Matthias Fischer [Fri, 14 Jan 2022 16:11:07 +0000 (17:11 +0100)]
clamav: Update to 0.104.2
For details see:
https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html
"ClamAV 0.104.2 is a critical patch release with the following fixes:
CVE-2022-20698: Fix for invalid pointer read that may cause a crash.
Affects 0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c
and the CL_SCAN_GENERAL_COLLECT_METADATA scan option (the clamscan
--gen-json option) is enabled.
..."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Wed, 23 Jun 2021 17:30:00 +0000 (19:30 +0200)]
usbutils: Update to version 013
- Update from 007 (2013) to 013 (2020)
- Update rootfile
- Changelog
usbutils 013
Aurelien Jarno (1):
lsusb.8.in: do not mention usb.ids
Baruch Siach (1):
usb-devices.1: don't mention bash
Greg Kroah-Hartman (15):
usbhid-dump: move manpage to main directory out of subdir
usbhid-dump.8: add SPDX header
usbhid-dump.8: autogenerate it with the usbutils version number
.gitignore: add usbhid-dump.8
usbhid-dump: add SPDX identifiers to all files.
usbhid-dump: remove libusb.h libusb_strerror() implementation
usbhid-dump: remove lib directory
usbhid-dump: move .h files into src/ directory
Makefile.am: add usbhid-dump.8 to distclean list
usbhid-dump: some autoconf cleanup
usbhid-dump: remove some dev_list functions that were never used
dump_audiostreaming_interface(): remove unused variable
usbmisc: initialize string buffer before reading from device.
lsusb.py: drop trailing space on non-hub devices
lsusb.py: strip whitespace from device strings
Jakub Wilk (2):
lsusb(8): fix formatting
lsusb(8): document --tree
Pino Toscano (1):
lsusb.py: remove private paths for usb.ids
Rob Gill (1):
Additional device classes for usb-devices script
Rosen Penev (1):
usbhid-dump: Do not use rindex
Thomas Hebb (4):
Move read_sysfs_prop() from names.c to its own file
sysfs: Don't return bogus data for devices under a hub
lsusb: Use vendor and product name fallback logic in -D mode too
lsusb: Get manufacturer, product, and serial from sysfs
Timothy Robert Bednarzyk (1):
bootstrap: change /bin/bash to /bin/sh
Torleiv Sundre (1):
lsusb: fix two typos in UVC Extension Unit descriptor
Tormod Volden (1):
usbhid-dump: Put back autoconf check for libusb_set_option()
usbutils 012
Greg Kroah-Hartman:
Merge usbhid-dump into main usbutils repository
usbutils 011
Clemens Fruhwirth (1):
Add usbreset.c as noinst_PROGRAMS target.
Daniel Schaefer (1):
lsusb: Read unkown names from sysfs device desc.
Darsey Litzenberger (3):
Remove a small hack that no longer has any effect.
Cleanup grammar
lsusb-t: Emit USB IDs and other handy info when verbosity is increased
Emmanuele Bassi (1):
Require newer version of libusb
Georg Brandl (1):
lsusb.py: fix up Python 3 conversion
Greg Kroah-Hartman (10):
SPDX bill-of-material is supposed to be project_name.spdx
usbutils.spdx: rerun report, it is properly sorted.
desc-dump.c: fix compiler warning about unused variable
add usbreset to .gitignore
usbreset: fix some build warnings
usbhid-dump: update to latest version
fix up standard int types
update usbhid-dump git id
usbhid-dump: update to a newer version of usbhid-dump again.
usbutils.spdx: update with latest information
Kurt Garloff (4):
lsusb.py: Search multiple paths for usb.ids.
lsusb.py: Usb enum for parser state machine.
lsusb.py: Add driver names for usbhid.
lsusb.py: python2 compatibility
Lukas Nykryn (1):
Makefile.am: add files with licenses to archive
Mantas Mikulėnas (33):
lsusb.py: sort devices and interfaces numerically
lsusb.py: sort toplevel entries
lsusb.py: improve usage text
lsusb.py: replace fake deepcopy()
lsusb.py: remove -w (warn if usb.ids not sorted) option
lsusb.py: ensure all error messages are written to stderr
lsusb.py: support long options
lsusb.py: use regular print() instead of hand-rolling the same thing
lsusb.py: avoid shadowing Python's built-in 'str'
lsusb.py: replace usb.ids binary search with dict lookup
lsusb.py: remove now-unused bin_search()
lsusb.py: avoid manual calls to __foo__()
lsusb.py: replace __repr__() for USB IDs with __str__()
lsusb.py: insert class FF:FF:FF into usbclasses to avoid special casing
lsusb.py: entirely remove Usb* classes
lsusb.py: cosmetic - replace tuples-as-"immutable lists" with regular lists
lsusb.py: use 'elif' where suitable
lsusb.py: remove dead code
lsusb.py: move unrelated code out of try..except
lsusb.py: allow - as well as _ when matching hci module names
lsusb.py: use a constant for the magic class number 9
lsusb.py: Usb* classes: call read() automatically from constructor
lsusb.py: UsbEndpoint: indent is a class implementation detail
lsusb.py: a few cosmetic changes
lsusb.py: shorten find_usb_class()
lsusb.py: give all Usb* objects a .path attribute
lsusb.py: add an actual __repr__() to classes
lsusb.py: give all Usb* classes a superclass
lsusb.py: convert readattr() and readlink() to methods of the container
lsusb.py: use color by default
lsusb.py: rework output for more consistent indent of both columns
lsusb.py: fix endpoint interval spacing
lsusb.py: visually group USB-version-related fields
Michael Drake (4):
lsusb: Split out routine that fetches value for given field.
lsusb: Split out field name rendering.
lsusb: Add support for descriptor extensions.
lsusb: Add support for audio processing unit type-specific fields.
