Adolf Belka [Thu, 8 Jul 2021 11:43:26 +0000 (13:43 +0200)]
perl-MIME-Lite: Update to version 3.033
- Update from 3.030 (Nov 2013) to 3.033 (Jun 2021)
- Update of rootfile not required
- Changelog
Version 3.033
No changes since previous version, just made non-trial.
Version 3.032
Fix an error in printing to Net::SMTP (thanks, Peter Heirich)
Add "use warnings" and require v5.6
Version 3.031
Add an SSL option to connect to the SMTP relay via SSL on port 465. (thanks,
Max Maischein)
Document some tips on using non-ASCII content with MIME::Lite (thanks,
traveljury.com and Tom Hukins)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Thu, 8 Jul 2021 11:43:11 +0000 (13:43 +0200)]
pcre: Update to version 8.45
- Update from 8.44 to 8.45
- Updated rootfile
- Checked the dependencies of the old lib versions using find-dependencies
nothing flagged
- Changelog
Version 8.45 15-June-2021
This is the final release of PCRE1. A few minor tidies are included.
1. CMakeLists.txt has two user-supplied patches applied, one to allow for the
setting of MODULE_PATH, and the other to support the generation of pcre-config
file and libpcre*.pc files.
2. There was a memory leak if a compile error occurred when there were more
than 20 named groups (Bugzilla #2613).
3. Fixed some typos in code and documentation.
4. Fixed a small (*MARK) bug in the interpreter (Bugzilla #2771).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Thu, 8 Jul 2021 11:42:51 +0000 (13:42 +0200)]
iproute2: Update to version 5.13.0
- Update from 5.12.0 to 5.13.0
- Update of rootfile not required
- Changelog is not available in source tarball and not on source website
Below info obtained from the commits from the git repository
devlink: Fix printf() type mismatches on 32-bit architectures Ben Hutchings
utils: Fix BIT() to support up to 64 bits on all architectures Ben Hutchings
uapi: update headers to 5.13 Stephen Hemminger
devlink: Fix link errors on some systems Roi Dayan
tc: pedit: add decrement operation Asbjørn Sloth Tønnesen
tc: pedit: parse_cmd: add flags argument Asbjørn Sloth Tønnesen
iplink: support for WWAN devices Sergey Ryazanov
iplink: add support for parent device Sergey Ryazanov
Import wwan.h uapi file David Ahern
man: fix syntax for ip link property Stephen Hemminger
seg6: add support for SRv6 End.DT46 Behavior Paolo Lungaroni
Update kernel headers David Ahern
utils: bump max args number to 512 for batch files Guillaume Nault
uapi: update kernel headers to 5.13-rc6 Stephen Hemminger
Merge branch 'devlink-rate-support' into next David Ahern
devlink: Add ISO/IEC switch Dmytro Linkin
devlink: Add port func rate support Dmytro Linkin
devlink: Add helper function to validate object handler Dmytro Linkin
Update kernel headers David Ahern
devlink: Add optional controller user input Parav Pandit
police: Add support for json output Roi Dayan
tc: fq: add horizon attributes Eric Dumazet
configure: convert LIBBPF environment variables to command-line options Hangbin Liu
configure: add options ability Hangbin Liu
ss: update ss man page Roman Mashak
tc: f_flower: Add missing ct_state flags to usage description Ariel Levkovich
tc: f_flower: Add option to match on related ct state Ariel Levkovich
libgenl: make genl_add_mcast_grp set errno on error Florian Westphal
lib/fs: fix issue when {name,open}_to_handle_at() is not implemented Heiko Thiery
config.mk: Rerun configure when it is newer than config.mk David Ahern
ip: dynamically size columns when printing stats Jakub Kicinski
seg6: add counters support for SRv6 Behaviors Paolo Lungaroni
tc: htb: improve burst error messages Andrea Claudi
tipc: bail out if key is abnormally long Andrea Claudi
tipc: bail out if algname is abnormally long Andrea Claudi
tipc: call a sub-routine in separate socket Hoang Le
tc-cake: update docs to include LE diffserv Tyson Moore
dcb: fix memory leak Andrea Claudi
dcb: fix return value on dcb_cmd_app_show Andrea Claudi
lib: bpf_legacy: avoid to pass invalid argument to close() Andrea Claudi
tc: q_ets: drop dead code from argument parsing Andrea Claudi
ip: align the name of the 'nohandler' stat Jakub Kicinski
Update kernel headers David Ahern
Merge branch 'rdma-copy-on-fork' into next David Ahern
rdma: Add copy-on-fork to get sys command Gal Pressman
rdma: update uapi headers Gal Pressman
mptcp: make sure flag signal is set when add addr with port Jianguo Wu
Merge branch 'main' into next David Ahern
ip: Add nodst option to macvlan type source Jethro Beekman
Merge branch 'rdma-resource-tracking' into next David Ahern
rdma: Add SRQ resource tracking information Neta Ostrovsky
rdma: Add context resource tracking information Neta Ostrovsky
rdma: Update uapi headers Neta Ostrovsky
Update kernel headers David Ahern
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Thu, 1 Jul 2021 21:26:04 +0000 (23:26 +0200)]
traceroute: Update to version 2.1.0
- Update from 2.0.18 (2011) to 2.1.0 (2016 - latest version)
- Update of rootfile not required
- Changelog
2016-03-08 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.1.0
* Improve the main loop for better interactivity.
