v2.0.12 @mojavelinux released this on Nov 10 2020
This is a minor patch release that fixes some regressions that were
introduced during the long release cycle of 2.0.11. We strongly
recommend upgrading to this version instead of using 2.0.11.
Notable changes include restoring the type and target on unresolved
footnotes (so they display properly), fixing a crash when an extension
set a numeric width or height on an SVG image when using opts=inline,
resetting the word wrap behavior to normal on tables to avoid aggressive
word breaks, reverting the use of a Ruby 2.3 construct that prevented
Asciidoctor from working on CentOS, including the role on an inline
image in the DocBook output, and passing through the explicit width and
height values on an SVG image as is when using opts=inline.
Please note that it will not be possible to use Asciidoctor on Ruby <
2.3 after the 2.0.x release line. Those versions are already
unsupported. However, since we had not yet made a change that prevented
them from working, we'll wait until
2.1.x to do so.
v2.0.11 @mojavelinux released this on Nov 3 2020
This is a big patch release that fixes a slew of issues that have been
discovered from heavy usage. It's a larger release than we had planned
because we're in the process of rewriting the docs and have been holding
minor releases until the docs were merged. Unfortunately, that has taken
longer than expected. But we're nearly there. In the meantime, we're
putting out this patch release to publish the fixes that have
accumulated in the meantime.
Notable changes include fixing two infinite loop scenarios, applying
text formatting to cells in the implicit table head row when the column
has the "a" or "l" style, restoring compatibility with Rouge >= 3.4 (by
defining entry point API methods as class methods instead of module
functions), fix bottom margin collapsing on an AsciiDoc table cell,
removing excess hard line breaks in multi-line AsciiMath blocks,
preserving repeating blackslashes in manpage output, move style tags for
syntax highlighters into head of HTML output, for wrapping to avoid
overflow in HTML output, fix cell borders for colspan or rowspan cells
when frame and grid attribute values are congruent, and allow the
encoding of the include file to be specified using the encoding
attribute.
Changes of version 4.1.1
* Fix letterform of t in ss14.
* Add curly-turn variant of y.
Changes of version 4.1.0
* Add rounded variant of e.
* Add flat-hook single-storey variants for g and y.
* Create separate variant selector for Cyrillic capital U.
Changes:
2020-08-04 Bert Bos <bert@luna.phonk.net>
* unent.hash: gperf 3.1 generates size_t instead of unsigned int.
* Makefile.am: Call gperf on unent.hash with "-k 1-6" instead of
"-k 1,2,$ -D". Added test select25.sh.
* select25.sh: Test added. (Contributed by Hugo Peixoto.)
* selector.c: An attribute selector with an empty string such as
[foo=''], resulted in a NULL value instead of an empty string,
which led to a crash. (Found and fixed by Hugo Peixoto.)
2019-10-05 Bert Bos <bert@w3.org>
* Published version 7.8.
* textwrap.c, langinfo.c, hxnormalize.c: Added knowledge about
languages that do not use spaces between words. In such languages,
a newline should not be converted to a space in outc() in
textwrap.c, but only to a break opportunity.
2019-08-28 Bert Bos <bert@w3.org>
* hxtoc.c: The element to group headings in HTML5 is called
HGROUP, not HEADER. The heading of a section (SECTION, ARTICLE,
etc.) need not be the first element, there may be non-header
elements before it.
* hxwls.c: Print "longdesc", "classid" or "codebase" in the second
column for the corresponding attribute. Also recognize srcset
(somewhat).
2018-08-03 Bert Bos <bert@w3.org>
* hxnormalize.c: Added option -X to indicate the input is XML
instead of HTML. Handle conversion of CDATA elements to XML by
escaping < and & instead of adding <![CDATA[. Added corresponding
test normalize13.sh.
2018-04-29 Bert Bos <bert@w3.org>
* Released version 7.7.
* dtd.hash: Don't include the arguments in the forward declaration
of lookup_element(), because those arguments differ slightly
depending on which version of gperf is used to generate dtd.c:
"unsigned int" in gperf 3.0 vs "size_t" in gperf 3.1.
* conficgure.ac: Check for libiconv with the AM_ICONV macro (from
gettext) instead of AC_SEARCH_LIBS. (Advice from Christian
Weisgerber, received via Anthony Bentley). That in turn requires
adding config.rpath to the EXTRA_DIST in Makefile.am.
2018-02-23 Bert Bos <bert@w3.org>
* tests/index10.sh: Added a test for a term database.
* hxindex.c: Replaced fgets() by getline(), to allow lines of
arbitrary length in the term database.
2018-02-15 Bert Bos <bert@w3.org>
* tests/index9.sh: Added a test for hxindex's option -N.
