Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update cfengine3 to 3.7.2 #307

Closed
wants to merge 1 commit into from
Closed

Update cfengine3 to 3.7.2 #307

wants to merge 1 commit into from

Conversation

bahamat
Copy link
Member

@bahamat bahamat commented Dec 2, 2015

This is the latest stable. I'm hoping to get this in for the upcoming 2015Q4 LTS.

@bahamat
Copy link
Member Author

bahamat commented Dec 7, 2015

Cfengine 3.7 itself is an LTS line.

@mamash mamash self-assigned this Dec 7, 2015
@mamash
Copy link

mamash commented Dec 7, 2015

I'm working on this now.

@bahamat
Copy link
Member Author

bahamat commented Dec 7, 2015

Awesome, thanks!

@mamash
Copy link

mamash commented Dec 8, 2015

Fixing several issues with the update, but one question: where do the SMF manifests come from?

@bahamat
Copy link
Member Author

bahamat commented Dec 8, 2015

I created them using manifold, then modified by hand into their current form.

They've been added to the CfEngine source repository (https://github.com/cfengine/core/tree/master/contrib/solaris-smf), but for some reason are not included in the source code packages.

jsonn referenced this pull request in jsonn/pkgsrc Dec 9, 2015
Patch based largely on a pull request by bahamat@:

  TritonDataCenter/pkgsrc#307

3.7.2:

Bug fixes:
- readfile() and read*list() should print an error if they fail to read file.
  (Redmine #7702)
- Fix 'AIX_PREINSTALL_ALREADY_DONE.txt: cannot create' error
  message on AIX.
- If there is an error saving a mustache template file
  it is now logged with log-level error (was inform).
- Change: Clarify bootstrap/failsafe reports
- Fixed several bugs which prevented CFEngine from loading
  libraries from the correct location. This affected several platforms.
  (Redmine #6708)
- If file_select.file_types is set to symlink and there
  are regular files in the scanned directory, CFEngine no longer
  produces an unneccessary error message. (Redmine #6996)
- Fix: Solaris packages no longer contain duplicate library
  files, but instead symlinks to them. (Redmine #7591)
- cf-agent, cf-execd, cf-promises, cf-runagent and cf-serverd honor
  multiple -D, -N and -s arguments (Redmine #7191)
- Fix "@endif" keyword sometimes being improperly processed
  by policy parser. (Redmine #7413)
- It is possible to edit the same value in multiple regions
  of one file. (Redmine #7460)
- Fix select_class not setting class when used in common bundle with slist.
  (Redmine #7482)
- Fix broken HA policy for 3rd disaster-recovery node.
- Directories should no more be changed randomly
  into files. (Redmine #6027)
- Include latest security updates for 3.7.
- Reduce malloc() thread contention on heavily loaded
  cf-serverd, by not exiting early in the logging function, if no message
  is to be printed. (Redmine #7624)
- Improve cf-serverd's lock contention because of getpwnam()
  call. (Redmine #7643)
- action_policy "warn" now correctly produces warnings instead
  of various other verbosity levels. (Redmine #7274)
- Change: Improve efficiency and debug reports (Redmine #7527)
- Change package modules permissions on hub package so that
  hub can execute package promises. (Redmine #7602)
- No longer hang when changing permissions/ownership on fifos
  (Redmine #7030)
- Fix exporting CSV reports through HTTPS. (Redmine #7267)
- failsafe.cf will be created when needed. (Redmine #7634)
- Mustache templates: Fix  key when value is not a
  primitive. The old behavior, when iterating across a map or array of
  maps, was to abort if the key was requested with . The new
  behavior is to always replace  with either the key name or the
  iteration position in the array. An error is printed if  is used
  outside of a Mustache iteration section.
- Legacy package promise: Result classes are now defined if
  the package being promised is already up to date. (Redmine #7399)
- TTY detection should be more reliable. (Redmine #7606)

Masterfiles:
- Add: Path to svcprop in stdlib
- Add: New `results` classes body [] (Redmine #7418, #7481)
- Remove: Support for email settings from augments_file (Redmine #7682)

3.7.1:

Bug fixes:
- Fix daemons not restarting correctly on upgrade on AIX. (Redmine #7550)
- Fix upgrade causing error message under systemd because of open ports.
- Fix build with musl libc. (Redmine #7455)
- Long promiser strings with multiple lines are now
  abbreviated in logs. (Redmine #3964)
- Fixed a bug which could cause daemons to not to be killed
  correctly when upgrading or manually running "service cfengine3 stop".
  (Redmine #7193)
- Package promise: Fix inability to install certain packages
  with numbers.
- Fix package promise not removing dependant packages. (Redmine #7424)
- Fix warning "Failed to parse csv file entry" with certain very long
  commands promises. (Redmine #7400)
- Fix misaligned help output in cf-hub. (Redmine #7273)
- Augmenting inputs from the augments_file (Redmine #7420)
- Add support for failover to 3rd HA node located outside cluster.
- Upgrade all dependencies for patch release.
- Fix a bug which caused daemons not to be restarted on
  upgrade. (Redmine #7528)

