Matthias Fischer [Fri, 19 Feb 2021 17:44:27 +0000 (18:44 +0100)]
bind: Update to 9.11.28
For details see:
https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.html
"Notes for BIND 9.11.28
Security Fixes
When tkey-gssapi-keytab or tkey-gssapi-credential was configured,
a specially crafted GSS-TSIG query could cause a buffer overflow in the
ISC implementation of SPNEGO (a protocol enabling negotiation of the
security mechanism to use for GSSAPI authentication). This flaw could
be exploited to crash named. Theoretically, it also enabled remote code
execution, but achieving the latter is very difficult in real-world
conditions. (CVE-2020-8625)
This vulnerability was responsibly reported to us as ZDI-CAN-12302
by Trend Micro Zero Day Initiative. [GL #2354]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 16 Feb 2021 17:28:17 +0000 (17:28 +0000)]
openssl: Update to 1.1.1j
Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
====================================================================
Severity: Moderate
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to
create a unique hash value based on the issuer and serial number data contained
within an X509 certificate. However it fails to correctly handle any errors
that may occur while parsing the issuer field (which might occur if the issuer
field is maliciously constructed). This may subsequently result in a NULL
pointer deref and a crash leading to a potential denial of service attack.
The function X509_issuer_and_serial_hash() is never directly called by OpenSSL
itself so applications are only vulnerable if they use this function directly
and they use it on certificates that may have been obtained from untrusted
sources.
OpenSSL versions 1.1.1i and below are affected by this issue. Users of these
versions should upgrade to OpenSSL 1.1.1j.
OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL
1.0.2 is out of support and no longer receiving public updates. Premium support
customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade
to 1.1.1j.
This issue was reported to OpenSSL on 15th December 2020 by Tavis Ormandy from
Google. The fix was developed by Matt Caswell.
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a
server that is configured to support both SSLv2 and more recent SSL and TLS
versions then a check is made for a version rollback attack when unpadding an
RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are
supposed to use a special form of padding. A server that supports greater than
SSLv2 is supposed to reject connection attempts from a client where this special
form of padding is present, because this indicates that a version rollback has
occurred (i.e. both client and server support greater than SSLv2, and yet this
is the version that is being requested).
The implementation of this padding check inverted the logic so that the
connection attempt is accepted if the padding is present, and rejected if it
is absent. This means that such as server will accept a connection if a version
rollback attack has occurred. Further the server will erroneously reject a
connection if a normal SSLv2 connection attempt is made.
Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this
issue. In order to be vulnerable a 1.0.2 server must:
1) have configured SSLv2 support at compile time (this is off by default),
2) have configured SSLv2 support at runtime (this is off by default),
3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite
list)
OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to
this issue. The underlying error is in the implementation of the
RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING
padding mode used by various other functions. Although 1.1.1 does not support
SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the
RSA_SSLV23_PADDING padding mode. Applications that directly call that function
or use that padding mode will encounter this issue. However since there is no
support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a
security issue in that version.
OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium
support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should
upgrade to 1.1.1j.
This issue was reported to OpenSSL on 21st January 2021 by D. Katz and Joel
Luellwitz from Trustwave. The fix was developed by Matt Caswell.
Integer overflow in CipherUpdate (CVE-2021-23840)
=================================================
Severity: Low
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow
the output length argument in some cases where the input length is close to the
maximum permissable length for an integer on the platform. In such cases the
return value from the function call will be 1 (indicating success), but the
output length value will be negative. This could cause applications to behave
incorrectly or crash.
OpenSSL versions 1.1.1i and below are affected by this issue. Users of these
versions should upgrade to OpenSSL 1.1.1j.
OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL
1.0.2 is out of support and no longer receiving public updates. Premium support
customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade
to 1.1.1j.
This issue was reported to OpenSSL on 13th December 2020 by Paul Kehrer. The fix
was developed by Matt Caswell.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 16 Feb 2021 17:28:17 +0000 (17:28 +0000)]
openssl: Update to 1.1.1j
Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
====================================================================
Severity: Moderate
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to
create a unique hash value based on the issuer and serial number data contained
within an X509 certificate. However it fails to correctly handle any errors
that may occur while parsing the issuer field (which might occur if the issuer
field is maliciously constructed). This may subsequently result in a NULL
pointer deref and a crash leading to a potential denial of service attack.
The function X509_issuer_and_serial_hash() is never directly called by OpenSSL
itself so applications are only vulnerable if they use this function directly
and they use it on certificates that may have been obtained from untrusted
sources.
OpenSSL versions 1.1.1i and below are affected by this issue. Users of these
versions should upgrade to OpenSSL 1.1.1j.
OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL
1.0.2 is out of support and no longer receiving public updates. Premium support
customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade
to 1.1.1j.
This issue was reported to OpenSSL on 15th December 2020 by Tavis Ormandy from
Google. The fix was developed by Matt Caswell.
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a
server that is configured to support both SSLv2 and more recent SSL and TLS
versions then a check is made for a version rollback attack when unpadding an
RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are
supposed to use a special form of padding. A server that supports greater than
SSLv2 is supposed to reject connection attempts from a client where this special
form of padding is present, because this indicates that a version rollback has
occurred (i.e. both client and server support greater than SSLv2, and yet this
is the version that is being requested).
The implementation of this padding check inverted the logic so that the
connection attempt is accepted if the padding is present, and rejected if it
is absent. This means that such as server will accept a connection if a version
rollback attack has occurred. Further the server will erroneously reject a
connection if a normal SSLv2 connection attempt is made.
Only OpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by this
issue. In order to be vulnerable a 1.0.2 server must:
1) have configured SSLv2 support at compile time (this is off by default),
2) have configured SSLv2 support at runtime (this is off by default),
3) have configured SSLv2 ciphersuites (these are not in the default ciphersuite
list)
OpenSSL 1.1.1 does not have SSLv2 support and therefore is not vulnerable to
this issue. The underlying error is in the implementation of the
RSA_padding_check_SSLv23() function. This also affects the RSA_SSLV23_PADDING
padding mode used by various other functions. Although 1.1.1 does not support
SSLv2 the RSA_padding_check_SSLv23() function still exists, as does the
RSA_SSLV23_PADDING padding mode. Applications that directly call that function
or use that padding mode will encounter this issue. However since there is no
support for the SSLv2 protocol in 1.1.1 this is considered a bug and not a
security issue in that version.
OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium
support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should
upgrade to 1.1.1j.
This issue was reported to OpenSSL on 21st January 2021 by D. Katz and Joel
Luellwitz from Trustwave. The fix was developed by Matt Caswell.
Integer overflow in CipherUpdate (CVE-2021-23840)
=================================================
Severity: Low
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow
the output length argument in some cases where the input length is close to the
maximum permissable length for an integer on the platform. In such cases the
return value from the function call will be 1 (indicating success), but the
output length value will be negative. This could cause applications to behave
incorrectly or crash.
OpenSSL versions 1.1.1i and below are affected by this issue. Users of these
versions should upgrade to OpenSSL 1.1.1j.
OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL
1.0.2 is out of support and no longer receiving public updates. Premium support
customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade
to 1.1.1j.
This issue was reported to OpenSSL on 13th December 2020 by Paul Kehrer. The fix
was developed by Matt Caswell.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 16 Feb 2021 13:30:10 +0000 (14:30 +0100)]
dhcp.cgi: Fix incorrect { placement from patch 3724
- When patch 3724 was created for bug #10743 a curly bracket was placed in the wrong place
This results in the overlap of two if loops meaning that there will be no validity
check carried out on Default Lease Time if Deny Known Clients is not checked.
- This patch moves the { bracket to the right location.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 12 Feb 2021 17:59:15 +0000 (18:59 +0100)]
sysvinit: Update to 2.98
- Update sysvinit from 2.88dsf to 2.98
- From version 2.89 mounpoint build was not enabled as standard
- Patch created to modify Makefile to define mountpoint to be built
- Update of rootfiles
- Changelog is ~400 lines long from 2.88dsf to 2.98
- For details see the Changelog in the doc directory in the tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 11 Feb 2021 12:41:29 +0000 (13:41 +0100)]
wirelessclient.cgi: Fix for bug #12571
- Wirelessclient shows priority 0 to be most preferred and priority 4 as
least preferred. Based on forum posters experience and the wpa_supplicant
man page it is the other way round.
