./sptr.hh:71:12: error: cannot initialize return object of type 'unsigned int' with an lvalue of type 'unsigned int *const'
{ return count; }
^~~~~
Import upstream fix
PR: 251128
Approved by: bsam (maintainer timeout)
Bump PORTREVISION.
<ChangeLog>
nginx modules:
*) Feature: introduced global "ngx" object.
The following methods were added:
ngx.log(level, msg)
The following properties were added:
ngx.INFO,
ngx.WARN,
ngx.ERR.
*) Feature: added support for Buffer object where string
is expected.
*) Feature: added Buffer version of existing properties.
The following properties were added:
r.requestBuffer (r.requestBody),
r.responseBuffer (r.responseBody),
r.rawVariables (r.variables),
s.rawVariables (s.variables).
The following events were added in stream module:
upstream (upload),
downstream (download).
*) Improvement: added aliases to existing properties.
The following properties were added:
r.requestText (r.requestBody),
r.responseText (r.responseBody).
*) Improvement: throwing an exception in r.internalRedirect()
for a subrequest.
*) Bugfix: fixed promise r.subrequest() with error_page redirect.
*) Bugfix: fixed promise events handling.
Core:
*) Feature: added TypeScript definitions for built-in
modules.
Thanks to Jakub Jirutka.
*) Feature: tracking unhandled promise rejection.
*) Feature: added initial iterator support.
Thanks to Artem S. Povalyukhin.
*) Improvement: TypeScript definitions are refactored.
Thanks to Jakub Jirutka.
*) Improvement: added forgotten support for
Object.prototype.valueOf() in Buffer.from().
*) Bugfix: fixed heap-use-after-free in JSON.parse().
*) Bugfix: fixed heap-use-after-free in JSON.stringify().
*) Bugfix: fixed JSON.stringify() for arrays resizable via
getters.
*) Bugfix: fixed heap-buffer-overflow for
RegExp.prototype[Symbol.replace].
*) Bugfix: fixed returned value for Buffer.prototype.write*
functions.
*) Bugfix: fixed querystring.stringify().
Thanks to Artem S. Povalyukhin.
*) Bugfix: fixed the catch handler for
Promise.prototype.finally().
*) Bugfix: fixed querystring.parse().
</ChangeLog>
Ruby needs newer compiler:
subversion/bindings/swig/ruby/libsvn_swig_ruby/swigutil_rb.c: In function 'callback_rescue':
subversion/bindings/swig/ruby/libsvn_swig_ruby/swigutil_rb.c:1628:38: error: 'ruby_errinfo' undeclared (first use in this function); did you mean 'rb_errinfo'?
1628 | ruby_errinfo,
MFH: 2020Q4
This commit captures KRB5-1.19-beta. The beta announcement on
krbdev is as follows:
MIT krb5-1.19-beta1 is now available for download from
https://web.mit.edu/kerberos/dist/testing.html
The main MIT Kerberos web page is
https://web.mit.edu/kerberos/
Please send comments to the krbdev list. We plan for the final
release to occur in about one month. The README file contains a more
extensive list of changes.
Major changes in 1.19
---------------------
Administrator experience:
* When a client keytab is present, the GSSAPI krb5 mech will refresh
credentials even if the current credentials were acquired manually.
* It is now harder to accidentally delete the K/M entry from a KDB.
Developer experience:
* gss_acquire_cred_from() now supports the "password" and "verify"
options, allowing credentials to be acquired via password and
verified using a keytab key.
* When an application accepts a GSS security context, the new
GSS_C_CHANNEL_BOUND_FLAG will be set if the initiator and acceptor
both provided matching channel bindings.
* Added the GSS_KRB5_NT_X509_CERT name type, allowing S4U2Self
requests to identify the desired client principal by certificate.
* PKINIT certauth modules can now cause the hw-authent flag to be set
in issued tickets.
* The krb5_init_creds_step() API will now issue the same password
expiration warnings as krb5_get_init_creds_password().
Protocol evolution:
* Added client and KDC support for Microsoft's Resource-Based
Constrained Delegation, which allows cross-realm S4U2Proxy requests.
A third-party database module is required for KDC support.
* kadmin/admin is now the preferred server principal name for kadmin
connections, and the host-based form is no longer created by
default. The client will still try the host-based form as a
fallback.
* Added client and server support for Microsoft's KERB_AP_OPTIONS_CBT
extension, which causes channel bindings to be required for the
initiator if the acceptor provided them. The client will send this
option if the client_aware_gss_bindings profile option is set.
User experience:
* The default setting of dns_canonicalize_realm is now "fallback".
Hostnames provided from applications will be tried in principal
names as given (possibly with shortname qualification), falling back
to the canonicalized name.
* kinit will now issue a warning if the des3-cbc-sha1 encryption type
is used in the reply. This encryption type will be deprecated and
removed in future releases.
* Added kvno flags --out-cache, --no-store, and --cached-only
(inspired by Heimdal's kgetcred).