3.7.0:

New features:
- New package promise implementation.
- Full systemd support for all relevant platforms
- New classes to determine whether certain features are enabled:
    * feature_yaml
    * feature_xml
  For the official CFEngine packages, these are always enabled, but
  packages from other sources may be built without the support.
- New readdata() support for generic data input (CSV, YAML, JSON, or auto)
- YAML support: new readyaml() function and in readdata()
- CSV support: new readcsv() function and in readdata()
- New string_mustache() function
- New data_regextract() function
- eval() can now be called with "class" as the "mode" argument, which
  will cause it to return true ("any") if the calculated result is
  non-zero, and false ("!any") if it is zero.
- New list_ifelse() function
- New mapjson() function as well as JSON support in maparray().
- filestat() function now supports "xattr" argument for extended
  attributes.
- "ifvarclass" now has "if" as an alias, and "unless" as an inverse
  alias.
- Ability to expand JSON variables directory in Mustache templates:
  Prefix the name with '%' for multiline expansion, '$' for compact
  expansion.
- Ability to expand the iteration *key* in Mustache templates with @
- Canonical JSON output: JSON output has reliably sorted keys so the
  same data structure will produce the same JSON every time.
- New "@if minimum_version(x.x)" syntax in order to hide future language
  improvements from versions that don't understand them.
- compile time option (--with-statedir) to
  override the default state/ directory path.
- Fix error messages/ handling in process signalling which no longer
  allowed any signals to fail silently
- Also enable shortcut keyword for cf-serverd classic protocol, eg to
  simplify the bootstrap process for clients that have different
  sys.masterdir settings (Redmine #3697)
- methods promises now accepts the bundle name in the promiser string,
  as long as it doesn't have any parameters.
- In a services promise, if the service_method bundle is not specified,
  it defaults to the promiser string (canonified) with "service_" as a
  prefix. The bundle must be in the same namespace as the promise.
- inline JSON in policy files: surrounding with parsejson() is now
  optional *when creating a new data container*.
- New data_expand() function to interpolate variables in a data container.
- Add configurable network bandwidth limit for all outgoing
  connections ("bwlimit" attribute in "body common control") . To
  enforce it in both directions, make sure the attribute is set on both
  sides of the connection.
- Secure bootstrap has been facilitated by use of
  "cf-agent --boostrap HUB_ADDRESS --trust-server=no"
- Implement new TLS-relevant options (Redmine #6883):
  - body common control: tls_min_version
  - body server control: allowtlsversion
  - body common control: tls_ciphers
  - body server control: allowciphers (preexisting)

Changes:
- Improved output format, less verbose, and messages are grouped.
- cf-execd: agent_expireafter default was changed to 120 minutes
  (Redmine #7113)
- All embedded databases are now rooted in the state/ directory.
- TLS used as default for all outgoing connections.
- process promise now reports kept status instead of repaired if a
  signal is not sent, even if the restart_class is set. The old
  behavior was to set the repaired status whenever the process was not
  running. (Redmine#7216).
- Bootstrapping requires keys to be generated in advance using cf-key.
- Disable class set on reverse lookup of interfaces IP addresses.
  (Redmine #3993, Redmine #6870)
- Define a hard class with just the OS major version on FreeBSD.
- Abort cf-agent if OpenSSL's random number generator can't
  be seeded securely.
- Masterfiles source tarball now installs using the usual commands
  "./configure; make install".
- Updated Emacs syntax highlighting template to support the latest
  syntax enhancements in 3.7.

Deprecations:
- Arbitrary arguments to cfruncommand (using "cf-runagent -o") are
  not acceptable any more. (Redmine #6978)
- 3.4 is no longer supported in masterfiles.

Bug fixes:
- Fix server common bundles evaluation order (Redmine#7211).
- Limit LMDB disk usage by preserving sparse areas in LMDB files
  (Redmine#7242).
- Fixed LMDB corruption on HP-UX 11.23. (Redmine #6994)
- Fixed insert_lines failing to converge if preserve_block was used.
  (Redmine #7094)
- Fixed init script failing to stop/restart daemons on openvz/lxc
  hosts. (Redmine #3394)
- rm_rf_depth now deletes base directory as advertised. (Redmine #7009)
- Refactored cf-agent's connection cache to properly differentiate
  hosts using all needed attributes like host and port.
  (Redmine #4646)
- Refactored lastseen database handling to avoid inconsistencies.
  (Redmine #6660)
- cf-key --trust-key now supports new syntax to also update the
  lastseen database, so that clients using old protocol will trust
  the server correctly.
- Fixed a bug which sometimes caused an agent or daemon to kill or stop
  itself. (Redmine #7075, #7244)
- Fixed a bug which made it difficult to kill CFEngine daemons,
  particularly cf-execd. (Redmine #6659, #7193)
- Fixed a bug causing systemd not to be detected correctly on Debian.
  (Redmine #7297)
- "cf-promises -T" will now correctly report the checked out commit,
  even if you haven't checked out a Git branch. (Redmine #7332)
- Reduce verbosity of harmless errors related to socket timeouts and
  missing thermal zone files. (Redmine #6486 and #7238)
- Fix process_result logic to match the purpose of body process_select
  days_older_than (Redmine #3009)

