forked from jsonn/pkgsrc
-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump libxml2 and py-libxml2 to 2.9.4 #384
Closed
stevenwilliamson
wants to merge
1
commit into
TritonDataCenter:joyent/release/2015Q4
from
stevenwilliamson:libxml_security_upgrade
Closed
Bump libxml2 and py-libxml2 to 2.9.4 #384
stevenwilliamson
wants to merge
1
commit into
TritonDataCenter:joyent/release/2015Q4
from
stevenwilliamson:libxml_security_upgrade
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Security fixes from the official release notes: More format string warnings with possible format string vulnerability (David Kilzer), Avoid building recursive entities (Daniel Veillard), Heap-based buffer overread in htmlCurrentChar (Pranjal Jumde), Heap-based buffer-underreads due to xmlParseName (David Kilzer), Heap use-after-free in xmlSAX2AttributeNs (Pranjal Jumde), Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (Pranjal Jumde), Fix some format string warnings with possible format string vulnerability (David Kilzer), Detect change of encoding when parsing HTML names (Hugh Davenport), Fix inappropriate fetch of entities content (Daniel Veillard), Bug 759398: Heap use-after-free in xmlDictComputeFastKey <https://bugzilla.gnome.org/show_bug.cgi?id=759398> (Pranjal Jumde), Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605> (Pranjal Jumde), Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal <https://bugzilla.gnome.org/show_bug.cgi?id=758588> (David Kilzer), Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup <https://bugzilla.gnome.org/show_bug.cgi?id=757711> (Pranjal Jumde), Add missing increments of recursion depth counter to XML parser. (Peter Simons)
jperkin
referenced
this pull request
Jul 11, 2016
This was backported to 2015Q4 by jperkin in July. |
jperkin
pushed a commit
that referenced
this pull request
Oct 22, 2016
version 1.11.1: 2016-06-14 * new guesser infrastructure, support for emacs and vim modelines (#489) * javascript bugfix for nested objects with quoted keys (#496) * new theme: Gruvbox (thanks @jamietanna!) * praat: lots of improvements (thanks @jjatria) * fix for rougify error when highlighting from stdin (#493) * new lexer: kotlin (thanks @meleyal!) * new lexer: cfscript (thanks @mjclemente!) version 1.11.0: 2016-06-06 * groovy: o remove pathological regexes and add basic support for triple-quoted strings (#485) o add the "trait" keyword and fix project url (thanks @glaforge! #378) * new lexer: coq (thanks @gmalecha! #389) * gemspec license now more accurate (thanks @connorshea! #484) * swift: o properly support nested comments (thanks @dblessing! #479) o support swift 2.2 features (thanks @radex #376 and @wokalski #442) o add indirect declaration (thanks @nRewik! #326) * new lexer: verilog (thanks @Razer6! #317) * new lexer: typescript (thanks @Seikho! #400) * new lexers: jinja and twig (thanks @robin850! #402) * new lexer: pascal (thanks @alexcu!) * css: support attribute selectors (thanks @skoji! #426) * new lexer: shell session (thanks @sio4! #481) * ruby: add support for <<~ heredocs (thanks @tinci! #362) * recognize comments at EOF in SQL, Apache, and CMake (thanks @julp! #360) * new lexer: phtml (thanks @Igloczek #366) * recognize comments at EOF in CoffeeScript (thanks @rdavila! #370) * c/c++: o support c11/c++11 features (thanks @Tosainu! #371) o Allow underscores in identifiers (thanks @coverify! #333) * rust: add more builtin types (thanks @RalfJung! #372) * ini: allow hyphen keys (thanks @KrzysiekJ! #380) * r: massively improve lexing quality (thanks @klmr! #383) * c#: o add missing keywords (thanks @BenVlodgi #384 and @SLaks #447) * diff: do not require newlines at the ends (thanks @AaronLasseigne! #387) * new lexer: ceylon (thanks @bjansen! #414) * new lexer: biml (thanks @japj! #415) * new lexer: TAP - the test anything protocol (thanks @mblayman! #409) * rougify bugfix: treat input as utf8 (thanks @japj! #417) * new lexer: jsonnet (thanks @davidzchen! #420) * clojure: associate *.cljc for cross-platform clojure (thanks @alesguzik! #423) * new lexer: D (thanks @nikibobi! #435) * new lexer: smarty (thanks @tringenbach! #427) * apache: o add directives for v2.4 (thanks @stanhu!) o various improvements (thanks @julp! #301) - faster keyword lookups - fix nil error on unknown directive (cf #246, #300) - properly manage case-insensitive names (cf #246) - properly handle windows CRLF * objective-c: o support literal dictionaries and block arguments (thanks @BenV! #443 and #444) o Fix error tokens when defining interfaces (thanks @meleyal! #477) * new lexer: NASM (thanks @sraboy! #457) * new lexer: gradle (thanks @nerro! #468) * new lexer: API Blueprint (thanks @kylef! #261) * new lexer: ActionScript (thanks @honzabrecka! #241) * terminal256 formatter: stop confusing token names (thanks @julp! #367) * new lexer: julia (thanks @mpeteuil! #331) * new lexer: cmake (thanks @julp! #302) * new lexer: eiffel (thanks @Conaclos! #323) * new lexer: protobuf (thanks @fqqb! #327) * new lexer: fortran (thanks @CruzR! #328) * php: associate *.phpt files (thanks @Razer6!) * python: support raise from and yield from (thanks @mordervomubel! #324) * new VimL example (thanks @tpope! #315)
jperkin
pushed a commit
that referenced
this pull request
Oct 22, 2016
Restrict to ruby22 and ruby23. v3.1.5 Bugfixes * #394 prevent crashes when Listen is stopped too soon (e.g. before being started or initialized) v3.1.4 Bugfixes * #393 - relaxed rb-fsevent dependency to allow install on older OSX releases (thanks to @robmckinnon) v3.1.3 Bug fixes * #387 - fix JRuby support both in dependencies (by allowing Ruby 2.2.3) and behavior (JRuby Dir.entries workaround) * #387 - prevent JRuby from hanging when stopping on Linux (and Travis) * #387 - activate JRuby-9.0.5.0 on Travis to declare support for JRuby (tests are flaky, but that's due to timing issues) v3.1.2 Security enhancements * #377 require at least Ruby 2.2.4 to avoid CVE-2015-7551 (see https://www.ruby-lang.org/en/news/2015/12/16/ruby-2-2-4-released/) Bugfixes * #383 allow stopping when not fully initialized (fixes guard/guard#822 (comment)) Improvements * #378 warn users if their Ruby is buggy or vulnerable (controversial to some, but very extensively justified) Development * #377 use ruby_dep for managing ruby requirements * #379 make RuboCop pass (thanks to @jvanbaarsen) * #384 avoid rubygems duplicate dependency error (gem given in both runtime and development dependencies) v3.1.1 Bugfixes * #373 explicitly require forwardable for delegation (fixes #372) v3.1.0 Bugfixes * #370 - gracefully fallback to polling on old older unsupported OSX versions (thanks to @vaz) Improvements * #371 - update dependency to Ruby 2.2.x since 2.1 and earlier are EOL (minor version bumped to 3.1 in case backporting is needed) Development * #371 - fix all RuboCop offenses to avoid noise during development
jperkin
pushed a commit
that referenced
this pull request
Jan 16, 2017
