if an empty password was supplied, the repository would be created but the init command would return an error with a stack trace. Now, if an empty password is provided, it is treated as a fatal error, and no repository is created. [#3214](https://github.com/restic/restic/issues/3214) [#3283](https://github.com/restic/restic/pull/3283) * Bugfix #3267: `copy` failed to copy snapshots in rare cases The `copy` command could in rare cases fail with the error message `SaveTree(...) returned unexpected id ...`. This has been fixed. On Linux/BSDs, the error could be caused by backing up symlinks with non-UTF-8 target paths. Note that, due to limitations in the repository format, these are not stored properly and should be avoided if possible. [#3267](https://github.com/restic/restic/issues/3267) [#3310](https://github.com/restic/restic/pull/3310) * Bugfix #3184: `backup --quiet` no longer prints status information A regression in the latest restic version caused the output of `backup --quiet` to contain large amounts of backup progress information when run using an interactive terminal. This is fixed now. A workaround for this bug is to run restic as follows: `restic backup --quiet [..] | cat -`. [#3184](https://github.com/restic/restic/issues/3184) [#3186](https://github.com/restic/restic/pull/3186) * Bugfix #3296: Fix crash of `check --read-data-subset=x%` run for an empty repository The command `restic check --read-data-subset=x%` crashed when run for an empty repository. This has been fixed. [#3296](https://github.com/restic/restic/issues/3296) [#3309](https://github.com/restic/restic/pull/3309) * Bugfix #3302: Fix `fdopendir: not a directory` error for local backend The `check`, `list packs`, `prune` and `rebuild-index` commands failed for the local backend when the `data` folder in the repository contained files. This has been fixed. [#3302](https://github.com/restic/restic/issues/3302) [#3308](https://github.com/restic/restic/pull/3308) * Bugfix #3334: Print `created new cache` message only on a terminal The message `created new cache` was printed even when the output wasn't a terminal. That broke piping `restic dump` output to tar or zip if cache directory didn't exist. The message is now only printed on a terminal. [#3334](https://github.com/restic/restic/issues/3334) [#3343](https://github.com/restic/restic/pull/3343) * Bugfix #3380: Fix crash of `backup --exclude='**'` The exclude filter `**`, which excludes all files, caused restic to crash. This has been corrected. [#3380](https://github.com/restic/restic/issues/3380) [#3393](https://github.com/restic/restic/pull/3393) * Bugfix #3305: Fix possibly missing backup summary of JSON output in case of error When using `--json` output it happened from time to time that the summary output was missing in case an error occurred. This has been fixed. [#3305](https://github.com/restic/restic/pull/3305) * Bugfix #3439: Correctly handle download errors during `restore` Due to a regression in restic 0.12.0, the `restore` command in some cases did not retry download errors and only printed a warning. This has been fixed by retrying incomplete data downloads. [#3439](https://github.com/restic/restic/issues/3439) [#3449](https://github.com/restic/restic/pull/3449) * Change #3247: Empty files now have size of 0 in `ls --json` output The `ls --json` command used to omit the sizes of empty files in its output. It now reports a size of zero explicitly for regular files, while omitting the size field for all other types. [#3247](https://github.com/restic/restic/issues/3247) [#3257](https://github.com/restic/restic/pull/3257) * Enhancement #2780: Add release binaries for s390x architecture on Linux We've added release binaries for Linux using the s390x architecture. [#2780](https://github.com/restic/restic/issues/2780) [#3452](https://github.com/restic/restic/pull/3452) * Enhancement #3293: Add `--repository-file2` option to `init` and `copy` command The `init` and `copy` command can now be used with the `--repository-file2` option or the `$RESTIC_REPOSITORY_FILE2` environment variable. These to options are in addition to the `--repo2` flag and allow you to read the destination repository from a file. Using both `--repository-file` and `--repo2` options resulted in an error for the `copy` or `init` command. The handling of this combination of options has been fixed. A workaround for this issue is to only use `--repo` or `-r` and `--repo2` for `init` or `copy`. [#3293](https://github.com/restic/restic/issues/3293) [#3294](https://github.com/restic/restic/pull/3294) * Enhancement #3312: Add auto-completion support for fish The `generate` command now supports fish auto completion. [#3312](https://github.com/restic/restic/pull/3312) * Enhancement #3336: SFTP backend now checks for disk space Backing up over SFTP previously spewed multiple generic "failure" messages when the remote disk was full. It now checks for disk space before writing a file and fails immediately with a "no space left on device" message. [#3336](https://github.com/restic/restic/issues/3336) [#3345](https://github.com/restic/restic/pull/3345) * Enhancement #3377: Add release binaries for Apple Silicon We've added release binaries for macOS on Apple Silicon (M1). [#3377](https://github.com/restic/restic/issues/3377) [#3394](https://github.com/restic/restic/pull/3394) * Enhancement #3414: Add `--keep-within-hourly` option to restic forget The `forget` command allowed keeping a given number of hourly backups or to keep all backups within a given interval, but it was not possible to specify keeping hourly backups within a given interval. The new `--keep-within-hourly` option now offers this functionality. Similar options for daily/weekly/monthly/yearly are also implemented, the new options are: --keep-within-hourly <1y2m3d4h> --keep-within-daily <1y2m3d4h> --keep-within-weekly <1y2m3d4h> --keep-within-monthly <1y2m3d4h> --keep-within-yearly <1y2m3d4h> [#3414](https://github.com/restic/restic/issues/3414) [#3416](https://github.com/restic/restic/pull/3416) https://forum.restic.net/t/forget-policy/4014/11 * Enhancement #3456: Support filtering and specifying untagged snapshots It was previously not possible to specify an empty tag with the `--tag` and `--keep-tag` options. This has now been fixed, such that `--tag ''` and `--keep-tag ''` now matches snapshots without tags. This allows e.g. the `snapshots` and `forget` commands to only operate on untagged snapshots. [#3456](https://github.com/restic/restic/issues/3456) [#3457](https://github.com/restic/restic/pull/3457) * Enhancement #3167: Allow specifying limit of `snapshots` list The `--last` option allowed limiting the output of the `snapshots` command to the latest snapshot for each host. The new `--latest n` option allows limiting the output to the latest `n` snapshots. This change deprecates the option `--last` in favour of `--latest 1`. [#3167](https://github.com/restic/restic/pull/3167) * Enhancement #3426: Optimize read performance of mount command Reading large files in a mounted repository may be up to five times faster. This improvement primarily applies to repositories stored at a backend that can be accessed with low latency, like e.g. the local backend. [#3426](https://github.com/restic/restic/pull/3426) * Enhancement #3427: `find --pack` fallback to index if data file is missing When investigating a repository with missing data files, it might be useful to determine affected snapshots before running `rebuild-index`. Previously, `find --pack pack-id` returned no data as it required accessing the data file. Now, if the necessary data is still available in the repository index, it gets retrieved from there. The command now also supports looking up multiple pack files in a single `find` run. [#3427](https://github.com/restic/restic/pull/3427) https://forum.restic.net/t/missing-packs-not-found/2600 2021-08-03T10:02:58+00:00 logstash v7.14.0 logstash v7.14.0 2021-08-03T13:35:35+00:00 Downloads: https://elastic.co/downloads/logstash Release notes: https://www.elastic.co/guide/en/logstash/7.14/logstash-7-14-0.html 2021-08-03T13:35:35+00:00 logstash v6.8.18 logstash v6.8.18 2021-08-03T13:36:28+00:00 Downloads: https://elastic.co/downloads/logstash Release notes: https://www.elastic.co/guide/en/logstash/6.8/logstash-6-8-18.html 2021-08-03T13:36:28+00:00 dap v1.2.8 dap v1.2.8 2021-08-03T15:24:03+00:00 Changes: - Improve HTML link regex (#84) 2021-08-03T15:24:03+00:00 dap v1.2.7 dap v1.2.7 2021-08-03T15:24:24+00:00 Changes: - Require Recog 2.3.8 2021-08-03T15:24:24+00:00 mitmproxy v7.0.1 mitmproxy v7.0.1 2021-08-03T15:29:24+00:00 * Performance: Re-use OpenSSL contexts to enable TLS session resumption (@mhils) * Disable HTTP/2 CONNECT for Secure Web Proxies to fix compatibility with Firefox (@mhils) * Use local IP address as certificate subject if no other info is available (@mhils) * Make it possible to return multiple chunks for HTTP stream modification (@mhils) * Don't send WebSocket CONTINUATION frames when the peer does not send any (@Pilphe) * Fix HTTP stream modify example. (@mhils) * Fix a crash caused by no-op assignments to `Server.address` (@SaladDais) * Fix a crash when encountering invalid certificates (@mhils) * Fix a crash when pressing the Home/End keys in some screens (@rbdixon) * Fix a crash when reading corrupted flow dumps (@mhils) * Fix multiple crashes on flow export (@mhils) * Fix a bug where ASGI apps did not see the request body (@mhils) * Minor documentation improvements (@mhils) You can find the latest release packages at https://mitmproxy.org/downloads/. 2021-08-03T15:29:24+00:00 uBlock 1.37.3b6 uBlock 1.37.3b6 2021-08-03T18:06:55+00:00 [Commits to master since this release](https://github.com/gorhill/uBlock/compare/1.37.3b6...master) To install the developer build: - **Firefox**: Click [uBlock0_1.37.3b6.firefox.signed.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b6/uBlock0_1.37.3b6.firefox.signed.xpi). - [uBO works best on Firefox](https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox). - **Chromium**: Install from the Chrome Web Store (CWS): <https://chrome.google.com/webstore/detail/ublock-origin-dev-build/cgbcahbpdhpcegmbfconppldiemgcoii>. - **Thunderbird**: Download [uBlock0_1.37.3b6.thunderbird.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b6/uBlock0_1.37.3b6.thunderbird.xpi), then drag-n-drop it into Thunderbird's _Add-ons Manager_ pane (Thunderbird 78+ required) - **NodeJS**: Download and unzip [uBlock0_1.37.3b6.nodejs.xpi](https://github.com/gorhill/uBlock/releases/download/1.37.3b6/uBlock0_1.37.3b6.nodejs.xpi). --- ## New A new NodeJS package will now published with every release. The package allows to import and use uBO's static and dynamic filtering engines into NodeJS. This is currently minimal and a first iteration, and issues regarding the NodeJS package are accepted in order to improve usability of uBO's filtering engines in a NodeJS package. The ability to run code from a NodeJS package also opens the door to have [test coverage](https://en.wikipedia.org/wiki/Code_coverage) in uBO. For now the package can be downloaded and unzipped locally. Once installed, you can execute `node test` in the root of the package to verify that the static network filtering engine works properly. For usage, refer to the [`test.js`](https://github.com/gorhill/uBlock/blob/master/platform/nodejs/test.js), or [`ublock.js`](https://github.com/cliqz-oss/adblocker/blob/master/packages/adblocker-benchmarks/blockers/ublock.js) used in Cliqz's benchmark. Since I have little experience with dealing with NodeJS environment/packages, thanks to @mjethani [for assistance](https://github.com/uBlockOrigin/uBlock-issues/issues/1664). ## Closed as fixed: - [patch by @vtriolet] [TypeError in noscript-spoof scriptlet with invalid meta refresh URL](https://github.com/uBlockOrigin/uBlock-issues/issues/1676) - [TypeError when trying to use element picker on plaintext resource](https://github.com/uBlockOrigin/uBlock-issues/issues/1675) - [Split out core functionality into separate module](https://github.com/uBlockOrigin/uBlock-issues/issues/1664) - This is of course an ongoing work for the foreseeable future, but the concrete goal sought in the issue has been reached, i.e. the static network filtering engine can be used as a nodejs module with no external dependencies. - Since uBO's codebase now uses [JS modules](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules), the minimum version of some browsers has been increased to Chromium 61 and Opera 48. For Firefox 59 or less, you will have to toggle the `thedom.moduleScripts.enabled` preference to `true`. ## Notable commits without en entry in the issue tracker - [Export the rule-based filtering engines to the nodejs package](https://github.com/gorhill/uBlock/commit/89c5653bc60d0a457358d6e862c8574bfc819675) - [Rewrite logical expressions for ESLint](https://github.com/gorhill/uBlock/commit/6ef74fc21ba87717330de12cfade8d1e65c702d5) - [patch by @mjethani] [Add Makefile](https://github.com/gorhill/uBlock/pull/3789) - [patch by @mjethani] [Make uAssets a submodule](https://github.com/gorhill/uBlock/commit/63591ef2aa818bced3dc5d7bd0bbb1c397e44e2f) - [Ensure compiled sections are ordered in ascending id](https://github.com/gorhill/uBlock/commit/c25938f5bcb519ee945c9ccab7d17474474dc825) - [Fix handling of some procedural cosmetic filters with explicit `:scope`](https://github.com/gorhill/uBlock/commit/51d14de44a2b89274836e70daabf305f4f00ac47) 2021-08-03T18:06:55+00:00 traefik v2.5.0-rc5 traefik v2.5.0-rc5 2021-08-03T18:23:01+00:00 **Bug fixes:** - **[k8s]** Kubernetes: detect changes for resources other than endpoints ([#8313](https://github.com/traefik/traefik/pull/8313) by [rtribotte](https://github.com/rtribotte)) **Misc:** - Merge current v2.4 into v2.5 ([#8325](https://github.com/traefik/traefik/pull/8325) by [jbdoumenjou](https://github.com/jbdoumenjou)) - Merge current v2.4 into v2.5 ([#8314](https://github.com/traefik/traefik/pull/8314) by [rtribotte](https://github.com/rtribotte)) - Merge current v2.4 into v2.5 ([#8296](https://github.com/traefik/traefik/pull/8296) by [tomMoulard](https://github.com/tomMoulard)) 2021-08-03T18:23:01+00:00 asciidoctor v2.0.16 asciidoctor v2.0.16 2021-08-03T18:59:14+00:00 ## Summary This is a patch release with a big impact, bringing with it several notable changes. First, two regressions have been fixed when using negated wildcards in include tag filtering, and the meaning of negated wildcards in tag filtering has been clarified in general. Second, the source of the default stylesheet has been imported into this repository (now managed using a PostCSS build with autoprefixer and cssnano). Third, an internal change was made to how lines are iterated by the reader (switching from a stack to a queue), which will substantially improve the performance of Asciidoctor.js when processing large files. Finally, numerous improvements were made to the man page converter. This release also includes a handful of smaller bug fixes, including two scenarios where an undefined method error was creeping in. Several impactful updates were made to the documentation during this release cycle as well, most notably on the topic of generating man pages. An initial set of changes have been applied to the code base in preparation for enabling RuboCop to enforce a code style. The remainder of those changes, as well as the task itself, have already been applied to the default branch. Those updates will also be applied to the branch for this release line following this release. Speaking of release lines, the default branch is now open for 2.1.x development and beyond! Consult the CHANGELOG to find the full list of changes in this release. ## Distributions - [RubyGem (asciidoctor)](https://rubygems.org/gems/asciidoctor) Asciidoctor is also packaged for [Fedora](https://apps.fedoraproject.org/packages/rubygem-asciidoctor), [Debian](https://packages.debian.org/sid/asciidoctor), [Ubuntu](https://packages.ubuntu.com/search?keywords=asciidoctor), [Alpine Linux](https://pkgs.alpinelinux.org/packages?name=asciidoctor), [OpenSUSE](https://software.opensuse.org/package/rubygem-asciidoctor), and [Homebrew](http://brewformulas.org/Asciidoctor). You can use the system's package manager to install the package named **asciidoctor**. ## Release meta Released on: 2021-08-03 Released by: @mojavelinux Release beer: Bourbon Barrel Aged Barley Wine by Living the Dream Logs: [resolved