Masterfiles:

Added:
- Support for user specified overring of framework defaults without
  modifying policy supplied by the framework itself (see
  example_def.json)
- Support for def.json class augmentation in update policy
- Run vacuum operation on postgresql every night as a part of
  maintenance.
- Add measure_promise_time action body to lib (3.5, 3.6, 3.7, 3.8)
- New negative class guard `cfengine_internal_disable_agent_email` so
  that agent email can be easily disabled by augmenting def.json

Changed:
- Relocate def.cf to controls/VER/
- Relocate update_def to controls/VER
- Relocate all controls to controls/VER
- Only load cf_hub and reports.cf on CFEngine Enterprise installs
- Relocate acls related to report collection from bundle server
  access_rules to controls/VER/reports.cf into bundle server
  report_access_rules
- Re-organize cfe_internal splitting core from enterprise specific
  policies and loading the appropriate inputs only when necessary
- Moved update directory into cfe_internal as it is not generally
  intended to be modified
- services/autorun.cf moved to lib/VER/ as it is not generally intended
  to be modified
- To improve predictibility autorun bundles are activated in
  lexicographical order
- Relocate services/file_change.cf to cfe_internal/enterprise. This
  policy is most useful for a good OOTB experience with CFEngine
  Enterprise Mission Portal.
- Relocate service_catalogue from promsies.cf to services/main.cf. It is
  intended to be a user entry. This name change correlates with the main
  bundle being activated by default if there is no bundlesequence
  specified.
- Reduce benchmarks sample history to 1 day.
- Update policy no longer generates a keypair if one is not found.
  (Redmine: #7167)
- Relocate cfe_internal_postgresql_maintenance bundle to lib/VER/
- Set postgresql_monitoring_maintenance only for versions 3.6.0 and
  3.6.1
- Move hub specific bundles from lib/VER/cfe_internal.cf into
  lib/VER/cfe_internal_hub.cf and load them only if policy_server policy
  if set.
- Re-organize lib/VER/stdlib.cf from lists into classic array for use
  with getvalues

Removed:
- Diff reporting on /etc/shadow (Enterprise)
- Update policy from promise.cf inputs. There is no reason to include
  the update policy into promsies.cf, update.cf is the entry for the
  update policy
- _not_repaired outcome from classes_generic and scoped_classes generic
  (Redmine: # 7022)

Fixes:
- standard_services now restarts the service if it was not already
  running when using service_policy => restart with chkconfig (Redmine
  #7258)
@jperkin jperkin closed this in c3bd407 Dec 30, 2015
jperkin pushed a commit that referenced this pull request Mar 18, 2016
kramdown 1.10.0 released

This release brings the usual bug fixes but also support for the strikethrough
syntax in the GFM parser as well as some enhancements regarding the
specification of language names for syntax highlighting purposes.

Changes

* 4 minor changes:

  o Support for the math-engine MathJax-Node was updated to use the new
    mathjax-node package (fixes #313, pull request by Tom Thorogood)

  o URL query parameters can now be appended to language names specified in
    fenced code blocks if the syntax highlighting engine accepts them (fixes
    #234)

  o Added strikethrough syntax to the GFM parser (fixes #184 and #307; initial
    pull request by Diego Galeota, updated by Parker Moore)

  o Allow almost all characters in class names that are defined via a special
    syntax (fixes #318, requested by cabo)

* 4 bug fixes:

  o Fixed a problem where Kramdown::Document.new would only accept the symbol
    :input but not the string ¡Æinput¡Ç as valid key (fixes #312, pull request
    by Sun Yaozhu)

  o Fixed inconsistent behavior: Empty link text is now also allowed for
    normal links, not just images (fixes #305, reported by cabo)

  o The HTML5 <mark> element is now recognized as span level element (fixes
    #298, reported by Niclas Darville)

  o Fixed problem where e-mail autolinks containing an underscore character
    were not correctly recognized (fixes #293, reported by erikse)

* 3 other fixes:

  o Fixed missing package update statement for Travis (by Parker Moore)

  o Add some more documentation regarding MathJax (fixes #296, pull request by
    Christopher Jefferson)

  o Fixed bad link in API documentation (fixes #315, reported by Tom MacWright)
jperkin pushed a commit that referenced this pull request Oct 18, 2016
## [1.11.3][] (2016-09-16)

  * Fix known_hosts caching to match on the entire hostlist
    [PR #364](capistrano/sshkit#364) @byroot

## [1.11.2][] (2016-07-29)

### Bug fixes

  * Fixed a crash occurring when `Host@keys` was set to a non-Enumerable.
    @xavierholt [PR #360](capistrano/sshkit#360)

## [1.11.1][] (2016-06-17)

### Bug fixes

  * Fixed a regression in 1.11.0 that would cause
    `ArgumentError: invalid option(s): known_hosts` in some older versions of
    net-ssh. @byroot [#357](capistrano/sshkit#357)

