Adolf Belka [Mon, 24 Jan 2022 10:05:52 +0000 (11:05 +0100)]
python3-dateutil: Update to version 2.8.2 and python-3.10
- Update from 2.8.1 to 2.8.2
- Update of rootfile
- Changelog
Version 2.8.2 (2021-07-08)
Data updates
- Updated tzdata version to 2021a. (gh pr #1128)
Bugfixes
- Fixed a bug in the parser where non-``ValueError`` exceptions would be raised
during exception handling; this would happen, for example, if an
``IllegalMonthError`` was raised in ``dateutil`` code. Fixed by Mark Bailey.
(gh issue #981, pr #987).
- Fixed the custom ``repr`` for ``dateutil.parser.ParserError``, which was not
defined due to an indentation error. (gh issue #991, gh pr #993)
- Fixed a bug that caused ``b'`` prefixes to appear in parse_isodate exception
messages. Reported and fixed by Paul Brown (@pawl) (gh pr #1122)
- Make ``isoparse`` raise when trying to parse times with inconsistent use of
`:` separator. Reported and fixed by @mariocj89 (gh pr #1125).
- Fixed ``tz.gettz()`` not returning local time when passed an empty string.
Reported by @labrys (gh issues #925, #926). Fixed by @ffe4 (gh pr #1024)
Documentation changes
- Rearranged parser documentation into "Functions", "Classes" and "Warnings and
Exceptions" categories. (gh issue #992, pr #994).
- Updated ``parser.parse`` documentation to reflect the switch from
``ValueError`` to ``ParserError``. (gh issue #992, pr #994).
- Fixed methods in the ``rrule`` module not being displayed in the docs. (gh pr
#1025)
- Changed some relative links in the exercise documentation to refer to the
document locations in the input tree, rather than the generated HTML files in
the HTML output tree (which presumably will not exist in non-HTML output
formats). (gh pr #1078).
Misc
- Moved ``test_imports.py``, ``test_internals.py`` and ``test_utils.py`` to
pytest. Reported and fixed by @jpurviance (gh pr #978)
- Added project_urls for documentation and source. Patch by @andriyor (gh pr
#975).
- Simplified handling of bytes and bytearray in ``_parser._timelex``. Reported
and fixed by @frenzymadness (gh issue #1060).
- Changed the tests against the upstream tz database to always generate fat
binaries, since until GH-590 and GH-1059 are resolved, "slim" zic binaries
will cause problems in many zones, causing the tests to fail. This also
updates ``zoneinfo.rebuild`` to always generate fat binaries. (gh pr #1076).
- Moved sdist and wheel generation to use `python-build`. Reported and fixed by
@mariocj89 (gh pr #1133).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Mon, 24 Jan 2022 09:58:49 +0000 (10:58 +0100)]
python3-daemon: Update to version 2.3.0 and python-3.10
- Update from 2.1.1 (2016) to 2.3.0 (2021)
- Update of rootfile
- A build dependency has been added for twine. As this is to support the upload of
packages to PyPI it will not be used for IPFire. The changelog just notes the addition
of twine as a build dependency without any explanation. See entry in version 2.2.4
No other change was made when this dependency was added to setup.py
Adding twine added 9 further dependencies some of which caused further dependencies and
so on. 19 additional new packages were reached and the system was still coming up with
more.
Created a patch to remove the twine build dependency from setup.py
Subsequently found other people had done the same thing as there was no response to
requests from other people to not have it as a build dependency for situations where
packages were not going to be uploaded to PyPI.
- Changelog
Version 2.3.0
:Released: 2021-02-21
:Maintainer: Ben Finney <ben+python@benfinney.id.au>
Removed:
* Remove support for Python versions older than Python 3.
Python 2 has been unsupported by the Python project since 2020.
* Remove dependency on back-ported `unittest2` and `mock`.
Depend instead on standard library `unittest` and `unittest.mock`.
Thanks to Michał Górny for the merge requests.
Version 2.2.4
:Released: 2019-10-27
:Maintainer: Ben Finney <ben+python@benfinney.id.au>
Bugs Fixed:
* Run the Setuptools `egg-info` command as part of the `build`
command. Closes: Pagure #31. Thanks to Stanislav Levin for the bug report and
diagnosis.
* Create the socket and catch “non-socket” errors. Closes: Pagure #34. Thanks to Miro Hrončok for the bug report and
patch.
* Only deal with a range of file descriptors if the range is not empty. Closes: Pagure #39. Thanks to Alex Pyrgiotis for the test scenario.
* Declare Twine as a build dependency.
* Reformat the change log entries with keepachangelog.com sub-sections.
Changed:
* Upgrade Tox dependency to version “3.7.0”.
Thanks to Miro Hrončok for the contribution.
* Significant speed-up to discovery of file descriptors to close.
By using a native `tuple` for the heavily-used file descriptor range
representation, this gives approximately 5× faster calls to
`close_all_open_files` in the typical case. This partially addresses
Pagure #40.
Thanks to Alex Pyrgiotis for testing various alternative proposals.
* Refactor the build system to use Makefile modules for each topic.
Version 2.2.3
:Released: 2019-01-21
:Maintainer: Ben Finney <ben+python@benfinney.id.au>
Bugs Fixed:
* Use custom fake file type for testing `fileno` behaviour.
This works around an incompatibility in Python 2.7 `file` type that
caused test cases to fail.
Deprecated:
* Promote the warning for `runner` module to a `DeprecationWarning`.
This has been an unofficial example module from the beginning, and
it will be removed in a future version.
Version 2.2.2
:Released: 2019-01-19
:Maintainer: Ben Finney <ben+python@benfinney.id.au>
Bugs Fixed:
* Remove from the build system specification a white space character
not permitted in TOML format.
Added:
* Implement test suite automation in virtualenvs, using Tox.
Version 2.2.1
:Released: 2019-01-18
:Maintainer: Ben Finney <ben+python@benfinney.id.au>
Added:
* Add a :PEP:`518` conformant build system specification (the
``pyproject.toml`` file).
Version 2.2.0
:Released: 2018-08-15
:Maintainer: Ben Finney <ben+python@benfinney.id.au>
Bugs Fixed:
* Correct the description of the return value for
`daemon.is_detach_process_context_required`. Closes: Pagure #6.
* Set a sensible default for `Distribution.script_name`.
This works around a bug in Setuptools which calls commands before
the `Distribution` is initialised. Closes: Pagure #2.
Changed:
* The test suite now relies on the test discovery feature in
‘unittest’. This feature is in Python version 2.7 and later.
* Improve performance of `daemon.close_all_open_files`.
Thanks to Darek Działak for the implementation. Closes: Pagure #10.
Version 2.1.2
:Released: 2016-10-26
:Maintainer: Ben Finney <ben+python@benfinney.id.au>
Added:
* Add a README document for the code base.
Changed:
* Migrate code project hosting to Pagure.
Record the change of homepage URL in PyPI metadata.
Deprecated:
* Raise a warning that the ‘runner’ module is pending deprecation.
This has been an unofficial example module from the beginning, and
it will be removed in a future version.
Bugs Fixed:
* Ensure custom types are part of the Python type hierarchy.
* Avoid a circular dependency for the version string at install time.
Thanks to Maarten van Gompel for the reproducible test case.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Mon, 24 Jan 2022 09:55:21 +0000 (10:55 +0100)]
python3-colorama: Update to version 0.4.4 and python-3.10
- Update from 0.4.3 to 0.4.4
- Update of rootfile
- Changelog
0.4.4: Automate release workflow on Windows too.