- This patch moves the least preferred title to priority 0 and vice versa
- Will ask bug reporter to test out the patch and confirm it works. The page
is only shown if you have a wifi connection on red.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 10 Feb 2021 11:06:02 +0000 (12:06 +0100)]
python-xattr: Removal of addon
- Update of attr causes current version of python-xattr to fail to build
- Following input from Michael Tremer
- This package was orihinally required for pakfire 3 which no longer depends on it
- This is a python 2 module. Python 2 is EOL
- lfs and rootfile removed from IPFire
- make.sh updated to remove python-xattr entry
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 10 Feb 2021 11:05:44 +0000 (12:05 +0100)]
attr: Update to 2.4.48
- Update attr from 2.4.47 (2013) to 2.4.48 (2018)
- Update rootfiles
- Changelog in tarball only goes up to 2.4.44 so extracted changes
from commits between 2.4.47 and release of 2.4.48
v2.4.48
attr: Fix segmentation fault Andreas Gruenbacher
po: update Andreas Gruenbacher
setfacl: Include errno.h Andreas Gruenbacher
copy_action: drop unused alloca.h include Mike Frysinger
include: add uninstall target to fix distcheck Mike Frysinger
attr_copy_{fd,file}: sync changes between the files Mike Frysinger
xattr.conf: do not copy security.evm Stefan Berger
Cleanup visibility of API functions Yury Usishchev
Cleanup config.h usage Yury Usishchev
Use stdint types consistently Felix Janda
walk_tree_rec: Add parentheses to clarify code Andreas Gruenbacher
Reintroduce symbols that used to be syscall wrappers Dmitry V. Levin
Do not export symbols that are not supposed to be exported Dmitry V. Levin
Add explicit symbol versioning for attr_copy_action Dmitry V. Levin
ignore configure.lineno Mike Frysinger
walk_tree: mark internal variables as static Dmitry V. Levin
Remove the attr.5 man page (moved to man-pages) Andreas Gruenbacher
Remove <attr/xattr.h> and the syscall wrappers Andreas Gruenbacher
Remove the section 2 man pages Andreas Gruenbacher
Remove outdated tests from test/attr.test Andreas Gruenbacher
Remove test/ext/fs.test Andreas Gruenbacher
Add setfattr --raw option Andreas Gruenbacher
Properly set and report empty attribute values Andreas Gruenbacher
Man pages: Minor fixes Andreas Gruenbacher
build: unbreak attr_copy_fd() and attr_copy_file(). Nick Alcock
attr: Don't report a NULL attribute name when -l (list) fails Andreas Gruenbacher
attr_list / attr_listf: Fix cursor off-by-one error Andreas Gruenbacher
Portability fix: <alloca.h> is Linux specific Emmanuel Dreyfus
Portability fixes Emmanuel Dreyfus
telldir return value and seekdir second parameters are of type long Cristian Rodríguez
License fixes Andreas Gruenbacher
test: fix cleanup & running as root Mike Frysinger
include examples/ in dist tarball Mike Frysinger
build: ship a pkgconfig file for libattr Jan Engelhardt
build: make use of an aux-dir to stow away helper scripts Jan Engelhardt
avoid glibc-specific DECLS defines Mike Frysinger
build: drop attrincludedir, use pkgincludedir Jan Engelhardt
disable installation of man(2) pages by default Mike Frysinger
po: regenerate files after move Mike Frysinger
modernize build system Mike Frysinger
test: make running parallel/out-of-tree safe Mike Frysinger
move gettext logic into misc.h Mike Frysinger
punt debian/rpm packaging logic Mike Frysinger
Suppress deprecation warnings when building attr and libattr Andreas Gruenbacher
Add a default /etc/xattr.conf file Andreas Gruenbacher
Mark the Irix compatibility functions as deprecated Andreas Gruenbacher
Make attr_get and attr_getf behave as described in the man page Andreas Gruenbacher
Use autoreconf rather than autoconf to regenerate the files. Fabrice Bauzac
.gitignore: ignore *~ and config.h.in. Fabrice Bauzac
Fix ATTR_OP_REMOVE operation in attr_multi()
Makefile: rename configure.in to configure.ac
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 9 Feb 2021 20:23:25 +0000 (21:23 +0100)]
collectd: Update due to autoconf change
- collectd fails to build with autoconf-2.71
Required running of autoupdate on configure.in
and addition of --with-fp-layout=nothing to configure options
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 9 Feb 2021 20:23:13 +0000 (21:23 +0100)]
autoconf: Update to 2.71
- Update autoconf from 2.69 to 2.71
- Updated rootfile
- Changelog
Large amount of changes, especially in 2.70 - too many to add in here.
Details of changes can be found in the NEWS file in the tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 12 Feb 2021 11:51:45 +0000 (11:51 +0000)]
Drop pcre-compat
This version of the library is outdated for a long time and we have been
shipping newer versions for long enough so that everyone should have
been migrated by now.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 8 Feb 2021 19:57:10 +0000 (20:57 +0100)]
qpdf: Update to 10.1.0
- Update qpdf from 10.0.1 to 10.1.0
- Update rootfile
- Changelog
2021-01-05 Jay Berkenbilt <ejb@ql.org>
* 10.1.0: release
2021-01-04 Jay Berkenbilt <ejb@ql.org>
* When qpdf CLI extracts pages, it now only attempts to remove
unreferenced resources from the pages that it is keeping. This
change dramatically reduces the time it takes to extract a small
number of pages from a large, complex file.
* Move getNext()->write() calls in some pipelines to ensure that
state gates properly reset even if the next pipeline's write
throws an exception (fuzz issue 28262).
2021-01-03 Jay Berkenbilt <ejb@ql.org>
* Don't include -o nospace with zsh completion setup so file
completion works normally. Fixes #473.
2021-01-02 Jay Berkenbilt <ejb@ql.org>
* Make QPDFPageObjectHelper methods pipeContents, parseContents,
and addContentTokenFilter work with form XObjects.
* Rename some QPDFPageObjectHelper methods and make them support
form XObjects as well as pages. The old names will be preserved
from compatibility.
- pipePageContents -> pipeContents
- parsePageContents -> parseContents
* Add QPDFObjectHandle::parseAsContents to apply ParserCallbacks
to a form XObject.
* QPDFPageObjectHelper::externalizeInlineImages can be called with
form XObjects as well as pages.
* Bug fix: QPDFPageObjectHelper::externalizeInlineImages was not
descending into form XObjects on a page. It now does this by
default. In the extremely unlikely event that anyone was actually
depending on the old behavior, it is available by passing
shallow=true to the externalizeInlineImages call.
* Bug fix: QPDFObjectHandle::filterPageContents was broken for
pages with an array of content streams. This caused
externalize-inline-images to also be broken for this case.
2021-01-01 Jay Berkenbilt <ejb@ql.org>
* Add methods to QPDFPageObjectHelper: forEachXObject,
forEachImage, forEachFormXObject to call a function on each
XObject (or image or form XObject) in a page or form XObject,
possibly recursing into nested form XObjects.
* Add method QPDFPageObjectHelper::getFormXObjects to return a map
of keys to form XObjects (non-recursively) from a page or form
XObject.
* Add method QPDFObjectHandle::isImage to test whether an object
is an image.
2020-12-31 Jay Berkenbilt <ejb@ql.org>
* QPDFPageObjectHelper::removeUnreferencedResources can now be
called with a QPDFPageObjectHelper created from a form XObject.
The method already recursed into form XObjects.
* Rename some QPDFPageObjectHelper methods and make them support
form XObjects as well as pages. The old names will be preserved
from compatibility.
- getPageImages -> getImages
- filterPageContents -> filterContents
* Add QPDFObjectHandle::isFormXObject to test whether an object is
a form XObject.
2020-12-30 Jay Berkenbilt <ejb@ql.org>
* Add QPDFPageObjectHelper::flattenRotation and --flatten-rotation
option to the qpdf CLI. The flattenRotation method removes any
/Rotate key from a page dictionary and implements the same
rotation by modifying the page's contents such that the various
page boxes are altered and the page renders identically. This can
be used to work around buggy PDF applications that don't properly
handle page rotation. The --flatten-rotation option to the qpdf
CLI calls flattenRotation for every page.
2020-12-26 Jay Berkenbilt <ejb@ql.org>
* Add QPDFObjectHandle::setFilterOnWrite, which can be used to
tell QPDFWriter not to filter a stream on output even if it can.
You can use this to prevent QPDFWriter from touching a stream
(either uncompressing or compressing) that you have optimized or
otherwise ensured looks exactly the way you want it, even if
decode level or stream compression would otherwise cause
QPDFWriter to modify the stream.
* Add ostream << for QPDFObjGen. (Don't ask why it took 7.5 years
for me to decide to do this.)
2020-12-25 Jay Berkenbilt <ejb@ql.org>
* Refactor write code to eliminate an extra full traversal of
objects in the file and to remove assumptions that preclude stream
references from appearing in /DecodeParms of filterable streams.