## [1.11.0][] (2016-06-14)

### Bug fixes

  * Fixed colorized output alignment in Logger::Pretty. @xavierholt
    [PR #349](capistrano/sshkit#349)
  * Fixed a bug that prevented nested `with` calls
    [#43](capistrano/sshkit#43)

### Other changes

  * Known hosts lookup optimization is now enabled by default. @byroot

## 1.10.0 (2016-04-22)

  * You can now opt-in to caching of SSH's known_hosts file for a speed boost
    when deploying to a large fleet of servers. Refer to the
    [README](https://github.com/capistrano/sshkit/tree/v1.10.0#known-hosts-caching) for
    details. We plan to turn this on by default in a future version of SSHKit.
    [PR #330](capistrano/sshkit#330) @byroot
  * SSHKit now explicitly closes its pooled SSH connections when Ruby exits;
    this fixes `zlib(finalizer): the stream was freed prematurely` warnings
    [PR #343](capistrano/sshkit#343) @mattbrictson
  * Allow command map entries (`SSHKit::CommandMap#[]`) to be Procs
    [PR #310](capistrano/sshkit#310)
    @mikz

## 1.9.0

**Refer to the 1.9.0.rc1 release notes for a full list of new features, fixes,
and potentially breaking changes since SSHKit 1.8.1.** There are no changes
since 1.9.0.rc1.

## 1.9.0.rc1

### Potentially breaking changes

  * The SSHKit DSL is no longer automatically included when you `require` it.
    **This means you  must now explicitly `include SSHKit::DSL`.**
    See [PR #219](capistrano/sshkit#219) for details.
    @beatrichartz
  * `SSHKit::Backend::Printer#test` now always returns true
    [PR #312](capistrano/sshkit#312) @mikz

### New features

  * `SSHKit::Formatter::Abstract` now accepts an optional Hash of options
    [PR #308](capistrano/sshkit#308) @mattbrictson
  * Add `SSHKit::Backend.current` so that Capistrano plugin authors can refactor
    helper methods and still have easy access to the currently-executing Backend
    without having to use global variables.
  * Add `SSHKit.config.default_runner` options that allows to override default command runner.
    This option also accepts a name of the custom runner class.
  * The ConnectionPool has been rewritten in this release to be more efficient
    and have a cleaner internal API. You can still completely disable the pool
    by setting `SSHKit::Backend::Netssh.pool.idle_timeout = 0`.
    @mattbrictson @byroot [PR #328](capistrano/sshkit#328)

### Bug fixes

  * make sure working directory for commands is properly cleared after `within` blocks
    [PR #307](capistrano/sshkit#307)
    @steved
  * display more accurate string for commands with spaces being output in `Formatter::Pretty`
    [PR #304](capistrano/sshkit#304)
    @steved
    [PR #319](capistrano/sshkit#319) @mattbrictson
  * Fix a race condition experienced in JRuby that could cause multi-server
    deploys to fail. [PR #322](capistrano/sshkit#322)
    @mattbrictson
jperkin pushed a commit that referenced this pull request Oct 22, 2016
Changes in 2.8.2

Aug 15, 2016 - version 2.8.2

  * Bug

    o 2.8.1 introduced JRuby + SSL connection problem; in some cases it cannot
      connect to trusted TLS server. 2.8.1 failed to load multiple CA
      certificates in a file. #327.

Aug 16, 2016 - version 2.8.2.1

  * Bug

    o 2.8.1 introduced another bug that causes NPE from JRuby when JRuby
      program loads httpclient and uses OpenSSL::X509::Store outside of
      httpclient. 2.8.3 fixed this problem. #325

Aug 28, 2016 - version 2.8.2.3

  * Bug

    o 2.8.2 fixed VERIFY_NONE at JRuby but the fix was not enough.

Sep 11, 2016 - version 2.8.2.4

  * Bug

    o 2.8.2 caused unexpected resulting value change of
      OpenSSL::X509::Store#add_cert method. Fixed.

Changes in 2.8.1

Aug 8, 2016 - version 2.8.1

* Changes

    o Use TLSv1.2 always on JRuby #320
    o Do not reset keep-alive connection by configuration change #315
    o Add strict_response_size_check option #316 false by default, meaning it
      behavies like browsers by default.
    o Add MIME type for XML #308

* Bug

    o Direct access to SSLConfig#cert_store in JRuby was broken from 2.7
      #276 #317
    o OpenSSL::SSL::VERIFY_NONE does not work in JRuby #319
    o Allow receiving response body in block when follow_redirects => true. #304
    o Fix blocking issue with request_async when Encoding.default_internal is
      set. #307
    o Apply timeouts for chunked transfer encoding #309

Changes in 2.8.0

Apr 24, 2016 - version 2.8.0

* Changes

    o Force using RSA 2048bit CA cert set

      Use RSA 2048bit CA cert set every time if it runs with OpenSSL (==
      except JRuby.)