I initially hoped to have a single Makefile or script that
worked on Linux and Windows, but was unable to make it work
without massive over-complication.
So now we have makefile targets for Linux, and powershell
scripts for Windows. Documented in the README.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Mon, 24 Jan 2022 09:34:40 +0000 (10:34 +0100)]
python3-botocore: Update to version 1.23.21 and python-3.10
- Update from 1.19.28 to 1.23.21
- Update of rootfile
- Changelog is too large to include here. For details see the changelog at
https://github.com/boto/botocore/blob/develop/CHANGELOG.rst
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Thu, 20 Jan 2022 13:09:09 +0000 (14:09 +0100)]
python3-msgpack: removal as borgbackup uses bundled version
- borgbackup is only package identfied to be using python3-msgpack
- borgbackup has been using its own bundled version of msgpack since version 1.1.10
- Removal of lfs and rootfiles
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Thu, 20 Jan 2022 13:06:07 +0000 (14:06 +0100)]
borgbackup: Update to version 1.1.17 to work with python-3.10
- Update from 1.1.13 to 1.1.17
- Update of rootfile
- Changelog
Version 1.1.17 (2021-07-12)
- 1.1.17 install_requires the "packaging" pypi package now.
Fixes:
- pyinstaller dir-mode: fix pyi detection / LIBPATH treatment, #5897
- handle crash due to kill stale lock race, #5828
- fix BORG_CACHE_DIR crashing borg if empty, #5216
- create --dry-run: fix display of kept tagfile, #5834
- fix missing parameter in "did not consistently fail" msg, #5822
- missing / healed chunks: always tell chunk ID, #5704
- benchmark: make sure cleanup happens even on exceptions, #5630
New features:
- implement BORG_SELFTEST env variable, #5871.
this can be used to accelerate borg startup a bit. not recommended for
normal usage, but borg mass hosters with a lot of borg invocations can
save some resources with this. on my laptop, this saved ~100ms cpu time
(sys+user) per borg command invocation.
- implement BORG_LIBC env variable to give the libc filename, #5870.
you can use this if a borg does not find your libc.
- check: add progress indicator for archive check.
- allow --files-cache=size (not recommended, make sure you know what you do)
Other changes:
- Python 3.10 now officially supported!
we test on py310-dev on github CI since a while and now also on the vagrant
machines, so it should work ok.
- github CI: test on py310 (again)
- get rid of distutils, use packaging and setuptools.
distutils is deprecated and gives warnings on py 3.10.
- setup.py: rename "clean" to "clean2" to avoid shadowing the "clean" command.
- remove libc filename fallback for the BSDs (there is no "usual" name)
- cleanup flake8 checks, fix some pep8 violations.
- docs building: replace deprecated function ".add_stylesheet()" for Sphinx 4 compatibility
- docs:
- add a hint on sleeping computer and ssh connections, #5301
- update the documentation on hacked backup client, #5480
- improve docs/FAQ about append-only remote repos, #5497
- complement the documentation for pattern files and exclude files, #5520
- "filename with spaces" example added to exclude file, #5236
note: no whitespace escaping needed, processed by borg.
- add info on renaming repositories, #5240
- clarify borg check --verify-data, #5808
- add notice about defective hardware to check documentation, #5753
- add paragraph added in #5855 to utility documentation source
- add missing leading slashes in help patterns, #5857
- clarify "you will need key and passphrase" borg init warning, #4622
- pull mode: add some warnings, #5827
- mention tar --compare (compare archive to fs files), #5880
- fix typos, backport of #5597
- vagrant:
- add py3.7.11 for binary build, also add 3.10-dev.
- use latest Cython 0.29.23 for py310 compat fixes.
- more RAM for openindiana upgrade plan resolver, it just hangs (swaps?) if
there is too little RAM.
- fix install_pyenv to adapt to recent changes in pyenv (same as in master now).
- use generic/netbsd9 box, copied from master branch.
Version 1.1.16 (2021-03-23)
Fixes:
- setup.py: add special openssl prefix for Apple M1 compatibility
- do not recurse into duplicate roots, #5603
- remove empty shadowed_segments lists, #5275, #5614
- fix libpython load error when borg fat binary / dir-based binary is invoked
via a symlink by upgrading pyinstaller to v4.2, #5688
- config: accept non-int value (like 500M or 100G) for max_segment_size or
storage_quota, #5639.
please note: when setting a non-int value for this in a repo config,
using the repo will require borg >= 1.1.16.
New features:
- bundled msgpack: drop support for old buffer protocol to support Python 3.10
- verbose files cache logging via --debug-topic=files_cache, #5659.
Use this if you suspect that borg does not detect unmodified files as expected.
- create/extract: add --noxattrs and --noacls option, #3955.
when given with borg create, borg will not get xattrs / ACLs from input files
(and thus, it will not archive xattrs / ACLs). when given with borg extract,
borg will not read xattrs / ACLs from archive and will not set xattrs / ACLs
on extracted files.
- diff: add --json-lines option, #3765
- check: debug log segment filename
- borg debug dump-hints
Other changes:
- Tab completion support for additional archives for 'borg delete'
- repository: deduplicate code of put and delete, no functional change
- tests: fix result order issue (sporadic test failure on openindiana)
- vagrant:
- upgrade pyinstaller to v4.2, #5671
- avoid grub-install asking interactively for device
- remove the xenial box
- update freebsd box to 12.1
- docs:
- update macOS install instructions, #5677
- use macFUSE (not osxfuse) for Apple M1 compatibility
- update docs for dev environment installation instructions, #5643
- fix grammar in faq
- recomend running tests only on installed versions for setup
- add link back to git-installation
- remove /var/cache exclusion in example commands, #5625.
This is generally a poor idea and shouldn't be promoted through examples.
- add repology.org badge with current packaging status
- explain hash collision
- add unsafe workaround to use an old repo copy, #5722
Version 1.1.15 (2020-12-25)
Fixes:
- extract:
- improve exception handling when setting xattrs, #5092.
- emit a warning message giving the path, xattr key and error message.
- continue trying to restore other xattrs and bsdflags of the same file
after an exception with xattr-setting happened.
- export-tar:
- set tar format to GNU_FORMAT explicitly, #5274
- fix memory leak with ssh: remote repository, #5568
- fix potential memory leak with ssh: remote repository with partial extraction
- create: fix --dry-run and --stats coexistence, #5415
- use --timestamp for {utcnow} and {now} if given, #5189
New features:
- create: implement --stdin-mode, --stdin-user and --stdin-group, #5333
- allow appending the files cache filename with BORG_FILES_CACHE_SUFFIX env var
Other changes:
- drop python 3.4 support, minimum requirement is 3.5 now.
- enable using libxxhash instead of bundled xxh64 code
- update llfuse requirements (1.3.8)
- set cython language_level in some files to fix warnings
- allow EIO with warning when trying to hardlink
- PropDict: fail early if internal_dict is not a dict
- update shell completions
- tests / CI
- add a test for the hashindex corruption bug, #5531 #4829
- fix spurious failure in test_cache_files, #5438
- added a github ci workflow
- reduce testing on travis, no macOS, no py3x-dev, #5467
- travis: use newer dists, native py on dist
- vagrant:
- remove jessie and trusty boxes, #5348 #5383
- pyinstaller 4.0, build on py379
- binary build on stretch64, #5348
- remove easy_install based pip installation
- docs:
- clarify '--one-file-system' for btrfs, #5391
- add example for excluding content using the --pattern cmd line arg
- complement the documentation for pattern files and exclude files, #5524
- made ansible playbook more generic, use package instead of pacman. also
change state from "latest" to "present".
