Michael Tremer [Wed, 4 May 2022 13:46:41 +0000 (14:46 +0100)]
openvpn-2fa: Import a prototype of an authenticator
This script runs aside of OpenVPN and connects to the management socket.
On the socket, OpenVPN will post any new clients trying to authenticate
which will be handled by the authenticator.
If a client has 2FA enabled, it will be challanged for the current token
which will then be checked in a second pass.
Clients which do not have 2FA enabled will just be authenticated no
matter what and tls-verify will have handled the rest.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Timo Eissler [Fri, 8 Apr 2022 08:50:20 +0000 (10:50 +0200)]
OpenVPN: Add support for 2FA / One-Time Password
Add two-factor authentication (2FA) to OpenVPN host connections with
one-time passwords.
The 2FA can be enabled or disabled per host connection and requires the
client to download it's configuration again after 2FA has beend enabled
for it.
Additionally the client needs to configure an TOTP application, like
"Google Authenticator" which then provides the second factor.
To faciliate this every connection with enabled 2FA
gets an "show qrcode" button after the "show file" button in the
host connection list to show the 2FA secret and an 2FA configuration QRCode.
When 2FA is enabled, the client needs to provide the second factor plus
the private key password (if set) to successfully authorize.
This only supports time based one-time passwords, TOTP with 30s
window and 6 digits, for now but we may update this in the future.
Signed-off-by: Timo Eissler <timo.eissler@ipfire.org>
Matthias Fischer [Thu, 16 Jun 2022 12:49:09 +0000 (14:49 +0200)]
bind: Update to 9.16.30
For details see:
https://downloads.isc.org/isc/bind9/9.16.30/doc/arm/html/notes.html#notes-for-bind-9-16-30
"Bug Fixes
The fetches-per-server quota is designed to adjust itself downward
automatically when an authoritative server times out too frequently.
Due to a coding error, that adjustment was applied incorrectly,
so that the quota for a congested server was always set to 1. This
has been fixed. [GL #3327]
DNSSEC-signed catalog zones were not being processed correctly. This
has been fixed. [GL #3380]
Key files were updated every time the dnssec-policy key manager ran,
whether the metadata had changed or not. named now checks whether
changes were applied before writing out the key files. [GL #3302]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
No changelog is provided, please refer to
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/
for all activity since the previous version.
This patch includes necessary directives for shipping added or modified
firmware files with Core Update 169, and deleting appropriate files on
existing installations.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sat, 11 Jun 2022 10:55:19 +0000 (10:55 +0000)]
lynis: Update to 3.0.8
Full changelog as retrived from https://cisofy.com/changelog/lynis/#308:
- MALW-3274 - Detect McAfee VirusScan Command Line Scanner
- PKGS-7346 Check Alpine Package Keeper (apk)
- PKGS-7395 Check Alpine upgradeable packages
- EOL for Alpine Linux 3.14 and 3.15
- AUTH-9408 - Check for pam_faillock as well (replacement for pam_tally2)
- FILE-7524 - Test enhanced to support symlinks
- HTTP-6643 - Support ModSecurity version 2 and 3
- KRNL-5788 - Only run relevant tests and improved logging
- KRNL-5820 - Additional path for security/limits.conf
- KRNL-5830 - Check for /var/run/needs_restarting (Slackware)
- KRNL-5830 - Add a presence check for /boot/vmlinuz
- PRNT-2308 - Bugfix that prevented test from storing values correctly
- Extended location of PAM files for AARCH64
- Some messages in log improved
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Tue, 7 Jun 2022 20:09:07 +0000 (20:09 +0000)]
sysctl: For the sake of completeness, do not accept IPv6 redirects
While IPFire 2.x' web interface does not support IPv6, users can
technically run it with IPv6 by conducting the necessary configuration
changes manually.