      Old openssl (<1.0.1p or <1.0.2d) cannot handle this CA set and causes
      SSL connection failure against some SSL servers including AWS S3
      API. For such case you can manually specify RSA 1024bit CA cert set as a
      workaround.

	c = HTTPClient.new { |c| c.ssl_config.add_trust_ca("cacert1024.pem") }
	c.get("https://www.ruby-lang.org/")

      RSA 1024bit CA cert set is not maintained over years so you should
      consider updating OpenSSL version so that HTTPClient uses RSA 2048 bit
      CA cert set.

Changes in 2.7.2

Apr 22, 2016 - version 2.7.2

* Changes

    o Use RSA 1024bit CA cert when linked to old openssl

      Based on comments to #297 this commit silently (without warning) accepts
      RSA 1024bit certificate set when runtime ruby is liked with old OpenSSL
      (<1.0.1p or <1.0.2d.)

      If you're unsure that your OpenSSL is patched or not, and want to make
      sure to use RSA 2048bit certificate set, please call
      HTTPClient::SSLConfig#add_trust_ca("cacert.pem").

	c = HTTPClient.new { |c| c.ssl_config.add_trust_ca("cacert.pem") }
	c.get("https://www.ruby-lang.org/")

      I'm going to remove RSA 1024bit certificate set and bump httpclient
      version to 2.8.0 soon after I release this as 2.7.2. I believe almost
      all OpenSSL installation is patched quickly these days so it should not
      cause SSL connectivity problem.
jperkin pushed a commit that referenced this pull request Oct 22, 2016
== 1.7.0 Dunder Mifflin
 * Rack 2 support
 * Ensure Response body.close is called in the same thread
   Fixes issues with ActiveRecord connection management [#307]
 * Fix TCP/IP Backend reports incorrect port when asked to bind to 0 [meschbach]
 * Work with ruby 2.3's --enable-frozen-string-literal [jeremyevans]
jperkin pushed a commit that referenced this pull request Jan 16, 2017
Version 0.34
------------

Released on 2016-12-21.

Bug fixes:

* `#398 <https://github.com/Kozea/WeasyPrint/issues/398>`_:
  Honor the presentational_hints option for PDFs.
* `#399 <https://github.com/Kozea/WeasyPrint/pull/399>`_:
  Avoid CairoSVG-2.0.0rc* on Python 2.
* `#396 <https://github.com/Kozea/WeasyPrint/issues/396>`_:
  Correctly close files open by mkstemp.
* `#403 <https://github.com/Kozea/WeasyPrint/issues/403>`_:
  Cast the number of columns into int.
* Fix multi-page multi-columns and add related tests.


Version 0.33
------------

Released on 2016-11-28.

New features:

* `#393 <https://github.com/Kozea/WeasyPrint/issues/393>`_:
  Add tests on MacOS.
* `#370 <https://github.com/Kozea/WeasyPrint/issues/370>`_:
  Enable @font-face on MacOS.

Bug fixes:

* `#389 <https://github.com/Kozea/WeasyPrint/issues/389>`_:
  Always update resume_at when splitting lines.
* `#394 <https://github.com/Kozea/WeasyPrint/issues/394>`_:
  Don't build universal wheels.
* `#388 <https://github.com/Kozea/WeasyPrint/issues/388>`_:
  Fix logic when finishing block formatting context.


Version 0.32
------------

Released on 2016-11-17.

New features:

* `#28 <https://github.com/Kozea/WeasyPrint/issues/28>`_:
  Support @font-face on Linux.
* Support CSS fonts level 3 almost entirely, including OpenType features.
* `#253 <https://github.com/Kozea/WeasyPrint/issues/253>`_:
  Support presentational hints (optional).
* Support break-after, break-before and break-inside for pages and columns.
* `#384 <https://github.com/Kozea/WeasyPrint/issues/384>`_:
  Major performance boost.

Bux fixes:

* `#368 <https://github.com/Kozea/WeasyPrint/issues/368>`_:
  Respect white-space for shrink-to-fit.
* `#382 <https://github.com/Kozea/WeasyPrint/issues/382>`_:
  Fix the preferred width for column groups.
* Handle relative boxes in column-layout boxes.

Documentation:

* Add more and more documentation about Windows installation.
* `#355 <https://github.com/Kozea/WeasyPrint/issues/355>`_:
  Add fonts requirements for tests.


Version 0.31
------------

Released on 2016-08-28.

New features:

* `#124 <https://github.com/Kozea/WeasyPrint/issues/124>`_:
  Add MIME sniffing for images.
* `#60 <https://github.com/Kozea/WeasyPrint/issues/60>`_:
  CSS Multi-column Layout.
* `#197 <https://github.com/Kozea/WeasyPrint/pull/197>`_:
  Add hyphens at line breaks activated by a soft hyphen.

Bux fixes:

* `#132 <https://github.com/Kozea/WeasyPrint/pull/132>`_:
  Fix Python 3 compatibility on Windows.

Documentation:

* `#329 <https://github.com/Kozea/WeasyPrint/issues/329>`_:
  Add documentation about installation on Windows.


Version 0.30
------------

Released on 2016-07-18.

WeasyPrint now depends on html5lib-0.999999999.

