]> git.ipfire.org Git - people/stevee/ipfire-2.x.git/log
people/stevee/ipfire-2.x.git
8 months agocpufrequtils: hide output on disabled cores.
Arne Fitzenreiter [Sun, 18 Feb 2024 10:38:29 +0000 (11:38 +0100)] 
cpufrequtils: hide output on disabled cores.

We disable cores if the are affected by some cpu vulnerabilities
this cores report errors if you try to change the settings.
So only print the output for core0 and hide it for all cores.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agolibloc: Embed more recent database
Peter Müller [Sat, 17 Feb 2024 20:48:10 +0000 (20:48 +0000)] 
libloc: Embed more recent database

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
8 months agoCore Update 185: Remove orphaned uncritical non-library files
Peter Müller [Sat, 17 Feb 2024 20:45:41 +0000 (20:45 +0000)] 
Core Update 185: Remove orphaned uncritical non-library files

See: https://patchwork.ipfire.org/project/ipfire/patch/c21b6fed-28cd-47ce-8a99-b36b37672a15@ipfire.org/

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
8 months agoCore Update 185: Delete orphaned linux-firmware files
Peter Müller [Sat, 17 Feb 2024 20:42:28 +0000 (20:42 +0000)] 
Core Update 185: Delete orphaned linux-firmware files

See: https://patchwork.ipfire.org/project/ipfire/patch/c21b6fed-28cd-47ce-8a99-b36b37672a15@ipfire.org/

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
8 months agoCore Update 185: Ensure correct permissions of /etc/sudoers.d/
Peter Müller [Sat, 17 Feb 2024 20:40:39 +0000 (20:40 +0000)] 
Core Update 185: Ensure correct permissions of /etc/sudoers.d/

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
8 months agoCore Update 185: Ship forgotten linux-firmware files
Peter Müller [Sat, 17 Feb 2024 20:39:41 +0000 (20:39 +0000)] 
Core Update 185: Ship forgotten linux-firmware files

See: https://patchwork.ipfire.org/project/ipfire/patch/c21b6fed-28cd-47ce-8a99-b36b37672a15@ipfire.org/

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
8 months agoCore Update 185: Restart ntp
Peter Müller [Sat, 17 Feb 2024 20:37:04 +0000 (20:37 +0000)] 
Core Update 185: Restart ntp

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
8 months agoCore Update 185: Ship libcap and all packages dependant on it
Peter Müller [Sat, 17 Feb 2024 20:35:02 +0000 (20:35 +0000)] 
Core Update 185: Ship libcap and all packages dependant on it

See: https://patchwork.ipfire.org/project/ipfire/patch/c21b6fed-28cd-47ce-8a99-b36b37672a15@ipfire.org/

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
8 months agortl8812au: fix module compression
Arne Fitzenreiter [Sat, 17 Feb 2024 18:46:34 +0000 (19:46 +0100)] 
rtl8812au: fix module compression

the kernel cannot load the compressed module so fix compression
parameters.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agocpufrequtils: fix initskript for amd-pstate
Arne Fitzenreiter [Fri, 16 Feb 2024 15:17:47 +0000 (16:17 +0100)] 
cpufrequtils: fix initskript for amd-pstate

the initskript loads a test-modul for amd-pstate (which traces on intel)
and off course reports errors if firmware settings are missing.

this also fix the error at start because also amd-pstate doesn't support
ondemand mode.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agoruleset-sources: removal of PT Attack & Secureworks + addition of ThreatFox
Adolf Belka [Thu, 15 Feb 2024 12:58:35 +0000 (13:58 +0100)] 
ruleset-sources: removal of PT Attack & Secureworks + addition of ThreatFox

- The PT Attack ruleset has not been updated since 2021 and made read-only in 2022
   The PT Attack website no longer has any reference to Suricata Rulesets. The PT Attack
   ruleset is being removed.
- The Secureworks three rulesets are no longer available. The website path gives a 404
   error. No mention of Suricata rulesets in the Secureworks website. The Secureworks three
   rulesets are being removed.
- ThreatFox ruleset has been added to the list. Both a plain and archive version of the
   rules are available but the plain version is being regularly updated while the archive
   version was last updated 5 days ago. So this patch has implemented the plain version.
- All above was discussed in the January Developers Conference call.
- Tested out on my vm testbed. I had PT Attack selected as one of the providers. As
   mentioned by Stefan removing PT Attack means it is not available in the list of
   providers but the provider stays in the providers table but with the line shown in red.
   I will update the wiki to mention the red highlight and what it means.

Suggested-by: Stefan Schantl <stefan.schantl@ipfire.org>
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoMerge branch 'master' into next
Michael Tremer [Fri, 16 Feb 2024 12:29:05 +0000 (12:29 +0000)] 
Merge branch 'master' into next

8 months agofreeradius: Increment PAK_VER & ship freeradius to link to the updated libssl version
Adolf Belka [Thu, 15 Feb 2024 20:47:57 +0000 (21:47 +0100)] 
freeradius: Increment PAK_VER & ship freeradius to link to the updated libssl version

- OpenSSL was updated to 3.1.4 in CU181 and to 3.2.1 in CU183 but in both cases freeradius
   was not incremented to cause it to be shipped.
- This patch increments the freeradius PAK_VER to ensure it will be shipped.