- complete documentation on append-only remote repos, #5497
- internals: rather talk about target size than statistics, #5336
- new compression algorithm policy, #1633 #5505
- faq: add a hint on sleeping computer, #5301
- note requirements for full disk access on macOS Catalina, #5303
- fix/improve description of borg upgrade hardlink usage, #5518
- modernize 1.1 code:
- drop code/workarounds only needed to support Python 3.4
- remove workaround for pre-release py37 argparse bug
- removed some outdated comments/docstrings
- requirements: remove some restrictions, lock on current versions
Version 1.1.14 (2020-10-07)
- 1.1.14 changes return codes due to a bug fix:
In case you have scripts expecting rc == 2 for a signal exit, you need to
update them to check for >= 128 (as documented since long).
Fixes:
- check --repair: fix potential data loss when interrupting it, #5325
- exit with 128 + signal number (as documented) when borg is killed by a signal, #5161
- fix hardlinked CACHEDIR.TAG processing, #4911
- create --read-special: .part files also should be regular files, #5217
- llfuse dependency: choose least broken 1.3.6/1.3.7.
1.3.6 is broken on python 3.9, 1.3.7 is broken on FreeBSD.
Other changes:
- upgrade bundled xxhash to 0.7.4
- self test: if it fails, also point to OS and hardware, #5334
- pyinstaller: compute basepath from spec file location
- prettier error message when archive gets too big, #5307
- check/recreate are not "experimental" any more (but still potentially dangerous):
- recreate: remove extra confirmation
- rephrase some warnings, update docs, #5164
- shell completions:
- misc. updates / fixes
- support repositories in fish tab completion, #5256
- complete $BORG_RECREATE_I_KNOW_WHAT_I_AM_DOING
- rewrite zsh completion:
- completion for almost all optional and positional arguments
- completion for Borg environment variables (parameters)
- use "allow/deny list" instead of "white/black list" wording
- declare "allow_cache_wipe" marker in setup.cfg to avoid pytest warning
- vagrant / tests:
- misc. fixes / updates
- use python 3.5.10 for binary build
- build directory-based binaries additionally to the single file binaries
- add libffi-dev, required to build python
- use cryptography<3.0, more recent versions break the jessie box
- test on python 3.9
- do brew update with /dev/null redirect to avoid "too much log output" on travis-ci
- docs:
- add ssh-agent pull backup method docs, #5288
- how to approach borg speed issues, #5371
- mention double --force in prune docs
- update Homebrew install instructions, #5185
- better description of how cache and rebuilds of it work
- point to borg create --list item flags in recreate usage, #5165
- add security faq explaining AES-CTR crypto issues, #5254
- add a note to create from stdin regarding files cache, #5180
- fix borg.1 manpage generation regression, #5211
- clarify how exclude options work in recreate, #5193
- add section for retired contributors
- update Homebrew install instructions, #5185
- better description of how cache and rebuilds of it work
- point to borg create --list item flags in recreate usage, #5165
- add security faq explaining AES-CTR crypto issues, #5254
- add a note to create from stdin regarding files cache, #5180
- fix borg.1 manpage generation regression, #5211
- clarify how exclude options work in recreate, #5193
- add section for retired contributors
- hint about not misusing private email addresses of contributors for borg support
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Thu, 20 Jan 2022 12:57:38 +0000 (13:57 +0100)]
python3-pyproject2setuppy: Required for build of python3-tomli
- pyproject2setuppy only required for build of python3-tomli so rootfile has all entries
commented out.
- python3-tomli has no setup.py file so pyproject2setuppy used to convert pyproject.toml
file into a setup.py file
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Thu, 20 Jan 2022 12:51:38 +0000 (13:51 +0100)]
python3-setuptools-scm: Update to version 6.3.2
- Update from 3.2.0 (Jan 2019) to 6.3.2 (Sep 2021)
- Update of rootfile
- Changelog
6.3.2
* fix #629: correctly convert Version data in tags_to_version parser to avoid errors
6.3.1
* fix #625: restore tomli in install_requires after the regression changes in took it out
and some users never added it even tho they have pyproject.toml files
6.3.0
.. warning::
This release explicitly warns on unsupported setuptools.
This unfortunately has to happen as the legacy ``setup_requires`` mechanism
incorrectly configures the setuptools working-set when a more recent setuptools
version than available is required.
As all releases of setuptools are affected as the historic mechanism
for ensuring a working setuptools setup was shipping a ``ez_setup`` file
next to ``setup.py``, which would install the required version of setuptools.
This mechanism has long since been deprecated and removed
as most people haven't been using it
* fix #612: depend on packaging to ensure version parsing parts
* fix #611: correct the typo that hid away the toml extra and add it in ``setup.py`` as well
* fix #615: restore support for the git_archive plugin which doesn't pass over the config
* restore the ability to run on old setuptools while to avoid breaking pipelines
v6.2.0
* fix #608: resolve tomli dependency issue by making it a hard dependency
as all intended/supported install options use pip/wheel this is only a feature release
* ensure python 3.10 works
v6.1.1
* fix #605: completely disallow bdist_egg - modern enough setuptools>=45 uses pip
* fix #606: re-integrate and harden toml parsing
* fix #597: harden and expand support for figuring the current distribution name from
`pyproject.toml` (`project.name` or `tool.setuptools_scm.dist_name`) section or `setup.cfg` (`metadata.name`)
v6.1.0
* fix #587: don't fail file finders when distribution is not given
* fix #524: new parameters ``normalize`` and ``version_cls`` to customize the version normalization class.
* fix #585: switch from toml to tomli for toml 1.0 support
* fix #591: allow to opt in for searching parent directories in the api
* fix #589: handle yaml encoding using the expected defaults
* fix #575: recommend storing the version_module inside of ``mypkg/_version.py``
* fix #571: accept branches starting with ``v`` as release branches
* fix #557: Use ``packaging.version`` for ``version_tuple``
* fix #544: enhance errors on unsupported python/setuptools versions
v6.0.1
* fix #537: drop node_date on old git to avoid errors on missing %cI
v6.0.0
* fix #517: drop dead python support >3.6 required
* drop dead setuptools support > 45 required (can install wheels)
* drop egg building (use wheels)
* add git node_date metadata to get the commit time-stamp of HEAD
* allow version schemes to be priority ordered lists of version schemes
* support for calendar versioning (calver) by date
v5.0.2
* fix #415: use git for matching prefixes to support the windows situation
v5.0.1
* fix #509: support ``SETUPTOOLS_SCM_PRETEND_VERSION_FOR_${DISTRIBUTION_NAME}`` for ``pyproject.toml``
v5.0.0
Breaking changes:
* fix #339: strict errors on missing scms when parsing a scm dir to avoid false version lookups
v5.0.2
* fix #415: use git for matching prefixes to support the windows situation
v5.0.1
* fix #509: support ``SETUPTOOLS_SCM_PRETEND_VERSION_FOR_${DISTRIBUTION_NAME}`` for ``pyproject.toml``
v5.0.0
Breaking changes:
* fix #339: strict errors on missing scms when parsing a scm dir to avoid false version lookups
* fix #337: if relative_to is a directory instead of a file,
consider it as direct target instead of the containing folder and print a warning
Bugfixes:
* fix #352: add support for generally ignoring specific vcs roots
* fix #471: better error for version bump failing on complex but accepted tag
* fix #479: raise indicative error when tags carry non-parsable information
* Add `no-guess-dev` which does no next version guessing, just adds `.post1.devN` in
case there are new commits after the tag
* add python3.9
* enhance documentation
* consider SOURCE_DATE_EPOCH for versioning
* add a version_tuple to write_to templates
* fix #321: add support for the ``SETUPTOOLS_SCM_PRETEND_VERSION_FOR_${DISTRIBUTION_NAME}`` env var to target the pretend key
* fix #142: clearly list supported scm
* fix #213: better error message for non-zero dev numbers in tags
* fix #356: add git branch to version on describe failure
v4.1.2
* disallow git tags without dots by default again - #449
v4.1.1
* drop jaraco.windows from pyproject.toml, allows for wheel builds on python2
v4.1.0
* include python 3.9 via the deadsnakes action
* return release_branch_semver scheme (it got dropped in a bad rebase)
* undo the devendoring of the samefile backport for python2.7 on windows
* re-enable the building of universal wheels
* fix handling of missing git/hg on python2.7 (python 3 exceptions where used)
* correct the tox flake8 invocation
* trigger builds on tags again
v4.0.0
* Add ``parentdir_prefix_version`` to support installs from GitHub release
tarballs.