This results in an approximately 8% performance reduction in write
times.
2020-12-23 Jay Berkenbilt <ejb@ql.org>
* Allow library users to provide their own decoders for stream
filters by deriving classes from QPDFStreamFilter and registering
them using QPDF::registerStreamFilter. Registered stream filters
provide code to validate and interpret /DecodeParms for a specific
/Filter and also to provide a pipeline that will decode. Note that
it is possible to encode to a filter type that is not supported
even without this feature. See examples/pdf-custom-filter.cc for
an example of using custom stream filters.
2020-12-22 Jay Berkenbilt <ejb@ql.org>
* Add QPDFObjectHandle::makeDirect(bool allow_streams) -- if
allow_streams is true, preserve indirect references to streams
rather than throwing an exception. This allows the object to be
made as direct as possible while preserving stream references.
2020-12-20 Jay Berkenbilt <ejb@ql.org>
* Add qpdf_register_progress_reporter method to C API,
corresponding to QPDFWriter::registerProgressReporter. Fixes #487.
2020-11-28 Jay Berkenbilt <ejb@ql.org>
* Add new functions to the C API for manipulating
QPDFObjectHandles. The new functions allow creation and
modification of objects, which brings a lot of additional power to
the C API. See include/qpdf/qpdf-c.h for details and
examples/pdf-c-objects.c for a simple example.
2020-11-21 Jay Berkenbilt <ejb@ql.org>
* 10.0.4: release
* Fix QIntC::range_check to handle negative numbers properly (fuzz
issue 26994).
2020-11-11 Jay Berkenbilt <ejb@ql.org>
* Treat a direct page object as a runtime error rather than a
logic error since it is actually possible to create a file that
has this (fuzz issue 27393).
2020-11-09 Jay Berkenbilt <ejb@ql.org>
* Handle "." appearing in --pages not preceded by a numeric range
as a special case in command-line parsing code.
2020-11-04 Jay Berkenbilt <ejb@ql.org>
* Ignore the value of the offset/generation field in an xref entry
for a deleted object. Also attempt file recovery on lower-level
exceptions thrown while reading the xref table. Fixes #482.
2020-10-31 Jay Berkenbilt <ejb@ql.org>
* 10.0.3: release
* Don't enter extension initialization in QPDFWriter on a direct
object. Fixes stack overflow in pathological case of /Root being a
direct object (fuzz issue 26761).
* My previous fix to #449 (handling foreign streams with indirect
objects in /Filter and/or /DecodeParms) was incorrect and caused
other problems. There is a now a correct fix to the original
problem. Fixes #478.
2020-10-27 Jay Berkenbilt <ejb@ql.org>
* 10.0.2: release
2020-10-25 Jay Berkenbilt <ejb@ql.org>
* When signing distribution files, generate sha256 checksums
instead of md5, sha1, and sha512. sha256 seems to be more widely
used, and there's no reason to use md5 or sha1 anymore.
* Official Windows releases are now built using the openssl crypto
provider. The native provider is still available for selection at
runtime using the QPDF_CRYPTO_PROVIDER environment variable.
* Bug fix: --no-warn was not suppressing some warnings that might
be generated by --split-pages.
2020-10-23 Jay Berkenbilt <ejb@ql.org>
* Bug fix: when concatenating content streams, insert a newline if
needed to prevent the last token from the old stream from being
merged with the first token of the new stream. Qpdf was mistakenly
concatenating the streams without regard to the specification that
content streams are to be broken on token boundaries. Fixes #444.
* fix-qdf: handle empty streams better with ignore newline by
treating them as empty even though, technically, a blank line
would be required inside the Stream. This just makes it easier to
add place-holder empty streams while editing qdf files by hand.
2020-10-22 Jay Berkenbilt <ejb@ql.org>
* Fix memory leak that could occur if objects in object streams
were resolved more than once and the objects within the object
streams contained circular references. This leak could be
triggered when qpdf was run with --object-streams=generate on
files that already had object streams containing circular
references (fuzz issue 23642).
* Add QIntC::range_check for checking to see whether adding two
numbers together will cause an overflow.
* Fix loop detection problem when traversing page thumbnails
during optimization (fuzz issue 23172).
2020-10-21 Jay Berkenbilt <ejb@ql.org>
* Bug fix: properly handle copying foreign streams that have
indirect /Filter or /DecodeParms keys when stream data has been
replaced. The circumstances leading to this bug are very unusual
but would cause qpdf to either generate an internal error or some
other kind of warning situation if it would occur. Fixes #449.
* Qpdf's build and CI has been migrated from Azure Pipelines
(Azure DevOps) to GitHub Actions.
* Remove some fuzz files that triggered Mal/PDFEx-H with some
virus scanners. There's plenty of coverage in the fuzz corpus
without these files, and it's a nuisance to have virus checkers
remove them. Fixes #460.
* Ensure that numeric conversion is not affected by the user's
global locale setting. Fixes #459.
* Add qpdf-<version>-linux-x86_64.zip to the list of built
distributions. This is a simple zip file that contains just the
qpdf executables and the dependent shared libraries that would not
ordinarily be present on a base system. This minimal binary
distribution works as is when used as a Lambda layer in AWS and
could be suitable for inclusion in a docker image or other
standalone Linux/x86_64 environment where you want minimal support
for running the qpdf executable. Fixes #352.
2020-10-20 Jay Berkenbilt <ejb@ql.org>
* Add --warning-exit-0 option to the qpdf command line. When
specified, qpdf will exit with a status of 0 rather than 3 when
there are warnings without errors. Combine with --no-warn to
completely ignore warnings.
* Bug fix: fix further cases in which errors were written to
stdout. Fixes #438.
* Build option: add --disable-rpath option to ./configure, which
disables passing -rpath to the linker when building shared
libraries with libtool. Fixes #422.
2020-10-16 Jay Berkenbilt <ejb@ql.org>
* Accept pull request that improves how the Windows native crypto
provider is obtained.
* Accept pull request that improves performance in processing
files in memory.
* Accept pull requests that improve openssl configuration and
error reporting.
* Build using GitHub Actions. The intention is that this will
replace Azure Pipelines as the official CI for qpdf for the next
release.
2020-10-15 Jay Berkenbilt <ejb@ql.org>
* Make many minor improvements to the build process and code
health, including fixing a lgtm warning and compiler warnings from
newer version of gcc and MSVC toolchains. Add several cosmetic
improvements to build output in CI.
* Added LL_FMT to config.h.in. This is populated automatically by
autoconf, but if build with your own build system, you may need to
define it as whatever the format string needed by printf for long
long is. Usually this is "%lld", but it can be "%I64d" for some
older Windows-based compilers.
2020-04-29 Jay Berkenbilt <ejb@ql.org>
* Bug fix: qpdf --check was writing errors and warnings reported
by checkLinearization to stdout instead of stderr. Fixes #438.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 8 Feb 2021 19:56:58 +0000 (20:56 +0100)]
mpage: Update to 2.5.7
- Update mpage from 2.5.6 to 2.5.7
- No change to rootfile
- Slight tuning of patch needed due to changes in source file
- Changelog
June 2017
- Released version 2.5.7
- Relicensed code under GPLv2 or later
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 8 Feb 2021 19:56:40 +0000 (20:56 +0100)]
lzo: Update to 2.10
- Update lzo from 2.09 to 2.10
- Update rootfile
- Changelog
Changes in 2.10 (01 Mar 2017)
* Improve CMake build support.
* Add support for pkg-config.
* Do not redefine "snprintf" so that the examples build with MSVC 2015.