Fixes: Bug#13590
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoMerge remote-tracking branch 'origin/next' into next
Michael Tremer [Wed, 14 Feb 2024 19:07:30 +0000 (19:07 +0000)] 
Merge remote-tracking branch 'origin/next' into next

8 months agoMerge branch 'master' into next
Michael Tremer [Wed, 14 Feb 2024 19:06:35 +0000 (19:06 +0000)] 
Merge branch 'master' into next

8 months agofiles: Ship collectd.conf for bug#12981
Adolf Belka [Sun, 11 Feb 2024 13:19:48 +0000 (14:19 +0100)] 
files: Ship collectd.conf for bug#12981

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore185: Ship unbound and BIND again
Michael Tremer [Wed, 14 Feb 2024 19:04:48 +0000 (19:04 +0000)] 
core185: Ship unbound and BIND again

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoMerge branch 'master' into next
Michael Tremer [Wed, 14 Feb 2024 19:03:52 +0000 (19:03 +0000)] 
Merge branch 'master' into next

8 months agographs.pl: Fixes graph failure when the DROP_HOSTILE directory is missing
Adolf Belka [Wed, 14 Feb 2024 10:34:36 +0000 (11:34 +0100)] 
graphs.pl: Fixes graph failure when the DROP_HOSTILE directory is missing

- If a fresh install is done then only the DROP_HOSTILE_IN & DROP_HOSTILE_OUT
   rrd directories are created.
- With the DROP_HOSTILE directory missing then when the fwhits graph is updated an error
   message is caused by the inability to open the required files.
- This patch adds an if/else loop into the fwhits graph code to deal with the two cases
   of the DROP_HOSTILE being present or not depending on the history and if a backup with
   logs has been restored from when DROP_HOSTILE was in use.
- Tested on vm testbed and created a historical line for the hostile data when it was not
   split
- There might be a simpler or better approach than this but it was the only option I
   could identify. I couldn't find anything about being able to use if loops within the
   RRD::Graph loop

Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship unbound
Michael Tremer [Wed, 14 Feb 2024 19:01:25 +0000 (19:01 +0000)] 
core184: Ship unbound

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agounbound: Update to 1.19.1
Matthias Fischer [Wed, 14 Feb 2024 16:24:52 +0000 (17:24 +0100)] 
unbound: Update to 1.19.1

For details see:
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-19-1

"Bug Fixes

    Fix CVE-2023-50387, DNSSEC verification complexity can be exploited
    to exhaust CPU resources and stall DNS resolvers.
    Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agounbound 1.19.1: Fix for forgotten rootfile
Matthias Fischer [Wed, 14 Feb 2024 16:34:10 +0000 (17:34 +0100)] 
unbound 1.19.1: Fix for forgotten rootfile

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship bind
Michael Tremer [Wed, 14 Feb 2024 19:00:03 +0000 (19:00 +0000)] 
core184: Ship bind

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agobind: Update to 9.16.48
Matthias Fischer [Wed, 14 Feb 2024 16:43:12 +0000 (17:43 +0100)] 
bind: Update to 9.16.48

For details see:
https://downloads.isc.org/isc/bind9/9.16.48/doc/arm/html/notes.html#notes-for-bind-9-16-48

Fixes several CVEs.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoThe IPFire time service has moved to time.ipfire.org
Michael Tremer [Wed, 14 Feb 2024 11:52:36 +0000 (11:52 +0000)] 
The IPFire time service has moved to time.ipfire.org

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agomake.sh: Bump toolchain version
Michael Tremer [Wed, 14 Feb 2024 11:51:33 +0000 (11:51 +0000)] 
make.sh: Bump toolchain version

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agotransmission: add menuentry to transmission webgui
Arne Fitzenreiter [Sun, 11 Feb 2024 12:33:39 +0000 (13:33 +0100)] 
transmission: add menuentry to transmission webgui

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agomympd: update to 14.0.1
Arne Fitzenreiter [Sun, 11 Feb 2024 10:27:48 +0000 (11:27 +0100)] 
mympd: update to 14.0.1

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agomake.sh: Compile with minimal debug information
Michael Tremer [Mon, 5 Feb 2024 16:47:35 +0000 (16:47 +0000)] 
make.sh: Compile with minimal debug information

In IPFire 2, we don't make any use out of the debug information.
Therefore we can tell the compiler to generate as minimal debug
information as possible in order to have a faster compilation process.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agomake.sh: Build with _FORTIFY_SOURCE=3
Michael Tremer [Mon, 5 Feb 2024 16:46:36 +0000 (16:46 +0000)] 
make.sh: Build with _FORTIFY_SOURCE=3

This will require that we re-ship everything.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agovim: Don't try to build with custom _FORTIFY_SOURCE
Michael Tremer [Mon, 5 Feb 2024 16:46:06 +0000 (16:46 +0000)] 
vim: Don't try to build with custom _FORTIFY_SOURCE