To provide these systems as well, we should disable acceptance of ICMPv6
redirect packets - which is apparently not default in Linux, yet. :-/
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sat, 11 Jun 2022 18:47:31 +0000 (18:47 +0000)]
Kernel: Disable support for RPC dprintk debugging
This is solely needed for debugging of NFS issues. Due to the attack
surface it introduces, grsecurity recommends to disable it; as we do not
have a strict necessity for this feature, it is best to follow that
recommendation for security reasons.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Sat, 11 Jun 2022 18:53:10 +0000 (18:53 +0000)]
Kernel: Enable YAMA support
See https://www.kernel.org/doc/html/latest/admin-guide/LSM/Yama.html for
the upstream rationale. Enabling YAMA gives us the benefit of additional
hardening options available, without any obvious downsides.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 10 May 2022 10:31:12 +0000 (12:31 +0200)]
lmdb: Update to version 0.9.29
- Update from version 0.9.24 to 0.9.29
- Update of rootfile not required
- Changelog - there is no changelog in the source tarball or on the Symas website or in
the github repository.
The following are extracted from the short log of the git commits
https://github.com/LMDB/lmdb/commits/LMDB_0.9.29/libraries/liblmdb
Release (0.9.29)
ITS#9500
ITS#9500 fix regression from ITS#8662
ITS#9376 simplify
ITS#9469 - Typo fixes
ITS#9461 fix typo
ITS#9461 refix ITS#9376
Release (0.9.28)
ITS#8662 Add -a append option to mdb_load
Return to RE
Release (0.9.27)
ITS#9376 Fixes for repeated deletes with xcursor
Return to engineering
Release 0.9.26
ITS#9278
Silence stupid fallthru warning
ITS#9278 fix robust mutex cleanup for FreeBSD
Return to engineering
Release 0.9.25
ITS#9155 lmdb: free mt_spill_pgs in non-nested txn on end
ITS#9118 - Fix typo in prev commit
ITS#9118 add MAP_NOSYNC for FreeBSD
return to release engineering, ITS#9068
ITS#9068 fix backslash escaping
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
manualpages: Add path and file extension to the configuration
This allows to correctly assign an URL to a file without relying
on unique base names.
A custom read function is required because General::readhash()
doesn't allow paths as hash keys. Modifying the existing functions
could affect other CGIs and was therefore dismissed.
Peter Müller [Sat, 4 Jun 2022 08:43:15 +0000 (08:43 +0000)]
Core Update 168: Ship fcrontab and rebuild it from scratch
This is necessary due to IDSv4 changes introducing changes to fcrontab.
While this patch will cause any custom cron jobs configured there to be
lost, it is better to start with a defined state rather than sed'ing
on this file.
Cc: Michael Tremer <michael.tremer@ipfire.org> Cc: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Jon Murphy [Mon, 30 May 2022 23:50:31 +0000 (18:50 -0500)]
make.sh-usage: Ship changes to make files
In make.sh-usage document:
- updated with descriptions for various commands
- removed descriptions for old commands
In make.sh script:
- updated make.sh usage line "Usage: $0 [OPTIONS] {build|check-manualpages|..."
- removed make.sh clear screen commands in build area and toolchain area
Signed-off-by: Jon Murphy <jon.murphy@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 31 May 2022 11:26:19 +0000 (11:26 +0000)]
cdrom: Drop menu option for HDT
The Hardware Detection Tool does not work and I do not think it is worth
to investigate. It is an ancient piece of software which does not work
on EFI systems which are becoming more and more common.
Since this has presumably been broken for a long time which nobody has
reported I assume that nobody is using it. There are indeed lots better
live CDs out there with much better diagnostic tools.
Fixes: #12870 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Acked-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Tue, 10 May 2022 10:30:44 +0000 (12:30 +0200)]
libxslt: Update to version 1.1.35
- Update from version 1.1.34 to 1.1.35
- Update of rootfile
- Changelog
v1.1.35: Feb 16 2022:
- Security:
[CVE-2021-30560] Fix use-after-free in xsltApplyTemplates
Fix memory leak in xsltDocumentElem (David King)
Fix memory leak in xsltCompileIdKeyPattern (David King)
Fix double-free with stylesheets containing entity nodes
- Fixed regressions:
Fix performance regression with predicates in patterns
Fix regression in xsltComputeSortResult
- Bug fixes:
Fix conflict resolution for templates with same priority
Fix xsl:number generating invalid UTF-8
Support attribute value templates in xsl:sort lang attributes
Don't pass first <xsl:sort> in <xsl:apply-templates> twice
Fix quadratic runtime with text and <xsl:message>
Don't allow empty EXSLT durations
- Improvements:
Add xsltproc --huge Argument via libxml XML_PARSE_HUGE (William N. Braswell, Jr.)
- Tests, code quality, fuzzing:
Remove .travis.yml
Fix some misleading indentation (David King)
Use actual types for templates in struct _xsltStylesheet
Add CI for CMake on MSVC (Markus Rickert)
Check for null pointer before calling freelocale
Add CI test for Python 3
Don't set maxDepth in XPath contexts
Transfer XPath limits to XPtr context
Stop using maxParserDepth XPath limit
Make long-to-double cast explicit in date.c
Disable LeakSanitizer
Run clang CI tests with -Wimplicit-int-conversion
Fix implicit-int-conversion warning in exslt/crypto.c
Fix clang -Wimplicit-int-conversion warning (David Kilzer)
Fix clang -Wconditional-uninitialized warning in libxslt/numbers.c (David Kilzer)
Fix -Wshadow warnings in libexslt/dynamic.c (David Kilzer)
Also search parent dir for source XML when fuzzing
- Build system, portability:
Add CMake build files (Markus Rickert)
Initial support for Python 3 (Suleyman Poyraz)
Call ANSI versions of WinAPI functions explicitly
Remove redundant flags from pkg-config files
Suppress automake warning in tests/XSLTMark
Fix linking libexslt dynamic library when using MinGW (Vadim Zeitlin)
Added platform specific path separators (Dmitriy Korovkin)
win32: allow passing *FLAGS on command line
Fix export of xsltExtMarker on Windows (David Kilzer)
Fix redundant includes already in libexslt.h (David Kilzer)
Minor fixes to configure.js
Fix variable syntax in Python configuration
Add new EXSLT string tests to EXTRA_DIST
Fix xml2-config check in configure script
win32: Add configuration for profiler (Chun-wei Fan)
Check whether 'xml2-config --dynamic' is supported
- Documentation:
Add Makefile rule to regenerate xsltproc.html
Update links
Remove MAINTAINERS
Upload documentation to GitLab Pages
Add documentation in devhelp format
Add --enable-rebuild-docs configure option
Fix libexslt header summaries
Fix validity of tutorial XML (David King)
Use DocBook URL for tutorial DTD (David King)
Update libxslt.doap
Add missing options to xsltproc man page
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Tue, 10 May 2022 10:30:32 +0000 (12:30 +0200)]
libxml2: Update to version 2.9.14
- Update from version 2.9.12 to 2.9.14
- Update of rootfile
- Changelog
v2.9.14: May 02 2022:
- Security:
[CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
Fix potential double-free in xmlXPtrStringRangeFunction
Fix memory leak in xmlFindCharEncodingHandler
Normalize XPath strings in-place
Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars()
(David Kilzer)
Fix leak of xmlElementContent (David Kilzer)
- Bug fixes:
Fix parsing of subtracted regex character classes
Fix recursion check in xinclude.c
Reset last error in xmlCleanupGlobals
Fix certain combinations of regex range quantifiers
Fix range quantifier on subregex
- Improvements:
Fix recovery from invalid HTML start tags
- Build system, portability:
Define LFS macros before including system headers
Initialize XPath floating-point globals
configure: check for icu DEFS (James Hilliard)
configure.ac: produce tar.xz only (GNOME policy) (David Seifert)
CMakeLists.txt: Fix LIBXML_VERSION_NUMBER
Fix build with older Python versions
Fix --without-valid build
v2.9.13: Feb 19 2022:
- Security:
[CVE-2022-23308] Use-after-free of ID and IDREF attributes
(Thanks to Shinji Sato for the report)
Use-after-free in xmlXIncludeCopyRange (David Kilzer)
Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong)
Fix memory leak in xmlXPathCompNodeTest
Fix null pointer deref in xmlStringGetNodeList
Fix several memory leaks found by Coverity (David King)
- Fixed regressions:
Fix regression in RelaxNG pattern matching
Properly handle nested documents in xmlFreeNode
Fix regression with PEs in external DTD
Fix random dropping of characters on dumping ASCII encoded XML (Mohammad Razavi)
Revert "Make schema validation fail with multiple top-level elements"
Fix regression when parsing invalid HTML tags in push mode
Fix regression parsing public IDs literals in HTML
Fix buffering in xmlOutputBufferWrite
Fix whitespace when serializing empty HTML documents
Fix XPath recursion limit
Fix regression in xmlNodeDumpOutputInternal
Work around lxml API abuse
- Bug fixes:
Fix xmlSetTreeDoc with entity references
Fix double counting of CRLF in comments
Make sure to grow input buffer in xmlParseMisc
Don't ignore xmllint options after "-"
Don't normalize namespace URIs in XPointer xmlns() scheme
Fix handling of XSD with empty namespace
Also register HTML document nodes
Make xmllint return an error if arguments are missing
Fix handling of ctxt->base in xmlXPtrEvalXPtrPart
Fix xmllint --maxmem
Fix htmlReadFd, which was using a mix of xml and html context functions (Finn Barber)
Move current position before possible calling of ctxt->sax->characters (Yulin Li)
Fix parse failure when 4-byte character in UTF-16 BE is split across a chunk (David Kilzer)
Patch to forbid epsilon-reduction of final states (Arne Becker)
Avoid segfault at exit when using custom memory functions (Mike Dalessio)
- Tests, code quality, fuzzing:
Remove .travis.yml
Make xmlFuzzReadString return a zero size in error case
Fix unused function warning in testapi.c
Update NewsML DTD in test suite
Add more checks for malloc failures in xmllint.c
Avoid potential integer overflow in xmlstring.c
Run CI tests with UBSan implicit-conversion checks
Fix casting of line numbers in SAX2.c
Fix integer conversion warnings in hash.c
Add explicit casts in runtest.c
Fix integer conversion warning in xmlIconvWrapper
Add suffix to unsigned constant in xmlmemory.c
Add explicit casts in testchar.c
Fix integer conversion warnings in xmlstring.c
Add explicit cast in xmlURIUnescapeString
Remove unused variable in xmlCharEncOutFunc (David King)
- Build system, portability:
Remove xmlwin32version.h
Fix fuzzer test with VPATH build
Support custom prefix when installing Python module
Remove Makefile.win
Remove CVS and SVN-related code
Port python 3.x module to Windows and improve distutils (Chun-wei Fan)
Correctly install the HTML examples into their subdirectory (Mattia Rizzolo)
Refactor the settings of $docdir (Mattia Rizzolo)
Remove unused configure checks (Ben Boeckel)
python/Makefile.am: use *_LIBADD, not *_LDFLAGS for LIBS (Sam James)
Fix check for libtool in autogen.sh
Use version in configure.ac for CMake (Timothy Lyanguzov)
Add CMake alias targets for embedded projects (Markus Rickert)
- Documentation:
Remove SVN keyword anchors
Rework README
Remove README.cvs-commits
Remove old ChangeLog
Update hyperlinks
Remove README.docs
Remove MAINTAINERS
Remove xmltutorial.pdf
Upload documentation to GitLab pages
Document how to escape XML_CATALOG_FILES
Fix libxml2.doap
Update URL for libxml++ C++ binding (Kjell Ahlstedt)
Generate devhelp2 index file (Emmanuele Bassi)
Mention XML_CATALOG_FILES is space-separated (Jan Tojnar)
Add documentaiton for xmllint exit code 10 (Rainer Canavan)
Fix some validation errors in the FAQ (David King)
Add instructions on how to use CMake to compile libxml (Markus Rickert)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Tue, 10 May 2022 10:30:58 +0000 (12:30 +0200)]
libyang: Update to version 2.0.194
- Update from version 2.0.7 to 2.0.194
- Update of rootfile
- Changelog
Version 2.0.194 Latest
major yanglint improvements
minor XPath fixes
nested extension handling fixes
other minor bugfixes
RPM scripts updated
Version 2.0.164
Windows support (thanks to @jktjkt)
Schema Mount support
schema compilation fixes
minor schema printer fixes
user-ordered list diff bugfix
JSON anyxml/anydata format fixed
XML parser CDATA support
module caching improvements
doc improvements
many other various bugfixes
Version 2.0.112
support for XPath variables
minor doxygen improvements
LYB format bugfixes
many other bugfixes
Version 2.0.97
LYB format data length limit of 64kB lifted
YANG error-app-tag and error-message improved support
XPath * evaluation fix
other minor XPath fixes
Version 2.0.88
changed compilation to pedantic and use C11 standard
major JSON parser fixes
LYB format updated and performance improved
LYB big-endian fixes
opaque node fixes
major identity handling fixes
schema compilation refactorization and fixes
data validation fixes
NETCONF RPC filter attribute support
many other minor fixes
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 3380300 to 3380500
- Update of rootfile not required
- Changelog
Version 3.38.5
The 3.38.4 patch release included a minor change to the CLI source code that did not
work. The release manager only ran a subset of the normal release tests, and hence
did not catch the problem. As a result, the CLI will segfault when using columnar
output modes in version 3.38.4. This blunder did not affect the core SQLite library.
It only affected the CLI.
Take-away lesson: Always run all of your tests prior to a release - even a trival
patch release. Always.
The 3.38.5 patch release fixes the 3.38.4 blunder.
Version 3.38.4
Another user-discovered problem in the new Bloom filter optimization is fixed in this
patch release. Without the fix, it is possible for a multi-way join that uses a
Bloom filters for two or more tables in the join to enter an infinite loop if the
key constraint on one of those tables contains a NULL value.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Sun, 22 May 2022 21:43:00 +0000 (23:43 +0200)]
gdb: Update to version 12.1
- Update from version 11.2 to 12.1
- Update of rootfile
- Changelog
GDB 12.1 Released!
This version of GDB includes the following changes and enhancements:
New support for the following native configuration:
GNU/Linux/OpenRISC or1k*-*-linux*
New support for the following targets:
GNU/Linux/LoongArch loongarch*-*-linux*
New GDBserver support on the following configuration:
GNU/Linux/OpenRISC or1k*-*-linux*
Support for the following target has been removed:
S+core score-*-*
Multithreaded symbol loading is now enabled by default
Deprecation Notices:
GDB 12 is the last release of GDB that will support building against Python 2
DBX mode is deprecated, and will be removed in GDB 13
GDB/MI changes:
The '-add-inferior' with no option flags now inherits the connection of the
current inferior, this restores the behaviour of GDB as it was prior to
GDB 10.
The '-add-inferior' command now accepts a '--no-connection' option, which
causes the new inferior to start without a connection.
Python API enhancements:
It is now possible to add GDB/MI commands implemented in Python
New function gdb.Architecture.integer_type()
New gdb.events.gdb_exiting event
New 'gdb.events.connection_removed' event registry
New gdb.TargetConnection object
New gdb.Inferior.connection property
New read-only attribute gdb.InferiorThread.details
New gdb.RemoteTargetConnection.send_packet method
New read-only attributes gdb.Type.is_scalar and gdb.Type.is_signed
The gdb.Value.format_string method now takes a 'styling' argument
Various new function in the "gdb" module
Miscellaneous:
The FreeBSD native target now supports async mode
Improved C++ template support
Support for disabling source highlighting through GNU of the Pygments
library instead.
The "print" command has been changed so as to print floating-point values
with a base-modifying formats such as "/x" to display the underlying bytes
of the value in the desired base.
The "clone-inferior" command now ensures that the TTY, CMD and ARGS settings
are copied from the original inferior to the new one. All modifications to
the environment variables done using the 'set environment' or 'unset
environment' commands are also copied to the new inferior.
Various new commands have been introduced
GDB 11.2 Released!
This is a minor corrective release over GDB 11.1, fixing the following issues:
PR sim/28302 (gdb fails to build with glibc 2.34)
PR build/28318 (std::thread support configure check does not use CXX_DIALECT)
PR gdb/28405 (arm-none-eabi: internal-error: ptid_t
remote_target::select_thread_for_ambiguous_stop_reply(const target_waitstatus*):
Assertion `first_resumed_thread != nullptr' failed)
PR tui/28483 ([gdb/tui] breakpoint creation not displayed)
PR build/28555 (uclibc compile failure since commit 4655f8509fd44e6efabefa373650d9982ff37fd6)
PR rust/28637 (Rust characters will be encoded using DW_ATE_UTF)
PR gdb/28758 (GDB 11 doesn't work correctly on binaries with a SHT_RELR
(.relr.dyn) section)
PR gdb/28785 (Support SHT_RELR (.relr.dyn) section)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Michael Tremer [Thu, 19 May 2022 09:40:27 +0000 (09:40 +0000)]
aws-cli: Update to 1.23.12
This package and python3-botocore have to match exactly. Amazon does not
seem to care too much about compatibility between different versions
which is why we need to keep both in sync.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 19 May 2022 09:40:25 +0000 (09:40 +0000)]
cloud: Execute user-data scripts at the end of initialization
This is useful when the user-data needs to reboot an instance.
Previously, some initialization did not happen which is now being done
first before the user-data script is being executed.
This gives users more flexibility about what they are doing in those
scripts.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 11 May 2022 08:40:30 +0000 (10:40 +0200)]
xfsprogs: Update to version 5.16.0
- Update from 5.14.2 to 5.16.0
- Update of rootfile
- Changelog
5.16.0
This release is almost 100% a libxfs sync. I'm trying to catch up, and the
next release will be 5.18.0-rc0, with both 5.17 and 5.18 libxfs changes synced.
(there are very few).
At that point I'll finally start pulling in more functional changes.
xfsprogs-5.16.0 (04 May 2022)
- libxfs: remove kernel stubs from xfs_shared.h (Eric Sandeen)
- debian: Generate .gitcensus instead of .census (Bastian Germann))
xfsprogs-5.16.0-rc0 (28 Apr 2022)
- libxfs changes merged from kernel 5.16
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Tue, 10 May 2022 10:31:55 +0000 (12:31 +0200)]
lzip: Update to version 1.23
- Update from 1.22 to 1.23
- Update of rootfile not required
- Changelog
Version 1.23 released.
* Decompression time has been reduced by 5-12% depending on the file.
* main.cc (getnum): Show option name and valid range if error.
* Improve several descriptions in manual, '--help', and man page.
* lzip.texi: Change GNU Texinfo category to 'Compression'.
(Reported by Alfred M. Szmidt).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Wed, 11 May 2022 08:39:35 +0000 (10:39 +0200)]
libnetfilter_cthelper: Update to version 1.0.1
- Update from version 1.0.0 to 1.0.1
- Update of rootfile not required
- Changelog
1.0.1
* Allow build on uclinux
* Use after free in nfct_helper_free()
* Double free in nfct-helper-add example
* Invalid argument error in nftc-helper-add
* Incorrect netlink message building with multiple nfct helper policies
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>