* Assorted cleanups.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 8 Feb 2021 19:56:29 +0000 (20:56 +0100)]
lz4: Update to 1.9.3
- Update lz4 from 1.9.2 to 1.9.3
- Updated rootfile
- Removed old patches and updated to new version name
- Changelog
v1.9.3
perf: highly improved speed in kernel space, by @terrelln
perf: faster speed with Visual Studio, thanks to @wolfpld and @remittor
perf: improved dictionary compression speed, by @felixhandte
perf: fixed LZ4_compress_HC_destSize() ratio, detected by @hsiangkao
perf: reduced stack usage in high compression mode, by @Yanpas
api : LZ4_decompress_safe_partial() supports unknown compressed size, requested by @jfkthame
api : improved LZ4F_compressBound() with automatic flushing, by Christopher Harvie
api : can (de)compress to/from NULL without UBs
api : fix alignment test on 32-bit systems (state initialization)
api : fix LZ4_saveDictHC() in corner case scenario, detected by @IgorKorkin
cli : `-l` legacy format is now compatible with `-m` multiple files, by Filipe Calasans
cli : benchmark mode supports dictionary, by @rkoradi
cli : fix --fast with large argument, detected by @picoHz
build: link to user-defined memory functions with LZ4_USER_MEMORY_FUNCTIONS, suggested by Yuriy Levchenko
build: contrib/cmake_unofficial/ moved to build/cmake/
build: visual/* moved to build/
build: updated meson script, by @neheb
build: tinycc support, by Anton Kochkov
install: Haiku support, by Jerome Duval
doc : updated LZ4 frame format, clarify EndMark
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 8 Feb 2021 19:56:11 +0000 (20:56 +0100)]
lcms2: Update to 2.12
- Update lcms2 from 2.9 to 2.12
- Updated rootfile
- Changelog
-----------------------
2.12 Maintenance release
-----------------------
Added new build-in sigmoidal tone curve
Added XCode 12 project
Added support for multichannel input up to 15 channels
Fix LUT8 write matrix
Fix version mess on 10/11
Fix tools & samples xgetopt
Fix warnings on different function pointers
Fix matlab MEX compilation
plugin: cleanup and better SSE detection
plugin: add lab to any on float
plugin: it can now be compiled as C++
recover PDF documentation, but try to keep it under a resonable size.
Prevent a rare but possible out-of-bounds read in postscript generator
Remove unused variables
-----------------------
2.11 Maintenance release
-----------------------
Fixed __cpuid() on fast float plugin to allow gnu gcc
Fixed copy alpha bounds check
Fixed data race condition on contexts pool
Fixed LUT16 write matrix on multichannel V2 profiles
-----------------------
2.10 Featured release
-----------------------
Added a compilation toggle to remove "register" keyword in API.
Previously commercial, fast_float plug-in is now released as open source under GPL3 license.
MD5 functions are now accesible through plug-in API.
Added support for Visual Studio 2019
Bug fixing.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 7 Feb 2021 18:00:36 +0000 (19:00 +0100)]
net-tools: Update to 2.10
- Update net-tools from 1.60 to 2.10
- Based on guidance from Michael Tremer
- new no-hostname patch created to remove all hostname references
from makefile
- all other patch files removed from lfs as no longer needed
- version 2.10 places ifconfig and route tools in bin instead of sbin
those tools moved to sbin to keep in line with previous approach
- make update replaced by make install as there is no longer a make
rule for make update
- Updated rootfiles
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 4 Feb 2021 12:55:41 +0000 (13:55 +0100)]
ghostscript: Addition of patch to fix freetype problem
-Addition of patch to ghoscript as freetype version 2.10.3 and later
have withdrawn a macro that ghostscript used. Confirmed that without
the patch ghostscript failed to build due to the lack of the
FT_CALLBACK_DEF() macro. The fix is to explicitly declare the
callbacks file static.
- Update lfs to apply patch
- Add patch to src/patches
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 4 Feb 2021 12:55:27 +0000 (13:55 +0100)]
freetype: Update to 2.10.4
- Update freetype from 2.10.2 to 2.10.4
- A heap buffer overflow has been found in the handling of embedded
PNG bitmaps, introduced in FreeType version 2.6.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade immediately.
- Version 2.10.3 and later breaks the build of ghostscript, due to ghostscripts
use of a withdrawn freetype macro that wasn't for external usage.
A patch has been created to fix this and is included in the connected
ghostcript patch.
- Updated rootfile
- Changelog for version 2.10.3 release is too long to add here. This can be
found in the changelog file in the tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 4 Feb 2021 22:17:22 +0000 (23:17 +0100)]
lzip: Installation of lzip-1.22
- Installation of lzip-1.22 into IPFire Build system.
Required for update of ddrescue addon as gnu only using lzip
compression for ddrescue from 2013.
- Created rootfiles
- Installed lzip into build sequence of make.sh at same location as other
compressor packages.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 4 Feb 2021 22:17:08 +0000 (23:17 +0100)]
ddrescue: Update to 1.25
- Update ddrescue from 1.12 to 1.25
- Updated rootfiles
- Since 2013 gnu started to only use lzip for compression of ddrescue
Therefore second patch of this series is the installation of lzip
in the IPFire Build.
- Changelog
2020-02-21 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.25 released.
* block.h: Add default constructors to classes Block and Sblock.
(Reported by Rosen Penev).
* check.sh: Quote all file name variables to allow names with spaces.
(Reported by David Morrison).
* In rescue mode, join non-finished subsectors read from mapfile.
(Reported by David Burton).
* mapbook.cc (update_mapfile): Exclude writing time from intervals.
(Reported by David Burton).
* rescuebook.cc (extend_outfile_size): Use ftruncate if it works.
* Print large numbers in groups of 3 digits separated by underscores.
* main.cc: Set a valid invocation_name even if argc == 0.
2019-02-24 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.24 released.
* Added new option '--command-mode'.
* Implemented mapfile backup.
* ddrescue.texi: Documented final contents of bad areas in outfile.
* configure: Accept appending to CXXFLAGS, 'CXXFLAGS+=OPTIONS'.
2018-02-13 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.23 released.
* rescuebook.cc (trim_errors): Fix wrong change to non-scraped.
* Added new option '--same-file'.
* Added new option '--shift' to ddrescuelog.
* fillbook.cc (fill_block): Write location data as one line.
* fillbook.cc (read_buffer): Do not require a seekable infile.
* ddrescue.texi: Added chapter 'Output'.
* check.sh: Added 'combined rescue' test.
* io.cc: Added missing '#include <cstdio>'.
2017-02-03 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.22 released.
* Option '-X, --exit-on-error' replaced by '-X, --max-read-errors'.
* Added new option '--max-slow-reads'.
* Added new option '--delay-slow'.
* Added new option '--reset-slow'.
* Added new option '--log-events'.
* Added new option '--mapfile-interval'.
* Added new option '--pause-on-error'.
* Option '--pause' has been renamed to '--pause-on-pass'.
* Option '--max-errors' has been renamed to '--max-bad-areas'.
* Renamed 'errsize' to 'bad_size' and 'errors' to 'bad_areas'
* Rescuebook: Show read_errors, error_rate and slow_reads.
* Added 'current_pass' field to mapfile.
* Added two new passes (3 and 4) to the copying phase.
* main.cc (parse_cpass): Accept ranges of passes.
* Option '-K, --skip-size' now accepts sizes up to 1 EiB.
* Initial skip size now defaults to (infile_size / 100_000).
* rescuebook.cc (copy_non_tried): Don't reduce min_read_rate,
enable it only for passes 1 and 2.
* rescuebook.cc (trim_errors): Don't trim bad edges.
* main_common.cc (getnum): Accept 's' after other multiplier.
* '--ask', '-vv' now show size along with model and serial number.
* non_posix.cc: Add 'device_id' for Cygwin.
(Patch written by Christian Franke <franke@computer.org>).
* rescuebook.cc (do_rescue): Show full sizes in domain warning.
* Added new option '-A, --annotate-mapfile' to ddrescuelog.
2016-03-17 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.21 released.
* mapbook.cc (Mapbook): Fix iobuf alignment.
(Reported by Heikki Tauriainen).
* Removed short option names '-1' and '-2'.
* Allow only regular files for '--log-rates' and '--log-reads'.
* Option '-D, --odirect' now works also in fill mode.
* rescuebook.cc (copy_block): Return 1 on unaligned read error.
Set e_code on any error if verify_on_error.
* Option '-X, --exit-on-error' has been extended to all phases.
* Assigned short name '-Z' to option '--max-read-rate'.
* mapbook.cc (update_mapfile): 'fsync' the mapfile every 5 minutes.
* Rescuebook: Show full range of sizes from non-tried to finished.
* rescuebook.cc (show_status): Show percentage rescued.
* configure: Avoid warning on some shells when testing for g++.
* Makefile.in: Detect the existence of install-info.
2015-09-10 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.20 released.
* 'logfile' has been renamed to 'mapfile' everywhere.
* Changed short name of option '--synchronous' to '-y'.
* Changed long name of option '-d' to '--idirect'.
* Added new option '-D, --odirect'.
* Added new option '-J, --verify-on-error'.
* Added new option '--max-read-rate'.
* rescuebook.cc (copy_block): Copy arbitrary blocks with '--idirect'.
* Include only bad-sector blocks in 'errsize'.
* rescuebook.cc (show_status): Show the estimated remaining time.
* io.cc (format_time): Show time in days, hours, minutes and seconds.
* Added per sector location data to fill mode.
* mapbook.cc: Added emergency save of the mapfile.