* use Coordinated Universal Time (UTC)
* switch to github actions for ci
* fix documentation for ``tag_regex`` and add support for single digit versions
* document handling of enterprise distros with unsupported setuptools versions #312
* switch to declarative metadata
* drop the internal copy of samefile and use a dependency on jaraco.windows on legacy systems
* select git tags based on the presence of numbers instead of dots
* enable getting a version form a parent folder prefix
* add release-branch-semver version scheme
* make global configuration available to version metadata
* drop official support for python 3.4
v3.5.0
* add ``no-local-version`` local scheme and improve documentation for schemes
v3.4.4
* fix #403: also sort out resource warnings when dealing with git file finding
v3.4.3
* fix #399: ensure the git file finder terminates subprocess after reading archive
v3.4.2
* fix #395: correctly transfer tag regex in the Configuration constructor
* rollback --first-parent for git describe as it turns out to be a regression for some users
v3.4.1
* pull in #377 to fix #374: correctly set up the default version scheme for pyproject usage.
this bugfix got missed when ruushing the release.
v3.4.0
* fix #181 - add support for projects built under setuptools declarative config
by way of the setuptools.finalize_distribution_options hook in Setuptools 42.
* fix #305 - ensure the git file finder closes filedescriptors even when errors happen
* fix #381 - clean out env vars from the git hook system to ensure correct function from within
* modernize docs wrt importlib.metadata
*edited*
* use --first-parent for git describe
v3.3.3
* add eggs for python3.7 and 3.8 to the deploy
v3.3.2
* fix #335 - fix python3.8 support and add builds for up to python3.8
v3.3.1
* fix #333 (regression from #198) - use a specific fallback root when calling fallbacks. Remove old
hack that resets the root when fallback entrypoints are present.
v3.3.0
this bugfix got missed when ruushing the release.
v3.4.0
* fix #181 - add support for projects built under setuptools declarative config
by way of the setuptools.finalize_distribution_options hook in Setuptools 42.
* fix #305 - ensure the git file finder closes filedescriptors even when errors happen
* fix #381 - clean out env vars from the git hook system to ensure correct function from within
* modernize docs wrt importlib.metadata
*edited*
* use --first-parent for git describe
v3.3.3
* add eggs for python3.7 and 3.8 to the deploy
v3.3.2
* fix #335 - fix python3.8 support and add builds for up to python3.8
v3.3.1
* fix #333 (regression from #198) - use a specific fallback root when calling fallbacks. Remove old
hack that resets the root when fallback entrypoints are present.
v3.3.0
* fix #198 by adding the ``fallback_version`` option, which sets the version to be used when everything else fails.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Thu, 20 Jan 2022 12:48:15 +0000 (13:48 +0100)]
python3: Update to version 3.10.1
- Update from 3.8.7 to 3.10.1
- Update of rootfile
- libvirt needs to be updated to 7.10.0 before this patch series is implemented
otherwise the old libvirt (6.5.0) will fail to build with the new python3.
- Changelog is w2ay to big to show here. Details can be found by viewing 3.9.rst and
3.10.rst in the Doc/whatsnew/ folder in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reported-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Cc: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reported-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Cc: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Matthias Fischer [Fri, 21 Jan 2022 16:47:24 +0000 (17:47 +0100)]
bind: Update to 9.11.25
For details (v9.16.22-v9.16.25) see:
https://downloads.isc.org/isc/bind9/9.16.25/doc/arm/html/notes.html#notes-for-bind-9-16-25
"Notes for BIND 9.16.25
Feature Changes
Overall memory use by named has been optimized and reduced,
especially on systems with many CPU cores. The default memory
allocator has been switched from internal to external. A new
command-line option -M internal allows named to be started with the
old internal memory allocator. [GL #2398]
Bug Fixes
On FreeBSD, TCP connections leaked a small amount of heap memory,
leading to an eventual out-of-memory problem. This has been fixed.
[GL #3051]
If signatures created by the ZSK were expired and the ZSK private
key was offline, the signatures were not replaced. This behavior has
been amended to replace the expired signatures with new signatures
created using the KSK. [GL #3049]
Under certain circumstances, the signed version of an inline-signed
zone could be dumped to disk without the serial number of the
unsigned version of the zone. This prevented resynchronization
of the zone contents after named restarted, if the unsigned zone
file was modified while named was not running. This has been fixed.
[GL #3071]
...
"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Peter Müller [Fri, 14 Jan 2022 20:57:01 +0000 (20:57 +0000)]
pciutils: Update to 3.7.0
Please refer to https://git.kernel.org/pub/scm/utils/pciutils/pciutils.git/log/
for a history of this release. Sourcecode retrieved from https://mj.ucw.cz/download/linux/pci/ .
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sun, 16 Jan 2022 14:47:25 +0000 (14:47 +0000)]
sysctl.conf: Enable Loose Reverse Path Filter according to RFC 3704
For historical reasons, we were always reluctant to reverse path
filtering, since configuration changes were tricky to evaluate for a
larger userbase, IPFire permits a number of complex scenarios, and due
to limited resources.
As a compromise, this patch suggests to enable Loose Reverse Path
Filtering, as specified in RFC 3704 (section 2.4), to gain at least some
security achievement on this end.
To quote from that:
Loose Reverse Path Forwarding (Loose RPF) is algorithmically similar
to strict RPF, but differs in that it checks only for the existence
of a route (even a default route, if applicable), not where the route
points to. Practically, this could be considered as a "route
presence check" ("loose RPF is a misnomer in a sense because there is
no "reverse path" check in the first place).
The questionable benefit of Loose RPF is found in asymmetric routing
situations: a packet is dropped if there is no route at all, such as
to "Martian addresses" or addresses that are not currently routed,
but is not dropped if a route exists.
There is no legitimate reason why we cannot enable this: If IPFire
receives a packet on some interface it cannot route on _any_ interface
at all, there is no sense in processing it.
While testing this change, I was unable to produce a situation where it
actually causes any harm. In theory, it shouldn't do so anyways.
