- Defined `MODLUA_VERSION=5.2`
- Added `--lua-version=${MODLUA_VERSION}` to `CONFIGURE_ARGS`, otherwise
the build was picking up Lua 5.1 if it was already installed
- Added `--no-example-certs` to `CONFIGURE_ARGS`, which results in
`make` not generating certs for localhost and example.com, which
changes PLIST a tiny bit. I don't think that generating this certs
adds any value, but I can keep it off the patch if it's preferred.
- Added NO_TEST=yes
Update diff from maintainer
Amfora aims to be the best looking Gemini client with the most features all
in the terminal. It does not support Gopher or other non-Web protocols.
Features:
* Support ANSI color codes
* Styled page content
* Multiple charset support
* Tabbed browsing
* Built-in search
* Bookmarks
* Theming
* Proxying
port by Dimitri Karamazov which takes maintainer.
ok abieber@
Changes between 1.0.1l and 1.0.2 [22 Jan 2015]
...
*) SSL/TLS tracing code. This parses out SSL/TLS records using the
message callback and prints the results. Needs compile time option
"enable-ssl-trace". New options to s_client and s_server to enable
tracing.
[Steve Henson]
It is especially handy when looking at TLS handshakes, e.g. to try
figure out why nc(1)/libtls TLSv1.3 fails but openssl(1)/libssl doesn't.
LibreSSL's openssl(1) has
-msg
Show all protocol messages with hex dump.
but it is not as nearly insightful as OpenSSL's s_client(1)
-trace
Show verbose trace output of protocol messages. OpenSSL needs
to be compiled with enable-ssl-trace for this option to work.
Upstream enabled "ssl-trace" by default as of 10.06.2021, see commit
726f92e016bac53175ed5d5321bce1ddf6b207d6.
Feedback sthen tb
OK tb
- do not update symlinks which are already up-to-date
- add a gotadmin utility with info, pack, indexpack, and listpack commands
- fix 3-way merge of files which lack a final \n
- make double-quotes appear in rendered got.1 man page as intended (Nam Nguyen)
- gotweb: render error page instead of returning error 500 (tracey)
- avoid an error in tog(1) while the terminal window is being resized
- plug a memory leak in got_ref_list_free()
- catch invalid reference names passed to 'got ref -l'
- fix a memory leak in dial_git() (naddy)
- fix unrelated changes being merged by got cherrypick/backout/rebase/histedit
- go back to Patience diff for merging during cherrypick/backout/histedit/rebase
- fix file descriptor leak in got_repo_close() (tracey)
- fix hang in commit regress test if $VISUAL is set in the environment (tracey)
- use socketpair(2) instead of pipe(2) for better portability to Linux
- make it possible to profile gotweb and document how profiling works
- fix memory and fd leaks in got_pack_stop_privsep_child() (tracey)
- fix bogus 'permission denied' error when a file at work tree root is removed
- port packfile creation code over from git9
- new -I option for 'got status' to show files which match an ignore pattern
CVE-2020-28200: Sieve interpreter is not protected against abusive
scripts that claim excessive resource usage. Fixed by limiting the
user CPU time per single script execution and cumulatively over
several script runs within a configurable timeout period. Sufficiently
large CPU time usage is summed in the Sieve script binary and execution
is blocked when the sum exceeds the limit within that time. The block
is lifted when the script is updated after the resource usage times out.
CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in
JWT tokens. This may be used to supply attacker controlled keys to
validate tokens, if attacker has local access.
CVE-2021-33515: On-path attacker could have injected plaintext commands
before STARTTLS negotiation that would be executed after STARTTLS
finished with the client.