Instead of waiting silently for maximum expiration time of probes
in progress, use timeout of the first probe (which will be printed
first from now) only.
* Speedup wait mechanism.
Traditional traceroute implementation always waited the whole timeout
for any probe. But if we already have some replies from the same hop,
or even from some next hop, we can use the round trip time
of such a reply as a hint to determine the actual reasonable
amount of time to wait.
Now the `-w' option has a form of three (in general) float values
separated by a comma (or a slash): `-w MAX_SECS,HERE,NEAR' .
(last two are optional). MAX_SECS specifies the maximum time
(in seconds) to wait, in any case.
The optional HERE specifies a factor to multiply the round trip time
of an already received response from the same hop.
The resulting value is used as a timeout for the probe, instead of
(but no more than) MAX_SECS. The optional NEAR specifies a similar
factor for a response from some next hop.
The time of the first found result is used in both cases.
First, we look for the same hop (of the probe which will be printed
first from now). If nothing found, then look for some next hop.
If nothing found, use MAX_SECS. If HERE and/or NEAR have zero values,
the corresponding computation is skipped.
HERE and NEAR are always set to zero if only MAX_SECS is specified
(which provides compatibility with previous versions). Thus, if your
scripts use `-w SECS', then nothing changed for you, since
the lonely SECS implies `-w SECS,0,0' .
Defaults are 5.0 seconds for MAX_SECS, 3.0 times for HERE and
10.0 times for NEAR.
Certainly, the new algorithm can lead to premature expiry
(especially when response times differ at times) and printing "*"
instead of a time. Anyway, you can always switch this algorithm off,
just by specifying `-w' with the desired timeout only (fe. `-w 5').
We continue to wait whole MAX_SECS when one probe per time
must be sent (`--sport', `-P proto'), because it seems more harmful
rather than helpful to try to wait less in such cases.
To provide compatibility with 2.0.x versions, use:
traceroute -w 5
(or any other desired `-w' value).
* Hint people to use the system traceroute(8) instead of
tcptraceroute wrapper (by providing a stderr header).
The using of this wrapper is a little bit harmful, since it has
less possibilities and a little different set of options.
For those who are used to use tcptraceroute in cmdline,
just create a link with that name to the system traceroute.
When invoked as "tcp*", it then behaves as `traceroute -T'.
(The simple manual page added for this case in the wrapper subdir).
The original tcptraceroute had some options differ ("lpNSAE"),
but they was rare used. Most common "dnFifmqwst" was just the same.
Therefore it should be painless to use the system binary directly,
instead of the limited wrapper (which is still provided indeed).
2016-02-15 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.22
* Some portability fixing and improvements (Felix Janda)
* Require clear numbers for options and arguments (Sergey Salnikov)
* Drop compilation date from the version string (Debian #774365)
* New tcp module option `reuse', which utilize SO_REUSEADDR
to reuse local port numbers for the huge workloads (Richard Sheehan)
* Avoid poll(2) call with spurious zero timeout in some rare cases
by rounding the value properly using ceil(3)
2014-11-12 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.21
* Fix `--mtu' and `-F' working on kernels >= 3.13
* Some manual page improving (Christopher Mann)
2014-06-14 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.20
* Describe all complementary long options in the man page (Jan Synacek)
* Use correct service name for AS lookups (Frederic Mangano)
* Avoid some rare case null dereference (geogriffin@jsgriff.com)
* Improve expiration check for simultaneous probes
2012-11-19 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.19
* DCCP protocol support (rfc4340), by Samuel Jero
Use "-D" option for it (the protocol-specific options
are available too).