In the future, we will hopefully be able to set these sysctl's to "1",
using Strict Reverse Path Filtering, as specified in RFC 3704 (section
2.2). Doing so was found to work fine in my testing environment as well,
but there is no asymmetric routing in place there.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
I have the addon qemu-ga for people who virtualize IPFire and to read the status
without having to install the whole qemu package.
Modified following Michael's suggestions.
Signed-off-by: Marcel Follert (Smooky) <smooky@v16.de> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 18 Jan 2022 09:14:55 +0000 (10:14 +0100)]
shadow: Update to version 4.11.1 and fix bug 12762
- Update from 4.2.1 (2015) to 4.11.1 (2021)
- Update rootfile
- Update patch for suppression of groups installation
- Change default hash from sha512 to yescrypt in lfs and logins.def
- Changelog
* Release 4.11.1
* build: include lib/shadowlog_internal.h in dist tarballs (Sam James)
* Release 4.11
* Handle possible TOCTTOU issues in usermod/userdel (edneville)
* (CVE-2013-4235)
* Use O_NOFOLLOW when copying file
* Kill all user tasks in userdel
* Fix useradd -D segfault (Xi Ruoyao)
* Clean up obsolete libc feature-check ifdefs (Alejandro Colomar)
* Fix -fno-common build breaks due to duplicate Prog declarations
(Adam Sampson)
* Have single date_to_str definition (Alejandro Colomar)
* Fix libsubid SONAME version (Sam James)
* Clarify licensing info, use SPDX.
* Release 4.10
Note: From this release forward, su from this package should be
considered deprecated. Please replace any users of it with su from
util-linux. Please open an issue if there is a problem with that.
We intend to remove it in an upcoming release.
This release features many fixes expecially to the building of
libsubid, some SELinux labeling issues, and a few signaling
issues.
* libsubid fixes (Xi Ruoyao, Serge Hallyn, Iker Pedrosa, Mike Gilbert,
GalaxyMaster, and Luís Ferreira)
* Rename the test program list_subid_ranges to getsubids, write
a manpage, so distros can ship it. (Iker Pedrosa)
* Add libeconf dep for new*idmap (Iker Pedrosa)
* Allow all group types with usermod -G (Iker Pedrosa)
* Avoid useradd generating empty subid range (Iker Pedrosa)
* Handle NULL pw_passwd (Jaroslav Jindrak)
* Fix default value SHA_get_salt_rounds (Mike Gilbert)
* Use https where possible in README (Paul Menzel)
* Update content and format of README (Iker Pedrosa)
* Translation updates (Balint Reczey, Frans Spiesschaert)
* Switch from xml2po to itstool in 'make dist' (Serge Hallyn)
* Fix double frees (Michael Vetter)
* Add LOG_INIT configurable to useradd (Andy Zaugg)
* Add CREATE_MAIL_SPOOL documentation (Andy Zaugg)
* Create a security.md
* Fix su never being SIGKILLd when trapping TERM (Ruihan li)
* Fix wrong SELinux labels in several possible cases (Iker Pedrosa)
* Fix missing chmod in chadowtb_move (GalaxyMaster)
* Handle malformed hushlogins entries (Tobias Stoeckmann)
* Fix groupdel segv when passwd does not exist (François Rigault)
* Fix covscan-found newgrp segfault (Iker Pedrosa)
* Remove trailing slash on hoedir (Ed Neville)
* Fix passwd -l message - it does not change expirey (Ed Neville)
* Fix SIGCHLD handling bugs in su and vipw (Tobias Stoeckmann)
* Remove special case for "" in usermod (Alejandro Colomar)
* Implement usermod -rG to remove a specific group
(Andy Zaugg)
* call pam_end() after fork in child path for su and login
(Björn Fischer)
* useradd: In absence of /etc/passwd, assume 0 == root
(Ludwig Nussel)
* lib: check NULL before freeing data (Iker Pedrosa)
* Fix pwck segfault (Iker Pedrosa)
* Release 4.9
2021-07-22 Serge Hallyn <serge@hallyn.com>
* Updated translations (Björn Esser, Juergen Hoetzel)
* Major salt updates (Björn Esser)
* Various coverity and cleanup fixes (Iker Pedrosa)
* Consistently use 0 to disable PASS_MIN_DAYS in man (tzccinct)
* Implement NSS support for subids and a libsubid (Serge Hallyn)
* setfcap: retain setfcap when mapping uid 0 (Christian Brauner)
* login.defs: include HMAC_CRYPTO_ALGO key (Iker Pedrosa)
* selinux fixes (Christian Göttsche)
* Fix path prefix path handling (Lucas Servén Marín)
* Manpage updates (tzccinct, Sevan Janiyan, Iker Pedrosa, Geert Ijewski,
谭九鼎, Jamin W. Collins, towerpark, andydna, Frans Spiesschaert)
* Treat an empty passwd field as invalid (Haelwenn Monnier)
* newxidmap: allow running under alternative gid (Martijn de Gouw)
* usermod: check that shell is executable (Geert Ijewski)
* Add yescript support (Rodolphe Bréard)
* useradd memleak fixes (whzhe)
* useradd: use built-in settings by default (Ludwig Nussel)
* getdefs: add foreign (non-shadow-utils) items (Karel Zak)
* buffer overflow fixes (Tobias Stoeckmann)
* Adding run-parts style for pre and post useradd/del (ed@s5h.net)
2020-01-23 Serge Hallyn <serge@hallyn.com>
* selinux: inclue stdio (Michael Vetter)
* man: don't suggest making groupmems user-writeable (Michael Weiser)
* Makefile: bail out on error in for loops (Wolfgang Bumiller)
* Adding logging of SSH_ORIGINAL_COMMAND to nologin. (ed@s5h.net)
* add new HOME_MODE login.defs option (Duncan Overbruck)
* Add tty logging to useradd (ed@s5h.net)
* Useradd: make non-executable shell check only a warning (Tomas Mraz)
* Update Dutch translation (Frans-Spiesschaert)
* user_busy: Do not mistake a regular user process for a namespaced one (Tomas Mraz)
* Revert "Honor --sbindir and --bindir for binary installation" Patrick McLean)
2019-12-20 Dave Reisner <dreisner@archlinux.org>
* Do not auto-enable acct_tools_setuid just because
pam is enabled. NOTE - any distros which are relying
on this behavior will need to switch to configure
--enable-account-tools-setuid
* Release 4.8
2019-12-01 Serge Hallyn <serge@hallyn.com>
* Initial optional bcrypt support.
* Make build/install of 'su' optional.