Bux fixes:

* Fix Acid2
* `#325 <https://github.com/Kozea/WeasyPrint/issues/325>`_:
  Cutting lines is broken in page margin boxes.
* `#334 <https://github.com/Kozea/WeasyPrint/issues/334>`_:
  Newest html5lib 0.999999999 breaks rendering.


Version 0.29
------------

Released on 2016-06-17.

Bug fixes:

* `#263 <https://github.com/Kozea/WeasyPrint/pull/263>`_:
  Don't crash with floats with percents in positions.
* `#323 <https://github.com/Kozea/WeasyPrint/pull/323>`_:
  Fix CairoSVG 2.0 pre-release dependency in Python 2.x.


Version 0.28
------------

Released on 2016-05-16.

Bug fixes:

* `#189 <https://github.com/Kozea/WeasyPrint/issues/189>`_:
  ``white-space: nowrap`` still wraps on hyphens
* `#305 <https://github.com/Kozea/WeasyPrint/issues/305>`_:
  Fix crashes on some tables
* Don't crash when transform matrix isn't invertible
* Don't crash when rendering ratio-only SVG images
* Fix margins and borders on some tables


Version 0.27
------------

Released on 2016-04-08.

New features:

* `#295 <https://github.com/Kozea/WeasyPrint/pull/295>`_:
  Support the 'rem' unit.
* `#299 <https://github.com/Kozea/WeasyPrint/pull/299>`_:
  Enhance the support of SVG images.

Bug fixes:

* `#307 <https://github.com/Kozea/WeasyPrint/issues/307>`_:
  Fix the layout of cells larger than their tables.

Documentation:

* The website is now on GitHub Pages, the documentation is on Read the Docs.
* `#297 <https://github.com/Kozea/WeasyPrint/issues/297>`_:
  Rewrite the CSS chapter of the documentation.
jperkin pushed a commit that referenced this pull request Feb 6, 2017
Upstream Changelog:
Security

    gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317)
    double-free in gdImageWebPtr() (CVE-2016-6912)
    potential unsigned underflow in gd_interpolation.c
    DOS vulnerability in gdImageCreateFromGd2Ctx()

Fixed

    Fix #354: Signed Integer Overflow gd_io.c
    Fix #340: System frozen
    Fix OOB reads of the TGA decompression buffer
    Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
    Fix potential unsigned underflow
    Fix double-free in gdImageWebPtr()
    Fix invalid read in gdImageCreateFromTiffPtr()
    Fix OOB reads of the TGA decompression buffer
    Fix #68: gif: buffer underflow reported by AddressSanitizer
    Avoid potentially dangerous signed to unsigned conversion
    Fix #304: test suite failure in gif/bug00006 [2.2.3]
    Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause black border
    Fix #330: Integer overflow in gdImageScaleBilinearPalette()
    Fix 321: Null pointer dereferences in gdImageRotateInterpolated
    Fix whitespace and add missing comment block
    Fix #319: gdImageRotateInterpolated can have wrong background color
    Fix color quantization documentation
    Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
    Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor flag
    Fix #300: gdImageClone() assigns res_y = res_x
    Fix #299: Regression regarding gdImageRectangle() with gdImageSetThickness()
    Replace GNU old-style field designators with C89 compatible initializers
    Fix #297: gdImageCrop() converts palette image to truecolor image
    Fix #290: TGA RLE decoding is broken
    Fix unnecessary non NULL checks
    Fix #289: Passing unrecognized formats to gdImageGd2 results in corrupted files
    Fix #280: gdImageWebpEx() quantization parameter is a misnomer
    Publish all gdImageCreateFromWebp*() functions and gdImageWebpCtx()
    Fix issue #276: Sometimes pixels are missing when storing images as BMPs
    Fix issue #275: gdImageBmpCtx() may segfault for non-seekable contexts
    Fix copy&paste error in gdImageScaleBicubicFixed()

Added

    More documentation
    Documentation on GD and GD2 formats
    More tests
jperkin pushed a commit that referenced this pull request Mar 3, 2017
Patch from spz@. Thank you.

Changelog:
- 1/26/2017: version 0.6.0
  * lossless performance and compression improvements
  * miscellaneous performance improvements (SSE2, NEON, MSA)
  * webpmux gained a -duration option allowing for frame timing modification
  * new img2webp utility allowing a sequence of images to be converted to
    animated webp
  * API changes:
    - libwebp:
      WebPPictureSharpARGBToYUVA
      WebPPlaneDistortion
    - libwebpmux / gif2webp:
      WebPAnimEncoderOptions: kmax <= 0 now disables keyframes, kmax == 1
                              forces all keyframes. See mux.h and the gif2webp
                              manpage for details.