* Show device name with '--ask' or '-vv' on Haiku.
* mapfile.cc (read_mapfile): Read read-only mapfiles from stdin.
* ddrescuelog.cc: Allow multiple mapfiles for '-t, --show-status'.
* ddrescuelog.cc (create_mapfile): '-' writes mapfile to stdout.
* ddrescue.texi: Added new chapter 'Optical media'.
* ddrescue.texi: Documented maximum size of the rescue domain.
* configure: Option '--enable-linux' renamed to '--enable-non-posix'.
* Makefile.in: Added new targets 'install*-compress'.
* File 'ddrescue.h' renamed to 'mapbook.h'.
* File 'logbook.cc' renamed to 'mapbook.cc'.
* File 'logfile.cc' renamed to 'mapfile.cc'.
* Files linux.{h,cc} renamed to non_posix.{h,cc}.
2014-10-03 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.19 released.
* Fixed a race condition at start of run with '--timeout=0'.
* Added new option '-P, --data-preview'.
* Added new option '-u, --unidirectional'.
* Added new option '-X, --exit-on-error'.
* Added new option '--ask' to ask for user confirmation.
* Added new option '--cpass' to select passes during copying phase.
* Added new option '--pause' to insert a pause between passes.
* Removed option '-l, --logfile-size'.
* Skip on the first error during the copying phase.
* rescuebook.cc: Trimming done in one pass, may be run in reverse.
* The splitting phase has been replaced by a scraping phase.
* Changed long name of option '-n' to '--no-scrape'.
* rescuebook.cc: Alternate direction of passes during retrying phase.
* Show ATA model and serial number with '--ask' or '-vv' on Linux.
* configure: Added new option '--enable-linux'.
* New files linux.h linux.cc.
* License changed to GPL version 2 or later.
2014-06-10 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.18.1 released.
* ddrescuelog.cc (do_logic_ops): Fixed 'or' and 'xor'.
* Added new option '-H, --test-mode' to simulate read errors.
* Added new option '-L, --loose-domain' to ddrescue and ddrescuelog.
* Added new option '-N, --no-trim' to disable trimming of
damaged areas.
* Added new option '-O, --reopen-on-error'.
* Added new options '-1, --log-rates', '-2, --log-reads'.
* Extended '-K, --skip-size' with maximum and disable values.
* Changed long name of option '-r' to '--retry-passes'.
* Changed short name of option '--generate-mode' to '-G'.
* Default value of option '-l, --logfile-size' increased to 10000.
* If interrupted, ddrescue terminates by raising the signal received.
* rescuebook.cc (copy_non_tried): Don't mark skipped blocks as
non-trimmed. Try them in additional passes (before trimming).
* rescuebook.cc: Limit the copying phase to 3 passes.
* rescuebook.cc: Alternate direction of passes during copying phase.
* rescuebook.cc: Smallest blocks are trimmed first.
* rescuebook.cc (split_errors): Read largest first if logfile full.
* Improved speed when using option '-m, --domain-logfile'.
* io.cc (show_status): Show the current total run time.
* rescuebook.cc: Show pass number and direction during copying.
* rescuebook.cc (show_status): Show block pos instead of current_pos.
* main.cc: Show "an unknown number of bytes" for unknown insize.
* Added option '-B, --binary-prefixes' to ddrescuelog.
* Added new option '-C, --complete-logfile' to ddrescuelog.
* Added new option '-P, --compare-as-domain' to ddrescuelog.
* Improved speed of logic operations in ddrescuelog.
* rescuebook.cc (do_rescue): Show warning when domain is smaller
than logfile.
* ddrescuelog.cc (do_show_status): Show logfile and domain extents
when domain is smaller than logfile.
* block.h: Class Block now forces the invariant by itself.
* Code reorganization. New class 'Logfile'.
* Added status message to rescue logfile.
* Many improvements to documentation.
* ddrescue.texinfo: Renamed to ddrescue.texi.
2013-07-09 Antonio Diaz Diaz <antonio@gnu.org>
* Version 1.17 released.
* Added new option '-l, --logfile-size'.
* Added new option '-w, --ignore-write-errors'.
* Option '--fill' has been renamed to '--fill-mode'.
* Option '--generate-logfile' has been renamed to '--generate-mode'.
* Added option '--sector-size' as a synonym of '--block-size'.
* Added option '--retries' as a synonym of '--max-retries'.
* Added option '--size' as a synonym of '--max-size'.
* rescuebook.cc: Trimming is now done from both edges of each
non-trimmed block. Largest blocks are trimmed first.
* rescuebook.cc: Largest blocks are now split first until
logfile reaches '--logfile-size' entries.
* logbook.cc (extend_sblock_vector, truncate_vector): Terminate
if truncation would discard finished blocks.
* rescuebook.cc: Mark failed blocks with 1 sector as bad-sector.
* logbook.cc (extend_sblock_vector): Remove last block of
logfile if it starts at insize and is not marked as finished.
* io.cc (show_status, update_rates): Detect a jump back in time
and adjust status.
* ddrescue.h (slow_read): Return false for the first 10 seconds.
* io.cc (show_status) Leave cursor after message so that ^C does
not overwrite it.
* main.cc: Don't require '--force' for generate mode.
* ddrescue.h (Logbook::logfile_exists): Don't return false if
logfile exists but is empty.
* ddrescue.texinfo: Added new chapter 'Using ddrescue safely'.
* Documented that 'direct disc access' only reads whole sectors.
* configure: Options now accept a separate argument.
* Makefile.in: Added new target 'install-bin'.
2012-06-11 Antonio Diaz Diaz <ant_diaz@teleline.es>
* Version 1.16 released.
* Added new option '-K, --skip-size'.
* Added new option '-T, --timeout'.
* Changed short name of option '--try-again' to '-A'.
* Maximum skip size is now limited to 1% of infile size or 1 GiB
(whichever is smaller), rounded to the next multiple of sector
size.
* Set current_pos to end of block when reading backwards.
* The option '-E, --max-error-rate' now checks the rate of
actually failed reads, not the growth of error size.
* The option '-v, --verbose' now increases verbosity if repeated.
* Changed quote characters in messages as advised by GNU Standards.
* configure: 'datadir' renamed to 'datarootdir'.
* New files rational.h, rational.cc.
2012-01-01 Antonio Diaz Diaz <ant_diaz@teleline.es>
* Version 1.15 released.
* Added new option '-a, --min-read-rate'.
* Added new option '-I, --verify-input-size'.
* Added new option '-x, --extend-outfile'.
* main.cc: Verify that infile, outfile and logfile are all
different.
* Non-tried blocks are now read aligned to cluster-size sectors.
* rescuebook.cc: Improved skip algorithm for the split pass.
* main.cc: Removed spurious warning about '-D' ignored in fill mode.
* ddrescue.texinfo: Improved description of algorithm.
* logbook.cc (change_chunk_status): Return an adjust value (-1, 0, 1)
to keep "errors" updated without calling count_errors every time.
* ddrescue.cc: Renamed to io.cc.
* Added 'ddrescuelog', a program for logfile manipulation.
2011-01-10 Antonio Diaz Diaz <ant_diaz@teleline.es>
* Version 1.14 released.
* Added new option '-R, --reverse'.
* Added new option '-E, --max-error-rate'.
* Extended syntax '--max-errors=+N' to specify new errors.
* Changed short name of option '--retrim' to '-M'.
* Removed spurious warning about 'preallocation not available'.
* Code reorganization. New class 'Genbook'.
2010-08-27 Antonio Diaz Diaz <ant_diaz@teleline.es>
* Version 1.13 released.
* Non-regular output files are no longer overwritten by default.
* Added new option '-f, --force'.
* Added new option '-p, --preallocate'.
* main.cc (write_logfile_header): Write command line to logfile.
* ddrescue.texinfo: Added info about logfile and recoverable formats.
* ddrescue.texinfo: Added a couple more warnings to the tutorial.
* testsuite: 'test1' renamed to 'test.txt'
* Revert to use 'long' instead of 'time_t' for time variables.
Ddrescue only needs counting seconds and 'time_t' causes
warnings on some systems.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Thu, 4 Feb 2021 20:39:32 +0000 (21:39 +0100)]
Tor: update to 0.4.4.7
Full changelog of this version as per
https://gitweb.torproject.org/tor.git/plain/ChangeLog?h=tor-0.4.4.7:
Changes in version 0.4.4.7 - 2021-02-03
Tor 0.4.4.7 backports numerous bugfixes from later releases,
including one that made v3 onion services more susceptible to
denial-of-service attacks, and a feature that makes some kinds of
DoS attacks harder to perform.
o Major bugfixes (onion service v3, backport from 0.4.5.3-rc):
- Stop requiring a live consensus for v3 clients and services, and
allow a "reasonably live" consensus instead. This allows v3 onion
services to work even if the authorities fail to generate a
consensus for more than 2 hours in a row. Fixes bug 40237; bugfix
on 0.3.5.1-alpha.
o Major feature (exit, backport from 0.4.5.5-rc):
- Re-entry into the network is now denied at the Exit level to all
relays' ORPorts and authorities' ORPorts and DirPorts. This change
should help mitgate a set of denial-of-service attacks. Closes
ticket 2667.
o Minor feature (build system, backport from 0.4.5.4-rc):
- New "make lsp" command to generate the compile_commands.json file
used by the ccls language server. The "bear" program is needed for
this. Closes ticket 40227.
o Minor features (compilation, backport from 0.4.5.2-rc):
- Disable deprecation warnings when building with OpenSSL 3.0.0 or
later. There are a number of APIs newly deprecated in OpenSSL
3.0.0 that Tor still requires. (A later version of Tor will try to
stop depending on these APIs.) Closes ticket 40165.
o Minor features (crypto, backport from 0.4.5.3-rc):
- Fix undefined behavior on our Keccak library. The bug only
appeared on platforms with 32-byte CPU cache lines (e.g. armv5tel)
and would result in wrong digests. Fixes bug 40210; bugfix on
0.2.8.1-alpha. Thanks to Bernhard Übelacker, Arnd Bergmann and
weasel for diagnosing this.
o Minor bugfixes (compatibility, backport from 0.4.5.1-rc):
- Strip '\r' characters when reading text files on Unix platforms.
This should resolve an issue where a relay operator migrates a
relay from Windows to Unix, but does not change the line ending of
Tor's various state files to match the platform, and the CRLF line
endings from Windows end up leaking into other files such as the
extra-info document. Fixes bug 33781; bugfix on 0.0.9pre5.
o Minor bugfixes (compilation, backport from 0.4.5.3-rc):
- Fix a compilation warning about unreachable fallthrough
annotations when building with "--enable-all-bugs-are-fatal" on
some compilers. Fixes bug 40241; bugfix on 0.3.5.4-alpha.
o Minor bugfixes (SOCKS5, backport from 0.4.5.3-rc):
- Handle partial SOCKS5 messages correctly. Previously, our code
would send an incorrect error message if it got a SOCKS5 request
that wasn't complete. Fixes bug 40190; bugfix on 0.3.5.1-alpha.
o Minor bugfixes (testing, backport from 0.4.5.2-alpha):
- Fix the `config/parse_tcp_proxy_line` test so that it works
correctly on systems where the DNS provider hijacks invalid
queries. Fixes part of bug 40179; bugfix on 0.4.3.1-alpha.
- Fix our Python reference-implementation for the v3 onion service
handshake so that it works correctly with the version of hashlib
provided by Python 3.9. Fixes part of bug 40179; bugfix
on 0.3.1.6-rc.
- Fix the `tortls/openssl/log_one_error` test to work with OpenSSL
3.0.0. Fixes bug 40170; bugfix on 0.2.8.1-alpha.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 4 Feb 2021 12:56:39 +0000 (13:56 +0100)]
pptp: Update to 1.10.0
- Update pptp from 1.7.2 (Jun 2008) to 1.10.0 (Jan 2018)
- No change to rootfile
- Removal of pptp-1.7.2-compat.patch as all changes to pptp_compat.c are
now included in the file in the new tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 4 Feb 2021 12:56:27 +0000 (13:56 +0100)]
less: Update to version 563
- Update less from 530 to 563
- No change in rootfile
- Changelog
Version 563 was released on 21 Oct 2020.
These are the differences between version 551 and version 563:
Update Unicode tables.
Treat Hangul Jamo medial vowels and final consonants as zero width.
Display error message immediately when -o is toggled and input is not a pipe.
Fix regression: make screen repaint when "squished" and a no-movement command is given.
Fix erroneous EOF calculation when F command is interrupted.
Make WIN32C version include this fix from 551: Don't count lines in initial screen if using -X with -F.
Fix display bug in WIN32C version.
Fix memory corruption when built with libtermcap.
Fix crash on some systems due to realpath incompatibility.
Support libtinfow.
Version 551 was released on 11 Jun 2019
551 is the same as 550 except for a few documentation changes.
Version 550 was released on 3 Jun 2019.
These are the differences between version 530 and version 550:
Add --mouse option.
Add --wheel-lines option.
Add --no-histdups option.
Add --save-marks option.
Support PCRE2 regular expression library.
Redraw screen on SIGWINCH even if screen size doesn't change.
Shell-escape filenames in history so they can be used again.
Ring bell if user enters invalid long option name.
Use PCRE_UTF8 flag for pcre regular expressions when in UTF-8 mode.
Windows: use wide-char string to set console title.
Don't count lines in initial screen if using -X with -F.
Support mingw build system.
Fix bug in v command on empty file.
Fix bug in v command when filename contains shell metacharacters.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 4 Feb 2021 12:55:08 +0000 (13:55 +0100)]
findutils: Update to 4.8.0
- Update findutils from 4.6.0 to 4.8.0
- Remove findutils-4.6.0-glibc2.28.patch from lfs as all patch items are now
in the new tarball files.
- Remove sed command on gl/lib/mountlist.c from lfs as all fixes are in the
mountlist.c file in the new tarball.
- Update rootfiles
- Changelog
Following are major changes. Further detailed info available in
changelog file in tarball.
* Noteworthy changes in release 4.8.0 (2021-01-09) [stable]
** Changes in xargs
'xargs -t' no longer outputs a trailing blank to stderr after the last argument
of each constructed command line to be executed. [#57291]
xargs now warns when more than one of the conflicting options --max-lines (-L,
-l), --replace (-i/-I) and --max-args (-n) are specified on the command line.
[#52137]
** Bug Fixes
find no longer crashes when an XFS filesystem is heavily changed during the run.
Discussed at: <https://lists.gnu.org/r/bug-gnulib/2020-04/msg00068.html>
find -used works again. This predicate was not working properly since adding
the support for sub-second timestamp resolution for various predicates in
FINDUTILS_4_3_3-1 back in 2007.
Discussed at: <https://lists.gnu.org/r/bug-findutils/2019-11/msg00010.html>
** Improvements
'find -D exec' now diagnoses all -exec, -execdir, -ok and -okdir runs including
the call arguments and the exit code of the launched process. [#59083]
** Documentation Changes
The documentation of 'find -printf %Ak' has been improved: it now refers to the
strftime(3) documentation for a complete list of supported conversion
specifiers, and documents the 'F' conversion specifier ('yyyy-mm-dd').
The man pages (find.1, locate.1, locatedb.5, updatedb.1, and xargs.1) now
consistently end with the sections "REPORTING BUGS", "COPYRIGHT" and "SEE ALSO",
with the latter referring to the online page on the GNU web server.
The "EXAMPLES" section in the find.1 man page now shows the examples in a better
structure and uses consistent formatting.
Various man page fixes - syntax issues and typos.
[#59745, #59330, #59012, #58193, #57807, #57775]
Other documentation changes:
#58654: doc: clarify that 'find -perm +MODE' is unrelated to umask
#58458: doc: improve section 'Hard links', especially fix the description
regarding 'find -L -samefile FILE'.
#58205: find.1: clarify double dash '--' option
#58149: 'xargs --help' now mentions that --replace (-I, -i) splits the input
at newline characters.
#57025: doc: enhance description of tests accepting numeric arguments in find.1
[see also #49640].
#54730: Add additional valuable example of find -quit
#48135: Fix testsuite error on Hurd and BSD related to ln
#35253: Clarify descriptions of -printf %f, %h.
** Changes to the build process
The configure option --without-fts has been removed. The attempt to use
it stopped configure with an error message since 4.5.18 (2015) anyway.
* Major changes in release 4.7.0, 2019-08-29
** Changes to locate / updatedb
Support for generating old-format databases (with updatedb
--old-format or updatedb --dbformat=old) has been removed. The old
database format was deprecated in 2007 (and updatedb has warned about
this since that time). The locate program will will read old-format
databases, though this support also will be removed.
The updatedb script now operates in the C locale only. This means
that character encoding issues are now not likely to cause sort to
fail. It also honours the TMPDIR environment variable if that was
set, and no longer sorts file names case-insensitively.
The (unspecified) order in which filenames are stored in the locate
database is now different to previous versions. However, you should
not rely on locate's output appearing in any particular order in any
case.
