首页
论坛
课程
招聘
[转帖] Notepad++ 7.6.4
2019-3-9 07:40 2737

[转帖] Notepad++ 7.6.4

2019-3-9 07:40
2737

Notepad++ 7.6.4

06 Mar 2019 14:33:00

When you install Notepad++ version 7.6.4, You might notice there's no more blue-trusted UAC popup. Here's the explanation for the reason that we remove code signing from Notepad++ :

3 years ago DigiCert donated a 3 years code signing certificate to the project, and every good thing has its end, the certificate has been expired since the beginning of this year.

I was trying to purchase another certificate with reasonable price. However I cannot use "Notepad++" as CN to sign because Notepad++ doesn’t exist as company or organization. I wasted hours and hours for getting one suitable certificate instead of working on essential thing - Notepad++ project. I realize that code signing certificate is just an overpriced masturbating toy for FOSS authors - Notepad++ has done without certificate for more than 10 years, I don’t see why I should add the dependency now (and be an accomplice of this overpricing industry). I decide to do without it.

It doesn’t mean there’s no more security in Notepad++, but it will be less flexible for sure:

SHA256 hash of Installer and other packages will be provided for every release as usual. Too bad for ugly yellow-orange UAC popup while installation.

Notepad++ will check the SHA256 of all the components (SciLexer.dll, GUP.exe and nppPluginList.dll) used by the program.

Markdown is supposed to work in v7.6.3, but the needed file isn't deployed correctly by the installer. The bug is fixed in this version. Additionally Markdown is available in every package from this release.

European Commission's Free and Open Source Software Auditing Bug Bounty program is still in progress, few vulnerable issues and some crash bugs are identified and fixed in this release thanks toHackerOneteam's help.


_https://notepad-plus-plus.org/download/v7.6.4.html

[注意] 欢迎加入看雪团队!base上海,招聘CTF安全工程师,将兴趣和工作融合在一起!看雪20年安全圈的口碑,助你快速成长!

收藏
点赞1
打赏
分享
最新回复 (3)
雪    币: 857
活跃值: 活跃值 (11)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
chingshe 活跃值 2019-3-27 18:01
2
0
好用又轻巧的纯文字编辑工具,功能比 Windows 内建的记事本强太多了,可以用来取代记事本。
雪    币: 38235
活跃值: 活跃值 (156196)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
linhanshi 活跃值 2019-4-2 10:01
3
0

Notepad++ 7.6.5

Notepad++ v7.6.5 enhancements & bug-fixes:

Security enhancement:GPG Signatureis provided for Notepad++ release.

Fix a long waiting issue about file auto change detection: enhance "File status Auto-Detection" to avoid switching editing tab off behaviour.

Fix encoding (language) detection regressions since v7.6.

Fix a regression: double-clicking on a "find all in current document" result for an unsaved doc prompts to save it.

Added close all unchanged tabs command.

Restore deleted "Launch in browser" customized shortcuts in EU-FOSSA bounty program by implementing them in more secure way: Add "View Current

Retain read only setting state in session.

Enhancement: after file reload user can still undo.

Fix a bug in command "Remove Consecutive Duplicate Lines" and make it work with old Macintosh EOL.

Fix UDL language marker bullet position, if UDL Name exceeds 14 characters, extend UDL names to max 64 characters.

Enhance external call code to avoid eventual arbitrary commands execution. (EURO-FOSSA)

Fix crash issue by command "On Selection->Open File" while the number of selected characters is exceed 2048. (EURO-FOSSA)

Fix crash issue of User Define dialog while deleting a unallocated entry. (EURO-FOSSA)

Fix crash issue on shortcut command while its length exceed 260. (EURO-FOSSA)

Add an enhancement on "Open..." command to prevent from the eventual crash. (EURO-FOSSA)

Fix stack Buffer Overflow in Command::extractArgs. (EURO-FOSSA)

_https://notepad-plus-plus.org/download/v7.6.5.html
雪    币: 38235
活跃值: 活跃值 (156196)
能力值: (RANK:10 )
在线值:
发帖
回帖
粉丝
linhanshi 活跃值 2019-4-5 06:18
4
0
Notepad++ 7.6.6  (04.04.2019)

ince version 7.6.5 of Notepad++, the distributive packages are signed with digital signature by using GnuPG (GNU Privacy Guard). This allows users to reliably validate authenticity and integrity of Notepad++ packages.

On Windows you can use native GnuPG (https://gnupg.org) which works under the command line, or use Gpg4win (https://www.gpg4win.org) which is based on GnuPG and has a nice GUI. Of course you can also use PGP Desktop, which now days is provided by Symantec. Most Linux distributions ship with GnuPG installed by default. If you don't have it then install it using package management system present in your distribution.

_https://notepad-plus-plus.org/news/v7.6.6-with-gpg-signatures.html

_https://notepad-plus-plus.org/download/v7.6.6.html
游客
登录 | 注册 方可回帖
返回