Hi all,
Here's a patch which consolidates the NEWS file for the upcoming
4.9.0 release. Please also cherry-pick (or merge?) it into the
prerelease branch after importing it!
I've also added notes for the Android and iOS support; we forgot
about that when support for these platforms was added.
We'll need to remember to bump the version in prerelease to 4.9.0rc1!
Cheers,
Peter
--
http://www.more-magic.net
From 0a1f8b649af0b8a86c8068f21092703a4b0692b2 Mon Sep 17 00:00:00 2001
From: Peter Bex peter@xs4all.nl
Date: Fri, 4 Apr 2014 08:38:07 +0200
Subject: [PATCH] Consolidate NEWS file for 4.9.0
---
NEWS | 217 --
1 file changed, 93 insertions(+), 124 deletions(-)
diff --git a/NEWS b/NEWS
index 2efcfaf..996f1bb 100644
--- a/NEWS
+++ b/NEWS
@@ -1,38 +1,23 @@
-4.8.4
-
-- Core libraries
- - Fix subvector when the TO optional argument equals the given vector
-length (#1097)
-
-- Runtime system
- - finalizers on constants are ignored in compiled code because compiled
-constants are never GCed (before, the finalizer would be incorrectly
-invoked after the first GC). (Reported by Pluijzer)
-
-- Build system
- - The tests can now be run without having to first install CHICKEN.
-
-- Tools
- - csc -deploy works now on FreeBSD (thanks to Jules Altfas and
-Vitaly Magerya), OpenBSD and NetBSD (see README for NetBSD).
- - chicken-install: -deploy now correctly installs dependencies of
-deployed eggs under the deployment directory instead of globally.
-
-4.8.3
+4.9.0
- Security fixes
- CVE-2013-4385: read-string! no longer reads beyond its buffer when
length is #f.
-
-- Runtime system
- - The procedure trace buffer has been made resizable.
- - C_zap_strings and ##sys#zap-strings (undocumented) have been deprecated.
-
-- Tools
- - csc: -z origin is now passed as a linker option on FreeBSD when
-compiling for deployment (thanks to Jules Altfas Vitaly Magerya)
+ - CVE-2013-1874: ./.csirc is no longer loaded from the current directory
+upon startup of csi, which could lead to untrusted code execution.
+(thanks to Florian Zumbiehl)
+ - CVE-2013-2024: On *nix, the qs procedure now single-quotes everything
+instead of relying on a blacklist of shell characters to be escaped.
+On Windows, it properly duplicates double-quote characters. (thanks
+to Florian Zumbiehl)
+ - CVE-2013-2075: Use POSIX poll() in other places where select() was
+still being used. (thanks to Florian Zumbiehl and Joerg Wittenberger)
+ - CVE-2012-6122: Use POSIX poll() on systems where available. This avoids a
+design flaw in select(); it supports no more than FD_SETSIZE descriptors.
- Core libraries
+ - Fix subvector when the TO optional argument equals the given vector
+length (#1097)
- Unit extras now implicitly depends on ports. ports no longer
implicitly depends on extras. This may break programs which don't
use modules and forgot to require ports but use procedures from it.
@@ -51,50 +36,6 @@
scrutinizer.
- Fixed bugs in string-trim-right, string-index-right and
string-skip-right, from SRFI-13
-
-- Platform support
- - CHICKEN can now be built on AIX (contributed by Erik Falor)
- - CHICKEN can now be built on GNU Hurd (contributed by Christian Kellermann)
-
-4.8.2
-
-- Security fixes
- - CVE-2013-1874: ./.csirc is no longer loaded from the current directory
-upon startup of csi, which could lead to untrusted code execution.
-(thanks to Florian Zumbiehl)
- - CVE-2013-2024: On *nix, the qs procedure now single-quotes everything
-instead of relying on a blacklist of shell characters to be escaped.
-On Windows, it properly duplicates double-quote characters. (thanks
-to Florian Zumbiehl)
- - CVE-2013-2075: Use POSIX poll() in other places where select() was
-still being used. (thanks to Florian Zumbiehl and Joerg Wittenberger)
-
-- Tools
- - csc: added -oi/-ot options as alternatives to -emit-inline-file
-and -emit-type-file, respectively; -n has been deprecated.
- - chicken-install now also accepts full URI syntax for proxy environment
-variables (thanks to Michele La Monaca)
-
-- Syntax
- - Added the aliases optional and rest as alternatives to #!optional
-and #!rest in type-declarations (suggested by Joerg Wittenberger).
- - Vectors, SRFI-4 number vectors and blobs are now self-evaluating for
- R7RS compatibility. Being literal constants, they are implicitly quoted.
- - For R7RS compatibility, named character literals #\escape and #\null are
- supported as aliases for #\esc and #\nul. WRITE will output R7RS names.
- - The CASE form accepts = proc syntax, like COND (as specified by R7RS).
- - letrec* was added for R7RS compatibility. Plain letrec no longer behaves
-like letrec*.
-
-- Compiler
- - the inline declaration does not force inlining anymore as recursive
-inlining could lead to