- 12/13/2016: version 0.5.2
  This is a binary compatible release.
  This release covers CVE-2016-8888 and CVE-2016-9085.
  * further security related hardening in the tools; fixes to
    gif2webp/AnimEncoder (issues #310, #314, #316, #322), cwebp/libwebp (issue
    #312)
  * full libwebp (encoder & decoder) iOS framework; libwebpdecoder
    WebP.framework renamed to WebPDecoder.framework (issue #307)
  * CMake support for Android Studio (2.2)
  * miscellaneous build related fixes (issue #306, #313)
  * miscellaneous documentation improvements (issue #225)
  * minor lossy encoder fixes and improvements
jperkin pushed a commit that referenced this pull request Mar 8, 2017
graphics/gd: security fix

Revisions pulled up:
- graphics/gd/Makefile                                          1.113
- graphics/gd/distinfo                                          1.43
- graphics/gd/patches/patch-src_gd__webp.c                      deleted

---
   Module Name:    pkgsrc
   Committed By:   spz
   Date:           Sat Feb  4 23:05:52 UTC 2017

   Modified Files:
           pkgsrc/graphics/gd: Makefile distinfo
   Removed Files:
           pkgsrc/graphics/gd/patches: patch-src_gd__webp.c

   Log Message:
   update of gd to 2.2.4.

   Upstream Changelog:
   Security

       gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317)
       double-free in gdImageWebPtr() (CVE-2016-6912)
       potential unsigned underflow in gd_interpolation.c
       DOS vulnerability in gdImageCreateFromGd2Ctx()

   Fixed

       Fix #354: Signed Integer Overflow gd_io.c
       Fix #340: System frozen
       Fix OOB reads of the TGA decompression buffer
       Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
       Fix potential unsigned underflow
       Fix double-free in gdImageWebPtr()
       Fix invalid read in gdImageCreateFromTiffPtr()
       Fix OOB reads of the TGA decompression buffer
       Fix #68: gif: buffer underflow reported by AddressSanitizer
       Avoid potentially dangerous signed to unsigned conversion
       Fix #304: test suite failure in gif/bug00006 [2.2.3]
       Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause black border
       Fix #330: Integer overflow in gdImageScaleBilinearPalette()
       Fix 321: Null pointer dereferences in gdImageRotateInterpolated
       Fix whitespace and add missing comment block
       Fix #319: gdImageRotateInterpolated can have wrong background color
       Fix color quantization documentation
       Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries
       Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor flag
       Fix #300: gdImageClone() assigns res_y = res_x
       Fix #299: Regression regarding gdImageRectangle() with gdImageSetThickness()
       Replace GNU old-style field designators with C89 compatible initializers
       Fix #297: gdImageCrop() converts palette image to truecolor image
       Fix #290: TGA RLE decoding is broken
       Fix unnecessary non NULL checks
       Fix #289: Passing unrecognized formats to gdImageGd2 results in corrupted files
       Fix #280: gdImageWebpEx() quantization parameter is a misnomer
       Publish all gdImageCreateFromWebp*() functions and gdImageWebpCtx()
       Fix issue #276: Sometimes pixels are missing when storing images as BMPs
       Fix issue #275: gdImageBmpCtx() may segfault for non-seekable contexts
       Fix copy&paste error in gdImageScaleBicubicFixed()

   Added

       More documentation
       Documentation on GD and GD2 formats
       More tests
jperkin pushed a commit that referenced this pull request Mar 20, 2017
## 2.0.7 (2017-03-19)

* Do not modify BasicObject during template compilation on ruby 2.0+ (#309, jeremyevans)

## 2.0.6 (2017-01-26)

* Add support for LiveScript (#286, @Announcement Jacob Francis Powers)
* Add support for Sigil (#302, winebarrel)
* Add support for Erubi (#308, jeremyevans)
* Add support for options in Liquid (#298, #299, laCour)
* Always sort locals by strings (#307, jeremyevans)

* Fix test warnings (#305, amatsuda)
* Fix indentation (#293, yui-knk)
* Use SVG badges in README (#294, vasinov)
* Fix typo and trailing space (#295, #296, karloescota)

## 2.0.5 (2016-06-02)

* Add support for reST using Pandoc (#284, mfenner)
* Make lazy loading thread-safe; remove warning (judofyr)

## 2.0.4 (2016-05-16)

* Fix regression in BuilderTemplate (#283, judofyr)

## 2.0.3 (2016-05-12)

* Add Pandoc support (#276, jmuheim)
* Add CommonMark support (#282, raphink)
* Add TypeScript support (#278, nghitran)
* Work with frozen string literal (#274, jeremyevans)
* Add MIME type for Babel (#273, SaitoWu)

## 2.0.2 (2016-01-06)

* Pass options to Redcarpet (#250, hughbien)
* Haml: Improve error message on frozen self (judofyr)
* Add basic support for Babel (judofyr)
* Add support for .litcoffee (#243, judofyr, mr-vinn)
* Document Tilt::Cache (#266, tommay)
* Sort local keys for better caching (#257, jeremyevans)
* Add more CSV options (#256, Juanmcuello)
* Add Prawn template (kematzy)
* Improve cache-miss performance in Tilt::Cache (#251, tommay)
* Add man page (#241, josephholsten)
* Support YAML/JSON data in bin/tilt (#241, josephholsten)

## 2.0.1 (2014-03-21)

* Fix Tilt::Mapping bug in Ruby 2.1.0 (9589652c569760298f2647f7a0f9ed4f85129f20)
* Fix `tilt --list` (#223, Achrome)
* Fix circular require (#221, amarshall)