Version 0.34 ------------ Released on 2016-12-21. Bug fixes: * `#398 <https://github.com/Kozea/WeasyPrint/issues/398>`_: Honor the presentational_hints option for PDFs. * `#399 <https://github.com/Kozea/WeasyPrint/pull/399>`_: Avoid CairoSVG-2.0.0rc* on Python 2. * `#396 <https://github.com/Kozea/WeasyPrint/issues/396>`_: Correctly close files open by mkstemp. * `#403 <https://github.com/Kozea/WeasyPrint/issues/403>`_: Cast the number of columns into int. * Fix multi-page multi-columns and add related tests. Version 0.33 ------------ Released on 2016-11-28. New features: * `#393 <https://github.com/Kozea/WeasyPrint/issues/393>`_: Add tests on MacOS. * `#370 <https://github.com/Kozea/WeasyPrint/issues/370>`_: Enable @font-face on MacOS. Bug fixes: * `#389 <https://github.com/Kozea/WeasyPrint/issues/389>`_: Always update resume_at when splitting lines. * `#394 <https://github.com/Kozea/WeasyPrint/issues/394>`_: Don't build universal wheels. * `#388 <https://github.com/Kozea/WeasyPrint/issues/388>`_: Fix logic when finishing block formatting context. Version 0.32 ------------ Released on 2016-11-17. New features: * `#28 <https://github.com/Kozea/WeasyPrint/issues/28>`_: Support @font-face on Linux. * Support CSS fonts level 3 almost entirely, including OpenType features. * `#253 <https://github.com/Kozea/WeasyPrint/issues/253>`_: Support presentational hints (optional). * Support break-after, break-before and break-inside for pages and columns. * `#384 <https://github.com/Kozea/WeasyPrint/issues/384>`_: Major performance boost. Bux fixes: * `#368 <https://github.com/Kozea/WeasyPrint/issues/368>`_: Respect white-space for shrink-to-fit. * `#382 <https://github.com/Kozea/WeasyPrint/issues/382>`_: Fix the preferred width for column groups. * Handle relative boxes in column-layout boxes. Documentation: * Add more and more documentation about Windows installation. * `#355 <https://github.com/Kozea/WeasyPrint/issues/355>`_: Add fonts requirements for tests. Version 0.31 ------------ Released on 2016-08-28. New features: * `#124 <https://github.com/Kozea/WeasyPrint/issues/124>`_: Add MIME sniffing for images. * `#60 <https://github.com/Kozea/WeasyPrint/issues/60>`_: CSS Multi-column Layout. * `#197 <https://github.com/Kozea/WeasyPrint/pull/197>`_: Add hyphens at line breaks activated by a soft hyphen. Bux fixes: * `#132 <https://github.com/Kozea/WeasyPrint/pull/132>`_: Fix Python 3 compatibility on Windows. Documentation: * `#329 <https://github.com/Kozea/WeasyPrint/issues/329>`_: Add documentation about installation on Windows. Version 0.30 ------------ Released on 2016-07-18. WeasyPrint now depends on html5lib-0.999999999. Bux fixes: * Fix Acid2 * `#325 <https://github.com/Kozea/WeasyPrint/issues/325>`_: Cutting lines is broken in page margin boxes. * `#334 <https://github.com/Kozea/WeasyPrint/issues/334>`_: Newest html5lib 0.999999999 breaks rendering. Version 0.29 ------------ Released on 2016-06-17. Bug fixes: * `#263 <https://github.com/Kozea/WeasyPrint/pull/263>`_: Don't crash with floats with percents in positions. * `#323 <https://github.com/Kozea/WeasyPrint/pull/323>`_: Fix CairoSVG 2.0 pre-release dependency in Python 2.x. Version 0.28 ------------ Released on 2016-05-16. Bug fixes: * `#189 <https://github.com/Kozea/WeasyPrint/issues/189>`_: ``white-space: nowrap`` still wraps on hyphens * `#305 <https://github.com/Kozea/WeasyPrint/issues/305>`_: Fix crashes on some tables * Don't crash when transform matrix isn't invertible * Don't crash when rendering ratio-only SVG images * Fix margins and borders on some tables Version 0.27 ------------ Released on 2016-04-08. New features: * `#295 <https://github.com/Kozea/WeasyPrint/pull/295>`_: Support the 'rem' unit. * `#299 <https://github.com/Kozea/WeasyPrint/pull/299>`_: Enhance the support of SVG images. Bug fixes: * `#307 <https://github.com/Kozea/WeasyPrint/issues/307>`_: Fix the layout of cells larger than their tables. Documentation: * The website is now on GitHub Pages, the documentation is on Read the Docs. * `#297 <https://github.com/Kozea/WeasyPrint/issues/297>`_: Rewrite the CSS chapter of the documentation.
