firejail 💾

Firejail is a security sandbox tool, which utilizes Linux 3.x namespaces to setup restricted environments for untrusted applications. It works for console and graphical applications, servers, or even login sessions; by assigning them and their subprocesses a private view of globally shared kernel resources. Firejail isolates mount points, adds chrooting, filesystem writability or overlays, sandbox filesystem sharing, networking stack and firewall isolation, constrains interprocess communication, and separates processes. It comes with default profiles for Firefox or Evince, includes Seccomp and Linux caps support.

minor feature: Work in progress. --disable-mnt rework. New profiles: QMediathekView, aria2c, Authenticator, checkbashisms. New profiles: devilspie, devilspie2, easystroke, github-desktop, min. New profiles: bsdcat, bsdcpio, bsdtar, lzmadec.

GNU GPL c linux security process-isolation namespaces sandbox

etcd 3.3.10 💾

etcd is a distributed key-value store, used as shared cluster configuration backend. It automatically elects a master server, allows dynamic config data with optional TTLs, provides a JSON API over HTTP with TLS and long polling, uses the Raft protocol for distribution. It's the basis for CoreOS, integrates with fleet/systemd, and thus also provides service discovery.

minor feature: Clientv3: call KV/Txn APIs with default gRPC call options . Clientv3: call other APIs with default gRPC call options. . Clientv3/integration: test large KV requests. . Words: whitelist more. . Documentation/upgrades: clean up 3.2, 3.3 guides. . Documentation/upgrades: highlight request limit changes in v3.2, v3.3. . Clientv3/integration: TestKVPutError. . Integration: bump up wait leader timeout for slow CIs. . Documentation/upgrades: highlight raw gRPC client wrapper changes. . . . . . . . Document/upgrades: add "lease timetolive" output change. . Clientv3/retry: clean up retryRPCFunc. . Documentation/dev-guide: Update TimeToLive documentation. . . . . . . . Etcdserver/api: add 3.3.0 as compatible server capability. . Rafthttp: add 3.3.0 support. . . . Version: bump up to 3.3.0. . Version: bump up to 3.3.0+git. . *: update release upgrade test versions. . CHANGELOG: remove rc in release-3.3. . Embed: only discard infos when deflag is off. . Grpc-proxy: add "--de" flag to "etcd grpc-proxy start" command. . Clientv3/leasing: racey waitSession. . Etcdserver/api/v3rpc: log stream error with delevel. . Etcdserver,embed: discard gRPC info logs when deis off. . Etcdserver/api/v3rpc: set grpclog once. . Tools/functional-tester: remove duplicate grpclog set. . Clientv3/integration: TestKVLargeRequests with -tags cluster_proxy. . Version: bump up to 3.3.0-rc.1. . Version: bump up to 3.3.0-rc.1+git. . Pkg/expect: deadlock in mac OS. . Etcdmain: unset ETCD_UNSUPPORTED_ARCH after arch check. . Embed: enable extensive metrics if specified. . Etcdserver/api/v3rpc: deuser cancellation and log warning for rest. . Mvcc: check null before set FillPercent not to panic. . Integration: add constant RequestWaitTimeout. . Clientv3/integration: typos. . DocCommand: use regex wildcard. . Ctlv3: add "snapshot restore --wal-dir". . Etcd-tester: add txn stresser. . Test: limit stress-qps for slow CI machines, add txn fl

Apache go database key-value distributed configuration administrator coreos json http

Linux kernel 4.18.13 💾

Linux is a mostly POSIX-compliant Unix-inspired operating system kernel, originally implemented by Linus Torvalds and now maintained as an international project. It's the base and common namegiver to a wide array of Linux distributions. The kernel provides all modern Unix-y features, like true process multitasking, virtual memory, virtual and clustered filesystem support, complex networking and extensive support for various hardware and machine platforms.