Philip Langdale (2):
lsusb: Added support for Billboard Alternate Mode Capability descriptor
lsusb.py: Fix formatting of 10Gbps speeds
Ross Burton (1):
usb-devices: use /bin/sh hashbang
Solomon Peachy (1):
lsusb: Add support for decoding IPP printer descriptors
Stefan Tauner (1):
Depend on libusb 1.0.14
Valerii Zapodovnikov (1):
man pages: add information on verbosity levels of -t option
junjie (1):
fix typo
usbutils 010
Aurelien Jarno (2):
usbreset.c: add missing <stdlib.h> include
Do not create and install usbutils.pc
Greg Kroah-Hartman (32):
fix dump_videocontrol_interface for unitialized variable usage
Add correct SPDX license identifiers to all files
Add SPDX identifiers on files that did not have a specific license.
wTotalLength should be printed as a hex number
usbmisc: fix up some strncpy() issues
lsusb-t: fix up error with readlink()
lsusb.py.in: add proper SPDX license identifier
usb-devices: reword the copyright identifier
LICENSES: move the GPL 2 license to the LICENSES directory
LICENSES/GPL-3.0.txt: add the file
lsusb.h: add copyright notice
lsusb-t: add copyright info
bom.spdx: Add bill of materials file in SPDX format.
ChangeLog: remove it.
AUTHORS: remove file
do_release: drop file
NEWS: add SPDX header and comment
autogen.sh: add SPDX and copyright header
list.h: add copyright information
travis-autogen.sh: add SPDX and copyright information.
INSTALL: remove the file, it's boiler-plate
configure.ac: add SPDX and copyright
man pages: add SPDX and copyright information
Makefile.am: add SPDX and copyright information
.gitmodules: add SPDX and copyright lines
lsusb.py.in: fix up Copyright strings
usbreset.c: add Alan's copyright
.travis.yml: add correct SPDX and copyright notices
bom.spdx: update with latest copyright and SPDX identifier additions
README.md: move the README file to markdown
README.md: fix fomatting
bom.spdx: upate with README -> README.md change
Lukas Nykryn (1):
lsusb.py: convert to python3
Michael Drake (11):
lsusb: Split subtype mapping out of AudioControl interface handling.
lsusb: Add declarative definitions for UAC1 and UAC2 descriptors.
lsusb: Add code to dump descriptor data using descriptor definition.
lsusb: Switch to descriptor-definition based dump for UAC1 and UAC2.
lsusb: Add descriptor definitions for UAC3.
lsusb: Add initial support for USB Audio Device Class 3.
lsusb: Add descriptor definition for USB3 BOS Configuration Summary.
lsusb: Dump USB3 BOS Configuration Summary Descriptor.
lsusb: Squash Wpointer-compare warning.
lsusb: Remove unused function.
lsusb: Fix array entry count for variable sized entries.
Robby Workman (1):
Makefile.am: Include usbreset.c in the release tarball
Torleiv Sundre (1):
lsusb: Dump UVC Stream based payload descriptor.
usbutils 009
Bjørn Mork (1):
usbreset: coding style
Emmanuele Bassi (1):
Don't use C99-ism
Greg Kroah-Hartman (22):
usbhid-dump: update submodule to latest version
add usbreset.c example program
update usbhid-dump to latest
lsusb.py: Don't dump a trace dump if usb.ids is not present
Grueninger, Tobias (1):
USB: usb-devices: Interface number can be a string
Heinrich Schuchardt (1):
autogen.sh: checkout usbhid-dump
Jaejoong Kim (4):
lsusb : add support for the Encoding Unit Desc for uvc 1.5 device
lsusb: fix alignment for Video Streaming interface desc
lsusb: parse additional control fileds in USB video control interfaces for UVC1.5
lsusb: proper display hexadecimal value for UVC control interface
Jakub Wilk (1):
Fix typos
Jo-Philipp Wich (1):
usbreset.c: import usability improvements from OpenWrt
Justin McBride (2):
Update lsusb.c
Un-indent bVariableSize for Frame-Based Format descriptors
Kylie McClain (1):
Makefile: install pkgconfig file to arch-dependent location
Mathias Nyman (2):
lsusb: Allocate the BOS descriptor buffer dynamically
lsusb: Add support for the USB 3.1 SuperSpeedPlus device capability desc
Muthu M (2):
lsusb: Fix issue with lengthy string descriptors
lsusb: Added support for Billboard Capability descriptor
Nikolai Kondrashov (2):
Update usbhid-dump repo URL
Update usbhid-dump to v1.4
Stephan Linz (7):
travis-ci: add control files borrowed from libusb
configure: remove summary about unused USE_ZLIB
drop unused input file for usb.ids update script
substitute usb.id location in lsusb Python script
travis-ci: cleanup before second run
travis-ci: rework travis-autogen.sh
lsusb: remove unused variable procbususb
Tobias Klauser (4):
lsusb: Report correct MaxPower for USB 3.0 devices
lsusb: Request proper descriptor type for USB 3.1
lsusb: Store link state descriptions without preceding space
build: Request at least libusb 1.0.9
Torleiv Sundre (2):
Added support for Platform Device Capability descriptor
lsusb: change endianness of first three fields when printing UUID/GUIDs.
Vianney le Clément de Saint-Marcq (3):
lsusb: Fix UVC STILL_IMAGE_FRAME descriptor
lsusb: Fix UVC VideoStreaming interface header descriptor
lsusb: Fix UVC OUTPUT_TERMINAL descriptor
Vincent Palatin (1):
lsusb: print WebUSB platform descriptor
usbutils 008
Alexandra Yates (2):
lsusb: Reports if USB2.0 port is on L1 state
lsusb: Reports devices that support BESL on USB2.0
Aurelien Jarno (1):
dump_ccid_device: fix a typo
Ben Chan (1):
lsusb: decode CDC MBIM extended functional descriptor
Greg Kroah-Hartman (8):
lsusb: fix incorrect printf() for CAPS
lsusb-t: handle problem if there is no usb bus list
.gitignore: add compile to the list of things we need to ignore
John Freed (1):
Fix logic error
Kurt Garloff (1):
Update lsusb.py in usbutils
Lukas Nykryn (2):
update COPYING file
lsusb-t: don't segfault when usbbuslist is empty
Peter Wu (1):
Ignore invalid string descriptors
Raphaël Droz (1):
usb-devices: hexadecimal bInterfaceNumber handling
Tom Gundersen (2):
lsusb: port to hwdb
drop dependency on usb.ids
Vadim Rutkovsky (1):
New path for usbhid-dump submodule
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Add missing closing tags, indentation and CSS styling.
Add link to reboot notice, left-align info list and resize packages
lists for better readability.
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de> Acked-by: Peter Müller <peter.mueller@ipfire.org>
pakfire: Implement feedback from mailing list discussion
- Improve lockfile test: Return immediately if lockfile is present,
to prevent unnecessary and expensive "pidof" calls
- Add better explanation to the log file reading command and JS
- Change user interface: If no errors occurred, the page returns to
the main screen (after a short delay). If an error occurred, the log
output remains and a message is shown.
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de> Acked-by: Peter Müller <peter.mueller@ipfire.org>
pakfire.cgi: Remove "sleep" after running Pakfire command
The extended lockfile test seems to be sufficient to detect
a running Pakfire process and display the logs.
"Sleep" even proved to be counterproductive, as fast processes
can finish in under a second and are then again not detected.
Currently the page becomes unresponsive while Pakfire is busy.
This patch implements a AJAX/JSON driven log output, to provide
continuous information to the user while Pakfire is running.
The output is updated 1x per second, if the load should be too high,
the interval can be change by writing to "pakfire.refreshInterval".
This implements a function to determine if Pakfire is already running.
It tests the PID and lockfile and can be expanded easily later.
'pidof' checks the full path to avoid confusion.
Stefan Schantl [Mon, 15 Nov 2021 20:23:33 +0000 (21:23 +0100)]
pakfire.cgi: Bring back old logic for log displaying
Trying to get rid of the system backpipe check if a pakfire is running
does not work very well. It simply makes the code more complex and
only introduced some new problems.
This commit switches back to the old logic which worked well in the
past.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org> Tested-by: Bernhard Bitsch <bbitsch@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:48:46 +0000 (14:48 +0100)]
firewall: Introduce DROP_HOSTILE
Similar to the Location block, this chain logs and drops all traffic
from and to networks known to pose technical threats to IPFire users.
Doing so in a dedicated chain makes sense for transparency reasons, as
we won't interfer with other firewall rules or the Location block, so it
is always clear why a packet from or to such a network has been dropped.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:48:33 +0000 (14:48 +0100)]
firewall: Prevent spoofing our own RED IP address
There is no legitimate reason why traffic from our own IP address on RED
should ever appear incoming on that interface.
This prevents attackers from impersonating IPFire itself, and is only
cleared/reset if the RED interface is brought up. Therefore, an attacker
cannot bypass this by foring a dial-up or DHCP connection to break down.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:48:17 +0000 (14:48 +0100)]
firewall: Log and drop spoofed loopback packets
Traffic from and to 127.0.0.0/8 must only appear on the loopback
interface, never on any other interface. This ensures offending packets
are logged, and the loopback interface cannot be abused for processing
traffic from and to any other networks.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:47:56 +0000 (14:47 +0100)]
firewall: Accept inbound Tor traffic before applying the location filter
Inbound Tor traffic conflicts with Location block as inbound connections
have to be accepted from many parts of the world. To solve this,
inbound Tor traffic has to be accepted before jumping into Location block
chain.
Note this affects Tor relay operators only.
Rolled forward as ongoing from
https://patchwork.ipfire.org/project/ipfire/patch/f8ee2e1d-b642-8c63-1f8a-4f24c354cd90@ipfire.org/,
note the documentation in the wiki needs to be updated once this landed
in production.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:47:25 +0000 (14:47 +0100)]
firewall: Log packets dropped due to conntrack INVALID state
In case of faulty connection tracking, this ensures such packets are
logged, to make analysing network incidents less troublesome. Since
NewNotSYN is handled before, where logging can be turned off for systems
running on weak flash devices, the amount of log messages emitted here
should be neglectible.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
For details see:
http://www.squid-cache.org/Versions/v5/changesets/
There is still no official announcement.
Nevertheless, since 31 Jul 2021, 'squid 5.1' has become "stable"
and is listed under "Current versions suitable for production use".
The only problem I found during testing deals with 'privoxy'.
Since 'privoxy' - as parent cache_peer - sometimes replies with a '403',
'squid 5.1' handles this cache_peer connection as 'dead' which is then
logged in 'cache_log'. See discussion on list.
Actually this is something that got fixed from 'squid 4.16' to '5.1' - its
no bug - its a feature. Everything else works as expected,'squid' and
'privoxy' developers were informed.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Sun, 2 Jan 2022 12:05:12 +0000 (13:05 +0100)]
perl-libwww: Update to version 6.60 and rename from libwww-perl to perl-libwww
- Update from 5.803 (2004) to 6.60 (2021)
- Rename lfs and rootfile from libwww-perl to perl-libwww making it consistent with other
perl programs that start with perl rather than end with it in the name
- Update of rootfile
- Changelog is too long to include here (~900 lines long)
The details can be found in the Changes file in the source tarball. Looks like more
than 200 bugs fixed between the existing and new versions.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 1 Jul 2021 16:15:20 +0000 (18:15 +0200)]
gdbm: Update to version 1.20
- Update from 1.8.3 (2002) to 1.20 (2021)
- Update rootfile
- There is no longer a make process for make install-compat
To have the compat libraries you have to add --enable-libgdbm-compat to the configure
command but then you don't get the non compat libraries.
So the full configure, make, make install has to be run twice with
--enable-libgdbm-compat added to the second instance.
- Both static and shared libs are built by default so added --disable-static to both
build instances
- Nothing flagged from find-dependencies run against the old library versions
- Changelog is too large to include here but full details can be found from the
ChangeLog file in the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Tue, 24 Aug 2021 21:28:27 +0000 (23:28 +0200)]
lvm2: Update to 2.02.188
- Update from 2.02.187 to 2.02.188
- Update of rootfile not required
- Changelog
Version 2.02.188 - 07th May 2021
Fix problem with unbound variable usage within fsadm.
Avoid removing LVs on error path of lvconvert during creation volumes.
Fix crashing lvdisplay when thin volume was waiting for merge.
Support option --errorwhenfull when converting volume to thin-pool.
Improve thin-performance profile support conversion to thin-pool.
Support resize of cached volumes.
Allocation prints better error when metadata cannot fit on a single PV.
Pvmove can better resolve full thin-pool tree move.
Limit pool metadata spare to 16GiB.
Improves convertsion and allocation of pool metadata.
Support thin pool metadata 15.88GiB, adds 64MiB, thin_pool_crop_metadata=0.
Enhance lvdisplay to report raid availiable/partial.
Enhance error handling for fsadm and hanled correct fsck result.
Stop logging rename errors from persintent filter.
Dmeventd lvm plugin ignores higher reserved_stack lvm.conf values.
Support using BLKZEROOUT for clearing devices.
Support interruption when wipping LVs.
Add configure --enable-editline support as an alternative to readline.
Zero pool metadata on allocation (disable with allocation/zero_metadata=0).
Failure in zeroing or wiping will fail command (bypass with -Zn, -Wn).
Fix support for lvconvert --repair used by foreign apps (i.e. Docker).
Support interruption for bcache waiting.
Fix bcache when device has too many failing writes.
Fix bcache waiting for IO completion with failing disks.
Configure use own python path name order to prefer using python3.
Enhance reporting and error handling when creating thin volumes.
Use revert_lv() on reload error path after vg_revert().
Improve estimation of needed extents when creating thin-pool.
Use extra 1% when resizing thin-pool metadata LV with --use-policy.
Enhance --use-policy percentage rounding.
Switch code base to use flexible array syntax.
Preserve uint32_t for seqno handling.
Switch from mmap to plain read when loading regular files.
Fix running out of free buffers for async writing for larger writes.
Fix conversion to raid from striped lagging type.
Fix conversion to 'mirrored' mirror log with larger regionsize.
Fix support for lvconvert --repair used by foreign apps (i.e. Docker).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 12 Sep 2021 12:34:39 +0000 (14:34 +0200)]
python3-setuptools: Update to version 58.0.4
- Update from 56.2.0 to 58.0.4
- Update rootfile
- Changelog
v58.0.4
* #2773: Retain case in setup.cfg during sdist.
v58.0.3
* #2777: Build does not fail fast when ``use_2to3`` is supplied but set to a false value.
v58.0.2
* #2769: Build now fails fast when ``use_2to3`` is supplied.
v58.0.1
* #2765: In Distribution.finalize_options, suppress known removed entry points to avoid issues with older Setuptools.
v58.0.0
* #2086: Removed support for 2to3 during builds. Projects should port to a unified codebase or pin to an older version of Setuptools using PEP 518 build-requires.
* #2746: add python_requires example
v57.5.0
* #2712: Added implicit globbing support for `[options.data_files]` values.
* #2737: fix various syntax and style errors in code snippets in docs
v57.4.0
* #2722: Added support for ``SETUPTOOLS_EXT_SUFFIX`` environment variable to override the suffix normally detected from the ``sysconfig`` module.
v57.3.0
* #2465: Documentation is now published using the Furo theme.
v57.2.0
* #2724: Added detection of Windows ARM64 build environments using the ``VSCMD_ARG_TGT_ARCH`` environment variable.
v57.1.0
* #2692: Globs are now sorted in 'license_files' restoring reproducibility by eliminating variance from disk order.
* #2714: Update to distutils at pypa/distutils@e2627b7.
* #2715: Removed reliance on deprecated ssl.match_hostname by removing the ssl support. Now any index operations rely on the native SSL implementation.
* #2604: Revamped the backward/cross tool compatibility section to remove
some confusion.
Add some examples and the version since when ``entry_points`` are
supported in declarative configuration.
Tried to make the reading flow a bit leaner, gather some informations
that were a bit dispersed.
v57.0.0
* #2645: License files excluded via the ``MANIFEST.in`` but matched by either
the ``license_file`` (deprecated) or ``license_files`` options,
will be nevertheless included in the source distribution. - by :user:`cdce8p`
* #2628: Write long description in message payload of PKG-INFO file. - by :user:`cdce8p`
* #2645: Added ``License-File`` (multiple) to the output package metadata.
The field will contain the path of a license file, matched by the
``license_file`` (deprecated) and ``license_files`` options,
relative to ``.dist-info``. - by :user:`cdce8p`
* #2678: Moved Setuptools' own entry points into declarative config.
* #2680: Vendored `more_itertools <https://pypi.org/project/more-itertools>`_ for Setuptools.
* #2681: Setuptools own setup.py no longer declares setup_requires, but instead expects wheel to be installed as declared by pyproject.toml.
* #2650: Updated the docs build tooling to support the latest version of
Towncrier and show the previews of not-yet-released setuptools versions
in the changelog -- :user:`webknjaz`
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sun, 12 Sep 2021 12:33:44 +0000 (14:33 +0200)]
libxml2: Update to version 2.9.12
- Update from 2.9.10 to 2.9.12
- Update rootfile
- Changelog for 2.9.11 is too large to put all of it here. Full details can be found at
http://www.xmlsoft.org/news.html
Git commit comments:-
2.9.12
Brown paper bag release, some recently added sources were missing from
the 2.9.11 tarball
2.9.11
Prompted by CVE-2021-3541, but this includes an awful lot of serious bug
fixes by Nick and others
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sun, 12 Sep 2021 12:34:05 +0000 (14:34 +0200)]
libxslt: Update to version 1.1.34
- Update from 1.1.28 (2012) to 1.1.34 (2019)
- Update rootfile
- Changelog
Changes for 1.1.29 and 1.1.30 are available on the website
http://xmlsoft.org/XSLT/news.html
All subsequent change descriptions are only available by reading the git commits at
https://gitlab.gnome.org/GNOME/libxslt/-/commits/master
but those only seem to go back to Nov 2020
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Thu, 13 Jan 2022 12:24:40 +0000 (13:24 +0100)]
libvirt: Update to version 7.10.0
- Update from 6.5.0 to 7.10.0 (17 releases between these versions)
- Update of rootfile
- Update of patch as source file contents changed enough that old patch failed to work
- Build changed to meson/ninja as autotools option has been removed
- Most of the existing options were available as meson options - look in
meson_options.txt file in the source tarball.
Three options were not available with meson
--with-virtualport
--with-macvtap
--without-dbus
- Changelog is too large to include here (~1200 lines) but the detail can be seen in the
NEWS.rst file in the source tarball. Many bug fixes identified in the changelog
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Mon, 3 Jan 2022 12:46:28 +0000 (13:46 +0100)]
zstd: Update to version 1.5.1
- Update from 1.5.0 to 1.5.1
- Update of rootfile
- Changelog
v1.5.1 (Dec, 2021)
perf: rebalanced compression levels, to better match the intended speed/level curve,
by @senhuang42
perf: faster huffman decoder, using x64 assembly, by @terrelln
perf: slightly faster high speed modes (strategies fast & dfast), by @felixhandte
perf: improved binary size and faster compilation times, by @terrelln
perf: new row64 mode, used notably in level 12, by @senhuang42
perf: faster mid-level compression speed in presence of highly repetitive patterns,
by @senhuang42
perf: minor compression ratio improvements for small data at high levels, by @cyan4973
perf: reduced stack usage (mostly useful for Linux Kernel), by @terrelln
perf: faster compression speed on incompressible data, by @bindhvo
perf: on-demand reduced ZSTD_DCtx state size, using build macro
ZSTD_DECODER_INTERNAL_BUFFER, at a small cost of performance, by @bindhvo
build: allows hiding static symbols in the dynamic library, using build macro,
by @skitt
build: support for m68k (Motorola 68000's), by @cyan4973
build: improved AIX support, by @Helflym
build: improved meson unofficial build, by @eli-schwartz
cli : custom memory limit when training dictionary (#2925), by @embg
cli : report advanced parameters information when compressing in very verbose mode
(``-vv`), by @Svetlitski-FB
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 3 Jan 2022 12:46:08 +0000 (13:46 +0100)]
freetype: Update to version 2.11.1
- Update from 2.11.0 to 2.11.1
- Update of rootfile
- Changelog is too long to include here - more than 1500 lines.
Details can be found in the ChangeLog file in the source tarball.
24 bug fixes listed.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 3 Jan 2022 12:45:47 +0000 (13:45 +0100)]
expat: Update to version 2.4.2
- Update from 2.4.1 to 2.4.2
- Update of rootfile
- Changelog
Release 2.4.2 Sun December 19 2021
Other changes:
#509 #510 Link againgst libm for function "isnan"
#513 #514 Include expat_config.h as early as possible
#498 Autotools: Include files with release archives:
- buildconf.sh
- fuzz/*.c
#507 #519 Autotools: Sync CMake templates
#495 #524 CMake: MinGW: Fix pkg-config section "Libs" for
- non-release build types (e.g. -DCMAKE_BUILD_TYPE=Debug)
- multi-config CMake generators (e.g. Ninja Multi-Config)
#502 #503 docs: Document that function XML_GetBuffer may return NULL
when asking for a buffer of 0 (zero) bytes size
#522 #523 docs: Fix return value docs for both
XML_SetBillionLaughsAttackProtection* functions
#525 #526 Version info bumped from 9:1:8 to 9:2:8;
see https://verbump.de/ for what these numbers do
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 25 Nov 2021 18:17:13 +0000 (19:17 +0100)]
tcl: Update to version 8.6.12
- Update from 8.6.11 to 8.6.12
- Update of rootfile
- Changelog is no longer supported by tcl. All changes are put into a timeline which can
be viewed at https://core.tcl-lang.org/tcl/timeline although I can't figure out from
the timeline what change goes with what version. Hopefully other people are better
able to understand the information. This timelien cannot be easily summarised or
copied into this commit.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 28 Nov 2021 22:17:01 +0000 (23:17 +0100)]
pcre2: Update to version 10.39
- Update from 10.37 to 10.39
- Update of rootfile
- Changelog
Version 10.39 29-October-2021
1. Fix incorrect detection of alternatives in first character search in JIT.
2. Merged patch from @carenas (GitHub #28):
Visual Studio 2013 includes support for %zu and %td, so let newer
versions of it avoid the fallback, and while at it, make sure that
the first check is for DISABLE_PERCENT_ZT so it will be always
honoured if chosen.
prtdiff_t is signed, so use a signed type instead, and make sure
that an appropiate width is chosen if pointers are 64bit wide and
long is not (ex: Windows 64bit).
IMHO removing the cast (and therefore the positibilty of truncation)
make the code cleaner and the fallback is likely portable enough
with all 64-bit POSIX systems doing LP64 except for Windows.
3. Merged patch from @carenas (GitHub #29) to update to Unicode 14.0.0.
4. Merged patch from @carenas (GitHub #30):
* Cleanup: remove references to no longer used stdint.h
Since 19c50b9d (Unconditionally use inttypes.h instead of trying for stdint.h
(simplification) and remove the now unnecessary inclusion in
pcre2_internal.h., 2018-11-14), stdint.h is no longer used.
Remove checks for it in autotools and CMake and document better the expected
build failures for systems that might have stdint.h (C99) and not inttypes.h
(from POSIX), like old Windows.
* Cleanup: remove detection for inttypes.h which is a hard dependency
CMake checks for standard headers are not meant to be used for hard
dependencies, so will prevent a possible fallback to work.
Alternatively, the header could be checked to make the configuration fail
instead of breaking the build, but that was punted, as it was missing anyway
from autotools.
5. Merged patch from @carenas (GitHub #32):
* jit: allow building with ancient MSVC versions
Visual Studio older than 2013 fails to build with JIT enabled, because it is
unable to parse non C89 compatible syntax, with mixed declarations and code.
While most recent compilers wouldn't even report this as a warning since it
is valid C99, it could be also made visible by adding to gcc/clang the
-Wdeclaration-after-statement flag at build time.
Move the code below the affected definitions.
* pcre2grep: avoid mixing declarations with code
Since d5a61ee8 (Patch to detect (and ignore) symlink loops in pcre2grep,
2021-08-28), code will fail to build in a strict C89 compiler.
Reformat slightly to make it C89 compatible again.
Version 10.38 01-October-2021
1. Fix invalid single character repetition issues in JIT when the repetition
is inside a capturing bracket and the bracket is preceeded by character
literals.
2. Installed revised CMake configuration files provided by Jan-Willem Blokland.
This extends the CMake build system to build both static and shared libraries
in one go, builds the static library with PIC, and exposes PCRE2 libraries
using the CMake config files. JWB provided these notes:
- Introduced CMake variable BUILD_STATIC_LIBS to build the static library.
- Make a small modification to config-cmake.h.in by removing the PCRE2_STATIC
variable. Added PCRE2_STATIC variable to the static build using the
target_compile_definitions() function.
- Extended the CMake config files.
- Introduced CMake variable PCRE2_USE_STATIC_LIBS to easily switch between
the static and shared libraries.
- Added the PCRE_STATIC variable to the target compile definitions for the
import of the static library.