jperkin
pushed a commit
that referenced
this pull request
Mar 8, 2017
2017-03-06 Richard Russon <[email protected]> * Bug Fixes - Get the correct buffer size under fmemopen/torify (#441) - Use static inlines to make gcc 4.2.1 happy - getdnsdomainname: cancel getaddrinfo_a if needed - imap: remove useless code (#434) (origin/master) - Fixes missing semi-colon compilation issue (#433) * Docs - github: added template for Pull Requests, issues and a CONTRIBUTION.md (#339) - editorconfig: support for new files, fix whitespace (#439) - add blocking fmemopen bug on debian to manual (#422) * Upstream - Increase ACCOUNT.pass field size. (closes #3921) - SSL: Fix memory leak in subject alternative name code. (closes #3920) - Prevent segv if open-appending to an mbox fails. (closes #3918) - Clear out extraneous errors before SSL_connect() (see #3916) 2017-02-25 Richard Russon <[email protected]> * Features - Add option $show_multipart_alternative - notmuch: Allow to use untransformed tag for color - Use getaddrinfo_a if possible (#420) * Bug Fixes - handle sigint within socket operations (#411) - Avoid browsing the remote spoolfile by setting MUTT_SELECT_MULTI attach - notmuch: fix crash when completing tags (#395) - Fixes missing failure return of notmuch msg open (#401) - Fix latest Coverity issues (#387) - Advance by the correct number of position even for unknown characters (#368) - Release KyotoCabinet data with kcfree() (#384) - 22 resource leaks * Translations - Update translations - Update the german translation (#397) * Docs - fix typo in notmuch example - remove duplicate "default" in the sidebar intro - fix confusing description of notmuch operators (#371) - correct spelling mistakes (#412) * Website - link to clang-format config in main repo (#28) - updated list of useful programs - update/improve list of useful programs - sidebar_format has a single default value - fix name of GNU Guix - added guix distro - added link to new afew maintainers - add code of conduct - add mutt-addressbook to useful - remove unnecessary unicode non-breaking spaces - github merging * Build - Enable and run unit-tests on the feature/unit-test branch - add notmuch to default, feature - new dbs for mutt - master is now the main branch - streamline builds - fix doc generator - add a few includes (prelude to clang-format) - slcurses.h defines its own bool type - travis: use container build - add clang-format file - Remove ugly macros and casts from crypt-gpgme.c - fix minor reflow issues in some comments - editorconfig: use spaces to indent in *.[ch] files - added comment-blocks for clang-format to ignore - fix 80 column limit, align statements - Remove snprintf.c from EXTRA_DIST (#406) - Kill homebrew (v)snprintf implementations, as they are C99 (#402) - Display charset + small refactoring - Do not cast or check returns from safe_calloc (#396) - refactor: create a generic base64 encode/decode - debug: remove dprint in favor of mutt_debug (#375) - Fix dubious use macro for _() / gettext() (#376) - Use mutt_buffer_init instead of memset - Make the heap method and datatype a plain list - Reverts making AliasFile into a list_t (#379) - Turn mutt_new_* macros into inline functions - Do not cast return values from malloc (et similia) * Upstream - Simplify mutt_label_complete(). - Permit tab completion of pattern expressions with ~y (labels). - Fix the mutt_label_complete() pos parameter. - Fix the x-label update code check location. - Improve the label completion hash table usage. - Adds label completion. - Add hash_find_elem to get the hash element. - Minor fixes to the x-label patch from David. - Adds capability to edit x-labels inside mutt, and to sort by label. - Allow "unsubjectrc *" to remove all patterns. - Add subjectrx command to replace matching subjects with something else. - Abstract the SPAM_LIST as a generic REPLACE_LIST - Improve Reply-to vs From comparison when replying. (closes #3909) - Fix sidebar references to the "new count" to be "unread". (closes #3908) - Fix several alias hashtable issues. - Add casecmp and strdup_key flags to hash_create() - Improve error handling in mbox magic detection. - Allow initial blank lines in local mailboxes. - Fix minor documentation issues. - Convert cmd_parse_search to use the uid hash. (closes #3905) - Create a uid hash for imap. (see #3905) - Convert HASH to be indexable by unsigned int. (see #3905) - Fix imap server-side search to call uid2msgno() only once. (see #3905) - Add a pattern_cache_t to speed up a few repeated matches. - Canonicalize line endings for GPGME S/MIME encryption. (closes #3904) - Fix build for bdb. - Create function to free header cache data. - Add Kyoto Cabinet support to the header cache. - Prevent null pointer exception for h->ai_canonname - Show SHA1 fp in interactive cert check menu. - Fix potential cert memory leak in check_certificate_by_digest(). - Plug memory leak in weed-expired-certs code. - Filter expired local certs for OpenSSL verification. - Change "allow_dups" into a flag at hash creation.