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agomympd: Don't overwrite our own hardening flags
Michael Tremer [Mon, 5 Feb 2024 16:45:38 +0000 (16:45 +0000)] 
mympd: Don't overwrite our own hardening flags

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agomultipath-tools: Don't overwrite our hardening flags
Michael Tremer [Mon, 5 Feb 2024 16:45:06 +0000 (16:45 +0000)] 
multipath-tools: Don't overwrite our hardening flags

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agovdr: add menu entry for vdr website
Arne Fitzenreiter [Sat, 10 Feb 2024 11:53:22 +0000 (12:53 +0100)] 
vdr: add menu entry for vdr website

we had discussed this on december telco but it is not so
easy because our menusystem only shows entry's existing cgi's.
so i add a cgi redirect to http://$ENV{SERVER_ADDR}:3000
this add the entry under pakfire and also to service page.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore185: Ship suricata
Michael Tremer [Sat, 10 Feb 2024 11:59:03 +0000 (11:59 +0000)] 
core185: Ship suricata

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agosuricata: Update to 7.0.3
Michael Tremer [Sat, 10 Feb 2024 11:58:18 +0000 (11:58 +0000)] 
suricata: Update to 7.0.3

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agosuricata: Update to version 7.0.2
Adolf Belka [Tue, 6 Feb 2024 21:27:33 +0000 (22:27 +0100)] 
suricata: Update to version 7.0.2

- Update from version 6.0.15 to 7.0.2
- Update of rootfile
- suricata 7.0.2 requires libhtp >= 0.5.45
   it also requires libelf.so.1 for execution. Previous suricata versions only required
   libelf for building. libelf or elfutils are not mentioned anywhere in the changelog
- Without elfutils available during starting then suricata fails to start due to
   libelf.so.1 not being available.
- Tested out suricata7 with elfutils on my vm testbed and it successfully started.
- The suricata-5.0.8 patch has been removed as it got applied to configure.ac but this
   is not available in suricata-7.0.2. It looks like that patch was never actually used in
   suricata as all the builds I checked used the configure file from the source tarball
   and the configure was never created by running autoconf on the configure.ac
- Changelog is too large to include here. Details can be found in the ChangeLog file in
   the source tarball

Fixes: Bug#13516
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoclamav: Update to 1.3.0
Matthias Fischer [Fri, 9 Feb 2024 12:09:54 +0000 (13:09 +0100)] 
clamav: Update to 1.3.0

For details see:
https://blog.clamav.net/2023/11/clamav-130-122-105-released.html

Excerpts from changelog:

"Major changes

    Added support for extracting and scanning attachments found in
    Microsoft OneNote section files. OneNote parsing will be enabled by
    default, but may be optionally disabled using one of the following
    options:
    a. The clamscan command line option: --scan-onenote=no,
    b. The clamd.conf config option: ScanOneNote no,
    c. The libclamav scan option options.parse &= ~CL_SCAN_PARSE_ONENOTE;,
    d. A signature change to the daily.cfg dynamic configuration (DCONF).

Other improvements

    Fixed issue when building ClamAV on the Haiku (BeOS-like) operating
    system. Patch courtesy of Luca D'Amico

    ClamD: When starting, ClamD will now check if the directory specified
    by TemporaryDirectory in clamd.conf exists. If it doesn't, ClamD will
    print an error message and will exit with exit code 1. Patch courtesy
    of Andrew Kiggins.

    CMake: If configured to build static libraries, CMake will now also
    install the libclamav_rust, libclammspack, libclamunrar_iface, and
    libclamunrar static libraries required by libclamav.
    Note: These libraries are all linked into the clamscan, clamd, sigtool,
    and freshclam programs, which is why they did not need to be installed
    to function. However, these libraries would be required if you wish to
    build some other program that uses the libclamav static library.
    Added file type recognition for compiled Python (`.pyc`) files.

      The file type appears as a string parameter for these callback
      functions:

      - clcb_pre_cache
      - clcb_pre_scan
      - clcb_file_inspection

      When scanning a `.pyc` file, the `type` parameter will now show

      "CL_TYPE_PYTHON_COMPILED" instead of "CL_TYPE_BINARY_DATA".

    Improved support for decrypting PDFs with empty passwords.

    Assorted minor improvements and typo fixes.

Bug fixes

    Fixed a warning when scanning some HTML files.

    Fixed an issue decrypting some PDF's with an empty password.

    ClamOnAcc: Fixed an infinite loop when a watched directory does not
    exist.

    ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
    scan.
    Patch courtesy of gsuehiro.

    Fixed a possible crash when processing VBA files on HP-UX/IA 64bit.
    Patch courtesy of Albert Chin-A-Young.

    ClamConf: Fixed an issue printing `MaxScanSize` introduced with the
    change to allow a `MaxScanSize` greater than 4 GB.
    Fix courtesy of teoberi.