* Fix for vipw not resuming correctly when suspended
* Sync password field descriptions in manpages
* Check for valid shell argument in useradd
* Allow translation of new strings through POTFILES.in
* Migrate to itstool for translations
* Migrate to new SELinux api
* Support --enable-vendordir
* pwck: Only check homedir if set and not a system user
* Support nonstandard usernames
* sget{pw,gr}ent: check for data at EOL
* Add YYY-MM-DD support in chage
* Fix failing chmod calls for suidubins
* Fix --sbindir and --bindir for binary installations
* Fix LASTLOG_UID_MAX in login.defs
* Fix configure error with dash
* Release 4.7
2019-06-13 Serge Hallyn <serge@hallyn.com>
* Spawn: don't loop forever on ECHILD
* Do not fail locking if there is a stale lockfile Tomas Mraz)
* Use lckpwdf if prefix not set (Tomas Mraz)
* Build: check correct DocBook version (Jan Tojnar)
* Usermod: Print 'no changes' to stdout, not stderr (Serge Hallyn)
* Add support for btrfs subvolumes for home (Adam Majer)
* Fix chpasswd long line handling (Nathan Ruiz)
* Use secure_getenv for gettime (Chris Lamb)
* Make sp_lstchg reproducible (Chris Lamb)
* Do not crash commonio_close if db file is not open (Tomas Mraz)
* Don't flush nscd and sssd cache in read-only mode (Charlie Vuillemez)
* French manpage update (Alban VIDAL)
* Fix manpage defaults for SUB_UID/GID_COUNT (Tomas Mraz)
* Sync po files from shadow.pot (Alban VIDAL)
* Usermod: guard against unsafe chown of homedir contents (Tomas Mraz)
* Add LASTLOG_UID_MAX to login.defs (Tomas Mraz)
* new[ug]idmap file capabilities support (Giuseppe Scrivano and Christian Brauner)
* Fix segfault in useradd (Tomas Mraz)
* Coverity issues (Tomas Mraz)
* Flush sssd caches (Jakub Hrozek)
* Log UID in nologin (Vladimir Ivanov)
* run pam_getenvlist after setup_env in su.c (Michael Vogt)
* Support systems with only utmpx (A. Wilcox)
* Fix unguarded ENABLE_SUBIDS code (Jan Chren (rindeal))
* Update po/zh_CN translation (Lion Yang)
* Create parent dirs for useradd -m (Michael Vetter)
* Prevent usermod segv
* Fix usermod crash (fariouche)
* Release 4.6
2018-04-29 Serge Hallyn <serge@hallyn.com>
* Newgrp: avoid unnecessary lookups
* Make language less binary
* Add error when turning off man switch
* Spelling fixes
* Make userdel work with -R
* newgidmap: enforce setgroups=deny if self-mapping a group
* Norwegian bokmål translation
* pwck: prevent crash by not passing O_CREAT
* WITH_TCB fixes from Mandriva
* Fix pwconv and grpconv entry skips
* Fix -- slurping in su
* add --prefix option
2017-07-16 Serge Hallyn <serge@hallyn.com>
* Import new Dutch translations.
2017-07-10 Serge Hallyn <serge@hallyn.com>
* Expand error codes for groupmod.
2017-05-17 Serge Hallyn <serge@hallyn.com>
* Release 4.5
2017-05-17 Serge Hallyn <serge@hallyn.com>
* Patch from Tobias Stoeckmann fixing regression in previous CVE fix
preventing SIGTERM to su from being propagated to the job.
* Patch from Chris Lamb making sp_lstchg shadow field reproducible.
* Merge Russian translation updates from Yuri Kozlov
* Fix missing close of subuid file on error
2017-02-23 Serge Hallyn <serge@hallyn.com>
* Merge patch by Tobias Stoeckmann <tobias@stoeckmann.org> to fix
the equivalent of util-linux CVE-2017-2616.
2017-02-08 Serge Hallyn <serge@hallyn.com>
* Update Kazakh translations
* Consult configuration before calculating subuids
* Remove misplaced semicolon
2017-01-29 Serge Hallyn <serge@hallyn.com>
* Patch from Fedora to improve performance with SSSD, Winbind,
or nss_ldap. (Tomas Mraz)
* Make sure knowndef_table is NULL-terminated. (Bernhard Rosenkränzer)
2016-12-21 Serge Hallyn <serge@hallyn.com>
* Drop leading underscore from _COMMONIO_H and _SHADOWIO_H
* Fix readability in usermod error messages.
* Reset user in tallylog
* Add audit support to su
* Changes since 4.4
2016-12-02 Serge Hallyn <serge@hallyn.com>
- Use sizeof rather than hardcoding snprintf args
- Fix useradd improper default loading
- Update Vietnamese translations
- Update Polish translations
- Remove non-POSIX chmod option in Makefile
- Fix suidubins assignments
- Fix --add-subuids etc spelling in manpages
- Audit homedir ownership change.
- Print error on selinux file context update failure
- Keep original file perms when creating a backup
* Changes since 4.2.1:
2016-12-02 Serge Hallyn <serge@hallyn.com>
- Documentation, error report and translations updates
- Replace path_max with 32
- User namespace support fixes/updates including:
- Correct sanity checks in newXidmap
- Fix building without subuid support
- Add /etc/subuid support for UID matching
- Support subuid for nonlocal users
- Default to 65536 subuid allocations
- Respect -r
- Check for range overflows
- Add tests from svn tree
- Use AC_CHECK_SIZEOF for uid_t size checks
- Accomodate missing /etc and login.defs
- Support FORCE_SHADOW
- Be more robust in hostile environment
- Allow removing a primary group
- Clear passwords on __pw_dup errors
- Memory leak fix in commonio_update and get_map_ranges
- Fix resource leak in syslog_sg
- Fix user busy error at userdel
- Support set/clear lastlog record via lastlog command
- Add --no-create-home as longopt for -M
- Fix signal races
- Reduce syslog priority of common usage events
Fixes: Bug 12762 Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Michael Tremer [Thu, 2 Dec 2021 12:37:41 +0000 (12:37 +0000)]
AQM: Use CAKE as default qdisc where appropriate instead of fq_codel
This script configures CAKE as default qdisc where appropriate:
* It is not suitable to use any queue management on bridges/GRE/VTI/tun
interfaces.
* On Internet-facing interfaces, CAKE is configured in "internet" mode
whereas on any zones except RED, it is configured in "metro" mode
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Matthias Fischer [Fri, 14 Jan 2022 16:11:07 +0000 (17:11 +0100)]
clamav: Update to 0.104.2
For details see:
https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html
"ClamAV 0.104.2 is a critical patch release with the following fixes:
CVE-2022-20698: Fix for invalid pointer read that may cause a crash.
Affects 0.104.1, 0.103.4 and prior when ClamAV is compiled with libjson-c
and the CL_SCAN_GENERAL_COLLECT_METADATA scan option (the clamscan
--gen-json option) is enabled.
..."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Wed, 23 Jun 2021 17:30:00 +0000 (19:30 +0200)]
usbutils: Update to version 013
- Update from 007 (2013) to 013 (2020)
- Update rootfile
- Changelog
usbutils 013
Aurelien Jarno (1):
lsusb.8.in: do not mention usb.ids
Baruch Siach (1):
usb-devices.1: don't mention bash
Greg Kroah-Hartman (15):
usbhid-dump: move manpage to main directory out of subdir
usbhid-dump.8: add SPDX header
usbhid-dump.8: autogenerate it with the usbutils version number
.gitignore: add usbhid-dump.8
usbhid-dump: add SPDX identifiers to all files.
usbhid-dump: remove libusb.h libusb_strerror() implementation
usbhid-dump: remove lib directory
usbhid-dump: move .h files into src/ directory
Makefile.am: add usbhid-dump.8 to distclean list
usbhid-dump: some autoconf cleanup
usbhid-dump: remove some dev_list functions that were never used
dump_audiostreaming_interface(): remove unused variable
usbmisc: initialize string buffer before reading from device.
lsusb.py: drop trailing space on non-hub devices
lsusb.py: strip whitespace from device strings
Jakub Wilk (2):
lsusb(8): fix formatting
lsusb(8): document --tree
Pino Toscano (1):
lsusb.py: remove private paths for usb.ids
Rob Gill (1):
Additional device classes for usb-devices script
Rosen Penev (1):
usbhid-dump: Do not use rindex
Thomas Hebb (4):
Move read_sysfs_prop() from names.c to its own file
sysfs: Don't return bogus data for devices under a hub
lsusb: Use vendor and product name fallback logic in -D mode too
lsusb: Get manufacturer, product, and serial from sysfs
Timothy Robert Bednarzyk (1):
bootstrap: change /bin/bash to /bin/sh
Torleiv Sundre (1):
lsusb: fix two typos in UVC Extension Unit descriptor
Tormod Volden (1):
usbhid-dump: Put back autoconf check for libusb_set_option()
usbutils 012
Greg Kroah-Hartman:
Merge usbhid-dump into main usbutils repository
usbutils 011
Clemens Fruhwirth (1):
Add usbreset.c as noinst_PROGRAMS target.