jperkin
pushed a commit
that referenced
this pull request
Mar 20, 2017
# Change Log ## [3.5.5] - 2017-02-24 [3.5.5]: hashie/hashie@v3.5.4...v3.5.5 ### Added * [#326](hashie/hashie#326): Added `Hashie::Extensions::Mash::KeepOriginalKeys` to give Mashes the ability to keep the original structure given to it - [@michaelherold](https://github.com/michaelherold). ### Fixed * [#415](hashie/hashie#415): Fixed Mash logging keys multiple times which lead to a bad user experience or, in some cases, errors - [@michaelherold](https://github.com/michaelherold). ## [3.5.4] - 2017-02-22 [3.5.4]: hashie/hashie@v3.5.3...v3.5.4 ### Added * [#412](hashie/hashie#412): Added a Hashie::Extensions::Mash::SymbolizeKeys extension that overrides the default stringification behavior for keys - [@michaelherold](https://github.com/michaelherold). ### Fixed * [#409](hashie/hashie#409): Fixed Railtie detection for projects where Rails is defined but Railties are not availble - [@CallumD](https://github.com/callumd). * [#411](hashie/hashie#411): Fixed a performance regression from 3.4.3 that caused a 10x slowdown in OmniAuth - [@michaelherold](https://github.com/michaelherold). ## [3.5.3] - 2017-02-11 [3.5.3]: hashie/hashie@v3.5.2...v3.5.3 ### Fixed * [#402](hashie/hashie#402): Use a Railtie to set Hashie.logger on rails boot - [@matthewrudy](https://github.com/matthewrudy). * [#406](hashie/hashie#406): Ensure that subclasses that disable warnings propagate that setting to grandchild classes - [@michaelherold](https://github.com/michaelherold). * Your contribution here. ## [3.5.2] - 2017-02-10 [3.5.2]: hashie/hashie@v3.5.1...v3.5.2 ### Added * [#395](hashie/hashie#395): Add the ability to disable warnings in Mash subclasses - [@michaelherold](https://github.com/michaelherold). * [#400](hashie/hashie#400): Fix Hashie.logger load and set the Hashie logger to the Rails logger in a Rails environment - [@michaelherold](https://github.com/michaelherold). ### Fixed * [#396](hashie/hashie#396): Fix for specs in #381: Incorrect use of shared context meant example was not being run - [@biinari](https://github.com/biinari). * [#399](hashie/hashie#399): Fix passing Pathname object to Hashie::Mesh.load() - [@albb0920](https://github.com/albb0920). ### Miscellanous * [#397](hashie/hashie#397): Add the integration specs harness into the main test tasks - [@michaelherold](https://github.com/michaelherold). ## [3.5.1] - 2017-01-31 * [#392](hashie/hashie#392): Fix for #391: Require all dependencies of Hashie::Mash - [@dblock](https://github.com/dblock). [3.5.1]: hashie/hashie@v3.5.0...v3.5.1 ## [3.5.0] - 2017-01-31 * [#386](hashie/hashie#386): Fix for #385: Make `deep_merge` always `deep_dup` nested hashes before merging them in so that there are no shared references between the two hashes being merged. - [@mltsy](https://github.com/mltsy). * [#389](hashie/hashie#389): Support Ruby 2.4.0 - [@camelmasa](https://github.com/camelmasa). [3.5.0]: hashie/hashie@v3.4.6...v3.5.0 ### Added * [#381](hashie/hashie#381): Add a logging layer that lets us report potential issues to our users. As the first logged issue, report when a `Hashie::Mash` is attempting to overwrite a built-in method, since that is one of our number one questions - [@michaelherold](https://github.com/michaelherold). ### Changed * [#384](hashie/hashie#384): Updated to CodeClimate 1.x - [@boffbowsh](https://github.com/boffbowsh). ### Fixed * [#369](hashie/hashie#369): If a translation for a property exists when using IndifferentAccess and IgnoreUndeclared, use the translation to find the property - [@whitethunder](https://github.com/whitethunder). * [#376](hashie/hashie#376): Leave string index unchanged if it can't be converted to integer for Array#dig - [@sazor](https://github.com/sazor). * [#377](hashie/hashie#377): Dont use Rubygems to check ruby version - [@sazor](https://github.com/sazor). * [#378](hashie/hashie#378): Deep find all searches inside all nested hashes - [@sazor](https://github.com/sazor). * [#380](hashie/hashie#380): Evaluate procs default values of Dash in object initialization - [@sazor](https://github.com/sazor). ### Miscellanous * [#387](hashie/hashie#387): Fix builds failing due to Rake 11 having a breaking change - [@michaelherold](https://github.com/michaelherold).