    Fixed an issue building a ClamAV RPM in some configurations.
    The issue was caused by faulty CMake logic that intended to create an
    empty database directory during the installation."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore185: Ship glibc
Michael Tremer [Sat, 10 Feb 2024 11:51:54 +0000 (11:51 +0000)] 
core185: Ship glibc

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoglibc: Update to 2.39
Michael Tremer [Wed, 7 Feb 2024 15:44:50 +0000 (15:44 +0000)] 
glibc: Update to 2.39

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore185: Ship binutils
Michael Tremer [Sat, 10 Feb 2024 11:49:23 +0000 (11:49 +0000)] 
core185: Ship binutils

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agobinutils: Update to 2.42
Michael Tremer [Tue, 6 Feb 2024 15:56:30 +0000 (15:56 +0000)] 
binutils: Update to 2.42

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoipfire-netboot: Update iPXE to version 0cc0f47
Michael Tremer [Tue, 6 Feb 2024 15:54:42 +0000 (15:54 +0000)] 
ipfire-netboot: Update iPXE to version 0cc0f47

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoStart Core Update 185
Michael Tremer [Sat, 10 Feb 2024 11:47:13 +0000 (11:47 +0000)] 
Start Core Update 185

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoMerge branch 'next'
Michael Tremer [Sat, 10 Feb 2024 11:43:56 +0000 (11:43 +0000)] 
Merge branch 'next'

8 months agocore183: Ship suricata
Michael Tremer [Fri, 9 Feb 2024 14:15:32 +0000 (14:15 +0000)] 
core183: Ship suricata

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agosuricata: Update to 6.0.16
Michael Tremer [Fri, 9 Feb 2024 11:30:38 +0000 (11:30 +0000)] 
suricata: Update to 6.0.16

  https://redmine.openinfosecfoundation.org/versions/201

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agolibhtp: Update to 0.5.46
Michael Tremer [Fri, 9 Feb 2024 11:33:23 +0000 (11:33 +0000)] 
libhtp: Update to 0.5.46

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoinstaller: Fail if the bootloader could not be installed
Michael Tremer [Fri, 9 Feb 2024 12:02:11 +0000 (12:02 +0000)] 
installer: Fail if the bootloader could not be installed

If GRUB could not be installed during installation, the installer
continued without reporting the error to the user.

This change will make the installer fail.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship suricata & libhtp
Michael Tremer [Fri, 9 Feb 2024 11:39:02 +0000 (11:39 +0000)] 
core184: Ship suricata & libhtp

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agolibhtp: Update to 0.5.46
Michael Tremer [Fri, 9 Feb 2024 11:33:23 +0000 (11:33 +0000)] 
libhtp: Update to 0.5.46

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agosuricata: Update to 6.0.16
Michael Tremer [Fri, 9 Feb 2024 11:30:38 +0000 (11:30 +0000)] 
suricata: Update to 6.0.16

  https://redmine.openinfosecfoundation.org/versions/201

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship squid
Michael Tremer [Fri, 9 Feb 2024 11:26:55 +0000 (11:26 +0000)] 
core184: Ship squid

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agosquid: Update to 6.7
Matthias Fischer [Wed, 7 Feb 2024 17:37:23 +0000 (18:37 +0100)] 
squid: Update to 6.7

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
For details see:
https://github.com/squid-cache/squid/commits/v6

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship expat
Michael Tremer [Fri, 9 Feb 2024 11:25:19 +0000 (11:25 +0000)] 
core184: Ship expat

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoexpat: Update to version 2.6.0
Adolf Belka [Wed, 7 Feb 2024 11:13:19 +0000 (12:13 +0100)] 
expat: Update to version 2.6.0