** Improvements
All utilities now only show the full usage text when requested via
the --help option. Previously, when the user passed invalid options
or arguments, the user's attention to the corresponding error
diagnostic was distracted by that lengthy text.
find now accepts multiple file type arguments to the -type and -xtype
options separated by comma ','. For example, to search for symbolic
links and directories simply provide the shorter '-type l,d' instead
of the - yet more portable - '( -type l -o -type d )'.
find now diagnoses failures returned by readdir(). This bug was inherent
in the use of FTS.
find now exits in more cases immediately after the error diagnostic, i.e.,
without the following usage text, to make the former more eye-catching.
find now outputs a better hint in case the user passed an unquoted shell-
glob pattern to options like -name, i.e., when the offending argument is
an existing file.
find now supports the debug option '-D all' to include all of the other
debug options at once.
xargs now supports the -o, --open-tty option to reopen stdin as /dev/tty
in the child process before executing the command; useful to run an
interactive application. Added for compatibility with BSD.
xargs now supports the GNU_FINDUTILS_FD_LEAK_CHECK environment
variable to enable/disable fd leak check.
'xargs -t' (--verbose) now properly quotes each part of the command to the
executed if needed when printing it to stderr; likewise -p (--interactive).
** Documentation Changes
Prefer https:// over http:// links where possible, e.g. for '*.gnu.org' servers.
Both find.1 and the find texinfo manual now consistently document all of the
'N', 'L' and '?' possibilities in '-printf %Y' output when the determination of
the type of a symlink target fails.
find.1 now correctly states the -prune has no effect when the -depth option is
given. Before, it wrongly stated that -prune would return false in that case.
Some minor documentation improvements are listed in "Bug Fixes" below.
** Bug Fixes
#56820: find: improve diagnostic when a global option like -maxdepth is
specified after another argument like a test, thus hopefully avoiding
translation issues (at least French, German).
#56142: doc: fix bug #56142 by specifying which actions inhibit the
default -print.
#55272: find: improve diagnostic when -name or -iname is used with a pattern
containing a directory separator ('/'), suggesting to use -wholename
or -iwholename respectively.
#54859: doc: fix typo in 'xargs -l' examples in texinfo manual.
Change from 'xargs -1' (minus one) to 'xargs -l' (minus El) in 3 places.
#54838: doc: fix the examples of the -perm option in the texinfo documentation.
The example '-perm -g+w,o+w' was misplaced.
Bug present since FINDUTILS_4_2_27-1.
#54262: 'find -printf "%Y"' now correctly outputs 'N' for broken symlinks
(ENOENT or ENOTDIR). Previously, it output 'l' in such a case.
Bug introduced while attempting to fix #29460 in version v4.5.8.
#54171: 'find -depth' now outputs the name of unreadable directories.
Previously, FTS-based find missed to output those entries.
Bug present since the FTS implementation in FINDUTILS_4_3_0-1.
#52981: find: the '-delete' action no longer complains about disappeared files
when the '-ignore_readdir_race' option is given, too. That action will
also returns true in such a case now.
#52220: 'find -D' without any further argument no longer crashes.
Bug present since the implementation of -D in FINDUTILS_4_3_1-1.
#51304: doc: use correct IEC unit prefixes in the documentation of 'find -size'.
find(1) uses binary-based units for the suffixes 'k', 'M', and 'G' of
the argument of the '-size' option: 1024, 1024*1024 and 1024^3.
Therefore, the documentation should use the correct IEC prefixes
kibibyte, mebibyte and gibibyte respectively (or their abbreviations
'KiB', 'MiB' and 'GiB').
#50758: doc: fix the description of the -perm examples matching the permission
mode "022" in find's texinfo manual: the match is for the file's group
and 'other' mode bits instead of for user and group.
Bug introduced when adding the -perm examples in FINDUTILS-4.2.11.
#50326: find no longer leaks memory for a recently added member in gnulib's
mount list structure.
#50259: find -printf '%h' now outputs the correct path for arguments with one or
more trailing slashes. Previously, it would e.g. output "foo" instead
of "." when "foo/" was passed; likewise, it would output "/user/xxx/"
instead of "/user" when "/user/xxx//" was passed.
Bug introduced in FINDUTILS-4.2.19.
#48180: find -noop (an internal option not intended to be exposed to the user)
no longer crashes. Bug introduced in FINDUTILS-4.3.1.
#48030: find -exec + does not pass all arguments for certain specific filename
lengths. After the internal (usually 128k) buffer is full and find(1)
executed the given command with these arguments, it would miss to run
the command yet another time if only one other file argument has to be
processed. Bug introduced in FINDUTILS-4.2.12.
#46784: frcode drops last char if no final newline
** Changes to the build process
The configure option --enable-id-cache has been removed. It has been
a no-op since findnutils-4.5.15.
The configure option --enable-debug has been removed. Debugging in
find is now controlled by its -D option only.
The configure option --enable-silent-rules is the default now.
Use --disable-silent-rules or "make V=1" to get verbose build output.
"make dist" no longer builds .tar.gz files.
xz is portable enough and in wide-enough use that distributing
only .tar.xz files is enough.
Maintainer builds from the Git repository now derive the version string from
the version control system instead of using a fixed string (changed after each
release manually). As a result, the inter-release builds can now be
distinguished: e.g. "4.6.0.152-fe9c" is the 152th commit after the tag "v4.6.0"
and has the Git short hash "fe9c". Builds from an unclean tree are marked with
the suffix "-dirty".
The translation files in the PO directory are no longer version controlled;
instead bootstrap auto-updates them from "translationproject.org" during a
maintainer build.
A shell-style test framework borrowed from GNU coreutils has been added.
This allows better tests with more control over stdin, stdout, stderr,
signals, preparatory steps, cleanup, return code verification, root-only
tests, etc.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 3 Feb 2021 15:01:48 +0000 (16:01 +0100)]
sed: Update to 4.8
- Update sed from 4.4 to 4.8
- Updated rootfile
- Changelog
* Noteworthy changes in release 4.8 (2020-01-14) [stable]
** Bug fixes
- "sed -i" now creates temporary files with correct umask (limited to u=rwx).
Previously sed would incorrectly set umask on temporary files, resulting
in problems under certain fuse-like file systems.
[bug introduced in sed 4.2.1]
** Release
distribute gzip-compressed tarballs once again
** Improvements
a year's worth of gnulib development, including improved DFA performance
* Noteworthy changes in release 4.7 (2018-12-20) [stable]
** Bug fixes
- Some uses of \b in the C locale and with the DFA matcher would fail, e.g.,
the following would mistakenly print "123-x" instead of "123":
echo 123-x|LC_ALL=C sed 's/.\bx//'
- Using a multibyte locale or certain regexp constructs (some ranges,
backreferences) would avoid the bug. [bug introduced in sed 4.6]
* Noteworthy changes in release 4.6 (2018-12-19) [stable]
** Improvements
- sed now prints a clear error message when r/R/w/W (and s///w) commands
are missing a filename. Previously, w/W commands would fail with confusing
error message, while r/R would be a silent no-op.
- sed now uses fully-buffered output (instead of line-buffered) when
writing to files. This should noticeably improve performance of "sed -i"
and other write commands.
Buffering can be disabled (as before) with "sed -u".
- sed in non-cygwin windows environments (e.g. mingw) now properly handles
'\n' newlines in -b/--binary mode.
** Bug fixes
- sed no longer accesses invalid memory (heap overflow) when given invalid
backreferences in 's' command [bug#32082, present at least since sed-4.0.6].
- sed no longer adds extraneous NUL when given s/$//n command.
[related to bug#32271, present since sed-4.0.7]
- sed no longer accesses invalid memory (heap overflow) with s/$//n regexes.
[bug#32271, present since sed-4.3].
** New Features
New option, --debug: print the input sed script in canonical form
and annotate program execution.
* Noteworthy changes in release 4.5 (2018-03-31) [stable]
** Bug fixes
- sed now fails when matching very long input lines (>2GB).
Before, sed would silently ignore the regex without indicating an
error. [Bug present at least since sed-3.02]
- sed no longer rejects comments and closing braces after y/// commands.
[Bug existed at least since sed-3.02]
- sed -E --posix no longer ignores special meaning of '+','?','|' .
[Bug introduced in the original implementation of --posix option in v4.1a-5-gba68fb4]
- sed -i now creates selinux context based on the context of the symlink
instead of the symlink target. [Bug present since at least sed-4.2]
- sed -i --follow-symlinks remains unchanged.
- sed now treats the sequence '\x5c' (ASCII 92, backslash) as literal
backslash character, not as an escape prefix character.