minor feature: Linux 4.18.13, Revert "drm/amd/pp: Send khz clock values to DC for smu7/8", dm thin metadata: __udivdi3 undefined on 32-bit, ixgbe: check return value of napi_complete_done(), HID: i2c-hid: disable runtime PM operations on hantick touchpad, ocfs2: locking for res- tracking and dlm- tracking_list, proc: restrict kernel stack dumps to root, tools: hv: fcopy: set 'error' in case an unknown operation was requested, Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect(), gpiolib: Free the last requested descriptor, crypto: caam/jr - ablkcipher_edesc pointer arithmetic, crypto: mxs-dcp - wait logic on chan threads, crypto: chelsio - memory corruption in DMA Mapped buffers. crypto: qat - KASAN stack-out-of-bounds in adf_probe(), ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760, iommu/amd: Clear memory encryption mask from physical address, smb2: missing files in root share directory listing, cpufreq: qcom-kryo: section annotations, firmware: Always initialize the fw_priv list object, firmware: security with request_firmware_into_buf(), b43: DMA error related regression with proprietary firmware, sysfs: Do not return POSIX ACL xattrs via listxattr, ovl: format of setxattr de, ovl: memory leak on unlink of indexed file, ovl: access beyond unterminated strings, ovl: set I_CREATING on inode being created, vfs: don't evict uninitialized inode, new primitive: discard_new_inode(), x86/APM: build warning when PROC_FS is not enabled, xen: GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage, xen: avoid crash in disable_hotplug_cpu, xen/manage: don't complain about an empty value in control/sysrq node, asm-generic: io: ioport_map() for !CONFIG_GENERIC_IOMAP CONFIG_INDIRECT_PIO, cifs: read overflow in is_valid_oplock_break(), s390/qeth: don't dump past end of unknown HW header, s390/qeth: use vzalloc for QUERY OAT buffer, r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED, drm/amdgpu: error handling in amdgpu_cs_user_fence_chunk

GNU GPL c linux kernel operating-system

schily 2018-10-11 💾

The "Schily" Tool Box is a set of tools written or managed by Jörg Schilling. It includes programs like: cdrecord, cdda2wav, readcd, mkisofs, smake, bsh, bosh, btcflash, calc, calltree, change, compare, count, cpp (K&R original), cstyle, devdump, dmake based on SunPro Make, hdump, isodebug, isodump, isoinfo, isovfy, label, man2html, mt, obosh, od, p, POSIX patch, pbosh, printf, sccs, scgcheck, scpio, scut, sdd, sfind, sformat, smake, sh/bosh (Bourne Shell), spaste, star, star_sym, strar, suntar, gnutar, tartest, termcap, and ved.

major feature: OS400 support is now complete. Added support for "pcc" on Linux (beware of the pcc compiler bugs). libschily: match.c avoids a buffer overflow with some pathological patterns. libschily: fstream packet added an aux pointer in the data structures. libschily: avoid a name clash on Linux with some stdio functions. libschily: major version is now 2. ibfind: -xdev changed it's behavior to follow a POSIX deviation from UNIX. bsh/Bourne Shell: endless alias recursion is now prevented on the 2nd word of the replacement as well. Bourne Shell: recursive begin alias expansion no longer results in unwanted alias expansion. Bourne Shell: 'case "" in "")' now works in POSIX mode. Bourne Shell: better parameter expansion with double quotes in the parameter string. Bourne Shell: set -e now works much better. compare: new options begin1= and begin2= have been added. smake: fastalloc() no longer causes a core dump on Sparc systems (introduced with nanosecond support). smake: autoconf support now knows about OS400. SunPro Make: dmake -m no longer gives a warning. ved: avoides a name clash on OS400.

CDDL software development build tools utilities

VideLibri 1.994 💾

VideLibri lists the books you have lend from a public library and lets you search the library catalog from your local device. It has all the usual features of an library OPAC, i.e. viewing, renewing, searching and ordering books. It also renews all due books automatically and can do other things only a locally running app can do, like keeping a history of all ever lend books across multiple libraries. It is the world's first library app. So far VideLibri has been tested with 200 libraries successfully, but it was designed to allow every user to adds its own library without requiring any/much programming knowledge. For this purpose three query languages were developed that are supposed to simplify the querying of webpages as much as possible: - A pattern-matching language that selects arbitrary data from a single HTML page, based on an annotated sample of that page. - A catalog of related pages to apply these patterns to multiple webpages. Its syntax is similar to XSLT and likewise it is almost Turing complete (i.e. it has the necessary control structures, but requires XPath to do calculations ). - A dialect of XPath/XQuery/JSONiq that is Turing-complete and thus can calculate arbitrary, unexpected things VideLibri is platform-independent and currently there are binaries for (Desktop) Windows, Linux and Android. At the moment its GUI is entirely in German as no support for any non-German-speaking library has been requested, but a translation can be made if wished for.