* tests/index5.sh: Updated for hxindex's option -N.
* tests/cite5.sh: Added the example from hxmkbib.1 as a test.
* tests/normalize12.sh: Added a test for the NOSCRIPT element.
* hxindex.1: Added option -N.
* hxmkbib.1: The example was missing some "%" signs.
* hxmkdir.c: Read the template before reading the auxfile, so that
a pipe like "hxcite -a auxfile bib template | hxmkbib -a auxfile
bib" becomes possible. hxcite will have the time to finishe
writing the auxfile before hxmkbib reads it.
2018-02-12 Bert Bos <bert@w3.org>
* hxindex.c: Added option -N.
* dtd.hash: Since HTML5, the NOSCRIPT element is phrase-level
instead of block-level.
2018-02-09 Bert Bos <bert@w3.org>
* Version 7.6 released.
* selmatch.c: matches_sel() could read uninitialized memory
(h->parent where h is the root of a tree) potentially leading to a
SIGBUS. Thanks to Anthony J. Bentley for finding this bug.
2018-01-20 Bert Bos <bert@w3.org>
* Version 7.5 released.
* hxcite.1: Spelling error.
* hxincl.1: Spelling error.
* url.c: Fixed unsafe way to call warnx(). Thanks to Robin
Naundorf for these three corrections.
2017-12-08 Bert Bos <bert@w3.org>
* tests/normalize11.sh: Added to test for "main".
* dtd.hash: Added the HTML5 element "main".
2017-12-07 Bert Bos <bert@w3.org>
* hxwls.c: Added support for HTML5 elements (source, audio, video)
and for the classid and codebase attribute. Fixed an error: input
has a src attribute, not href.
December 16, 2020
SECURITY:
* LDAP Auth Method: We addressed an issue where error messages returned by
the LDAP auth methold allowed user enumeration [GH-10537]. This
vulnerability affects Vault OSS and Vault Enterprise and is fixed in 1.5.6
and 1.6.1 (CVE-2020-35177).
* Sentinel EGP: We've fixed incorrect handling of namespace paths to
prevent users within namespaces from applying Sentinel EGP policies to
paths above their namespace. This vulnerability affects Vault Enterprise
and is fixed in 1.5.6 and 1.6.1 (CVE-2020-35453).
IMPROVEMENTS:
* auth/ldap: Improve consistency in error messages [GH-10537]
* core/metrics: Added "vault operator usage" command. [GH-10365]
* secrets/gcp: Truncate ServiceAccount display names longer than 100
characters. [GH-10558]
BUG FIXES:
* agent: Only set the namespace if the VAULT_NAMESPACE env var isn't
present [GH-10556]
* auth/jwt: Fixes bound_claims validation for provider-specific group and
user info fetching. [GH-10546]
* core (enterprise): Vault EGP policies attached to path * were not
correctly scoped to the namespace.
* core: Avoid deadlocks by ensuring that if grabLockOrStop returns
stopped=true, the lock will not be held. [GH-10456]
* core: Fix client.Clone() to include the address [GH-10077]
* core: Fix rate limit resource quota migration from 1.5.x to 1.6.x by
ensuring purgeInterval and staleAge are set appropriately. [GH-10536]
* core: Make all APIs that report init status consistent, and make them
report initialized=true when a Raft join is in progress. [GH-10498]
* secrets/database/influxdb: Fix issue where not all errors from InfluxDB
were being handled [GH-10384]
* secrets/database/mysql: Fixes issue where the DisplayName within
generated usernames was the incorrect length [GH-10433]
* secrets/database: Sanitize private_key field when reading database plugin
config [GH-10416]
* secrets/transit: allow for null string to be used for optional parameters
in encrypt and decrypt [GH-10386]
* storage/raft (enterprise): The parameter aws_s3_server_kms_key was
misnamed and didn't work. Renamed to aws_s3_kms_key, and make it work so
that when provided the given key will be used to encrypt the snapshot using
AWS KMS.