Daniel Schaefer (1):
lsusb: Read unkown names from sysfs device desc.
Darsey Litzenberger (3):
Remove a small hack that no longer has any effect.
Cleanup grammar
lsusb-t: Emit USB IDs and other handy info when verbosity is increased
Emmanuele Bassi (1):
Require newer version of libusb
Georg Brandl (1):
lsusb.py: fix up Python 3 conversion
Greg Kroah-Hartman (10):
SPDX bill-of-material is supposed to be project_name.spdx
usbutils.spdx: rerun report, it is properly sorted.
desc-dump.c: fix compiler warning about unused variable
add usbreset to .gitignore
usbreset: fix some build warnings
usbhid-dump: update to latest version
fix up standard int types
update usbhid-dump git id
usbhid-dump: update to a newer version of usbhid-dump again.
usbutils.spdx: update with latest information
Kurt Garloff (4):
lsusb.py: Search multiple paths for usb.ids.
lsusb.py: Usb enum for parser state machine.
lsusb.py: Add driver names for usbhid.
lsusb.py: python2 compatibility
Lukas Nykryn (1):
Makefile.am: add files with licenses to archive
Mantas Mikulėnas (33):
lsusb.py: sort devices and interfaces numerically
lsusb.py: sort toplevel entries
lsusb.py: improve usage text
lsusb.py: replace fake deepcopy()
lsusb.py: remove -w (warn if usb.ids not sorted) option
lsusb.py: ensure all error messages are written to stderr
lsusb.py: support long options
lsusb.py: use regular print() instead of hand-rolling the same thing
lsusb.py: avoid shadowing Python's built-in 'str'
lsusb.py: replace usb.ids binary search with dict lookup
lsusb.py: remove now-unused bin_search()
lsusb.py: avoid manual calls to __foo__()
lsusb.py: replace __repr__() for USB IDs with __str__()
lsusb.py: insert class FF:FF:FF into usbclasses to avoid special casing
lsusb.py: entirely remove Usb* classes
lsusb.py: cosmetic - replace tuples-as-"immutable lists" with regular lists
lsusb.py: use 'elif' where suitable
lsusb.py: remove dead code
lsusb.py: move unrelated code out of try..except
lsusb.py: allow - as well as _ when matching hci module names
lsusb.py: use a constant for the magic class number 9
lsusb.py: Usb* classes: call read() automatically from constructor
lsusb.py: UsbEndpoint: indent is a class implementation detail
lsusb.py: a few cosmetic changes
lsusb.py: shorten find_usb_class()
lsusb.py: give all Usb* objects a .path attribute
lsusb.py: add an actual __repr__() to classes
lsusb.py: give all Usb* classes a superclass
lsusb.py: convert readattr() and readlink() to methods of the container
lsusb.py: use color by default
lsusb.py: rework output for more consistent indent of both columns
lsusb.py: fix endpoint interval spacing
lsusb.py: visually group USB-version-related fields
Michael Drake (4):
lsusb: Split out routine that fetches value for given field.
lsusb: Split out field name rendering.
lsusb: Add support for descriptor extensions.
lsusb: Add support for audio processing unit type-specific fields.
Philip Langdale (2):
lsusb: Added support for Billboard Alternate Mode Capability descriptor
lsusb.py: Fix formatting of 10Gbps speeds
Ross Burton (1):
usb-devices: use /bin/sh hashbang
Solomon Peachy (1):
lsusb: Add support for decoding IPP printer descriptors
Stefan Tauner (1):
Depend on libusb 1.0.14
Valerii Zapodovnikov (1):
man pages: add information on verbosity levels of -t option
junjie (1):
fix typo
usbutils 010
Aurelien Jarno (2):
usbreset.c: add missing <stdlib.h> include
Do not create and install usbutils.pc
Greg Kroah-Hartman (32):
fix dump_videocontrol_interface for unitialized variable usage
Add correct SPDX license identifiers to all files
Add SPDX identifiers on files that did not have a specific license.
wTotalLength should be printed as a hex number
usbmisc: fix up some strncpy() issues
lsusb-t: fix up error with readlink()
lsusb.py.in: add proper SPDX license identifier
usb-devices: reword the copyright identifier
LICENSES: move the GPL 2 license to the LICENSES directory
LICENSES/GPL-3.0.txt: add the file
lsusb.h: add copyright notice
lsusb-t: add copyright info
bom.spdx: Add bill of materials file in SPDX format.
ChangeLog: remove it.
AUTHORS: remove file
do_release: drop file
NEWS: add SPDX header and comment
autogen.sh: add SPDX and copyright header
list.h: add copyright information
travis-autogen.sh: add SPDX and copyright information.
INSTALL: remove the file, it's boiler-plate
configure.ac: add SPDX and copyright
man pages: add SPDX and copyright information
Makefile.am: add SPDX and copyright information
.gitmodules: add SPDX and copyright lines
lsusb.py.in: fix up Copyright strings
usbreset.c: add Alan's copyright
.travis.yml: add correct SPDX and copyright notices
bom.spdx: update with latest copyright and SPDX identifier additions
README.md: move the README file to markdown
README.md: fix fomatting
bom.spdx: upate with README -> README.md change
Lukas Nykryn (1):
lsusb.py: convert to python3
Michael Drake (11):
lsusb: Split subtype mapping out of AudioControl interface handling.
lsusb: Add declarative definitions for UAC1 and UAC2 descriptors.
lsusb: Add code to dump descriptor data using descriptor definition.
lsusb: Switch to descriptor-definition based dump for UAC1 and UAC2.
lsusb: Add descriptor definitions for UAC3.
lsusb: Add initial support for USB Audio Device Class 3.
lsusb: Add descriptor definition for USB3 BOS Configuration Summary.
lsusb: Dump USB3 BOS Configuration Summary Descriptor.
lsusb: Squash Wpointer-compare warning.
lsusb: Remove unused function.
lsusb: Fix array entry count for variable sized entries.