minor bugfix: aDIS/VÖBB: Only accept a table as table of lend books if it has at least 4 columns in case there are other tables on the webpage. sisis/public library Leipzig: Cut text from webpage appropriately. Universitätsbibliothek Kiel, Zentrale Hochschulbibliothek Lübeck, Bibliotheken der FH Kiel, Schleswig-Holsteinische Landesbibliothek: new server. fix import/export crash on 8.1.

GNU GPL libraries opac interpreter object-pascal java windows linux android bibliothek bibliotheken buecherei buechereien stadtbibliotheken

nf-pkd 💾

Successor to ipt-pkd. It's a single packet authorization port knock.

minor feature:

Mixed netfilter-queue port knock

CakePHP 3.7.0-beta1 💾

CakePHP is a web development framework, somewhat similar to Rails. It provides scaffolding tools, an ActiveRecord/DataMapper implementation, doesn't require much setup or configuration. It comes with helpers for text translations, caching, validation, authorization backends, CSRF and XSS protection, and templating. It follows the Web-"MVC" scheme, centralized route dispatching, less efficient class-by-class autoloading, etc. Thorough API documentation and a rich set of user-contributed plugins exist.

minor feature: Invalid encrypted cookie values no longer cause exceptions to be raised. Instead they are treated as empty values. ServerRequestFactory uses the configured webroot directory instead of hardcoded value now. Routing scopes that define an action now work correctly. Improved API documentation. EntityRoute now correctly handles _ in placeholder names, and handles brace style placeholders. Schema generation for MySQL binary types has been improved. Arbitrary sized columns are now handled correctly. Undefined controller properties now emit warnings when accessed. This prevents 'invalid method call on null' type errors. Response now checks disabled_functions before trying to set request timeout to 0. Re-rendering an email message no longer rotates the message-id. ADmad. Dennis Hemeier. Dmitrii Romanov. Edgaras Janušauskas. Hideki Kinjyo. Ian den Hartog. Jeremy Harris. Jose Diaz-Gonzalez. José Lorenzo Rodríguez. Mark Scherer. Mark Story.

MITL php framework web-mvc cakephp rails

HumHub 1.3.5 💾

HumHub is a social networking portal script and framework. It's flexible and comes with an user-friendly interface. HumHub can be used as customized social network, social intranet teamwork or enterprise application. It provides notifications, activity streams, dashboards, spaces, user profiles, social tools (follow, like, connect), groups, directories, file sharing, and search across all content.

minor feature: Serialization of notifications without originator fails. Hide unapproved member activities. Unable to deny invitation to private space. Added missing parent::init() to humhub modules stream widgets StreamViewer. Added PHP GD extension to the requirements (docs and selftest). Comment edit triggers new activity. typo from MailSummary::INTERVAL_HOURY to MailSummary::INTERVAL_HOURLY. Enh: Added humhub.modules.ui.filter.TextInput and related humhub modules ui filter widgets TextFilterInput. Enh: Enable data-action-keypress by default. Enh: Added preventDefault argument to humhub.modules.action.bindAction to disable prevent default behaviour for action events. bootstrap-datepicker.en.min.js 404 (Not Found). Comment form files not cleared. Enh: Added humhub modules file models isAssignedTo( record) argument in order to check if a File is attached to a specific record. rich-text mobile view wrong min-height calculation. layout container width differences. Exception on first login with ldap. comment scroll overflows button. widgetAction events case. Added humhub.modules.util.string.capitalizeFirstLetter and lowerCaseFirstLetter.