[Bug present since sed-3.02.80]
Old behavior:
$ echo z | sed -E 's/(z)/\x5c1/' # identical to 's/(z)/\1/'
z
New behavior:
$ echo z | sed -E 's/(z)/\x5c1/'
\1
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 3 Feb 2021 15:01:36 +0000 (16:01 +0100)]
newt: Update to 0.52.21
- Update newt from 0.52.18 to 0.52.21
- Updated rootfile
- Changelog
0.52.21
- define env NEWT_NOFLOWCTRL to disable flow control (Robert Gill)
- don't leak memory on errors in dialogboxes
- fix radio button selection check in snack
- fix plural forms in Lithuanian translation (#1568999)
- fix parallel build (Émeric Dupont)
- allow python versions to be specified with --with-python option
0.52.20
- improve handling of long strings in whiptail menu (#1353792)
- support screen resize as hotkey in form (#1432926)
0.52.19
- support --notags in whiptail checklist and radiolist (#1319794)
- don't hard-code -I/usr/include/slang in CPPFLAGS (Alex Suykov)
- use $(CC) instead of $(CPP) to generate .depend files (Samuel Martin)
- update translations from Zanata
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 3 Feb 2021 15:01:21 +0000 (16:01 +0100)]
lvm2: Update to 2.02.187
- Update lvm2 from 2.02.181 to 2.02.187
- Updated rootfile
- Changelog
Version 2.02.187 - 24th March 2020
==================================
Avoid running cache input arg validation when creating vdo pool.
Prevent raid reshaping of stacked volumes.
Ensure minimum required region size on striped RaidLV creation.
Fix resize of thin-pool with data and metadata of different segtype.
Fix splitting mirror leg in cluster.
Fix activation order when removing merged snapshot.
Add support for DM_DEVICE_GET_TARGET_VERSION into device_mapper.
Add lvextend-raid.sh to check on RaidLV extensions synchronization.
Fix lvmetad shutdown and avoid lenghty timeouts when rebooting system.
Prevent creating VGs with PVs with different logical block sizes.
Pvmove runs in exlusively activating mode for exclusively active LVs.
Activate thin-pool layered volume as 'read-only' device.
Ignore crypto devices with UUID signature CRYPT-SUBDEV.
Enhance validation for thin and cache pool conversion and swapping.
Fixed activation on boot - lvm2 no longer activates incomplete VGs.
Version 2.02.186 - 27th August 2019
===================================
Improve internal removal of cached devices.
Synchronize with udev when dropping snapshot.
Add missing device synchronization point before removing pvmove node.
Correctly set read_ahead for LVs when pvmove is finished.
Fix metadata writes from corrupting with large physical block size.
Report no_discard_passdown for cache LVs with lvs -o+kernel_discards.
Prevent shared active mirror LVs with lvmlockd.
Version 2.02.185 - 13th May 2019
================================
Fix change of monitoring in clustered volumes.
Improve -lXXX%VG modifier which improves cache segment estimation.
Add synchronization with udev before removing cached devices.
Fix missing growth of _pmspare volume when extending _tmeta volume.
Automatically grow thin metadata, when thin data gets too big.
Add support for vgsplit with cached devices.
Fix signal delivery checking race in libdaemon (lvmetad).
Add missing Before=shutdown.target to LVM2 services to fix shutdown ordering.
Version 2.02.184 - 22nd March 2019
==================================
Fix (de)activation of RaidLVs with visible SubLVs
Change scan_lvs default to 0 so LVs are not scanned for PVs.
Add scan_lvs config setting to control if lvm scans LVs for PVs.
Fix missing proper initialization of pv_list struct when adding pv.
Version 2.02.183 - 07th December 2018
=====================================
Avoid disabling lvmetad when repair does nothing.
Fix component detection for md version 0.90.
Use sync io if async io_setup fails, or use_aio=0 is set in config.
Avoid opening devices to get block size by using existing open fd.
Version 2.02.182 - 30th October 2018
====================================
Fix possible write race between last metadata block and the first extent.
Fix filtering of md 1.0 devices so they are not seen as duplicate PVs.
Fix lvconvert striped/raid0/raid0_meta -> raid6 regression.
Add After=rbdmap.service to {lvm2-activation-net,blk-availability}.service.
Fix pvs with lvmetad to avoid too many open files from filter reads.
Fix pvscan --cache to avoid too many open files from filter reads.
Reduce max concurrent aios to avoid EMFILE with many devices.
Fix lvconvert conversion attempts to linear.
Fix lvconvert raid0/raid0_meta -> striped regression.
Fix lvconvert --splitmirror for mirror type (2.02.178).
Do not pair cache policy and cache metadata format.
Fix mirrors honoring read_only_volume_list.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 3 Feb 2021 15:00:54 +0000 (16:00 +0100)]
elfutils: Update to 0.182
- Update elfutils from 0.176 to 0.182
- Updated rootfile
- From version 0.178 debuginfod client/server capability was added.
Additional .configure options required to disable debuginfod
and libdebuginfod
- Changelog
2020-10-28 Mark Wielaard <mark@klomp.org>
* configure.ac: Set version to 0.182.
* NEWS: Add 0.182 section.
2020-10-28 Tom Tromey <tom@tromey.com>
* .gitignore: Add /tests/leb128.
2020-10-01 Frank Ch. Eigler <fche@redhat.com>
PR25461
* configure.ac: Add --enable-debuginfod-urls[=URLS] option.
2020-09-18 Mark Wielaard <mark@klomp.org>
* configure.ac: Check availability of libzstd and zstd.
2020-09-08 Mark Wielaard <mark@klomp.org>
* configure.ac: Set version to 0.181.
* NEWS: Add 0.181 section.
2020-08-20 Dmitry V. Levin <ldv@altlinux.org>
* configure.ac (--enable-libdebuginfod): AC_DEFINE ENABLE_LIBDEBUGINFOD.
2020-07-17 Mark Wielaard <mark@klomp.org>
* configure.ac: Set -DBAD_FTS=1 also for CXXFLAGS.
2020-06-19 Mark Wielaard <mark@klomp.org>
* Makefile.am (SUBDIRS): Always add debuginfod.
* configure.ac (debuginfod): Split off...
(libdebuginfod): ... this. Also add DUMME_DEBUGINFOD.
2020-06-15 Sergei Trofimovich <slyfox@gentoo.org>
* configure.ac: Use READELF in build-id check.
2020-06-11 Mark Wielaard <mark@klomp.org>
* configure.ac: Set version to 0.180.
* NEWS: Add 0.180 section.
* .gitignore: Update with new generated file.
2020-06-10 Mark Wielaard <mark@klomp.org>
* configure.ac (MODVERSION): Remove.
2020-03-30 Mark Wielaard <mark@klomp.org>
* configure.ac: Set version to 0.179.
* NEWS: Add 0.179 section.
2020-03-25 Mark Wielaard <mark@klomp.org>
* README: Update mailinglist subscription info.
* CONTRIBUTING: Likewise.
2020-02-03 Frank Ch. Eigler <fche@redhat.com>
* configure.ac: Tolerate CXX= for debuginfod configuration.
2019-12-11 Omar Sandoval <osandov@fb.com>
* configure.ac: Apply -Werror after user-defined CFLAGS in
-D_FORTIFY_SOURCE=2 check.
2019-12-06 Mark Wielaard <mark@klomp.org>
* configure.ac: Add ac_cv_buildid check.
2019-11-26 Mark Wielaard <mark@klomp.org>
* configure.ac: Set version to 0.178.
NEWS: Add 0.178 section.
2019-11-26 Mark Wielaard <mark@klomp.org>
* configure.ac: Add CXXFLAGS for gcov.
2019-10-28 Aaron Merey <amerey@redhat.com>
* debuginfod/: New directory for debuginfod code.
* Makefile.am (SUBDIRS): Recurse there.
* configure.ac (--enable-debuginfod): New flag & checks.
2019-08-25 Jonathon Anderson <jma14@rice.edu>
* configure.ac: Add new --enable-valgrind-annotations
* configure.ac: Add new --with-valgrind (headers only)
2019-07-05 Omar Sandoval <osandov@fb.com>
* configure.ac: Get rid of --enable-libebl-subdir.
* Makefile.am (SUBDIRS): Reorder backends and libcpu before libebl to
satisfy build dependencies.
2019-08-13 Mark Wielaard <mark@klomp.org>
* configure.ac: Set version to 0.177.
* NEWS: Mention elfclassify, readelf DW_AT_data_member_location
and DW_AT_discr_list attribute changes, dwarf.h DW_AT_GNU additions,
dwelf_elf_e_machine_string function, dwelf_elf_begin change and
C-SKY backend support.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / ipfire-2.x.git / log