Building static and shared libraries using MSVC results in a name clash of
the libraries. Both static and shared library builds create, for example, the
file pcre2-8.lib. Therefore, I decided to change the static library names by
adding "-static". For example, pcre2-8.lib has become pcre2-8-static.lib.
[Comment by PH: this is MSVC-specific. It doesn't happen on Linux.]
3. Increased the minimum release number for CMake to 3.0.0 because older than
2.8.12 is deprecated (it was set to 2.8.5) and causes warnings. Even 3.0.0 is
quite old; it was released in 2014.
4. Implemented a modified version of Thomas Tempelmann's pcre2grep patch for
detecting symlink loops. This is dependent on the availability of realpath(),
which is now tested for in ./configure and CMakeLists.txt.
5. Implemented a modified version of Thomas Tempelmann's patch for faster
case-independent "first code unit" searches for unanchored patterns in 8-bit
mode in the interpreters. Instead of just remembering whether one case matched
or not, it remembers the position of a previous match so as to avoid
unnecessary repeated searching.
6. Perl now locks out \K in lookarounds, so PCRE2 now does the same by default.
However, just in case anybody was relying on the old behaviour, there is an
option called PCRE2_EXTRA_ALLOW_LOOKAROUND_BSK that enables the old behaviour.
An option has also been added to pcre2grep to enable this.
7. Re-enable a JIT optimization which was unintentionally disabled in 10.35.
8. There is a loop counter to catch excessively crazy patterns when checking
the lengths of lookbehinds at compile time. This was incorrectly getting reset
whenever a lookahead was processed, leading to some fuzzer-generated patterns
taking a very long time to compile when (?|) was present in the pattern,
because (?|) disables caching of group lengths.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sun, 9 Jan 2022 12:54:05 +0000 (13:54 +0100)]
make.sh: Clarify options need to come before the actual command
This might prevent some misunderstandings, as the help of make.sh does
not precisely state where the options (target architecture) needs to be
specified.
Peter Müller [Tue, 4 Jan 2022 18:29:25 +0000 (19:29 +0100)]
kmod: Update to 29
Full changelog as given in the NEWS file:
kmod 29
=======
- Improvements
- Add support to use /usr/local as a place for configuration files. This makes it easier
to install locally without overriding distro files.
- Bug fixes
- Fix `modinfo -F` when module is builtin: when we asked by a specific field from modinfo,
it was not working correctly if the module was builtin
- Documentation fixes on precedence order of /etc and /run: the correct order is
/etc/modprobe.d, /run/modprobe.d, /lib/modprobe.d
- Fix the priority order that we use for searching configuration files. The
correct one is /etc, /run, /usr/local/lib, /lib, for both modprobe.d
and depmo.d
- Fix kernel command line parsing when there are quotes present. Grub
mangles the command line and changes it from 'module.option="val with
spaces"' to '"module.option=val with spaces"'. Although this is weird
behavior and grub could have been fixed, the kernel understands it
correctly for builtin modules. So change libkmod to also parse it
correctly. This also brings another hidden behavior from the kernel:
newline in the kernel command line is also allowed and can be used to
separate options.
- Fix a memory leak, overflow and double free on error path
- Fix documentation for return value from kmod_module_get_info(): we
return the number of entries we added to the list
- Fix output of modules.builtin.alias.bin index: we were writing an empty file due to
the misuse of kmod_module_get_info()
- Infra/internal
- Retire integration with semaphoreci
- Declare the github mirror also as an official upstream source: now besides accepting
patches via mailing list, PRs on github are also acceptable
- Misc improvements to testsuite, so we can use it reliably regardless
of the configuration used: now tests will skip if we don't have the
build dependencies)
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Tue, 4 Jan 2022 19:19:01 +0000 (20:19 +0100)]
Core Update 163: Ship relevant changes of linux-firmware
This includes new and changed firmware files, to avoid shipping a lot of
unchanged files. Upstream deleted files will be deleted on the
installations as well.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
There is no human-readable changelog provided. Please refer to
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/log/?h=20211216
for this version's commit history.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Sat, 1 Jan 2022 16:59:20 +0000 (17:59 +0100)]
lynis: Update to version 3.0.6
- Update from 3.0.3 to 3.0.6
- Communication had with cisofy about the website and github versions of lynis and the
lack of a signature file on github. Following response received from Michael Boelen
of cisofy.
"GitHub releases are different as they (the tarballs) are created by GitHub itself. So
yes, the hashes will differ. In fact, the contents of the files will be different as
well. These files are not signed by GitHub or us. We consider GitHub the work version.
When we release a new version, we tag them on GitHub with a version as well. For the
stable releases, use the version on the website."
- Based on the above the version used in this build is from the website. The signature
file for version 3.0.6 on the website is now available.
- The lynis-3.0.6.tar.gz in the IPFire Source location will probably need to be removed
as it is from the Github location and running ./make.sh uploadsrc will probably not
upload the correct version because the filenames are the same. The tarball used in this
patch was from https://cisofy.com/downloads/lynis/
- The lfs file modified to take account of the tarball expanding to just lynis without
any version number. Also the rm -rf line has been modified due to the file differences
with the previous Github versions.
- Update rootfile to take account of the plugin_pam_phase1 and plugin_systemd_phase1
plugins not being included in the cisofy website version of the tarball. If these two
plugins that are available for community users are needed then they have to be
downloaded separately from cisofy via an email subscription to the notification test.
All other plugins are only available for paying customers.