- Update from version 2.5.0 to 2.6.0
- Update of rootfile
- This update fixes two CVE's. Not sure if IPFire would be vulnerable or not but safer
   to update anyway.
- Changelog
    2.6.0
        Security fixes:
      #789 #814  CVE-2023-52425 -- Fix quadratic runtime issues with big tokens
                   that can cause denial of service, in partial where
                   dealing with compressed XML input.  Applications
                   that parsed a document in one go -- a single call to
                   functions XML_Parse or XML_ParseBuffer -- were not affected.
                   The smaller the chunks/buffers you use for parsing
                   previously, the bigger the problem prior to the fix.
                   Backporters should be careful to no omit parts of
                   pull request #789 and to include earlier pull request #771,
                   in order to not break the fix.
           #777  CVE-2023-52426 -- Fix billion laughs attacks for users
                   compiling *without* XML_DTD defined (which is not common).
                   Users with XML_DTD defined have been protected since
                   Expat >=2.4.0 (and that was CVE-2013-0340 back then).
        Bug fixes:
            #753  Fix parse-size-dependent "invalid token" error for
                    external entities that start with a byte order mark
            #780  Fix NULL pointer dereference in setContext via
                    XML_ExternalEntityParserCreate for compilation with
                    XML_DTD undefined
       #812 #813  Protect against closing entities out of order
        Other changes:
            #723  Improve support for arc4random/arc4random_buf
       #771 #788  Improve buffer growth in XML_GetBuffer and XML_Parse
       #761 #770  xmlwf: Support --help and --version
       #759 #770  xmlwf: Support custom buffer size for XML_GetBuffer and read
            #744  xmlwf: Improve language and URL clickability in help output
            #673  examples: Add new example "element_declarations.c"
            #764  Be stricter about macro XML_CONTEXT_BYTES at build time
            #765  Make inclusion to expat_config.h consistent
       #726 #727  Autotools: configure.ac: Support --disable-maintainer-mode
    #678 #705 ..
  #706 #733 #792  Autotools: Sync CMake templates with CMake 3.26
            #795  Autotools: Make installation of shipped man page doc/xmlwf.1
                    independent of docbook2man availability
            #815  Autotools|CMake: Add missing -DXML_STATIC to pkg-config file
                    section "Cflags.private" in order to fix compilation
                    against static libexpat using pkg-config on Windows
       #724 #751  Autotools|CMake: Require a C99 compiler
                    (a de-facto requirement already since Expat 2.2.2 of 2017)
            #793  Autotools|CMake: Fix PACKAGE_BUGREPORT variable
       #750 #786  Autotools|CMake: Make test suite require a C++11 compiler
            #749  CMake: Require CMake >=3.5.0
            #672  CMake: Lowercase off_t and size_t to help a bug in Meson
            #746  CMake: Sort xmlwf sources alphabetically
            #785  CMake|Windows: Fix generation of DLL file version info
            #790  CMake: Build tests/benchmark/benchmark.c as well for
                    a build with -DEXPAT_BUILD_TESTS=ON
       #745 #757  docs: Document the importance of isFinal + adjust tests
                    accordingly
            #736  docs: Improve use of "NULL" and "null"
            #713  docs: Be specific about version of XML (XML 1.0r4)
                    and version of C (C99); (XML 1.0r5 will need a sponsor.)
            #762  docs: reference.html: Promote function XML_ParseBuffer more
            #779  docs: reference.html: Add HTML anchors to XML_* macros
            #760  docs: reference.html: Upgrade to OK.css 1.2.0
       #763 #739  docs: Fix typos
            #696  docs|CI: Use HTTPS URLs instead of HTTP at various places
    #669 #670 ..
    #692 #703 ..
       #733 #772  Address compiler warnings
       #798 #800  Address clang-tidy warnings
       #775 #776  Version info bumped from 9:10:8 (libexpat*.so.1.8.10)
                    to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/
                    for what these numbers do
        Infrastructure:
       #700 #701  docs: Document security policy in file SECURITY.md
            #766  docs: Improve parse buffer variables in-code documentation
    #674 #738 ..
    #740 #747 ..
  #748 #781 #782  Refactor coverage and conformance tests
       #714 #716  Refactor debug level variables to unsigned long
            #671  Improve handling of empty environment variable value
                    in function getDebugLevel (without visible user effect)
    #755 #774 ..
    #758 #783 ..
       #784 #787  tests: Improve test coverage with regard to parse chunk size
  #660 #797 #801  Fuzzing: Improve fuzzing coverage
       #367 #799  Fuzzing|CI: Start running OSS-Fuzz fuzzing regression tests
       #698 #721  CI: Resolve some Travis CI leftovers
            #669  CI: Be robust towards absence of Git tags
       #693 #694  CI: Set permissions to "contents: read" for security
            #709  CI: Pin all GitHub Actions to specific commits for security
            #739  CI: Reject spelling errors using codespell
            #798  CI: Enforce clang-tidy clean code
    #773 #808 ..
       #809 #810  CI: Upgrade Clang from 15 to 18
            #796  CI: Start using Clang's Control Flow Integrity sanitizer
  #675 #720 #722  CI: Adapt to breaking changes in GitHub Actions Ubuntu images
            #689  CI: Adapt to breaking changes in Clang/LLVM Debian packaging
            #763  CI: Adapt to breaking changes in codespell
            #803  CI: Adapt to breaking changes in Cppcheck

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agolibvirt: Don't build for riscv64
Michael Tremer [Wed, 7 Feb 2024 11:21:49 +0000 (11:21 +0000)] 
libvirt: Don't build for riscv64

There seems to be some problem that this package does not build from
source, but as we don't currently have any hardware that supports thise,
there is no point in debugging it.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship vpnmain.cgi
Michael Tremer [Wed, 7 Feb 2024 11:09:50 +0000 (11:09 +0000)] 
core184: Ship vpnmain.cgi

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agovpnmain.cgi: Add option to regenerate the host certificate
Michael Tremer [Tue, 30 Jan 2024 17:45:44 +0000 (17:45 +0000)] 
vpnmain.cgi: Add option to regenerate the host certificate

This is necessary since we now have a much shorter lifetime for the host
certificate. However, it is complicated to do this is which is why we
are copying the previous certificate and generate a new CSR. This is
then signed.

A caveat of this patch is that we do not rollover the key.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agovpnmain.cgi: Return the entire error message if OpenSSL fails
Michael Tremer [Tue, 30 Jan 2024 17:45:43 +0000 (17:45 +0000)] 
vpnmain.cgi: Return the entire error message if OpenSSL fails

The function did not evaluate the return code which is why it used a
hack to figure out if some output is an error or not.

This is being fixed in this commit and the entire output is being
returned if the return code is non-zero.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agovpnmain.cgi: Do not use a bad source for randomness
Michael Tremer [Tue, 30 Jan 2024 17:45:42 +0000 (17:45 +0000)] 
vpnmain.cgi: Do not use a bad source for randomness

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship HOSTILE IN/OUT changes
Michael Tremer [Wed, 7 Feb 2024 11:05:08 +0000 (11:05 +0000)] 
core184: Ship HOSTILE IN/OUT changes

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agofirewall: Improve labelling of hostile networks hits
Michael Tremer [Tue, 6 Feb 2024 18:17:26 +0000 (18:17 +0000)] 
firewall: Improve labelling of hostile networks hits

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agofirewall: graphs: Add a line for the total number of hostile hits
Michael Tremer [Tue, 6 Feb 2024 18:11:48 +0000 (18:11 +0000)] 
firewall: graphs: Add a line for the total number of hostile hits

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agooptionsfw.cgi: Move Firewall Options Drop commands to before the logging section
Adolf Belka [Sun, 21 Jan 2024 11:45:53 +0000 (12:45 +0100)] 
optionsfw.cgi: Move Firewall Options Drop commands to before the logging section

- Moved the Firewall Options Drop commands to before the logging section, as discussed
   at January 2024 Video Call.

Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agographs.pl: Fixes bug12981 - Creates in and outgoing drop hostile graph entries
Adolf Belka [Sun, 21 Jan 2024 11:45:52 +0000 (12:45 +0100)] 
graphs.pl: Fixes bug12981 - Creates in and outgoing drop hostile graph entries

- This v3 version of the patch set splits the single hostile networks graph entry into
   incoming hostile networks and outgoing hostile networks entries.

Fixes: bug12981
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocollectd.conf: Fix bug12981 - This creates in and out drop hostile data collection
Adolf Belka [Sun, 21 Jan 2024 11:45:51 +0000 (12:45 +0100)] 
collectd.conf: Fix bug12981 - This creates in and out drop hostile data collection

- In this v3 version of the patch set the splitting of drop hostile logging into incoming
   and outgoing logging means that the data collection and graphs need to have drop hostile
   also split into incoming and outgoing.

Fixes: bug12981
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoen.pl: Fixes bug12981 - adds english language input for choice of drop hostile logging
Adolf Belka [Sun, 21 Jan 2024 11:45:50 +0000 (12:45 +0100)] 
en.pl: Fixes bug12981 - adds english language input for choice of drop hostile logging

- In this v3 version have added translations for hostile networks in and hostile
   networks out and log drop hostile in and log drop hostile out.

Fixes: bug12981
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agofirewall: Fixes bug12981 - add if loop to log or not log dropped hostile traffic
Adolf Belka [Sun, 21 Jan 2024 11:45:49 +0000 (12:45 +0100)] 
firewall: Fixes bug12981 - add if loop to log or not log dropped hostile traffic

- This v3 version now has two if loops allowing logging of incoming drop hostile or
   outgoing drop hostile or both or neither.
- Dependent on the choice in optionsfw.cgi this loop will either log or not log the
   dropped hostile traffic.

Fixes: bug12981
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agorules.pl: Fixes bug12981 - Add in and out specific actions for drop hostile
Adolf Belka [Sun, 21 Jan 2024 11:45:48 +0000 (12:45 +0100)] 
rules.pl: Fixes bug12981 - Add in and out specific actions for drop hostile

- This changes the action from HOSTILE_DROP to HOSTILE_DROP_IN for icnoming traffic and
   HOSTILE_DROP_OUT for outgoing traffic enabling logging decisions to be taken on each
   independently.

Fixes: bug12981
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Acked-by: Bernhard Bitsch <bbitsch@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agooptionsfw.cgi: Fix bug12981 - Add option to log or not log dropped hostile traffic
Adolf Belka [Sun, 21 Jan 2024 11:45:47 +0000 (12:45 +0100)] 
optionsfw.cgi: Fix bug12981 - Add option to log or not log dropped hostile traffic

- This v3 version has split the logging choice for drop hostile to separate the logging of
   incoming drop hostile and outgoing drop hostile.
- The bug originator had no port forwards so all hostile would be dropped normally anyway.
   However the logs were being swamped by the logging of drop hostile making analysis
   difficult. So incoming drop hostile was desired to not be logged. However logging of
   outgoing drop hostile was desired to identify if clients on the internal lan were
   infected with malware trying to reach home.
- Added option with drop hostile section to decide if the dropped traffic should be
   logged or not.

Fixes: bug12981
Tested-by: Adolf Belka <adolf.belka@ipfire.org
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Tested-by: Bernhard Bitsch <bbitsch@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoelfutils: Don't ship tools
Michael Tremer [Wed, 7 Feb 2024 11:01:25 +0000 (11:01 +0000)] 
elfutils: Don't ship tools

I don't think there is any point that we ship these.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Remove elfutils pakfire metadata (if installed)
Michael Tremer [Wed, 7 Feb 2024 10:58:21 +0000 (10:58 +0000)] 
core184: Remove elfutils pakfire metadata (if installed)

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agostrace: elfutils moved from addon dependency to core program
Adolf Belka [Tue, 6 Feb 2024 21:27:39 +0000 (22:27 +0100)] 
strace: elfutils moved from addon dependency to core program

Fixes: Bug#13516
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoqemu: elfutils moved from addon dependency to core program
Adolf Belka [Tue, 6 Feb 2024 21:27:38 +0000 (22:27 +0100)] 
qemu: elfutils moved from addon dependency to core program

Fixes: Bug#13516
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoltrace: elfutils moved from addon dependency to core program
Adolf Belka [Tue, 6 Feb 2024 21:27:37 +0000 (22:27 +0100)] 
ltrace: elfutils moved from addon dependency to core program

Fixes: Bug#13516
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agofrr: elfutils moved from addon dependency to core program
Adolf Belka [Tue, 6 Feb 2024 21:27:36 +0000 (22:27 +0100)] 
frr: elfutils moved from addon dependency to core program

Fixes: Bug#13516
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoelfutils: Move from addon to core program. Required by suricata-7.0.2 for execution
Adolf Belka [Tue, 6 Feb 2024 21:27:35 +0000 (22:27 +0100)] 
elfutils: Move from addon to core program. Required by suricata-7.0.2 for execution

- Updated lfs file to core program type
- Moved rootfile from packages to common
- Older suricata versions required elfutils only for building but suricata-7.0.2 fails to
   start if elfutils is not present due to libelf.so.1 being missing.
- The requirement for elfutils is not mentioned at all in the changelog.

Fixes: Bug#13516
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agovdr_streamdev: update to 0.6.3
Arne Fitzenreiter [Mon, 5 Feb 2024 10:07:03 +0000 (11:07 +0100)] 
vdr_streamdev: update to 0.6.3

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agovdr_epgsearch: update to 2.4.2
Arne Fitzenreiter [Mon, 5 Feb 2024 10:06:29 +0000 (11:06 +0100)] 
vdr_epgsearch: update to 2.4.2

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agovdr_eepg: update PLUGVER to new vdr
Arne Fitzenreiter [Mon, 5 Feb 2024 10:05:02 +0000 (11:05 +0100)] 
vdr_eepg: update PLUGVER to new vdr

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agovdr_dvbapi: update pluginver for new vdr
Arne Fitzenreiter [Mon, 5 Feb 2024 10:03:33 +0000 (11:03 +0100)] 
vdr_dvbapi: update pluginver for new vdr

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agovdr: update to 2.6.6
Arne Fitzenreiter [Mon, 5 Feb 2024 10:02:25 +0000 (11:02 +0100)] 
vdr: update to 2.6.6

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agoborgbackup: fix rootfile
Arne Fitzenreiter [Sun, 4 Feb 2024 06:55:10 +0000 (06:55 +0000)] 
borgbackup: fix rootfile

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agopython3-pyfuse3: fix rootfile
Arne Fitzenreiter [Sun, 4 Feb 2024 06:54:38 +0000 (06:54 +0000)] 
python3-pyfuse3: fix rootfile

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agopython3-msgpack: fix rootfile
Arne Fitzenreiter [Sun, 4 Feb 2024 06:53:49 +0000 (06:53 +0000)] 
python3-msgpack: fix rootfile

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agocheckrootfiles: fix search for wrong rootfiles
Arne Fitzenreiter [Sat, 3 Feb 2024 14:47:41 +0000 (14:47 +0000)] 
checkrootfiles: fix search for wrong rootfiles

Im not sure when the grep syntax has changed but
grep -r not like/ignore the leading "/" anymore.

8 months agokernel: update to 6.6.15
Arne Fitzenreiter [Fri, 2 Feb 2024 07:33:38 +0000 (07:33 +0000)] 
kernel: update to 6.6.15

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agomympd: create/check config before first start
Arne Fitzenreiter [Wed, 31 Jan 2024 20:09:14 +0000 (21:09 +0100)] 
mympd: create/check config before first start

this create missing folders for webradio and state.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agomympd: new addon to control mpd via WebGUI
Arne Fitzenreiter [Sun, 28 Jan 2024 20:29:46 +0000 (21:29 +0100)] 
mympd: new addon to control mpd via WebGUI

myMPD is written in C and has a nice WebGUI to play
local music and also a WebRadio browser.
This is to replace the removec client175.