Affero GPLv3 php yii mysql social-network groupware

Dgame 0.6.6 💾

Dgame is a 2D framework which is based on SDL and OpenGL, and intended for the D programming language. Its overall design is based on Pygame and took further inspiration from SFML for C++. It provides an easy API for window management, implementing a main game loop with event handling and termination, framerate control, font loading, sprites, tile and image control, shape drawing, audio support, and OpenGL configuration.

minor feature: Update . Added Circle in the Dgame.Math. . Update Vector3.d. . Improved some things in Circle. . . . Update . Color4b to Color4f conversion.

BSDL dlang game sdl opengl developers

Nextcloud 14.0.2RC2 💾

Access, share and protect your files, calendars, contacts, communication & more at home and in your enterprise. Keep all of your life / business private and secure on a server you control. Share with only who you choose, and no-one else.

minor feature: Add rooms in the default candidate types to look for when sharing . Add support for rooms in the list of candidates to share with UI. . tests. . . . . . Tests. . . . . . . . . jsunit. . . . 14.0.0 RC 1. . . . Add the new share type. . tx-robot updated from transifex. . apps menu on mobile. . . . Allow same section class for multiple section types. . Add "Join the Team" section to . contactsmenu for mentioned users in comments. . tx-robot updated from transifex. . . . public pages conflicting. . . . Use empty alt tag for avatars since there is always the name next to it. . Make the color important. . . tx-robot updated from transifex. . cast timestamps older than unix epoch to 0. . . . Theming: apply proper size to the remove background button. . Theming: Only Entity in footer if a url is set. . Theming: footer tests. . Makes the notifications area width equal to the contents. . Increase z-index of drag shadow for files. . Remove limit on "max-width" for file names in drag shadow. . tx-robot updated from transifex. . . . . . . . apps menu and typo. . . . . . ensure we always return an array from `Request::getParams`. . use the same ignored properties list for both CustomerPropertiesBackends. . Do not parse HTML in user id and display name. . tx-robot updated from transifex. . Move SCSS variable fetching before the variables.scss to properly cal . . Remove border from primary button when color is bright. . . . Use main text color for editable divs and text areas. . tx-robot updated from transifex. . Prevent default action from being executed when the button is disabled. . Make the default element color for bright theming colors lighter. . empty mime type filter. . Store the mime type filter always as an array. . Make possible to pick both files and folders. . capabilities test. . . . . . . . path when app has wrong permission. . . . . . . . . . . . tx-robot updated from trans

Affero GPLv3 storage cloud web-environment file-sharing secure s3 dropbox

exiftool 11.13 💾

ExifTool is a Perl library and command-line tool for reading and updating common meta data information in various file formats. Foremost it works on image files, EXIF, PNG, GPS, IPTC, XMP, JFIF/JPEG, GeoTIFF, ICC Profile, Photoshop IRB, FlashPix, AFCP, AIFF, DJVU, Postscript, GZIP, OpenDocument, PDF, SVG, OGG and ID3. It can also edit maker notes of digital (RAW) camera files from Canon, Casio, FLIR, FujiFilm, GE, HP, JVC/Victor, Kodak, Leaf, Minolta/Konica-Minolta, Nikon, Nintendo, Olympus/Epson, Panasonic/Leica, Pentax/Asahi, Phase One, Reconyx, Ricoh, Samsung, Sanyo, Sigma/Foveon and Sony.

minor feature: Decode GPS from NextBase 512G dashcam MOV videos (different than 512GW). - Added a new Canon LensType. - Minor improvements to verbose dump of streaming GPS metadata. - Reverted change of version 10.71 which resulted in Windows not recognizing PNG CreationTime as written by ExifTool (add this feature to the StrictDate API option instead). - Improved decoding of Nikon CropHiSpeed. - Improved -fast option to reduce memory usage when reading JPG, PNG, QuickTime-based and RIFF-based files via a sequential stream. - DOF calculation to use ApproximateFocusDistance if available. - API Changes: - Enhanced StrictDate option to reformat PNG CreateTime according to PNG specification.

Artistic perl exif meta-data

SQLiteBrowser 3.11.0-alpha1 💾

SQLiteBrowser is a lightweight frontend for managing SQLite databases. It provides controls and wizards for database creation and compaction, defining or modifying tables or indexes, importing and exporting. The grid view allows to edit, add and delete rows, execute SQL statements, inspect the log, or search records.

minor feature: Cipher: passphrases containing single quotes - #1105. Cipher: Change tab order in encryption dialog - 9afb0fc. Typo in Russian translation - #1107. Pass /norestart to vcredist installer - #1114. Index updating when removing an indexed column from a table - #1115. Don't automatically commit all changes when editing a table column - #1116. Make text selectable in Edit dock even if db is opened as read only - #1123. Add 'NULL' filter - #1124. Custom type saving when only focus changes for user-entered type - #1147. Dbhub: Tweak certificate UI in the preferences dialog - #1087. Dbhub: progress dialog for very large files - #1095. Dbhub: Remove closing "." from the progress dialog - #1095. Dbhub: Ask user what to do when trying to open an updated database - #1096. Dbhub: Enforce name and commit message length limits in push dialog - #1097. Dbhub: Add tooltip to cog tool button - #1111. Dbhub: Redownload database if local copy has been deleted - #1111. Dbhub: wrong file size being shown for very large files - #1113. Dbhub: Support pushing to different branches than "master" - 5025e4d. Dbhub: Improve file size format - fe7707d. Dbhub: Optimise code - 876d938. Dbhub: branch list in push dialog - 8021523. DB.Browser.for.SQLite-3.10.1-win32.exe 2d4ee7c846aa0c9db36cc18a5078c7c296b8eddea8f8564622fef4bc23fa4368 . 2d4ee7c846aa0c9db36cc18a5078c7c296b8eddea8f8564622fef4bc23fa4368. DB.Browser.for.SQLite-3.10.1-win64.exe 2a04eceaf32d5a96a8a7d8a91f78fdd0bc8c44a5ae7f86cde568fee27d422d12 . 2a04eceaf32d5a96a8a7d8a91f78fdd0bc8c44a5ae7f86cde568fee27d422d12. DB.Browser.for.SQLite-3.10.1.dmg 9456e8ff081004bd16711959dcf3b5ecf9d304ebb0284c51b520d6ad1e0283ed . 9456e8ff081004bd16711959dcf3b5ecf9d304ebb0284c51b520d6ad1e0283ed. SQLiteDatabaseBrowserPortable_3.10.1_English.paf.exe Bd55d13f3fd8fe82ec856cfb430e428b0d921622e0cc5ed192cb5af827bf5f77 . Bd55d13f3fd8fe82ec856cfb430e428b0d921622e0cc5ed192cb5af827bf5f77.

MPL c++ qt4 sqlite database-management

OpenMPTCProuter 0.38 💾

OpenMPTCProuter is a solution to aggregate and encrypt (and can obfuscate) multiple internet connections and terminates it over any VPS which make clients benefit security, reliability, net neutrality, as well as dedicated public IP. The aggregation is based on Multipath TCP (MPTCP), which is ISP, WAN type, and latency independent "whether it was Fiber, VDSL, SHDSL, ADSL or even 4G", different scenarios can be configured to have either aggregation or failover based on MPTCP. Aggregation via Multi-link VPN (MLVPN) and Glorytun UDP with multipath support are also supported. The solution takes advantage of the OpenWRT system, which is user friendly and also adds the possibility of installing other packages like VPN, QoS, routing protocols, monitoring, etc. through web-interface or terminal.

minor feature: Increase vmalloc . Small wifi. Small changes in BPI-R2 kernel config. . Change in BPI-R2 kernel config. . BPI-R2 wifi device. . Update MPTCP patch for kernel 4.14 and 4.9. . Force JFFS2 mount if not already mounted.

GNU GPLv3 operating-system networking firewalls linux lua

Vim 8.1.0467 💾

Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Vim is often called a "programmer's editor," and so useful for programming that many consider it an entire IDE. It's not just for programmers, though. Vim is perfect for all kinds of text editing, from composing email to editing configuration files.

minor feature: patch 8.1.0467: cannot build with Mac OS X 10.5 Problem: Cannot build with Mac OS X 10.5. Solution: Change #ifdef into #if.

Other text-editor ide vi vim