Robby Workman (1):
Makefile.am: Include usbreset.c in the release tarball
Torleiv Sundre (1):
lsusb: Dump UVC Stream based payload descriptor.
usbutils 009
Bjørn Mork (1):
usbreset: coding style
Emmanuele Bassi (1):
Don't use C99-ism
Greg Kroah-Hartman (22):
usbhid-dump: update submodule to latest version
add usbreset.c example program
update usbhid-dump to latest
lsusb.py: Don't dump a trace dump if usb.ids is not present
Grueninger, Tobias (1):
USB: usb-devices: Interface number can be a string
Heinrich Schuchardt (1):
autogen.sh: checkout usbhid-dump
Jaejoong Kim (4):
lsusb : add support for the Encoding Unit Desc for uvc 1.5 device
lsusb: fix alignment for Video Streaming interface desc
lsusb: parse additional control fileds in USB video control interfaces for UVC1.5
lsusb: proper display hexadecimal value for UVC control interface
Jakub Wilk (1):
Fix typos
Jo-Philipp Wich (1):
usbreset.c: import usability improvements from OpenWrt
Justin McBride (2):
Update lsusb.c
Un-indent bVariableSize for Frame-Based Format descriptors
Kylie McClain (1):
Makefile: install pkgconfig file to arch-dependent location
Mathias Nyman (2):
lsusb: Allocate the BOS descriptor buffer dynamically
lsusb: Add support for the USB 3.1 SuperSpeedPlus device capability desc
Muthu M (2):
lsusb: Fix issue with lengthy string descriptors
lsusb: Added support for Billboard Capability descriptor
Nikolai Kondrashov (2):
Update usbhid-dump repo URL
Update usbhid-dump to v1.4
Stephan Linz (7):
travis-ci: add control files borrowed from libusb
configure: remove summary about unused USE_ZLIB
drop unused input file for usb.ids update script
substitute usb.id location in lsusb Python script
travis-ci: cleanup before second run
travis-ci: rework travis-autogen.sh
lsusb: remove unused variable procbususb
Tobias Klauser (4):
lsusb: Report correct MaxPower for USB 3.0 devices
lsusb: Request proper descriptor type for USB 3.1
lsusb: Store link state descriptions without preceding space
build: Request at least libusb 1.0.9
Torleiv Sundre (2):
Added support for Platform Device Capability descriptor
lsusb: change endianness of first three fields when printing UUID/GUIDs.
Vianney le Clément de Saint-Marcq (3):
lsusb: Fix UVC STILL_IMAGE_FRAME descriptor
lsusb: Fix UVC VideoStreaming interface header descriptor
lsusb: Fix UVC OUTPUT_TERMINAL descriptor
Vincent Palatin (1):
lsusb: print WebUSB platform descriptor
usbutils 008
Alexandra Yates (2):
lsusb: Reports if USB2.0 port is on L1 state
lsusb: Reports devices that support BESL on USB2.0
Aurelien Jarno (1):
dump_ccid_device: fix a typo
Ben Chan (1):
lsusb: decode CDC MBIM extended functional descriptor
Greg Kroah-Hartman (8):
lsusb: fix incorrect printf() for CAPS
lsusb-t: handle problem if there is no usb bus list
.gitignore: add compile to the list of things we need to ignore
John Freed (1):
Fix logic error
Kurt Garloff (1):
Update lsusb.py in usbutils
Lukas Nykryn (2):
update COPYING file
lsusb-t: don't segfault when usbbuslist is empty
Peter Wu (1):
Ignore invalid string descriptors
Raphaël Droz (1):
usb-devices: hexadecimal bInterfaceNumber handling
Tom Gundersen (2):
lsusb: port to hwdb
drop dependency on usb.ids
Vadim Rutkovsky (1):
New path for usbhid-dump submodule
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Add missing closing tags, indentation and CSS styling.
Add link to reboot notice, left-align info list and resize packages
lists for better readability.
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de> Acked-by: Peter Müller <peter.mueller@ipfire.org>
pakfire: Implement feedback from mailing list discussion
- Improve lockfile test: Return immediately if lockfile is present,
to prevent unnecessary and expensive "pidof" calls
- Add better explanation to the log file reading command and JS
- Change user interface: If no errors occurred, the page returns to
the main screen (after a short delay). If an error occurred, the log
output remains and a message is shown.
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de> Acked-by: Peter Müller <peter.mueller@ipfire.org>
pakfire.cgi: Remove "sleep" after running Pakfire command
The extended lockfile test seems to be sufficient to detect
a running Pakfire process and display the logs.
"Sleep" even proved to be counterproductive, as fast processes
can finish in under a second and are then again not detected.
Currently the page becomes unresponsive while Pakfire is busy.
This patch implements a AJAX/JSON driven log output, to provide
continuous information to the user while Pakfire is running.
The output is updated 1x per second, if the load should be too high,
the interval can be change by writing to "pakfire.refreshInterval".
This implements a function to determine if Pakfire is already running.
It tests the PID and lockfile and can be expanded easily later.
'pidof' checks the full path to avoid confusion.
Stefan Schantl [Mon, 15 Nov 2021 20:23:33 +0000 (21:23 +0100)]
pakfire.cgi: Bring back old logic for log displaying
Trying to get rid of the system backpipe check if a pakfire is running
does not work very well. It simply makes the code more complex and
only introduced some new problems.
This commit switches back to the old logic which worked well in the
past.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org> Tested-by: Bernhard Bitsch <bbitsch@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:48:46 +0000 (14:48 +0100)]
firewall: Introduce DROP_HOSTILE
Similar to the Location block, this chain logs and drops all traffic
from and to networks known to pose technical threats to IPFire users.
Doing so in a dedicated chain makes sense for transparency reasons, as
we won't interfer with other firewall rules or the Location block, so it
is always clear why a packet from or to such a network has been dropped.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:48:33 +0000 (14:48 +0100)]
firewall: Prevent spoofing our own RED IP address
There is no legitimate reason why traffic from our own IP address on RED
should ever appear incoming on that interface.
This prevents attackers from impersonating IPFire itself, and is only
cleared/reset if the RED interface is brought up. Therefore, an attacker
cannot bypass this by foring a dial-up or DHCP connection to break down.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:48:17 +0000 (14:48 +0100)]
firewall: Log and drop spoofed loopback packets
Traffic from and to 127.0.0.0/8 must only appear on the loopback
interface, never on any other interface. This ensures offending packets
are logged, and the loopback interface cannot be abused for processing
traffic from and to any other networks.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:47:56 +0000 (14:47 +0100)]
firewall: Accept inbound Tor traffic before applying the location filter
Inbound Tor traffic conflicts with Location block as inbound connections
have to be accepted from many parts of the world. To solve this,
inbound Tor traffic has to be accepted before jumping into Location block
chain.
Note this affects Tor relay operators only.
Rolled forward as ongoing from
https://patchwork.ipfire.org/project/ipfire/patch/f8ee2e1d-b642-8c63-1f8a-4f24c354cd90@ipfire.org/,
note the documentation in the wiki needs to be updated once this landed
in production.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 13:47:25 +0000 (14:47 +0100)]
firewall: Log packets dropped due to conntrack INVALID state
In case of faulty connection tracking, this ensures such packets are
logged, to make analysing network incidents less troublesome. Since
NewNotSYN is handled before, where logging can be turned off for systems
running on weak flash devices, the amount of log messages emitted here
should be neglectible.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
For details see:
http://www.squid-cache.org/Versions/v5/changesets/
There is still no official announcement.
Nevertheless, since 31 Jul 2021, 'squid 5.1' has become "stable"
and is listed under "Current versions suitable for production use".
The only problem I found during testing deals with 'privoxy'.
Since 'privoxy' - as parent cache_peer - sometimes replies with a '403',
'squid 5.1' handles this cache_peer connection as 'dead' which is then
logged in 'cache_log'. See discussion on list.
Actually this is something that got fixed from 'squid 4.16' to '5.1' - its
no bug - its a feature. Everything else works as expected,'squid' and
'privoxy' developers were informed.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
projects / people / ms / ipfire-2.x.git / log