* transform (enterprise): Fix bug tokenization handling metadata on
exportable stores
* transform (enterprise): Fix transform configuration not handling stores
parameter on the legacy path
* transform (enterprise): Make expiration timestamps human readable
* transform (enterprise): Return false for invalid tokens on the validate
endpoint rather than returning an HTTP error
* transform (enterprise): Fix bug where tokenization store changes are
persisted but don't take effect
* ui: Fix bug in Transform secret engine when a new role is added and then
removed from a transformation [GH-10417]
* ui: Fix footer URL linking to the correct version changelog. [GH-10491]
* ui: Fox radio click on secrets and auth list pages. [GH-10586]
FEATURES:
* New command fmt allows users to format existing HCL2 configuration files
into a canonical style. Please see fmt command docs for more
details. [GH-10225] [GH-10377]
* New function env allows users to set the default value of a variable to
the value of an environment variable. Please see env function docs for more
details. [GH-10240]
* Future Scaffolding This release contains a large number of no-op
refactoring changes. The Packer team at HashiCorp is preparing to split the
plugins and core to make it easier for our third party maintainers and
community members to release and maintain plugins, just like HashiCorp did
with the Terraform Core-Provider split. The Packer team is committed to
making sure that this split is seamless for our users and for our community
maintainers -- if you are a community maintainer, you may want to follow
along with some of the work by looking at the core-plugin-split github
tag. No one needs to do anything, yet, but we felt it was worth calling out
all the work that isn't making it into the changelog. We will be following
up with lots of documentation and communication in early 2021 with more
information.
IMPROVEMENTS
* builder/amazon-ebs: Add tags to launch templates. [GH-10203]
* builder/amazon: Add support for Amazon EBS gp3 volumes. [Gh-10338]
* builder/amazon: Increase default max_retries to lessen throttling
issues. [GH-10290]
* builder/amazon: Support AWS gp3 volumes [GH-10338]
* builder/amazon: Support root volume encryption for
amazon-chroot. [GH-10243]
* builder/amazon: Validate IOPS ratio. [GH-10199]
* builder/azure-arm: Add Azure CLI authentication support to
builder. [GH-10157]
* builder/azure-arm: Create keyvaults with SoftDelete enabled. [GH-10210]
* builder/digitalocean: New option to provision with private ip. [GH-10093]
* builder/google: Add wait_to_add_ssh_keys option to delay the addition of
SSH configuration that may be disrupted during an instance boot
sequence. [GH-10320]
* builder/google: Add support for creating shielded VMs. [GH-10172]
* builder/googlecompute-export: Add logging.write to service account
scopes. [GH-10316]
* builder/oracle-oci: Support image launch mode. [GH-10212]
* builder/outscale: Add outscale.hk endpoint support [GH-10207]
* builder/outscale: Add x509 certificate support. [GH-10161]
* builder/proxmox: New config option for boot-order. [GH-10260]
* builder/scaleway: Use the SDK functions to load profile from file and
env. [GH-10181]
* builder/virtualbox: Allow attaching guest additions with "none"
communicator. [GH-10306]
* builder/vmware: Make compatible with MacOS BigSur by using Apple DHCP
leases instead of VMWare leases [GH-10384]
* builder/vsphere: New option to add additional storage to a cloned
vm. [GH-10287]
* builder/yandex: More resilient image mounting and
initialization. [GH-10335]
* builder/yandex: Update user-data to not use cloud-config fields to
prevent possible user data collisions. [GH-10385]
* core/hcl: Update to hcl2_upgrade command to support complex variable
values and packer version blocks. [GH-10221]
* hcl2upgrade: Update command to fix env call upgrade. [GH-10244]
* post-processor/vagrant-cloud: Add support for uploading directly to
storage on Vagrant Cloud. [GH-10193]
* post-processor/yandex-export: Add retries and wait after disk attach
operation. [GH-10303]
* post-processor/yandex-export: Show progress on export. [GH-10368]
* post-processor/yandex-export: Use ssh communicator in export. [GH-10352]
* post-processor/yandex-export: Verify the access to a specific
bucket. [GH-10188]
* provisioner/salt-masterless: Call winrepo.update_git_repos and
pkg.refresh_db. [GH-10201]
BUG FIXES
* builder/amazon: Fix retry logic in AWS spot instance tagging. [GH-10394]
* builder/amazon: Fix single tag interpolation to allow for templating
engine usage. [GH-10224]
* builder/google: Fix crash when using the -on-error build flag. [GH-10247]
* builder/google: Fix issue with service account detection when running
Packer on a compute instance with use_os_login enabled. [GH-10360]
* builder/qemu: Fix duplication of main disk when setting "disk_image:
true". [GH-10337]
* builder/qemu: Fix nil pointer dereference when loading values from
state. [GH-10249]
* builder/qemu: Fix panic when disk_image=true and source image has no file
extension. [GH-10226]
* builder/vagrant: Return error if ssh-config command fails. [GH-10213]
* builder/vsphere: WaitForIP should not return an error if an IP is not
found [GH-10321]
* builder/yandex: Change disk creation method to manual. [GH-10250]
* builder/yandex: Fix issue with UserAgent string. [GH-10361]
* builder/yandex: Fixed using cloud config when using IPv6. [GH-10297]
* core/hcl: Ensure the reverse function does not break when given a value
of type list. [GH-10380]
* post-processor/yandex-export: Check service account id. [GH-10305]