* Update COPYING and COPYING.LIB license files to the latest
published ones (due to FSF address changes etc.) (Jan Synacek)
* Add mention of "-l" option to manual (Filip Holec)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Thu, 1 Jul 2021 21:25:48 +0000 (23:25 +0200)]
Text-Tabs+Wrap: Update to 2013.0523
- Update from 2005.0824 to 2013.0523 - latest version
- Update of rootfile required
- Changelog
= 2013/05/23
Change module 'NAME'
= 2013/05/22
Typos
= 2013/04/26
Minor test suite fixes - bug 81698.
Fixed bug 79766 -- an extraneous "=" in a regex.
Changed the license to qualify as an "open source" license.
= 2012/08/18
Packaging fix.
Minor documentation fixes.
= 2012/08/15
Minor fixes to test suites.
Added back versions to support old versions of perl.
= 2009/04/17
Added support for Unicode combining characters to both
Text::Tabs and Text::Wrap, plus a new test suite for each
of these new functionalities. --tchrist
= 2009/03/05
Test improvements from Dave Mitchel sent back in 2005...
Added code to increase $columns if it's not big enough to accommodate
the subsequent tab.
Minor documentation fixes from David Landgren <david at landgren.net>.
Use warnings::warnif instead of just warn for columns < 2. Appled per
request of Rafael Garcia-Suarez <rgarciasuarez at gmail.com>.
= 2006/11/17
Text::Tabs can handle newlines now so the BUGS section has been removed
per request from Aristotle Pagaltzis.
= 2006/07/11
Further bomb-proofing to pass more tests: Dan Jacobson <jidanni at
jidanni dot org> found another way to generate a "this shouldn't happen".
= 2006/07/05
Made documentation and code changes to address perlbug:
https://rt.perl.org/rt3/Ticket/Display.html?id=30229
Added in changes from the distributed-with-perl version. This took
care of perlbug: https://rt.perl.org/rt3/Ticket/Display.html?id=34902
It also took care of suggestion from Matthijs Bomhoff <matthijs
at bomhoff dot nl>.
Made documentation changes (added EXAMPLES) as per a suggestion
from Gabor Blasko <gblasko at cs dot columbia dot edu>
belg4mit at MIT dot EDU reported that $columns==1 die'd. No longer.
Added tests for each bug report.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 3350500 to 3360000
- Update of rootfile not required
- Changelog
Improvement to the EXPLAIN QUERY PLAN output to make it easier to understand.
Byte-order marks at the start of a token are skipped as if they were whitespace.
An error is raised on any attempt to access the rowid of a VIEW or subquery. Formerly, the rowid of a VIEW would be indeterminate and often would be NULL. The -DSQLITE_ALLOW_ROWID_IN_VIEW compile-time option is available to restore the legacy behavior for applications that need it.
The sqlite3_deserialize() and sqlite3_serialize() interfaces are now enabled by default. The -DSQLITE_ENABLE_DESERIALIZE compile-time option is no longer required. Instead, there is is a new -DSQLITE_OMIT_DESERIALIZE compile-time option to omit those interfaces.
The "memdb" VFS now allows the same in-memory database to be shared among multiple database connections in the same process as long as the database name begins with "/".
Back out the EXISTS-to-IN optimization (item 8b in the SQLite 3.35.0 change log) as it was found to slow down queries more often than speed them up.
Improve the constant-propagation optimization so that it works on non-join queries.
The REGEXP extension is now included in CLI builds.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Stefan Schantl [Wed, 30 Jun 2021 18:40:31 +0000 (20:40 +0200)]
Firewall: Proper allow to create REDIRECT rules.
This patch now proper allows to create rules for redirecting requests of a
given host, group or network(s) to a specified port or service to the
local IPFire system.
So it implements a very generic and easy to use feature to redirect
(for example all DNS, NTP, or whatever) requests to the a local running
instance and so to force usage of that local hosted service.
* The feature supports specifiying a single port and redirect the requests to another given one.
( For example requests to UDP 123 can be redirected to local UDP 1234
if you run an NTP server on that port.)
* It also supports direct usage of services or even service groups.