wiedi
pushed a commit
to wiedi/pkgsrc-legacy
that referenced
this pull request
Jan 28, 2018
pkgsrc changes: - switch to using qt5 (to follow upstream) - handle ${PREFIX} in more places - fix package COMMENT (remove "for IBus") - GCC_REQD 4.7 for c++11 - add patch comments See PR pkg/52689 for more details. Upstream changes: (from https://github.com/google/mozc/blob/master/docs/release_history.md) Summary of changes between 2.19.2644.102 and 2.20.2673.102 as follows. Third party libraries: None. Build related changes: --qtver GYP build option was removed (280e38f). Mozc for macOS now uses macOS 10.11 SDK by default (b2a74bb). Major changes: src/data/installer/credits_ja.html was removed (2ec6c8f). Mozc for macOS now generates 64-bit executables. 32-bit machine is no longer supported on macOS. Mozc for Android now has more translations (d914458). Fixed issues: TritonDataCenter#187: build_mozc.py always generates 32 bit binaries on 64 bit OSX TritonDataCenter#327: Switch to Qt5 from Qt4 TritonDataCenter#348: DirectWrite may fail to render text in certain enviromnents TritonDataCenter#391: ImportError: gen_zip_code_seed.py TritonDataCenter#399: OK/Cancel buttons on Mozc key binding editor dialog cannot be clicked on Windows TritonDataCenter#400: Close icon on GUI dialogs do not work on Windows Total commits: 30 commits. Summary of changes between 2.18.2613.102 and 2.19.2643.102 as follows. Third party libraries: protobuf: e8ae137 -> c44ca26 Dropped dependency on fonttools Build related changes: --qtver=5 GYP build option is implicitly assumed on macOS and Linux builds (f76c304). On Windows, --qtver=4 is still the default. Major changes: Mozc for macOS now supports 10.12 as a runtime environment. Mozc for Android now uses on-device font to render keytop icons (f5dcad). Fixed issues: TritonDataCenter#263: Incorrect position in voiced sound marks on the key pad in Android TritonDataCenter#384: HUAWEI P9 lite does not show MozcView. TritonDataCenter#388: Having multiple abbreviation user dictionary entries with the same reading should be supported TritonDataCenter#389: Emoticon user dictionary entry should not be treated a content word Total commits: 39 commits. Summary of changes between 2.17.2532.102 and 2.18.2612.102 as follows. Third party libraries: protobuf: d5fb408 -> e8ae137 GYP: e2e928b -> 4ec6c4e breakpad: d2904bb -> 85b27e4 Dropped dependency on zlib Build related changes: Renamed src/mozc_version_template.txt to src/data/version/mozc_version_template.bzl Reference build environment now uses Ubuntu 14.04.5 (a7cbf72) Reference build environment now uses Ninja 1.7.1 (d2bc62b) Removed --android_compiler GYP option (5ce7fa6) Android build requires Android NDK r12b (5ce7fa6) Major changes: Improved Store Apps compatibility on Windows (0488082) Fixed issues: NPE in UserDictionaryToolActivity.onPostResume on Android (09b47c3) TritonDataCenter#273: Compilation errors in Android arm64 and mips64 build TritonDataCenter#373: Unexpected size bloat of the APK TritonDataCenter#374: Duplicate candidates after Undo TritonDataCenter#375: 90- is suggested from 090- TritonDataCenter#376: Suggestion-only user dictionary entry may not work TritonDataCenter#377: Abbreviation user dictionary entry may not work TritonDataCenter#378: Suppression word may not work TritonDataCenter#379: Single character noun user dictionary entry may not work TritonDataCenter#380: Dependency on dictionary/pos_matcher.h from session/session_server.cc is missing in GYP rules TritonDataCenter#382: Fix typo Total commits: 84 commits. Summary of changes between 2.17.2405.102 and 2.17.2531.102 as follows. Third party libraries: protobuf: 1a59a71 -> d5fb408 Build related changes: Building Mozc