After install it can reached via
https://IP_OF_THE_IPFIRE:8800

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agompfire: fix initskript uninstall
Arne Fitzenreiter [Sun, 28 Jan 2024 14:42:53 +0000 (15:42 +0100)] 
mpfire: fix initskript uninstall

the uninstall with rm /etc/rc*.d/*mpd remove not only the mpd initlinks.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agokernel: update to 6.6.15
Arne Fitzenreiter [Fri, 2 Feb 2024 07:33:38 +0000 (07:33 +0000)] 
kernel: update to 6.6.15

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
8 months agocore184: Ship lzip
Michael Tremer [Thu, 1 Feb 2024 16:09:02 +0000 (16:09 +0000)] 
core184: Ship lzip

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agolzip: Update to version 1.24
Adolf Belka [Thu, 1 Feb 2024 08:29:13 +0000 (09:29 +0100)] 
lzip: Update to version 1.24

- Update from version 1.23 to 1.24
- Update of rootfile not required
- Changelog
    1.24
The option '--empty-error', which forces exit status 2 if any empty member
  is found, has been added.
The option '--marking-error', which forces exit status 2 if the first LZMA
  byte is non-zero in any member, has been added.
File diagnostics have been reformatted as 'PROGRAM: FILE: MESSAGE'.
Diagnostics caused by invalid arguments to command-line options now show the
  argument and the name of the option.
The option '-o, --output' now preserves dates, permissions, and ownership of
  the file when (de)compressing exactly one file.
The option '-o, --output' now creates missing intermediate directories when
  writing to a file.
The variable MAKEINFO has been added to configure and Makefile.in.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship gettext
Michael Tremer [Thu, 1 Feb 2024 16:07:39 +0000 (16:07 +0000)] 
core184: Ship gettext

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agogettext: Update to version 0.22.4
Adolf Belka [Thu, 1 Feb 2024 08:29:11 +0000 (09:29 +0100)] 
gettext: Update to version 0.22.4

- Update from version 0.22 to 0.22.4
- Update of rootfile
- Changelog
    0.22.4
* Bug fixes:
  - AM_GNU_GETTEXT now recognizes a statically built libintl on macOS and AIX.
  - Build fixes on AIX.
    0.22.3
* Portability:
  - The libintl library now works on macOS 14.  (Older versions of libintl
    crash on macOS 14, due to an incompatible change in macOS.)
    0.22.2
* Bug fixes:
  - The libintl shared library now exports again some symbols that were
    accidentally missing.
    <https://savannah.gnu.org/bugs/index.php?64323>
    This bug was introduced in version 0.22.
    0.22.1
* Bug fixes:
  - xgettext's processing of large Perl files may have led to errors
    <https://savannah.gnu.org/bugs/index.php?64552>
  - "xgettext --join-existing" could encounter errors.
    <https://savannah.gnu.org/bugs/index.php?64490>
  These bugs were introduced in version 0.22.
* Portability:
  - Building on Android is now supported.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship ed
Michael Tremer [Thu, 1 Feb 2024 16:07:01 +0000 (16:07 +0000)] 
core184: Ship ed

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agoed: Update to version 1.20
Adolf Belka [Thu, 1 Feb 2024 08:29:10 +0000 (09:29 +0100)] 
ed: Update to version 1.20

- Update from version 1.19 to 1.20
- Update of rootfile not required
- Changelog
    1.20
New command-line options '+line', '+/RE', and '+?RE' have been implemented to
  set the current line to the line number specified or to the first or last line
  matching the regular expression 'RE'.
  (Suggested by Matthew Polk and John Cowan).
File names containing control characters 1 to 31 are now rejected unless they
  are allowed with the command-line option '--unsafe-names'.
File names containing control characters 1 to 31 are now printed using octal
  escape sequences.
Ed now rejects file names ending with a slash.
Intervening commands that don't set the modified flag no longer make a second
  'e' or 'q' command fail with a 'buffer modified' warning.
Tilde expansion is now performed on file names supplied to commands; if a file
  name starts with '~/', the tilde (~) is expanded to the contents of the
  variable HOME. (Suggested by John Cowan).
Ed now warns the first time that a command modifies a buffer loaded from a
  read-only file. (Suggested by Dan Jacobson).
Ed now creates missing intermediate directories when writing to a file.
It has been documented that 'e' creates an empty buffer if file does not exist.
It has been documented that 'f' sets the default filename, whether or not its
  argument names an existing file.
The description of the exit status has been improved in '--help' and in the
  manual.
The variable MAKEINFO has been added to configure and Makefile.in.
It has been documented in INSTALL that when choosing a C standard, the POSIX
  features need to be enabled explicitly:
   ./configure CFLAGS+='--std=c99 -D_POSIX_C_SOURCE=2'

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agocore184: Ship diffutils
Michael Tremer [Thu, 1 Feb 2024 16:06:10 +0000 (16:06 +0000)] 
core184: Ship diffutils

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
8 months agodiffutils: Update to version 3.10
Adolf Belka [Thu, 1 Feb 2024 08:29:09 +0000 (09:29 +0100)] 
diffutils: Update to version 3.10

- Update from version 3.9 to 3.10
- Update of rootfile not required
- Changelog
    3.10
Bug fixes
  cmp/diff can again work with file dates past Y2K38
   [bug introduced in 3.9]
  diff -D no longer fails to output #ifndef lines.
   [bug#61193 introduced in 3.9]

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>