( So you can create a service group for DNS and redirect them to the
local recursor, or create a "redirected services" group which easily
can be managed...)
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 30 Jun 2021 17:47:07 +0000 (19:47 +0200)]
iperf3: Update to version 3.10.1
- Update from 3.9 to 3.10.1
- Update of rootfile not required
- Changelog
iperf-3.10.1 2021-06-03
* Notable user-visible changes
* Fixed a problem with autoconf scripts that made builds fail in
some environments (#1154 / #1155).
* Developer-visible changes
* GNU autoconf 2.71 or newer is now required to regenerate iperf3's
configure scripts.
iperf 3.10 2021-05-26
* Notable user-visible changes
* Fix a bug where some --reverse tests didn't terminate (#982 /
#1054).
* Responsiveness of control connections is slightly improved (#1045
/ #1046 / #1063).
* The allowable clock skew when doing authentication between client
and server is now configurable with the new --time-skew-threshold
(#1065 / #1070).
* Bitrate throttling using the -b option now works when a burst size
is specified (#1090).
* A bug with calculating CPU utilization has been fixed (#1076 /
#1077).
* A --bind-dev option to support binding sockets to a given network
interface has been added to make iperf3 work better with
multi-homed machines and/or VRFs (#817 / #1089 / #1097).
* --pidfile now works with --client mode (#1110).
* The server is now less likely to get stuck due to network errors
(#1101, #1125), controlled by the new --rcv-timeout option.
* Fixed a few bugs in termination conditions for byte or
block-limited tests (#1113, #1114, #1115).
* Added tcp_info.snd_wnd to JSON output (#1148).
* Some bugs with garbled JSON output have been fixed (#1086, #1118,
#1143 / #1146).
* Support for setting the IPv4 don't-fragment (DF) bit has been
added with the new --dont-fragment option (#1119).
* A failure with not being able to read the congestion control
algorithm under WSL1 has been fixed (#1061 / #1126).
* Error handling and error messages now make more sense in cases
where sockets were not successfully opened (#1129 / #1132 /
#1136, #1135 / #1138, #1128 / #1139).
* Some buffer overflow hazards were fixed (#1134).
* Notable developer-visible changes
* It is now possible to use the API to set/get the congestion
control algorithm (#1036 / #1112).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 30 Jun 2021 17:46:50 +0000 (19:46 +0200)]
intltool: Update to version 0.51.0
- Update from 0.40.5 (2008) to 0.51.0 (2015 - latest release)
- Update of rootfile3 not required
- Changelog is too long to include here
Changes from version 0.41.0 to 0.51.0 can be found at https://launchpad.net/intltool/+download
and in the ChangeLog files in the Source Tarballs
Changes prior to 0.41.0 can be found at https://download.gnome.org/sources/intltool/
in the ChangeLog files in the Source Tarballs
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 30 Jun 2021 17:46:31 +0000 (19:46 +0200)]
ghostscript: Update version to 9.54.0
- Update from 9.53.3 to 9.54.0
- Update rootfile
- delete patch related to FT_CALLBACK_DEF as fix has been implemented in the source
tarball
- Changelog highlights
Version 9.54.0 (2021-03-30)
The 9.54.0 release is a maintenance release, and also adds new functionality.
Highlights in this release include:
Overprint simulation is now available to all output devices, allowing quality previewing/proofing of PostScript and PDF jobs that rely on overprint. See the -dOverprint option documentation in: Overprint
The "docxwrite" device adds the ability to output to Microsoft Word "docx" format. See: docxwrite
The pdfwrite device is now capable of using the Tesseract OCR engine when it is built into Ghostscript to improve searchability and copy and paste functionality when the input lacks the metadata for that purpose. See: UseOCR
Ghostscript/GhostPDL now includes a "map text to black" function, where text drawn by an input job (except when drawn using a Type 3 font) can be forced to draw in solid black. See: BlackText
Ghostscript/GhostPDL now supports simple N-up imposition "internally". See: NupControl
Our efforts in code hygiene and maintainability continue.
The usual round of bug fixes, compatibility changes, and incremental improvements.
Full details of above highlights can be found at https://www.ghostscript.com/doc/9.54.0/History9.htm
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 30 Jun 2021 17:46:07 +0000 (19:46 +0200)]
alsa: Update to version 1.2.5.1
- Not really sure if a sound support capability is really appropriate for a firewall. I
wouldn't have it. However if it stays as an add-on then it should be up to date.
- Update alsa-lib from 1.0.27.1 (2013) to 1.2.5.1 (2021)
- Update alsa-utils from 1.0.27.1 (2013) to 1.2.5.1 (2021)
- Update alsa-firmware from 1.0.27 (2013) to 1.2.4 (2020)
- Update rootfile
- Changelog is too large to include here. Changes back to 2019-11-20 can be found at
https://www.alsa-project.org/wiki/Main_Page
Earlier changes have to be found from the git commits at
https://github.com/alsa-project/alsa-lib and
https://github.com/alsa-project/alsa-utils
There is no changelog or git commits that I have been able to find for alsa-firmware
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Previously, the getcolor() function did not correctly process IPsec
N2N connections with more than one remote network configured, resulting
in networks mistakenly marked as being part of a VPN connection, or vice
versa.
Fixes: #11235 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Acked-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Peter Müller [Thu, 22 Apr 2021 16:15:22 +0000 (18:15 +0200)]
general-functions.pl: do not miscalculate when enumerating IPsec N2N subnet membership
Fixes: #11235 Cc: Alexander Marx <alexander.marx@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Mon, 19 Jul 2021 10:54:50 +0000 (10:54 +0000)]
README: Update installation URL
Reported-by: Konrad Panzlaff <konrad.panzlaff@pa-bu.de> Fixes: #12661 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 14 Jul 2021 20:41:39 +0000 (22:41 +0200)]
tshark: Update to version 3.4.6
- Update from 3.4.3 to 3.4.6
- Update rootfile
- Changelog
Wireshark 3.4.6 Release Notes
What’s New
The Windows installers now ship with Npcap 1.31. They previously
shipped with Npcap 1.10.
The Windows installers now ship with Qt 5.15.2. They previously
shipped with Qt 5.12.1.
Bug Fixes
• wnpa-sec-2021-04[1] DVB-S2-BB dissector infinite loop
The following bugs have been fixed:
• Macro filters can’t handle escaped characters Issue 17160[2].
• Display filter crashes Wireshark Issue 17316[3].
• IEEE-1588 Signalling Unicast TLV incorrectly reported as being
malformed Issue 17355[4].
• IETF QUIC TLS decryption error with extraneous packets during the
handshake Issue 17383[5].
• Statistics → Resolved Addresses: multi-protocol (TCP/UDP/…)
ports not displayed Issue 17395[6].
New and Updated Features
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
DNP, DVB-S2-BB, ProtoBuf, PTP, QUIC, RANAP, and TACACS
New and Updated Capture File Support
Ascend, ERF, K12, NetScaler, and pcapng
Wireshark 3.4.5 Release Notes
What’s New
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2021-04[1] MS-WSP dissector excessive memory
consumption. Issue 17331[2].
The following bugs have been fixed:
• TShark does not print GeoIP information Issue 14691[3].
• TShark error when piping to "head" Issue 16192[4].
• Parts of ASCII representation in Packet Bytes pane are missing
Issue 17087[5].
• Buildbot crash output: fuzz-2021-02-22-1012761.pcap Issue
17254[6].
• NDPE attribute of NAN packet is not dissected Issue 17278[7].
• TECMP: reserved flag interpreted as part of timestamp Issue
17279[8].
• Master branch does not compile at least with gcc-11 Issue
17281[9].
• DNS IXFR/AXFR multiple response Issue 17293[10].
• File too large Issue 17301[11].
• Build fails with CMake 3.20 Issue 17314[12].
New and Updated Features
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
DECT, DNS, EAP, Kerberos, LDAP, MS-WSP, SMB2, Sysdig, TECMP, and WiFi
NAN
New and Updated Capture File Support
pcapng
Wireshark 3.4.4 Release Notes
What’s New
Bug Fixes
The following vulnerabilities have been fixed:
• wnpa-sec-2021-03[1] Wireshark could open unsafe URLs. Issue
17232[2]. CVE-2021-22191[3].
The following bugs have been fixed:
• NTP Version 3 Client Decode PDML output issue (Reference ID
Issue) Issue 17112[4].
• 3.4.2: public wireshark include files are including build time
"config.h" Issue 17190[5].
• wireshark-3.4.3/epan/dissectors/packet-s7comm.c:3521: bad array
index ? Issue 17198[6].
• SIP protocol: P-Called-Party-ID header mixed up with
P-Charge-Info header Issue 17215[7].
• Asterix CAT010 Decode Error Issue 17226[8].
• _ws.expert columns not populated for IPv4 Issue 17228[9].
• Buildbot crash output: fuzz-2021-02-12-1651908.pcap Issue
17233[10].
• gQUIC: Wireshark 3.4.3 fails to dissect a packet (gQUIC q024)
that v3.2.6 succeeds. Issue 17250[11].
New and Updated Features
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ASTERIX, Frame Relay, GQUIC, NTP, NVMe Fabrics RDMA, S7COMM, and SIP
New and Updated Capture File Support
iSeries
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 14 Jul 2021 20:41:23 +0000 (22:41 +0200)]
tftpd: Update to version 5.2
- Update from 0.48 (2007) to 5.2 (2011)
Version 5.2 is the last update made to this program
- Update to rootfile
- Changelog
Changes in 5.2:
Fix breakage on newer Linux when a single interface has
multiple IP addresses.
Changes in 5.1:
Add -P option to write a PID file. Patch by Ferenc Wagner.
Bounce the syslog socket in standalone mode, in case the
syslog daemon has been restarted. Patch by Ferenc Wagner.
Build fixes.
Fix handling of block number wraparound after a successful
options negotiation.
Fix a buffer overflow in option parsing.
Changes in 5.0:
Try to on platforms with getaddrinfo() without AI_ADDRCONFIG or
AI_CANONNAME.
Implement the "rollover" option, for clients which want block
number to rollover to anything other than zero.
Correctly disable PMTU in standalone mode. Patch by Florian
Lohoff.
Changes in 0.49:
Add IPv6 support. Patch by Karsten Keil.
Support systems with editline instead of readline.
Support long options in the server.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Wed, 14 Jul 2021 11:37:12 +0000 (13:37 +0200)]
samba: Update version to 4.14.6
- Update from 4.14.4 to 4.14.6
- Update of rootfile not required
- Changelog
Release Notes for Samba 4.14.6
* BUG 14722: s3: lib: Fix talloc heirarcy error in parent_smb_fname().
* BUG 14732: smbd: Fix pathref unlinking in create_file_unixpath().
* BUG 14734: s3: VFS: default: Add proc_fd's fallback for vfswrap_fchown().
* BUG 14736: s3: smbd: Remove erroneous TALLOC_FREE(smb_fname_parent) in
change_file_owner_to_parent() error path.
* BUG 14730: NT_STATUS_FILE_IS_A_DIRECTORY error messages when using
glusterfs VFS module.
* BUG 14734: s3/modules: fchmod: Fallback to path based chmod if pathref.
* BUG 14740: Spotlight RPC service doesn't work with vfs_glusterfs.
* BUG 14750: gensec_krb5: Restore ipv6 support for kpasswd.
* BUG 14752: smbXsrv_{open,session,tcon}: protect
smbXsrv_{open,session,tcon}_global_traverse_fn against invalid records.
* BUG 14027: samba-tool domain backup offline doesn't work against bind DLZ
backend.
* BUG 14669: netcmd: Use next_free_rid() function to calculate a SID for
restoring a backup.
Release Notes for Samba 4.14.5
* BUG 14696: s3: smbd: SMB1 SMBsplwr doesn't send a reply packet on success.
* BUG 14708: s3: smbd: Ensure POSIX default ACL is mapped into returned
Windows ACL for directory handles.
* BUG 14721: s3: smbd: Fix uninitialized memory read in
process_symlink_open() when used with vfs_shadow_copy2().
* BUG 14689: docs: Expand the "log level" docs on audit logging.
* BUG 14714: smbd: Correctly initialize close timestamp fields.
* BUG 14699: Fix gcc11 compiler issues.
* BUG 14718: docs-xml: Update smbcacls manpage.
* BUG 14719: docs: Update list of available commands in rpcclient.
* BUG 14475: ctdb: Fix a crash in run_proc_signal_handler().
* BUG 14695: s3:winbind: For 'security = ADS' require realm/workgroup to be
set.