for Windows requires Visual Studio 2015 update 3. --qtdir option is no longer supported in Linux desktop build (d003076). Major changes: Updated system dictionary. Removed several Shift-JIS-based normalizations on Windows (26241b0). Mozc for Windows requires SSE2 even on 32-bit environment. Mozc for Windows supports Windows 7 SP1 and later only. Mozc for macOS supports macOS 10.9 and later only. Mozc for desktop platforms (Windows, macOS, desktop Linux) supports Qt5 behind --qtver=5 GYP option. Fixed issues: Fix OOM when importing too large dictionary file on Android (5c859ae) TritonDataCenter#298: Fix NPE on Samsung devices on showing toast TritonDataCenter#315: Switch to Visual C++ 2015 TritonDataCenter#372: Discontinue the support of Windows Vista Total commits: 128 commits. Summary of changes between 2.17.2355.102 and 2.17.2404.102 as follows. Third party libraries: protobuf: 172019c -> 1a59a71 Build related changes: Building Mozc requires protobuf 3.0 or later. --android_stl GYP option is removed in Android build. You cannot use GNU STL to build Mozc for Android anymore. Major changes: None. Fixed issues: TritonDataCenter#369: Unexpected software keyboard layout can be chosen TritonDataCenter#370: Mozc keeps crashing on Android N Developer Preview 5 TritonDataCenter#371: Shortcut word in personal dictionary should not be used for multi segment conversion Total commits: 50 commits. Summary of changes between 2.17.2323.102 and 2.17.2354.102 as follows. Third party libraries: None. Build related changes: None. Major changes: 2.17.2323.102 and later commits in OSS repository preserve the original CL commit date in Google internal repository. Consider to specify --topo-order option to git log to see commits in the actual commit order. Multiple performance improvements in Android. Fixed issues: None. Total commits: 32 commits. Summary of changes between 2.17.2314.102 and 2.17.2322.102 as follows. Third party libraries: googletest: 1d53731 -> 82b11b8 WTL: 9.0.4140 -> 9.1.5321 Build related changes: Building macOS binaries now requires Ninja instead of xcodebuild. Major changes: None. Fixed issues: TritonDataCenter#247: Use ninja to build Mac binaries TritonDataCenter#355: Native resource leak due to the missing pthread_detach call in mozc::Thread::Detach TritonDataCenter#361: ImmSetCandidateWindow() with CFS_EXCLUDE isn't supported on Win Vista and Win7 Total commits: 15 commits.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Security fixes from the official release notes:
More format string warnings with possible format string vulnerability (David Kilzer),
Avoid building recursive entities (Daniel Veillard),
Heap-based buffer overread in htmlCurrentChar (Pranjal Jumde),
Heap-based buffer-underreads due to xmlParseName (David Kilzer),
Heap use-after-free in xmlSAX2AttributeNs (Pranjal Jumde),
Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (Pranjal Jumde),
Fix some format string warnings with possible format string vulnerability (David Kilzer),
Detect change of encoding when parsing HTML names (Hugh Davenport),
Fix inappropriate fetch of entities content (Daniel Veillard),
Bug 759398: Heap use-after-free in xmlDictComputeFastKey https://bugzilla.gnome.org/show_bug.cgi?id=759398 (Pranjal Jumde),
Bug 758605: Heap-based buffer overread in xmlDictAddString https://bugzilla.gnome.org/show_bug.cgi?id=758605 (Pranjal Jumde),
Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal https://bugzilla.gnome.org/show_bug.cgi?id=758588 (David Kilzer),
Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup https://bugzilla.gnome.org/show_bug.cgi?id=757711 (Pranjal Jumde),
Add missing increments of recursion depth counter to XML parser. (Peter Simons)