issues](https://github.com/asciidoctor/asciidoctor/issues?q=label%3Av2.0.16+is%3Aclosed) | [full diff](https://github.com/asciidoctor/asciidoctor/compare/v2.0.15...v2.0.16) | [issues resolved in 2.0.x (cumulative)](https://github.com/asciidoctor/asciidoctor/milestone/33?closed=1) ## Changelog ### Bug Fixes * Include all lines outside of specified tagged region when tag filter on include directive is a single negated tag (#4048) * Only interpret negated wildcard in tag filter on include directive as implicit globstar if it precedes other tags (#4086) * Change ifeval directive to resolve to false if comparison operation cannot be performed (#4046) * Don't crash if `:to_file` option is passed to `load` or `load_file` and value is not a string (#4055) * Use automatic link text if ID in shorthand xref is followed by dangling comma (e.g., `<<idname,>>`) * Update default stylesheet to indent blocks attached to list item in checklist (#2550) * Update default stylesheet to reenable styling of implicit lead role on first paragraph of preamble inside AsciiDoc table cell * Update default stylesheet to fix conflict between text decoration and bottom border on abbr[title] element * Change invalid font family "sans" in default stylesheet to "sans-serif" * Fix missing automatic reftext for internal xrefs in manpage output (#4110) * Replace numeric character reference for plus in manpage output (#4059) * Replace numeric character reference for degree sign in manpage output (#4059) * Convert apostrophe to the portable `\*(Aq` variable instead of the groff-specific escape `\(aq` (#4060) (*@felipec*) * Document the `-e, --embedded` option flag in the man page, which replaces the outdated `-e, --eruby` option flag ### Improvements * Use queue to iterate over lines in reader instead of stack (#4106) * Uppercase automatic reftext for level-2 section titles in manpage output if reftext matches section title (#4110) * Show safe modes in strictness order in CLI help (#4065) * Remove redundant styles from the default stylesheet * Update font styles for summary element in default stylesheet to match font styles of paragraph (#4114) * Update default stylesheet to indent content of details element (#4116) * Update default stylesheet to use custom marker for summary element to make appearance consistent (#4116) * Add Vietnamese translation of built-in attributes (PR #4066) (*@nguyenhoa93*) * Add Thai translation of built-in attributes (PR #4113) (*@ammaneena*) ### Build / Infrastructure * Import source of default stylesheet into this repository; use PostCSS with cssnano to minify (#4062) * Use autoprefixer to manage browser prefixes in default stylesheet (#4118) ## Credits A very special thanks to all the **awesome** [supporters of the Asciidoctor OpenCollective campaign](https://opencollective.com/asciidoctor) who provided critical funding for the development of this release as well as ongoing development of the project. We'd also like to thank the maintainers of the Rouge project, who helped us work through the compatibility issue with Rouge and applied a fix to restore it ahead of our own release. 2021-08-03T18:59:14+00:00 openlibrary deploy-2021-08-03 openlibrary deploy-2021-08-03 2021-08-03T19:13:24+00:00 General: - @cdrini i18n subjects on homepage (#5382) - @RayBB add noindex header to anywhere but prod to avoid staging/testing showing in Google (#5406) - @RayBB link to https version of blog.openlibrary.org (#5408) - @tonytamsf make apparently mandatory email field in /contact form appear mandatory (#5384) - @RayBB remove extra parenthesis from edition excerpts (#5414) - @cdrini Solr 8! Up and running 🚀 (#4337) - @libjenner Assign link name prop to allow #anchor links (#5395) - @Atharva-Shinde Link to author identifier docs from reading stats page #5437 (#5445) - @ashdwilson Remove OCAID from UI for book add/edit if user is not admin/librarian (#5401) - @cdrini Fix QueryCarousels not infinite scrolling (#5400) - @jimchamp Prevent duplicate default carousel keys (#5447) - @jimchamp Fix orphans pages erroring for beta-users (#5405) - @jimchamp Create aggregate book notes and observations views (#5353) - @jimchamp Improve community book tags stats component (#5468) - @mekarpeles List + Solr work_key powered QueryCarousel (#5299) - @Yashs911 Fix big blue tap-highlight-color on chrome mobile (#5422) Dev: - @mekarpeles rm hash include to upstream; should be in code.py (#5453) - @mekarpeles refactor key defaults to use == not is (#5454) - @mekarpeles hotfix get_availability for key types != archive.org 'identifier' (#5452) - @BharatKalluri Add sql scripts for ratings and reading logs dumps (#5426) - @RayBB Update onboarding docs (#5455) - @mekarpeles+@cdrini Refactor/deploys keys and dockerhub uploads (#5466) - @jimchamp Refactor book notes modals (#5342) - @jimchamp Fix local Solr reindexer (#5446) - @jimchamp Create `i18n-messages add` for `.po` file generation (#5429) - @jimchamp Add Rosetta 2 information to Docker README (#5464) - @jimchamp Update modal copy (#5469) - @cdrini Update README build badges to use GitHub Actions (#5467) - @jimchamp Update copy for "My Books" notes and observations pages (#5470) - @jimchamp Fix "My Books" notes view grammatical error (#5471) - @RayBB add gitpod config (#5465) - @jimman2003 Remove lessc ie8 option (#5420) - @Yashs911 Add prefer-const eslint rule (#5352) Deps: - @dependabot[bot] Bump svgo from 2.3.0 to 2.3.1 (#5376) - @dependabot[bot] Bump core-js from 3.11.1 to 3.16.0 (#5487) - @dependabot[bot] Bump @babel/preset-env from 7.14.4 to 7.14.9 (#5484) - @dependabot[bot] Bump @babel/core from 7.14.3 to 7.14.8 (#5486) - @dependabot[bot] Bump sinon from 11.1.1 to 11.1.2 (#5491) - @jimman2003 Update webpack to (fix)? tests (#5427) - @dependabot[bot] Bump eslint-plugin-vue from 7.12.1 to 7.15.0 (#5490) - @dependabot[bot] Bump css-loader from 5.2.6 to 5.2.7 (#5485) - @dependabot[bot] Bump vue and vue-template-compiler (#5373) - @dependabot[bot] Bump datatables.net-dt from 1.10.24 to 1.10.25 (#5377) Stats: - PR Authors: @jimchamp (11), @RayBB (5), @mekarpeles (5), @cdrini (4), @Yashs911 (2), @jimman2003 (2), @Atharva-Shinde (1), @BharatKalluri (1), @ashdwilson (1), @libjenner (1), @tonytamsf (1) - PR Assignees: @mekarpeles (14), @jdlrobson (11), @cdrini (9), @jimchamp (8) Full diff: https://github.com/internetarchive/openlibrary/compare/deploy-2021-07-07...deploy-2021-08-03 PRs: [is:pr is:merged merged:2021-07-07T21:30:19Z..2021-08-03T18:21:10Z sort:updated-asc](https://github.com/internetarchive/openlibrary/pulls?q=is%3Apr%20is%3Amerged%20merged%3A2021-07-07T21%3A30%3A19Z..2021-08-03T18%3A21%3A10Z%20sort%3Aupdated-asc) 2021-08-03T19:13:24+00:00 dap v1.2.9 dap v1.2.9 2021-08-04T11:38:36+00:00 Changes: - Require Recog 2.3.21 - Bump deps to address security issues (#86) 2021-08-04T11:38:36+00:00 mattermost-server v5.31.9 mattermost-server v5.31.9 2021-08-04T12:32:29+00:00 Mattermost Platform Release v5.31.9 2021-08-04T12:32:29+00:00 Gaffer gaffer2-1.18.0 Gaffer gaffer2-1.18.0 2021-08-04T12:35:23+00:00 ## :sparkles: New Features - Spring-rest execute/chunked endpoint [#2431](https://github.com/gchq/Gaffer/issues/2431) - Please get Federation to allow for subtly different schemas [#2429](https://github.com/gchq/Gaffer/issues/2429) ## :beetle: Bugs Fixed - Hotfix release merging issue [#2471](https://github.com/gchq/Gaffer/issues/2471) - Add additional tests around merging schemas with intersections [#2462](https://github.com/gchq/Gaffer/issues/2462) - FederatedStore shallow cloning the operation between graphs causes issues with the options map [#2445](https://github.com/gchq/Gaffer/issues/2445) ## :robot: Automation - Timeout for sonatype release too short [#2473](https://github.com/gchq/Gaffer/issues/2473) - Change release action to allow for hotfixes [#2468](https://github.com/gchq/Gaffer/issues/2468) 2021-08-04T12:35:23+00:00 mattermost-server v5.35.5 mattermost-server v5.35.5 2021-08-04T12:42:33+00:00 Mattermost Platform Release v5.35.5 2021-08-04T12:42:33+00:00 mattermost-server v5.36.2 mattermost-server v5.36.2 2021-08-04T12:48:59+00:00 Mattermost Platform Release v5.36.2 2021-08-04T12:48:59+00:00 mattermost-server v5.37.1 mattermost-server v5.37.1 2021-08-04T12:57:34+00:00 Mattermost Platform Release v5.37.1 2021-08-04T12:57:34+00:00