* BUG 14699: lib:replace: Do not build strndup test with gcc 11 or newer.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Fri, 16 Jul 2021 11:12:58 +0000 (13:12 +0200)]
libcdada: Patch file to allow build to work with GCC 11 and update version to 0.3.5
- Update from 0.3.4 to 0.3.5
- Created libcdada-0.3.5-Werror.patch based on the gentoo 0.3.5 patch to remove -Werror
flags from the configure. This was flagging up warnings as errors and stopping
the build
- Removed the SUP_ARCH line to allow it to build again
- Added --without-tests and --without-checks to the ./configure statement. This prevents
the test and checks being built
- Removed libcdada-0.3.4-use-shared-library-for-tests-and-examples-build.patch as no
longer needed with the tests and checks no longer being built
- No update required for rootfile
- Changelog
v0.3.5 (20th April 2021)
New
- Improved public API documentation
- build: add --without-tests --without-examples build options
Bug fix
- Fix `E_EMPTY` return codes set/map/list/stack/queue
- Fix `make check` when valgrind is not installed
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Fri, 16 Jul 2021 11:12:57 +0000 (13:12 +0200)]
pmacct: Patch file to allow build to work with GCC 11
- Created pmacct-1.7.6-Werror.patch to remove -Werror flags from the configure
This was flagging up warnings as errors and stopping the build
- Removed the SUP_ARCH line to allow it to build again
- No update required to the rootfile
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Sun, 11 Jul 2021 13:12:15 +0000 (14:12 +0100)]
make.sh: Explicitely call zstd to extract toolchain
Some older versions of tar do not recognise Zstandard, yet.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Tested-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Tue, 13 Jul 2021 16:27:59 +0000 (16:27 +0000)]
cdrom: Compress file system image using Zstandard
This patch uses the new Zstandard algorithm to compress the file system
image on the ISO image. This comes with these advantages:
* Compression is about twice as fast than XZ with the parameters we have
selected here
* We use a lot less memory during compression and can therefore utilise
all processor cores of the build machines
* Decompression (when installing IPFire and when creating the
flash-image) is substantically faster
The downside is that the generated ISO image is slighty larger (~10MiB)
which I am okay with as a trade-off for the points mentioned above.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Tue, 13 Jul 2021 15:44:20 +0000 (15:44 +0000)]
installer: Fix reading /proc/cmdline when launched by GRUB
The installer was reading the kernel command line and was looking for
certain values which configured the installer.
GRUB appended a trailing newline character which was not accounted for
and caused that the last parameter was not correctly compared to the
list of possible keys.
Fixes: #12656 - core 157: unattended installation don't work as expected on EFI Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Tue, 13 Jul 2021 10:11:31 +0000 (10:11 +0000)]
aws: Enable serial console by default
AWS for some time now has a serial console feature which is enabled by
default on all systems. The VGA console is not enabled for any new
non-x86 instance types and not interactive.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
with kernel 5.10.x also the reading of s.m.a.r.t. data to update
the temperatur graphs is countet as disk read so update the stored
value after reading.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Fri, 9 Jul 2021 16:17:43 +0000 (16:17 +0000)]
stripper: Handle capabilities
During the build process, we set capabilities to elevate privileges of
certain progrems (e.g. ping). These have been removed during the build
process because of strip.
This patch collects any capabilities from all files that are being
stripped and restores them after calling strip.
Fixes: #12652 Reported-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Acked-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Wed, 7 Jul 2021 17:27:14 +0000 (19:27 +0200)]
Pakfire: call "sync" in function.sh after having extracted archives
After upgrading to Core Update 157, a few number of users reported their
systems to be unworkable after a reboot. Most of them (the systems, not
the users) were apparently missing the new Linux kernel in their Grub
configuration, causing a non-functional bootloader written to disk.
While we seem to be able to rule out issues related to poor storage
(SDDs, flash cards, etc.) or very high I/O load, it occurred to me we
are not calling "sync" after having extracted a Core Update's .tar.gz
file.
This patch therefore proposes to do so. It is a somewhat homeopathic
approach, though, but might ensure all parts of the system to have
properly processed the contents of an extracted archive. While we cannot
even reasonably guess it will solve the problem(s) mentioned initially,
doing so cannot hurt either.
See also:
https://community.ipfire.org/t/after-update-ipfire-to-157-no-boot/5641/45
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Tue, 6 Jul 2021 16:08:29 +0000 (18:08 +0200)]
ddns.cgi: Fix sanity check logic.
The input validation did not work in the proper way. It allways
reported "No password" when using a provider which supports token and
the token has been given.
This of course is wrong and leaded to unuseable providers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>