- Changelog
Version 3.0.6 (2021-07-22)
### Added
- OS detection: Artix Linux, macOS Monterey, NethServer, openSUSE MicroOS
- Check for outdated translation files
### Changed
- DBS-1826 - Check if PostgreSQL is being used
- DBS-1828 - Test multiple PostgreSQL configuration file(s)
- KRNL-5830 - Sort kernels by version instead of modification date
- PKGS-7410 - Don't show exception for systems using LXC
- GetHostID function: fallback options added for Linux systems
- Fix: macOS Big Sur detection
- Fix: show correct text when egrep is missing
- Fix: variable name for PostgreSQL
- German and Spanish translations extended
Version 3.0.5 (2021-07-02)
### Added
- OS detection of Arch Linux 32, BunsenLabs Linux, and Rocky Linux
- CRYP-8006 - Check MemoryOverwriteRequest bit to protect against cold-boot attacks (Linux)
### Changed
- ACCT-9622 - Corrected typo
- HRDN-7231 - When calling wc, use the short -l flag instead of --lines (Busybox compatibility)
- PKGS-7320 - extended to Arch Linux 32
- Generation of host identifiers (hostid/hostid2) extended
- Linux host identifiers are now using ip as preferred input source
- Improved logging in several areas
Version 3.0.4 (2021-05-11)
### Added
- ACCT-9670 - Detection of cmd tooling
- ACCT-9672 - Test cmd configuration file
- BOOT-5140 - Check for ELILO boot loader presence
- OS detection of AlmaLinux, Garuda Linux, Manjaro (ARM), and others
### Changed
- BOOT-5104 - Add service manager detection support for runit
- FILE-6430 - Report suggestion only when at least one kernel module is not in the blacklist
- FIRE-4540 - Corrected nftables empy ruleset test
- LOGG-2138 - Do not check for klogd when metalog is being used
- TIME-3185 - Improved support for Debian stretch
- Corrected issue when Lynis is not executed directly from lynis directory
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Thu, 24 Jun 2021 13:14:19 +0000 (15:14 +0200)]
util-macros: remove this package from IPFire
- util-macros was originally installed as a build requirement for pciaccess which is
a dependency of libvirt
- Along the way of updates of pciaccess the build requirement for util-macros is no
longer needed. pciaccess built without problems with util-macros removed.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Acked-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Mon, 27 Sep 2021 15:33:20 +0000 (17:33 +0200)]
grep: Update to version 3.7
- Update from 3.6 to 3.7
- Update of rootfile not required
- Changelog
* Noteworthy changes in release 3.7 (2021-08-14) [stable]
** Changes in behavior
Use of the --unix-byte-offsets (-u) option now evokes a warning.
Since 3.1, this Windows-only option has had no effect.
** Bug fixes
Preprocessing N patterns would take at least O(N^2) time when too many
patterns hashed to too few buckets. This now takes seconds, not days:
: | grep -Ff <(seq 6400000 | tr 0-9 A-J)
[Bug#44754 introduced in grep 3.5]
- More details of the changes can be found in the ChangeLog file in the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Mon, 27 Sep 2021 15:33:02 +0000 (17:33 +0200)]
gdb: Update to version 11.1
- Update from 10.2 to 11.1
- Update of rootfile
- Changelog
Version 11.1 of GDB includes the following changes and enhancements:
Support for ARM Symbian (arm*-*-symbianelf*) has been removed.
Building GDB now requires GMP (The GNU Multiple Precision Arithmetic Library).
New command-line options "--early-init-command" (or "-eix") and
"--early-init-eval-command" (or "-eiex")
GDB/MI Changes:
New --qualified option for the '-break-insert' and '-dprintf-insert' commands.
New --force-condition option for the '-break-insert' and '-dprintf-insert' commands.
New --force option for the '-break-condition' command.
The '-file-list-exec-source-files' now accepts an optional regular expression to
filter the source files included in the result.
The results from '-file-list-exec-source-files' now include a 'debug-fully-read'
field to indicate if the corresponding source's debugging information has been
partially read (false) or has been fully read (true).
TUI Improvements:
Mouse actions are now supported. The mouse wheel scrolls the appropriate window.
Key combinations that do not have a specific action on the focused window are now
passed to GDB.
Python enhancements:
Inferior objects now contain a read-only 'connection_num' attribute that gives the
connection number as seen in 'info connections' and 'info inferiors'.
New method gdb.Frame.level() which returns the stack level of the frame object.
New method gdb.PendingFrame.level() which returns the stack level of the frame
object.
When hitting a catchpoint, the Python API will now emit a gdb.BreakpointEvent
rather than a gdb.StopEvent. The gdb.Breakpoint attached to the event will have
type BP_CATCHPOINT.
Python TUI windows can now receive mouse click events. If the Window object
implements the click method, it is called for each mouse click event in this
window.
New setting "python ignore-environment on|off"; if "on", causes GDB's builtin
Python to ignore any environment variable that would otherwise affect how Python
behaves (needs to be set during "early initialization" (see above).
New setting "python dont-write-bytecode auto|on|off".
Guile API enhancements:
Improved support for rvalue reference values.
New procedures for obtaining value variants: value-reference-value,
value-rvalue-reference-value and value-const-value.
New "qMemTags" and "QMemTags" remote protocol packets (associated with Memory Tagging).
GDB will now look for the .gdbinit file in a config directory before looking for
~/.gdbinit. The file is searched for in the following locations: $XDG_CONFIG_HOME/gdb/gdbinit, $HOME/.config/gdb/gdbinit, $HOME/.gdbinit. On Apple hosts the search order is instead: $HOME/Library/Preferences/gdb/gdbinit, $HOME/.gdbinit.
The "break [...] if CONDITION" command no longer returns an error when the condition
is invalid at one or more locations. Instead, if the condition is valid at one or
more locations, the locations where the condition is not valid are disabled.
The behavior of the "condition" command is changed to match the new behavior of the
"break" command.
Support for general memory tagging functionality (currently limited to AArch64 MTE)
Core file debugging now supported for x86_64 Cygwin programs.
New "org.gnu.gdb.riscv.vector" feature for RISC-V targets.
GDB now supports fixed point types which are described in DWARF as base types with a
fixed-point encoding. Additionally, support for the DW_AT_GNU_numerator and
DW_AT_GNU_denominator has also been added.
Miscellaneous:
New "startup-quietly on|off" setting; when "on", behaves the same as passing the
"-silent" option on the command line.
New "print type hex on|off" setting; when 'on', the 'ptype' command uses
hexadecimal notation to print sizes and offsets of struct members. When 'off',
decimal notation is used.
The "inferior" command, when run without argument, prints information about the
current inferior.
The "ptype" command now supports "/x" and "/d", affecting the base used to print
sizes and offsets.
The output of the "info source" has been restructured.
New "style version foreground | background | intensity" commands to control the
styling of the GDB version number.
Various debug and maintenance commands (mostly useful for the GDB developers)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 1 Dec 2021 12:29:03 +0000 (13:29 +0100)]
rng-tools: Update to version 6.14
- Update from 6.12 to 6.14
- Update of rootfile not required
- patch for building rng-tools also for i586 removed as 32 bit will no longer be EOL at
end of 2021
- Building 6.14 caused an error for not finding librtlsdr. The same check is in the
makefile in 6.12 but it does not get checked. I could not find why the check was being
carried out in 6.14 - it was not due to the removal of the patch. In the end I added
the --disable-rtlsdr option to configure and this allowed the build to occur without
the check for the prescence of librtlsdr being carried out.
- Changelog
rng-tools 6.14
Bug Fixes:
Fixed a null pointer deref in nistbeacon entropy source
fixed some confguration tests
clarified some rngd behavior in the man page
update init code to do proper logging
various covscan fixes
fixed a memory leak in jitter entropy source
fixed possible NULL deref in rdrand source
various fixed in openssl mangling code
added randstat binary to build
minor modernizations to configure.ac
rng-tools 6.13
Features:
Support rndr instruction on arm
Support jitter software timer on coarse time systems
Bug Fixes:
Merged all openssl use into a single helper library
Improved console output readability
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 3 Jan 2022 12:45:29 +0000 (13:45 +0100)]
e2fsprogs: Update to version 1.46.5
- Update from 1.46.3 to 1.46.5
- Update of rootfile not required
- Changelog
1.46.5 (December 30, 2021)
Updates/Fixes since v1.46.4:
UI and Features
When resizing a file system and the inode count exceeds the 2**32
maximum, if resize2fs can successfully perform the resize by dropping
the last block group, resize2fs will do that in order to allow the file
system grow operation to succeed. For example, using the default inode
ratio size of 16k, this will allow a successful resize to 64TB - 128MB
when the storage device is 64TB.
Fixes
Avoid a potential infinite loop in resize2fs -P when the file system is
corrupted (introduced in e2fsprogs 1.45.5). (Addresses github issue
https://github.com/tytso/e2fsprogs/issues/94)
E2fsck now updates the bg_checksum after fixing problems in the block
group descriptor, which eliminates some unnecessary messages printed or
asked of the system administrator.
Fixed some potential deadlock problems in the unix_io handler in the case
of I/O errors. The fix should also improve the performance of parallel
bitmap loading.
Fixed e2fsck's fast commit handling which could result it in crashing
when trying to merge extents when there were none available to be
merged.
Fix e2fsck's support of quota limit data, which could sometimes get
dropped when the quota data needs to be regenerated, or when processing
the orphan list.
Fix tune2fs to correctly transfer the quota limits when converting quota
files to the internal quota inodes. Also add support for tune2fs to
properly handle the older version 0 quota files.
Fix debugfs's get_quota and list_quota commands so that the header of
the report printed by these commands correctly reflect that the units of
used space is in bytes instead of blocks.
Performance, Internal Implementation, Development Support etc.
Add some additional packages to the setup-schroot script to account for
the fact that the script can be run on older Debian distributions and so
the build dependencies might omit some packages needed to build
e2fsprogs on unstable version of Debian.
Reduce resize2fs's CPU overhead when counting the number of blocks in
use which can reduce the wall clock time for very large file systems
by substantial amount.
Teach libuuid to use getrandom() or getentropy() if available in favor
of reading from /dev/[u]random.
Teach libss to use libreadline.so.8 if it is available.
Update some test expect files to fix some regression tests that were
broken in e2fsprogs 1.46.4.
If the PRINT_FAILED environment variable is set, failed tests will
display the diff output to make it easier to debug test failures on
autobuilders.
Fix various compiler warnings.
Update tst_getsize to use ext2fs_get_size2() to support testing devices
which are larger than 2**32 sectors.
Fixed spelling mistakes in the mke2fs.conf man page.
Update Chinese, Malay, Serbian, Spanish, Swedish, and Ukrainian
translations.
1.46.4 (August 18, 2021)
Updates/Fixes since v1.46.3:
UI and Features
The defaults for mke2fs now call for 256 byte inodes for all file
systems (with the exception of file systems for the GNU Hurd, which only
supports 128 byte inodes). Creating non-Hurd file systems with 128 byte
inodes will trigger a warning message to make sure users are aware of
the potential problems of using small/legacy inode sizes.
The bigalloc feature is now considered supported if the cluster size no
more than 16 times the block size. So the mke2fs program has been
changes to only warn if the cluster size is larger than that.
Fixes
E2fsck now checks to make sure directory entries do not reference
internal quota inodes.
E2image now includes the quota inodes when creating file system image,
since they are part of the file system metadata.
E2fsck now properly accounts the quota usage of the project quota file.
Fix a regression introduced in 1.64.3 where attempting to create a file
system image using mke2fs into a non-existent file would fail.
(Addresses Debian Bug: #992094)
Fix mke2fs to correctly create Posix ACL's on big-endian systems when
copying files from a directory hierarchy.
Updated and clarified the resize2fs man page. (Addresses Debian Bug:
#979411)
Performance, Internal Implementation, Development Support etc.
Improve various regression tests to be more portable and to reflect the
new default inode size of 256 byte inodes, even for small file systems.
Fixed a GNU Hurd portability problem which was causing tests to fail.
Fixed a test failure in f_baddotdir on big-endian systems. This wasn't
necessarily a bug per se in e2fsck, but rather e2fsck having different
behaviour on big-endian systems. (Addresses Debian Bug: #991922)
Use WantedBy=multi-user.target in e2scrub_reap.service. (Addresses
Debian Bug: #991349)
Synchronize e2fsck/recovery.c with the kernel's fs/jbd2/recovery.c
Fix various Coverity and compiler warnings.
Fix various error pathes to make sure we don't leak resources or
potentially use or try to free uninitialized pointers.
Added a setup-schroot command for use on Debian porter boxes.
Updated config.guess and config.sub with newer versions from the FSF.
Update Czech, Dutch, French, Polish, Portuguese, and Swedish translations.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Thu, 30 Dec 2021 19:15:36 +0000 (20:15 +0100)]
vpnmain.cgi: Fix extra whitespace in exported pk12 file
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
xfsprogs-5.14.2 (06 Dec 2021)
- libxfs: move rogue fallthrough macro out of linux.h (Darrick J. Wong)
xfsprogs-5.14.1 (02 Dec 2021)
- libxfs: fix atomic64_t for 32-bit architectures (Darrick J. Wong)
- libfrog: fix crc32c self test code on cross builds (Darrick J. Wong)
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>