## 2.0.0 (2013-11-30)

* Support Pathname in Template#new (#219, kabturek)
* Add Mapping#templates_for (judofyr)
* Support old-style #register (judofyr)
* Add Handlebars as external template engine (#204, judofyr, jimothyGator)
* Add org-ruby as external template engine (#207, judofyr, minad)
* Documentation typo (#208, elgalu)

## 2.0.0.beta1 (2013-07-16)

* Documentation typo (#202, chip)
* Use YARD for documentation (#189, judofyr)
* Add Slim as an external template engine (judofyr)
* Add Tilt.templates_for (#121, judofyr)
* Add Tilt.current_template (#151, judofyr)
* Avoid loading all files in tilt.rb (#160, #187, judofyr)
* Implement lazily required templates classes (#178, #187, judofyr)
* Move #allows_script and default_mime_type to metadata (#187, judofyr)
* Introduce Tilt::Mapping (#187, judofyr)
* Make template compilation thread-safe (#191, judofyr)
jperkin pushed a commit that referenced this pull request Jun 20, 2017
                            Patch #329 - 2017/06/12

     * add  control  sequences  for  reading  the Sixel and ReGIS graphics
       sizes (suggested by Ben Wong).
     * add  a  workaround  for  wcwidth  returning -1 for characters which
       should have been printable (FreeBSD #219800).
     * fix a bug in font initialization from patch #328 (FreeBSD #219800).
     * fix  a special case in HideCursor which assigned a bold font to the
       slot  used  for  normal  font  in changes for italics in patch #307
       (Debian #858304).
     * updates for ReGIS (Ross Combs):
          + Strings  specified  with  no  command  are used as "comments".
            Print these in the log when tracing.
          + Catch  attempts  to use "alternate display" mode (AKA "blink")
            from the GIGI, but do not implement it.
          + The  T(M)  command  should only multiply the height by 10, not
            20.
          + Make  the  S(E)  command reset more state than just the screen
            contents.
          + Remove two rotation variables which were only being printed.
          + Numerous minor fixes and comment updates in the R command.
          + Unknown R command option names trigger an empty response.
          + Fix  the  output  position after printing rotated text (it was
            missing the the sign before).
          + Fix  the  position  change  with pixelvectors and rotated text
            (the rotation transform was not being applied).
          + Update  the TODO list and remove a verification FIXME (slanted
            text positioning is correct as is).
          + Emulate  the  approximately  1.4x  enlargement  for text which
            isn't rotated at right angles.
          + Only  update the color planes specified in the plane mask (the
            W command's F option).
     * fix  a  bug  introduced by the changes to font information in patch
       #328.   When  processing  the  "checkfont"  option  of  the  locale
       resource,  the  program  referred  to the request data, to an array
       which  was  only  allocated  in  the new/result widget (report by H
       Merijn Brand).
     * fix  a  missing assignment initialization to make the utf8 resource
       control  whether  escape sequences to enable/disable UTF-8 mode are
       allowed.
jperkin pushed a commit that referenced this pull request Jun 21, 2017
                            Patch #329 - 2017/06/12

     * add  control  sequences  for  reading  the Sixel and ReGIS graphics
       sizes (suggested by Ben Wong).
     * add  a  workaround  for  wcwidth  returning -1 for characters which
       should have been printable (FreeBSD #219800).
     * fix a bug in font initialization from patch #328 (FreeBSD #219800).
     * fix  a special case in HideCursor which assigned a bold font to the
       slot  used  for  normal  font  in changes for italics in patch #307
       (Debian #858304).
     * updates for ReGIS (Ross Combs):
          + Strings  specified  with  no  command  are used as "comments".
            Print these in the log when tracing.
          + Catch  attempts  to use "alternate display" mode (AKA "blink")
            from the GIGI, but do not implement it.
          + The  T(M)  command  should only multiply the height by 10, not
            20.
          + Make  the  S(E)  command reset more state than just the screen
            contents.
          + Remove two rotation variables which were only being printed.
          + Numerous minor fixes and comment updates in the R command.
          + Unknown R command option names trigger an empty response.
          + Fix  the  output  position after printing rotated text (it was
            missing the the sign before).
          + Fix  the  position  change  with pixelvectors and rotated text
            (the rotation transform was not being applied).
          + Update  the TODO list and remove a verification FIXME (slanted
            text positioning is correct as is).
          + Emulate  the  approximately  1.4x  enlargement  for text which
            isn't rotated at right angles.
          + Only  update the color planes specified in the plane mask (the
            W command's F option).
     * fix  a  bug  introduced by the changes to font information in patch
       #328.   When  processing  the  "checkfont"  option  of  the  locale
       resource,  the  program  referred  to the request data, to an array
       which  was  only  allocated  in  the new/result widget (report by H
       Merijn Brand).
     * fix  a  missing assignment initialization to make the utf8 resource
       control  whether  escape sequences to enable/disable UTF-8 mode are
       allowed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants