Stefan Schantl [Thu, 30 Dec 2021 19:15:36 +0000 (20:15 +0100)]
vpnmain.cgi: Fix extra whitespace in exported pk12 file
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
xfsprogs-5.14.2 (06 Dec 2021)
- libxfs: move rogue fallthrough macro out of linux.h (Darrick J. Wong)
xfsprogs-5.14.1 (02 Dec 2021)
- libxfs: fix atomic64_t for 32-bit architectures (Darrick J. Wong)
- libfrog: fix crc32c self test code on cross builds (Darrick J. Wong)
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Add ms-classless-static-routes and rfc3442-classless-static-routes as options for dhcp
These are apparently required for deployiong classless IP routes
- Original static-routes option is not intended for classless IP routing but is being
left in place for backward compatibility
- The option "rfc3442-classless-static-routes" is for normal clients
- The option "ms-classless-static-routes" is for Microsoft clients
Fixes: bug 12291 Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Matthias Fischer [Thu, 23 Dec 2021 16:32:52 +0000 (17:32 +0100)]
apache: Update to 2.4.52
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
For details see:
https://dlcdn.apache.org//httpd/CHANGES_2.4.52
Excerpt from changelog:
""Changes with Apache 2.4.52
*) SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
multipart content in mod_lua of Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A carefully crafted request body can cause a buffer overflow in
the mod_lua multipart parser (r:parsebody() called from Lua
scripts).
The Apache httpd team is not aware of an exploit for the
vulnerabilty though it might be possible to craft one.
This issue affects Apache HTTP Server 2.4.51 and earlier.
Credits: Chamal
*) SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
forward proxy configurations in Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A crafted URI sent to httpd configured as a forward proxy
(ProxyRequests on) can cause a crash (NULL pointer dereference)
or, for configurations mixing forward and reverse proxy
declarations, can allow for requests to be directed to a
declared Unix Domain Socket endpoint (Server Side Request
Forgery).
This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
(included).
Credits: 漂亮é¼
TengMA(@Te3t123)
..." Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Sat, 18 Dec 2021 16:23:58 +0000 (17:23 +0100)]
Tor: update to 0.4.6.9
Full changelog as per https://gitweb.torproject.org/tor.git/plain/ChangeLog:
Changes in version 0.4.6.9 - 2021-12-15
This version fixes several bugs from earlier versions of Tor. One important
piece is the removal of DNS timeout metric from the overload general signal.
See below for more details.
o Major bugfixes (relay, overload):
- Don't make Tor DNS timeout trigger an overload general state.
These timeouts are different from DNS server timeout. They have to
be seen as timeout related to UX and not because of a network
problem. Fixes bug 40527; bugfix on 0.4.6.1-alpha.
o Minor feature (reproducible build):
- The repository can now build reproducible tarballs which adds the
build command "make dist-reprod" for that purpose. Closes
ticket 26299.
o Minor features (compilation):
- Give an error message if trying to build with a version of
LibreSSL known not to work with Tor. (There's an incompatibility
with LibreSSL versions 3.2.1 through 3.4.0 inclusive because of
their incompatibility with OpenSSL 1.1.1's TLSv1.3 APIs.) Closes
ticket 40511.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on December 15, 2021.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2021/12/15.
o Minor bugfixes (compilation):
- Fix our configuration logic to detect whether we had OpenSSL 3:
previously, our logic was reversed. This has no other effect than
to change whether we suppress deprecated API warnings. Fixes bug
40429; bugfix on 0.3.5.13.
o Minor bugfixes (relay):
- Reject IPv6-only DirPorts. Our reachability self-test forces
DirPorts to be IPv4, but our configuration parser allowed them to
be IPv6-only, which led to an assertion failure. Fixes bug 40494;
bugfix on 0.4.5.1-alpha.
o Documentation (man, relay):
- Missing "OverloadStatistics" in tor.1 manpage. Fixes bug 40504;
bugfix on 0.4.6.1-alpha.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Stefan Schantl [Thu, 16 Dec 2021 19:23:36 +0000 (20:23 +0100)]
suricata: Do not load rules for dnp3 and modbus.
The parsers for those are disabled in the suricata config so
the rules are not needed, on the contrary they massively will spam
warnings when launching suricate because of the disabled parsers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Michael Tremer [Thu, 2 Dec 2021 12:37:14 +0000 (12:37 +0000)]
backup: Create tarball in one pass
This patch is changing the behaviour of the backup script so that it
creates one tarball and compresses it in one go.
This will save storing the original tarball on disk before compressing
it which on my test system requires significant disk space.
This patch also solves a bug where the backup file included with the ISO
image could not be extracted because it was not gzip-compressed when it
was expected to be.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This rule emits a massive logspam and temporary will be disabled until
a better solution is found.
Fixes #12738.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Stefan Schantl [Wed, 8 Dec 2021 17:10:31 +0000 (18:10 +0100)]
suricata: Cleanup default loaded rules file.
There are no such rules file available and therefore cannot be loaded.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Stefan Schantl [Wed, 8 Dec 2021 17:10:30 +0000 (18:10 +0100)]
suricata: Move default loaded rulefiles to own included file.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Acked-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Mon, 6 Dec 2021 17:01:32 +0000 (18:01 +0100)]
pcengines-apu-firmware: Update to version 4.15.0.1
- Update from 4.14.0.4 to 4.15.0.1
- Update of rootfile
- Changelog
v4.15.0.1
rebased with official coreboot repository commit 6973a3e7
v4.14.0.6
rebased with official coreboot repository commit d06c0917
Re-added GPIO bindings to fix LED and button functionality
v4.14.0.5
rebased with official coreboot repository commit d4c55353
Updated CPU declarations in ACPI to comply with newer ACPI standard
Removed GPIO bindings to fix conflict with OS drivers
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Jon Murphy [Sat, 4 Dec 2021 23:46:20 +0000 (00:46 +0100)]
manualpages: Complete the list of user manual pages
Jon Murphy gathered all the links and made the updated file
available on the mailing list:
https://lists.ipfire.org/pipermail/development/2021-October/011383.html
https://lists.ipfire.org/pipermail/development/2021-December/011737.html
With kind permission from him, this patch contains the completed list.
The list was successfully checked with "./make.sh check-manualpages".
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de> Reported-by: Jon Murphy <jcmurphy26@gmail.com> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Adolf Belka [Mon, 6 Dec 2021 17:02:03 +0000 (18:02 +0100)]
pango: Update to version 1.50.0
- v3 version has updated pango version
- Update from 1.30.1 (2012) to 1.50.0 (2021)
- Update of rootfile - Pango modules, engines, and config have been removed (#733882) in
version 1.37.0 in 2014.
- pango now has dependencies of harfbuzz and fribidi so patches for these two are
included in the following two patches for this series.
- make.sh modified to include
build of these two packages before pango is built
- Build is done via meson/ninja now
- Changelog is too large to show here but the details can be found in the NEWS file in
the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 6 Dec 2021 17:01:32 +0000 (18:01 +0100)]
pcengines-apu-firmware: Update to version 4.15.0.1
- Update from 4.14.0.4 to 4.15.0.1
- Update of rootfile
- Changelog
v4.15.0.1
rebased with official coreboot repository commit 6973a3e7
v4.14.0.6
rebased with official coreboot repository commit d06c0917
Re-added GPIO bindings to fix LED and button functionality
v4.14.0.5
rebased with official coreboot repository commit d4c55353
Updated CPU declarations in ACPI to comply with newer ACPI standard
Removed GPIO bindings to fix conflict with OS drivers
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 6 Dec 2021 21:06:35 +0000 (22:06 +0100)]
bash: Update to version 5.1.8 plus patches 9 to 12
- Update main file from 5.1 to 5.1.8 (includes patches 1 to 8)
- Remove patches 1 to 4
- Changelog - Patches 1 to 4 from the previous IPFire version together with patches 5 to
8 are now included into bash-5.1.8 followed by application of patches 9 to 12
Patch 12
There is a possible race condition that arises when a child process receives
a signal trapped by the parent before it can reset the signal dispositions.
The child process is not supposed to trap the signal in this circumstance.
Patch 11
When reading a compound assignment, and running it through the parser to
split it into words, we need to save and restore any alias we're currently
expanding.
Patch 10
If `wait -n' is interrupted by a trapped signal other than SIGINT, it does
not completely clean up state, and that can prevent subsequent calls to
`wait -n' from working correctly.
Patch 9
The bash malloc implementation of malloc_usable_size() does not follow the
specification. This can cause library functions that use it to overwrite
memory bounds checking.
Patch 8
Process substitution FIFOs opened by child processes as targets of redirections
were not removed appropriately, leaving remnants in the file system.
Patch 7
The code to check readline versions in an inputrc file had the sense of the
comparisons reversed.
Patch 6
Make sure child processes forked to run command substitutions are in the
proper process group.
Patch 5
Fix two memory leaks when assigning arrays using compound assignment syntax.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Acked-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Wed, 1 Dec 2021 12:30:23 +0000 (13:30 +0100)]
sysvinit: Update to version 3.00
- Update from 2.99 to 3.00
- Update of rootfile not required
- Changelog
sysvinit (3.00) released; urgency=low
* Applied patch from Matthias Schiffer which allows bootlogd to read from
a wider range of consoles. The console name is already passed in from the
kernel command line using "console=". We no longer filter out names as strictly
but do now check to confirm the "console=" device points to a valid TTY.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 7 Dec 2021 17:36:15 +0000 (18:36 +0100)]
htop: Update to version 3.1.2
- Update from 3.1.1 to 3.1.2
- Update of rootfile not required
- Changelog
version 3.1.2
* Bugfix for crash when storing modified settings at exit
* Generate xz-compressed source tarball (with configure) using github actions
* Allow -u UID with numerical value as argument
* Added documentation for obsolete/state libraries/program files highlighting
* Some obsolete/stale library highlighting refinements
* Column width issues resolved
* Dynamic UID column sizing improved
* Discard stale information from Disk and Network I/O meters
* Refined Linux kernel thread detection
* Reworked process state handling
* New CCGROUP column showing abbreviated cgroup name
* New OFFSET column in the list of open files screen
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 7 Dec 2021 17:35:58 +0000 (18:35 +0100)]
git: Update version to 2.34.1
- Update from 2.33.1 to 2.34.1
- Update of rootfile - The "--preserve-merges" option of "git rebase" has been removed.
- Changelog is too large to include here.
The changes for version 2.34.0 can be found in the source tarball in
Documentation/RelNotes/2.34.0.txt and for version 2.34.1 in
Documentation/RelNotes/2.34.1.txt
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 7 Dec 2021 17:36:32 +0000 (18:36 +0100)]
perl-Date-Manip: Update to version 6.86
- Update from 6.85 to 6.86
- Update of rootfile
- Changelog
6.86 2021-11-15
-Change warn to carp
All warnings are now issued with the carp command rather than warn.
Requested in GitHup pull request #18, but that request was not used
because it only changed the uses in the Date::Manip::Date module.
-Bug fixes
Fixed a bug where the next/prev Date::Manip::Recur methods gave
incorrect results when there are no dates that match the criteria.
(GitHub #36)
-Time zone fixes
There were no new timezone fixes on 2021-06-01 or 2021-09-01, so no
releases made then.
Newest zoneinfo data (tzdata 2021e). (GitHub #37)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 7 Dec 2021 17:36:56 +0000 (18:36 +0100)]
sdl2: Update to version 2.0.18
- Update from 2.0.16 to 2.0.18
- Update of rootfile
- Changelog
2.0.18
General:
* The SDL wiki documentation and development headers are automatically kept in sync
* Each function has information about in which version of SDL it was introduced
* Added the hint SDL_HINT_APP_NAME to let SDL know the name of your application for
various places it might show up in system information
* Added SDL_RenderGeometry() and SDL_RenderGeometryRaw() to allow rendering of
arbitrary shapes using the SDL 2D render API
* Added SDL_SetTextureUserData() and SDL_GetTextureUserData() to associate
application data with an SDL texture
* Added SDL_RenderWindowToLogical() and SDL_RenderLogicalToWindow() to convert
between window coordinates and logical render coordinates
* Added SDL_RenderSetVSync() to change whether a renderer present is synchronized
with vblank at runtime
* Added SDL_PremultiplyAlpha() to premultiply alpha on a block of
SDL_PIXELFORMAT_ARGB8888 pixels
* Added a window event SDL_WINDOWEVENT_DISPLAY_CHANGED which is sent when a window
changes what display it's centered on
* Added SDL_GetWindowICCProfile() to query a window's ICC profile, and a window
event SDL_WINDOWEVENT_ICCPROF_CHANGED that is sent when it changes
* Added the hint SDL_HINT_VIDEO_EGL_ALLOW_TRANSPARENCY to allow EGL windows to be
transparent instead of opaque
* SDL_WaitEvent() has been redesigned to use less CPU in most cases
* Added SDL_SetWindowMouseRect() and SDL_GetWindowMouseRect() to confine the mouse
cursor to an area of a window
* You can now read precise mouse wheel motion using 'preciseX' and 'preciseY' event
fields
* Added SDL_GameControllerHasRumble() and SDL_GameControllerHasRumbleTriggers() to
query whether a game controller supports rumble
* Added SDL_JoystickHasRumble() and SDL_JoystickHasRumbleTriggers() to query whether
a joystick supports rumble
* SDL's hidapi implementation is now available as a public API in SDL_hidapi.h
Windows:
* Improved relative mouse motion over Windows Remote Desktop
* Added the hint SDL_HINT_IME_SHOW_UI to show native UI components instead of hiding
them (defaults off)
Windows/UWP:
* WGI is used instead of XInput for better controller support in UWP apps
Linux:
* Added the hint SDL_HINT_SCREENSAVER_INHIBIT_ACTIVITY_NAME to set the activity
that's displayed by the system when the screensaver is disabled
* Added the hint SDL_HINT_LINUX_JOYSTICK_CLASSIC to control whether /dev/input/js*
or /dev/input/event* are used as joystick devices
* Added the hint SDL_HINT_JOYSTICK_DEVICE to allow the user to specify devices that
will be opened in addition to the normal joystick detection
* Added SDL_LinuxSetThreadPriorityAndPolicy() for more control over a thread
priority on Linux
Android:
* Added support for audio output and capture using AAudio on Android 8.1 and newer
* Steam Controller support is disabled by default, and can be enabled by setting the
hint SDL_HINT_JOYSTICK_HIDAPI_STEAM to "1" before calling SDL_Init()
Apple Arcade:
* Added SDL_GameControllerGetAppleSFSymbolsNameForButton() and
SDL_GameControllerGetAppleSFSymbolsNameForAxis() to support Apple Arcade titles
iOS:
* Added documentation that the UIApplicationSupportsIndirectInputEvents key must be
set to true in your application's Info.plist in order to get real Bluetooth mouse
events.
* Steam Controller support is disabled by default, and can be enabled by setting the
hint SDL_HINT_JOYSTICK_HIDAPI_STEAM to "1" before calling SDL_Init()
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Jon Murphy [Sat, 4 Dec 2021 23:46:20 +0000 (00:46 +0100)]
manualpages: Complete the list of user manual pages
Jon Murphy gathered all the links and made the updated file
available on the mailing list:
https://lists.ipfire.org/pipermail/development/2021-October/011383.html
https://lists.ipfire.org/pipermail/development/2021-December/011737.html
With kind permission from him, this patch contains the completed list.
The list was successfully checked with "./make.sh check-manualpages".
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de> Reported-by: Jon Murphy <jcmurphy26@gmail.com> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Tue, 7 Sep 2021 11:02:40 +0000 (13:02 +0200)]
freetype: Update to version 2.11.0
- Update from 2.10.4 to 2.11.0
- Update rootfile
- Changelog
CHANGES BETWEEN 2.10.4 and 2.11.0
I. IMPORTANT CHANGES
- A new rendering module has been added to create 8-bit Signed Distance Field (SDF)
bitmaps for both outline and bitmap glyphs. The new rendering mode is called
`FT_RENDER_MODE_SDF`, the pixel mode is `FT_PIXEL_MODE_GRAY8`, and the
corresponding raster flag is `FT_RASTER_FLAG_SDF`. This work was Anuj Verma's
GSoC 2020 project.
- A new, experimental API is now available for surfacing properties of 'COLR' v1
color fonts (as the name says, this is an extension to the 'COLR' table for
outline color fonts using the SFNT container format). 'COLR' v1 fonts are a
recently proposed addition to OFF and OpenType; specification work currently
happens in https://github.com/googlefonts/colr-gradients-spec/ 'COLR' v1 is
expected to be merged to OpenType; the ISO standardisation process for adding
'COLR' v1 as an amendment to OFF is underway. Functions similar to the already
existing 'COLR' API have been added to access the corresponding data.
FT_Get_Color_Glyph_Paint Retrieve the root paint for a given glyph ID.
FT_Get_Paint_Layers Access the layers of a `PaintColrLayers` table.
FT_Get_Colorline_Stops Retrieve the 'color stops' on a color line. As an input,
a color stop iterator gets used, which in turn is retrieved from a paint.
FT_Get_Paint Dereference an `FT_OpaquePaint` object and retrieve the
corresponding `FT_COLR_Paint` object, which contains details on how to draw the
respective 'COLR' v1 `Paint` table.
II. MISCELLANEOUS
- FreeType has moved its infrastructure to https://gitlab.freedesktop.org/freetype
A side effect is that the git repositories are now called `freetype.git` and
`freetype-demos.git`, which by default expand to the directories `freetype` and
`freetype-demos`, respectively. The documentation has been updated accordingly.
FreeType's Savannah repositories will stay; they are now mirrors of the
'freedesktop.org' repositories.
- A new function `FT_Get_Transform` returns the values set by `FT_Set_Transform`.
- A new configuration macro `FT_DEBUG_LOGGING` is available. It provides extended
debugging capabilities for FreeType, for example showing a time stamp or
displaying the component a tracing message comes from. See file `docs/DEBUG` for
more information. This work was Priyesh Kumar's GSoC 2020 project.
- The legacy Type 1 and CFF engines are further demoted due to lack of CFF2
charstring support. You now need to use `FT_Property_Set` to enable them besides
the `T1_CONFIG_OPTION_OLD_ENGINE` and `CFF_CONFIG_OPTION_OLD_ENGINE` options,
respectively.
- The experimental 'warp' mode (AF_CONFIG_OPTION_USE_WARPER) for the auto-hinter
has been removed.
- The smooth rasterizer performance has been improved by >10%. Note that due to
necessary code changes there might be very subtle differences in rendering. They
are not visible by the eye, however.
- PCF bitmap fonts compressed with LZW (these are usually files with the extension
`.pcf.Z`) are now handled correctly.
- Improved Meson build files, including support to build the FreeType demo programs.
- A new demo program `ftsdf` is available to display Signed Distance Fields of
glyphs.
- The `ftlint` demo program has been extended to do more testing of its input. In
particular, it can display horizontal and vertical acutances for quality
assessment, together with computing MD5 checksums of rendered glyphs. [The
acutance measures how sharply the pixel coverage changes at glyph edges. For
monochrome bitmaps, it is always 2.0 in either X or Y direction. For
anti-aliased bitmaps, it depends on the hinting and the shape of a glyph and
might approach or even reach value 2.0 for glyphs like 'I', 'L', '+', '-', or
'=', while it might be lower for glyphs like 'O', 'S', or 'W'.]
- The `ttdebug` demo program didn't show changed point coordinates (bug introduced
in version 2.10.3).
- It is now possible to adjust the axis increment for variable fonts in the
`ftmulti` demo program.
- It is now possible to change the hinting engine in the `ftstring` demo program.
- The graphical demo programs work better now in native color depth on win32 and
x11.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 23 Jun 2021 08:13:40 +0000 (10:13 +0200)]
URI: Update to version 5.09
- Update from 1.35 (2004) to 5.09 (2021)
- Update of rootfile required
- Changelog is too large to include here.
Full details can be found in Changes file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Tue, 22 Jun 2021 11:26:40 +0000 (13:26 +0200)]
m4: Update to 1.4.19
- Update from 1.4.18 (2016-12-31) to 1.4.19 (2021-05-28)
- patch no longer required as changes have been built into the source tarball.
- Update of rootfile
- Changelog is too large to fit here. Detail can be found in ChangeLog file in the
source tarball.
6 bugs fixed in this update.
https://lists.gnu.org/archive/html/bug-m4/2021-04/msg00000.html
https://lists.gnu.org/archive/html/bug-m4/2021-05/msg00001.html
https://lists.gnu.org/archive/html/bug-m4/2020-03/msg00000.html
https://lists.gnu.org/archive/html/bug-m4/2021-05/msg00002.html
https://lists.gnu.org/archive/html/bug-m4/2021-05/msg00003.html
https://lists.gnu.org/archive/html/bug-m4/2021-05/msg00004.html
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Tue, 22 Jun 2021 19:47:52 +0000 (21:47 +0200)]
Unix-Syslog: Update to version 1.1
- Update from 0.100 (2002) to 1.1 (2007 - latest version)
- Update rootfile
- Changelog
1.1 Sun May 18 21:13:38 2007
- Released version 1.1.
- Clearly marked MSWin32 systems as unsupported. (How do
64bit Windows system identify themselves?)
- Fixed bug that caused Perl to segfault when closelog() was
called before openlog().
1.0 Tue Oct 2 22:22:43 2007
- Bumped version number to 1.0.
- License has changed to Artistic 2.0!
- (Syslog.pm) Get rid of `require AutoLoader', which was wrong
to begin with.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sat, 31 Jul 2021 19:06:17 +0000 (21:06 +0200)]
libsolv: Update to version 0.7.19
- Update from 0.7.14 to 0.7.19
- Update of rootfile not required
- Changelog
These are the major changes between libsolv versions:
Version 0.7.19
- selected bug fixes:
* fix rare segfault in resolve_jobrules() that could happen
if new rules are learnt
* fix a couple of memory leaks in error cases
* fix error handling in solv_xfopen_fd()
Version 0.7.18
- selected bug fixes:
* fixed regex code on win32
* fixed memory leak in choice rule generation
- new features:
* repo_add_conda: add flag to skip v2 packages
Version 0.7.17
- selected bug fixes:
* repo_write: fix handling of nested flexarray
* improve choicerule generation a bit more to cover more cases
* harden testcase parser against repos being added too late
* support python-3.10
* check %_dbpath macro in rpmdb code
- new features:
* handle default/visible/langonly attributes in comps parser
* support multiple collections in updateinfo parser
* add '-D' option in rpmdb2solv to set the dbpath
Version 0.7.16
- selected bug fixes:
* do not ask the namespace callback for splitprovides when writing
a testcase
* fix add_complex_recommends() selecting conflicted packages in
rare cases leading to crashes
* improve choicerule generation so that package updates are
prefered in more cases
* deal with missing repos in testcase_mangle_repo_names
Version 0.7.15
- selected bug fixes:
* fix deduceq2addedmap clearing bits outside of the map
* conda: feature depriorization first
* conda: fix startswith implementation
* move find_update_seeds() call in cleandeps calculation
- new features:
* set SOLVABLE_BUILDHOST in rpm and rpmmd parsers
* new testcase_mangle_repo_names() function
* new solv_fmemopen() function
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sat, 31 Jul 2021 19:05:45 +0000 (21:05 +0200)]
igmpproxy: Update to version 0.3
- Update from 0.2.1 to 0.3
- Update of rootfile not required
- Changelog
2021-01-04 18:40:01 +0100 Pali Rohár <pali.rohar@gmail.com>
* Release version 0.3
2020-09-05 13:52:50 +0200 Pali Rohár <pali.rohar@gmail.com>
* Remove duplicate code in mcgroup.c file
Existing functionality is provided by k_join and k_leave functions.
2020-09-05 13:07:38 +0200 Pali Rohár <pali.rohar@gmail.com>
* Fix initialization and deinitialization of mrouter socket
Ensure that uninitialized socket is invalid (-1) and not stdin (0).
2020-09-05 13:07:00 +0200 Pali Rohár <pali.rohar@gmail.com>
* Use main mrouter socket also for sending join/leave messages to upstream router
There is no need to open additional UDP socket which is used just for calling
IP_ADD_MEMBERSHIP/IP_DROP_MEMBERSHIP setsockopt. Main mrouter socket is can
be used for these operations too.
2020-05-20 09:59:11 +0200 Uglymotha <uglymotha@wizdom.nu>
* Free BSD Compilation Patch
On FreeBSD compilation failed due to missing includes in os-freebsd.h.
This was causing errors about undefined structs and types in missing includes.
Also defines __BSD_VISIBLE due to FreeBSD not providing u_int, u_long etc
in a default _POSIX_C_SOURCE environment. Fixes: https://github.com/pali/igmpproxy/issues/68
2020-05-08 22:54:06 +0200 Pali Rohár <pali.rohar@gmail.com>
* Remove MAX_MC_VIFS macro
Its value is same as MAXVIFS, so use MAXVIFS instead.
2020-03-06 11:51:21 +0100 Pali Rohár <pali.rohar@gmail.com>
* Improve downstream host tracking for quickleave mode
Use bit based per multicast route hash table for tracking downstream hosts.
For hasing function is used 32bit MurmurHash3 with pseudorandom seed and
size of hash table can be configured via a new "hashtablesize" token in
config file. Default size of hash table is 32 bytes, so it can store
approximatelly 128 hosts which is half of /24 subnet. For home networks
this should be sane default value. Fixes: https://github.com/pali/igmpproxy/pull/57
2020-02-26 20:27:08 +0100 Pali Rohár <pali.rohar@gmail.com>
* Show error message when IP_ADD_MEMBERSHIP fails with errno ENOBUFS
Also on Linux show hint how to increase maximum number of multicast groups. Fixes: https://github.com/pali/igmpproxy/issues/30
2020-02-25 23:46:57 +0100 Pali Rohár <pali.rohar@gmail.com>
* Fix gcc-7 and clang-9 on Travis
2020-02-25 23:24:26 +0100 Pali Rohár <pali.rohar@gmail.com>
* Update Travis config file
2019-06-26 17:42:15 +0200 Pali Rohár <pali.rohar@gmail.com>
* Use AS_IF macro for C99 check in configure.ac
2018-09-30 00:28:05 +0200 Pali Rohár <pali.rohar@gmail.com>
* Fix makefile rules for generating AUTHORS and ChangeLog files
2018-02-13 20:17:30 +0100 Pali Rohár <pali.rohar@gmail.com>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Mon, 29 Nov 2021 12:23:27 +0000 (13:23 +0100)]
qpdf: Update to version 10.4.0
- Update from 10.3.2 to 10.4.0
- Update of rootfile
- Changelog
10.4.0: release
* Add --allow-weak-crypto option to suppress warnings about use of
weak cryptographic algorithms. Update documentation around this
issue. Fixes #358.
* Relax xref recovery logic a bit so that files whose objects are
either missing endobj or have endobj at other than the beginning
of a line can still be recovered. Fixes #573.
* Add support for OpenSSL 3. Fixes #568.
The OpenSSL version is detected at compile-time. If you want to
build with OpenSSL 3 on a system that has OpenSSL 1 installed, you
can run configure like this (or similar to this depending on how
you installed openssl3):
pc_openssl_CFLAGS=-I/path/to/openssl3/include \
pc_openssl_LIBS='-L/path/to/openssl3/lib64 -lssl -lcrypto' \
./configure
where /path/to/openssl3 is wherever your OpenSSL 3 distribution is
installed. You may also need to set the LD_LIBRARY_PATH
environment variable if it's not installed in a standard location.
* Add range check in QPDFNumberTreeObjectHelper (fuzz issue 37740).
* Add QIntC::range_check_subtract to do range checking on
subtraction, which has different boundary conditions from
addition.
* Bug fix: fix crash that could occur under certain conditions
when using --pages with files that had form fields. Fixes #548.
* Add an extra check to the library to detect when foreign objects
are inserted directly (instead of using
<function>QPDF::copyForeignObject</function>) at the time of
insertion rather than when the file is written. Catching the error
sooner makes it much easier to locate the incorrect code.
* Bug fix: make overlay/underlay work on a page with no resource
dictionary. Fixes #527.
* Add QPDF::findPage to the public API. This is primarily to help
improve the efficiency of code that wraps the qpdf library, such
as pikepdf. Fixes #516.
* zlib-flate: warn and exit with code 3 when there is corrupted
input data even when decompression is possible. We do this in the
zlib-flate CLI so that it can be more reliably used to test the
validity of zlib streams, but we don't warn by default in qpdf
itself because PDF files in the wild exist with this problem and
other readers appear to tolerate it. There is a PDF in the qpdf
test suite (form-filled-by-acrobat.pdf) that was written by a
version of Adobe Acrobat that exhibits this problem. Fixes #562.
* Add Pl_Flate::setWarnCallback to make it possible to be notified
of data errors that are recoverable but still indicate invalid
data.
* Improve error reporting when someone forgets the -- after
--pages. Fixes #555.
* Bug fix: ensure we don't overflow any string bounds while
handling completion, even when we are given bogus input values.
Fixes #441.
* Improve performance of preservation of object streams by
avoiding unnecessary traversal of objects when there are no object
streams.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 29 Nov 2021 12:23:10 +0000 (13:23 +0100)]
poppler: Update to version 21.11.0
- Update from 21.07.0 to 21.11.0
- Update of rootfile
- find-dependencies run to check so bump. No issues found
- Changelog
Release 21.11.0:
core:
* Fix rendering of some non-standard confirming annotations
* Support rendering of some non-standard Type3 charprocs. Issue #1150
* TextOutputDev: Respect orientation when selecting words. Issue #499
* CairoOutputDev: Don't override the antialias settings from the cairo_t
* StructElement: support MCID in XObjects
* Fix detection of monospace fonts
* Ignore Adobe-Identity for non embedded CID fonts
* PageLabelInfo::labelToIndex: work on some special no style intervals
* Fix crash in malformed files
* Minor code improvements
utils:
* pdfinfo: add -url option to print all URLs in a PDF
* pdftohtml: document what zoom means in regard to DPI
qt6:
* Require Qt 6.1
* Minor code improvements
Release 21.10.0:
core:
* Add support for setting custom stamp annotations
* Add default appearance for the well known stamp names
* Correct encoding of signature's properties Reason & Location
* Splash: Fix rendering of some odd patterns
* SignatureHandler::validateCertificate: Add option to not do OCSP revocation check
* SignatureHandler::validateCertificate: Add support for AIA fetching to verify certificates
* greallocn: if memory allocation fails, free the previous pointer to avoid memory leak
* Fix issues with malformed files
* Internal code improvements
utils:
* pdfsig: Add a way to list certificate nicknames
* pdfsig: You can now add signatures from pdfsig
* pdfsig: Add option to not do OCSP revocation check
* pdfsig: Add option for AIA fetching to verify certificates
* pdfinfo: Add -custom option to print custom metadata
* pdfinfo: add metadata flags
qt:
* Add support for setting custom stamp annotations
* Add getters for signature's properties Reason & Location
* Internal code improvements
glib:
* Remove incorrect PopplerAttachment deprecation
Release 21.09.0:
core:
* Splash: Massive spped improvement on files that use lots of save/restore (q/Q) operators
* Correct decoding of signature properties Reason & Location when they are Unicode
* Fix issues with malformed files
* MSVC build fixes
build system:
* Call cmake_minium_required() before project()
* Always append to CMAKE_{C,CXX}_FLAGS_${CMAKE_BUILD_TYPE}
* correctly forward user-provided flags to try_compile()
Release 21.08.0:
core:
* Add API to allow addition and modification of outlines into a PDF
* Use additional samples to test for constant parts of an axial gradient
* forms: Create fallback fonts for some well known font names
* Support reading the PDF Version from the Catalog
* Fix XRef::copy when there are modified objects
* Take into account that Date string may be in unicode
* JBIG2Stream: Fix regression in "Do not consider a size-0 to be an error"
* Replace a local bubble sort implementation by std::sort
* Fix issues with malformed files
build system:
* Better error message when libjpeg is not found
* Better error messages when libopenjpeg2 is not found
qt5/qt6:
* Document that a document has to outlive its pages
* Make getPdfVersion return a dedicated version object
glib:
* mimick TextSelectionDumper logic change for spaceAfter
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- v2 version is to extend from 20210714-3.1 to 20210910-3.1
- Update from 20210522-3.1 to 20210910-3.1
- Update rootfile
- Changelog
2021-09-10 Jess Thrysoee
* all: sync with upstream source
2021-07-14 Jess Thrysoee
* all: sync with upstream source
* src/histedit.h: Add wcsdup declaration when ifndef HAVE_WCSDUP. Patch by Rainer Jung.
* examples/wtc1.c: Fix warnings and add missing brace. Patch by Rainer Jung.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sun, 26 Sep 2021 10:37:46 +0000 (12:37 +0200)]
sudo: Update to version 1.9.8p2
- v2 version is to extend from 1.9.8p1 to 1.9.8p2
- Update from 1.9.7p2 to 1.9.8p2
- Update rootfile
- Changelog
What's new in Sudo 1.9.8p2
* Fixed a potential out-of-bounds read with "sudo -i" when the
target user's shell is bash. This is a regression introduced
in sudo 1.9.8. Bug #998.
* sudo_logsrvd now only sends a log ID for first command of a session.
There is no need to send the log ID for each sub-command.
* Fixed a few minor memory leaks in intercept mode.
* Fixed a problem with sudo_logsrvd in relay mode if "store_first"
was enabled when handling sub-commands. A new zero-length journal
file was created for each sub-command instead of simply using
the existing journal file.
What's new in Sudo 1.9.8p1
* Fixed support for passing a prompt (sudo -p) or a login class
(sudo -l) on the command line. This is a regression introduced
in sudo 1.9.8. Bug #993.
* Fixed a crash with "sudo ALL" rules in the LDAP and SSSD back-ends.
This is a regression introduced in sudo 1.9.8. Bug #994.
* Fixed a compilation error when the --enable-static-sudoers configure
option was specified. This is a regression introduced in sudo
1.9.8 caused by a symbol clash with the intercept and log server
protobuf functions.
What's new in Sudo 1.9.8
* It is now possible to transparently intercepting sub-commands
executed by the original command run via sudo. Intercept support
is implemented using LD_PRELOAD (or the equivalent supported by
the system) and so has some limitations. The two main limitations
are that only dynamic executables are supported and only the
execl, execle, execlp, execv, execve, execvp, and execvpe library
functions are currently intercepted. Its main use case is to
support restricting privileged shells run via sudo.
To support this, there is a new "intercept" Defaults setting and
an INTERCEPT command tag that can be used in sudoers. For example:
Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh
Defaults!SHELLS intercept
would cause sudo to run the listed shells in intercept mode.
This can also be set on a per-rule basis. For example:
Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh
chuck ALL = INTERCEPT: SHELLS
would only apply intercept mode to user "chuck" when running one
of the listed shells.
In intercept mode, sudo will not prompt for a password before
running a sub-command and will not allow a set-user-ID or
set-group-ID program to be run by default. The new
intercept_authenticate and intercept_allow_setid sudoers settings
can be used to change this behavior.
* The new "log_subcmds" sudoers setting can be used to log additional
commands run in a privileged shell. It uses the same mechanism as
the intercept support described above and has the same limitations.
* The new "log_exit_status" sudoers setting can be used to log
the exit status commands run via sudo. This is also a corresponding
"log_exit" setting in the sudo_logsrvd.conf eventlog stanza.
* Support for logging sudo_logsrvd errors via syslog or to a file.
Previously, most sudo_logsrvd errors were only visible in the
debug log.
* Better diagnostics when there is a TLS certificate validation error.
* Using the "+=" or "-=" operators in a Defaults setting that takes
a string, not a list, now produces a warning from sudo and a
syntax error from inside visudo.
* Fixed a bug where the "iolog_mode" setting in sudoers and sudo_logsrvd
had no effect when creating I/O log parent directories if the I/O log
file name ended with the string "XXXXXX".
* Fixed a bug in the sudoers custom prompt code where the size
parameter that was passed to the strlcpy() function was incorrect.
No overflow was possible since the correct amount of memory was
already pre-allocated.
* The mksigname and mksiglist helper programs are now built with
the host compiler, not the target compiler, when cross-compiling.
Bug #989.
* Fixed compilation error when the --enable-static-sudoers configure
option was specified. This was due to a typo introduced in sudo
1.9.7. GitHub PR #113.
For more details of the changes then view the ChangeLog file in the source tarball
or at https://www.sudo.ws/changes.html
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sat, 11 Sep 2021 10:57:44 +0000 (12:57 +0200)]
wget: Update to version 1.21.2
- Update from 1.21.1 to 1.21.2
- Update of rootfile not required
- Changelog
Noteworthy changes in release 1.21.2 (2021-09-07) - (user visible changes)
* Support for autoconf 2.71
* Fix a double free in FTP when using an absolute path
* Release tarballs no longer have a dependency on Python.
* --page-requisites will now also download links marked as "alternate
stylesheet" or "icon"
Full changelog is too long to include here but can be viewed in the ChangeLog file in
the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sun, 5 Sep 2021 20:45:30 +0000 (22:45 +0200)]
libarchive: Update to version 3.5.2
- Update from 3.5.1 to 3.5.2
- Update rootfile
- Changelog
Libarchive 3.5.2 is a feature and security release.
New minor features:
CPIO: Support for PWB and v7 binary cpio formats (#1502)
ZIP reader: Support of deflate algorithm in symbolic link decompression (#1509)
Important Security Fixes:
fix handling of symbolic link ACLs on Linux (#1565)
never follow symlinks when setting file flags on Linux (e2ad1a2)
do not follow symlinks when processing the fixup list (#1566)
Important Bugfixes:
fix extraction of hardlinks to symlinks (#1044)
7zip reader and writer fixes (#1480, #1532)
RAR reader fixes (#1504, #1521)
ZIP reader: fix excessive read for padded zip (#1514)
CAB reader: fix double free (#1520)
handle short writes from archive_write_callback (#1530)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Sep 2021 20:46:00 +0000 (22:46 +0200)]
libgcrypt: Update to version 1.9.4
- Update from 1.9.3 to 1.9.4
- Update rootfile
- Changelog
Release 1.9.4.
2021-08-22 Jussi Kivilinna <jussi.kivilinna@iki.fi>
mpi/longlong.h: fix missing macro parameter parentheses.
* mpi/longlong.h [__alpha] (umul_ppmm): Add parentheses around
used parameters.
[__i370__] (sdiv_qrnnd): Ditto.
[__mips__] (umul_ppmm): Ditto.
[__vax__] (sdiv_qrnnd): Ditto.
tests/t-mpi-point: add NIST curve multiplication test vectors.
* tests/t-mpi-point.c (mpi_base10_scan, check_ec_mul): New.
(main): Call 'check_ec_mul'.
2021-08-22 Werner Koch <wk@gnupg.org>
ecc: Fix bug in gcry_pk_get_param for Curve25519.
* cipher/ecc-curves.c (_gcry_ecc_get_param_sexp): Simplify.
* cipher/pubkey.c (map_algo): Also map EDDSA to ECC.
* tests/curves.c (check_get_params): Add simple param lookup tests by
for all curves.
2021-08-22 Johannes Schindelin via Gcrypt-devel <gcrypt-devel@gnupg.org>
build: Fix broken mlock detection.
* acinclude.m4 [GNUPG_CHECK_MLOCK]: Use size_t for the ptr test.
2021-08-22 Werner Koch <wk@gnupg.org>
cipher: Extend convenience OID mapping table for AES.
* cipher/rijndael.c: Add OIDs for GCM and CCM.
Minor tweak to gcry_free.
* src/global.c (_gcry_free): Avoid setting errno again if it did not
change.
2021-08-22 NIIBE Yutaka <gniibe@fsij.org>
random: Silence a warning for building rndjent by Clang.
* random/jitterentropy-base.c: Conditionalize by __OPTIMIZE__.
2021-08-22 Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
cipher: Fix memory leaks for EdDSA.
* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_genkey): Initialize point Q when used.
2021-08-22 NIIBE Yutaka <gniibe@fsij.org>
ecc: Check the input length for the point.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Check the length
of valid point representation.
2021-08-22 Jussi Kivilinna <jussi.kivilinna@iki.fi>
hwf-x86: fix use of wrong operand type.
* src/hwf-x86.c (get_cpuid): Use xchg for swapping %ebx back
and forth between operand register.
2021-05-27 NIIBE Yutaka <gniibe@fsij.org>
build: _DARWIN_C_SOURCE should be 1.
* configure.ac (*-apple-darwin*): Set _DARWIN_C_SOURCE 1.
2021-05-26 NIIBE Yutaka <gniibe@fsij.org>
cipher: Fix ElGamal encryption for other implementations.
* cipher/elgamal.c (gen_k): Remove support of smaller K.
(do_encrypt): Never use smaller K.
(sign): Folllow the change of gen_k.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 7 Sep 2021 11:03:03 +0000 (13:03 +0200)]
gzip: Update to version 1.11
- Update from 1.10 to 1.11
- Update of rootfile not required
- Changelog is too long to include here. Full details can be found in the ChangeLog file
in the source tarball
There 8 bug fixes listed in the changelog
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sun, 28 Nov 2021 22:16:25 +0000 (23:16 +0100)]
libtasn1: Update to version 4.18.0
- Update from 4.17.0 to 4.18.0
- Update of rootfile
- Changelog - Full details can be found in the ChangeLog file in the source tarball
* Noteworthy changes in release 4.18.0 (2021-11-09) [stable]
- Improve GTK-DOC manual. Closes: #35.
- Improve --help and --version for tools with gnulib. Closes: #37.
- Update gnulib files and various maintenance fixes.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Thu, 25 Nov 2021 18:16:49 +0000 (19:16 +0100)]
exfatprogs: Update to version 1.1.3
- Update from 1.1.2 to 1.1.3
- Update of rootfile not required
- Changelog
Version 1.1.3 - released 2021-11-11
CHANGES :
* mkfs.exfat: ensure that the cluster size is greater than or
equal than the sector size.
* mkfs.exfat: replace lseek() + write() with pwrite().
BUG FIXES :
* mkfs.exfat: prevent an integer overflow when computing the FAT
length.
* fsck.exfat: fix a double free memory error.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 29 Nov 2021 18:36:14 +0000 (19:36 +0100)]
glib: Update to version 2.70.1
- Update from 2.69.0 to 2.70.1
- Update of rootfile
- The internal_pcre otion was removed from glib with the release of 2.69.0
The build of glib by meson still worked as the missing option was only marked as a
warning. With the latest meson this missing option was marked as an error and stopped
the build.
glib no longer has an internal pcre capability and will always look for the system
version meaning that the internal_pcre=false is no longer required.
- This update of glib is combined with the meson update so that the combination builds
without errors.
- Changelog
Overview of changes in GLib 2.70.1
* Fix network changes not being signalled from NetworkManager (work by
Julian Andres Klode) (#2505)
* Fix build when building with --fatal-meson-warnings (work by Eli Schwartz) (!2304)
* Bugs fixed:
- #2505 g_network_monitor_nm never updates on connection change (listens for signal on wrong dbus interface)
- !2245 gdesktopappinfo: Do not call xterm when it does not exist, inform the caller the launch failed
- !2253 Backport !2251 “GString: Bump minimum size” to glib-2-70
- !2256 Backport !2254 “Small optimization for g_object_set” to glib-2-70
- !2259 Backport !2257 “Fix documentation for g_dbus_object_manager_get_object().” to glib-2-70
- !2262 Backport !2244 “gutils: Avoid segfault in g_get_user_database_entry” to glib-2-70
- !2271 Backport !2266 “fix uninitial variable” to glib-2-70
- !2276 Backport !2274 “Do not try to access errno after calling getpwnam_r.” to glib-2-70
- !2300 Backport !2285 “fix issues found by svace static code analyzer” to glib-2-70
- !2301 Backport !2293 “glib-private: Fix MSVC build with AddressSanitizer” to glib-2-70
- !2302 Backport !2291 “gnetworkmonitornm: Stop using removed PropertiesChanged signal” to glib-2-70
- !2304 meson: fix warnings for extract_all_objects function
Overview of changes in GLib 2.70.0
* Bugs fixed:
- !2248 ci: Replace FreeBSD 11 with FreeBSD 13
* Translation updates:
- Croatian
- Danish
- English (United Kingdom)
- French
- German
- Hungarian
- Polish
- Swedish
- Turkish
Overview of changes in GLib 2.69.3
* Bugs fixed:
- #2425 g_settings_schema_key_range_check() misbehaves for int versus bool
- #2472 Compiling anything with GCC <4.6 spews deprecation warnings
- #2477 `g_invoke_closure` bindings API break.
- #2481 GPowerProfileMonitorPortal does not notice initial power-saver-enabled status
- !2219 doc: Explicitly said, that no null term. is needed
- !2238 ci: Use C.UTF-8 locale on FreeBSD 12
- !2240 gio: Fix conditions in memory-monitor test
* Translation updates:
- Basque
- Catalan
- Chinese (China)
- Galician
- Kazakh
- Korean
- Lithuanian
- Romanian
Overview of changes in GLib 2.69.2
* The `DBUS_SESSION_BUS_ADDRESS` environment variable is once more not used if
the process is `AT_SECURE` (setuid/setgid/setcap); this change was previously
applied and then reverted because it broke gnome-keyring (#2316)
* Add `g_test_fail_printf()`, `g_test_skip_printf()`,
`g_test_incomplete_printf()` helper functions for printing messages when tests
end prematurely (work by Simon McVittie) (!2215)
* Add portal implementation of `GPowerProfileMonitor` (work by
Bastien Nocera) (!2222)
* Bugs fixed:
- #2316 Re-harden DBUS_SESSION_BUS_ADDRESS for AT_SECURE processes in GLib 2.70
- #2343 Document explicitly refcount mgmt of source-object during GAsyncReadyCallbacks
- #2454 Read past the end of buffer in g_win32_package_parser_enum_packages
- #2456 Frequent test failure on FreeBSD: glib/tests/thread-pool.c:197:test_thread_pool_full: 'free_func_called' should be TRUE
- !2157 tests: Add missing wakeup calls to gdbus-names test
- !2165 docs: Mention the stable/unstable support version in README.md
- !2211 Improve documentation of various TLS stuff
- !2215 gtestutils: Add more convenience functions
- !2216 tests: Fix error handling when testing gtestutils
- !2222 gio: Add portal version of GPowerProfileMonitor
- !2224 Docs: Mention that G_VA_COPY() must be followed by `va_end()`
- !2225 build: Fix implicit declaration of function errors
- !2226 Annotate the GString constructors
* Translation updates:
- Czech
- Hebrew
- Slovenian
- Spanish
- Swedish
Overview of changes in GLib 2.69.1
* Support categories in desktop notifications (`GNotification`)
(work by Guido Günther) (#2446)
* Add `GPowerProfileMonitor` for monitoring when to use less power (due to being
on battery power, electricity being expensive or high-carbon, etc.)
(work by Patrick Griffis, Bastien Nocera) (#2444)
* Allow static names to be set for `GSource`s to avoid unnecessary string copies
(work by Matthias Clasen) (!2196)
* Bugs fixed:
- #203 API: need g_module_open() variant with GError
- #2058 win32: GPrivate can leak some objects
- #2321 Add a GTypeFlag for final types
- #2429 safe_fdwalk/safe_closefrom for Solaris 11.3/11.4
- #2439 gio trash doesn't recognize existing trash directory in non-fs-root mount
- #2446 Support `categories` for notifications
- #2452 g_string_replace() loops 2**32 times when replacing empty string
- !2177 gio/tests/g-file-info: don't assume million-in-one events don't happen
- !2178 Clarify GValue documentation
- !2179 Update GValue doc: How to use GBoxed with GValue
- !2180 correctly use 3 parameters for close_range
- !2181 gclosure: Fix the invoke() return_value annotation
- !2182 glocalfileinfo: Fix usec/nsec confusion with filetimes on Windows
- !2184 gspawn: Use CLOSE_RANGE_CLOEXEC if available
- !2188 g_boxed_type_register_static, G_DEFINE_BOXED_TYPE: added correlating information
- !2192 Fix more warnings
- !2193 glib.supp: Expand match kinds for g_get_language_names() suppressions
- !2194 Add GPowerProfileMonitor
- !2195 Fix some test suite memory leaks
- !2196 mainloop: Add g_source_set_static_name
- !2197 GResource compiler: Prefix static [con|de]strutors with c_name
- !2198 Port internal uses to use g_source_set_static_name()
- !2200 Fix doc stanzas for GDataInputStream properties
- !2201 Fix a Unicode typo
- !2202 Document the stance on ID-based mainloop APIs
- !2204 tests: Add a test for Unicode normalization
- !2205 GWin32RegistryKey / GWin32AppInfo registry watch fixes
- !2206 Adapt documentation to gi-docgen
- !2210 GWin32AppInfo: Fix missing initialization
* Translation updates:
- Indonesian
- Portuguese
- Portuguese (Brazil)
- Russian
- Ukrainian
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Mon, 29 Nov 2021 18:36:13 +0000 (19:36 +0100)]
meson: Update to version 0.60.1
- Update from 0.59.2 to 0.60.1
- Update of rootfile
- Changelog is too large to include here. The details can be seen and read at
https://github.com/mesonbuild/meson/blob/master/docs/markdown/Release-notes-for-0.60.0.md
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Sun, 28 Nov 2021 22:16:41 +0000 (23:16 +0100)]
ncurses: Update to version 6.3
- Update from 6.2 to 6.3
- Update of rootfile
- Changelog is too large to include here (~800 lines)
Full details can be found in the NEWS file in the source tarball.
Around 10 bug fixes included in this release.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 1 Dec 2021 12:30:00 +0000 (13:30 +0100)]
sqlite: Update to version 3.37.0
- Update from 3.36.0 to 3.37.0
- Update of rootfile not required
- Changelog
Release 3.37.0 On 2021-11-27
STRICT tables provide a prescriptive style of data type management, for developers
who prefer that kind of thing.
When adding columns that contain a CHECK constraint or a generated column containing
a NOT NULL constraint, the ALTER TABLE ADD COLUMN now checks new constraints against
preexisting rows in the database and will only proceed if no constraints are violated.
Added the PRAGMA table_list statement.
CLI enhancements:
Add the .connection command, allowing the CLI to keep multiple database
connections open at the same time.
Add the --safe command-line option that disables dot-commands and SQL statements
that might cause side-effects that extend beyond the single database file named
on the command-line.
Performance improvements when reading SQL statements that span many lines.
Added the sqlite3_autovacuum_pages() interface.
The sqlite3_deserialize() does not and has never worked for the TEMP database. That
limitation is now noted in the documentation.
The query planner now omits ORDER BY clauses on subqueries and views if removing
those clauses does not change the semantics of the query.
The generate_series table-valued function extension is modified so that the first
parameter ("START") is now required. This is done as a way to demonstrate how to
write table-valued functions with required parameters. The legacy behavior is
available using the -DZERO_ARGUMENT_GENERATE_SERIES compile-time option.
Added new sqlite3_changes64() and sqlite3_total_changes64() interfaces.
Added the SQLITE_OPEN_EXRESCODE flag option to sqlite3_open_v2().
Use less memory to hold the database schema.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 1 Dec 2021 12:28:44 +0000 (13:28 +0100)]
qemu: Update to version 6.1.0
- Update from 5.2.0 to 6.1.0
- Update of rootfile
- Removal of --no-pie patch as the changes are now built into the qemu source files
- Changelog is too long to fully include here. Full details can be read at
https://wiki.qemu.org/ChangeLog/
Following are the deprecated options and features from each version.
6.1.0
Using non-persistent backing file with pmem=on is now deprecated.
'-display sdl,window_close=...' should be replaced with '-display sdl,window-close=...'
(i.e. with a minus instead of an underscore between “window” and “close”).
'-no-quit' is deprecated. '-display ...,window-close=off' should be used instead.
The Aspeed swift-bmc machine is deprecated and should be replaced by the
witherspoon-bmc or the romulus-bmc machines.
6.0.0
The --enable-fips option has been deprecated. Consumers wishing to have FIPS
compliance must build QEMU with libcrypt and gnutls, NOT nettle.
The -writeconfig option has been deprecated. The functionality of -writeconfig is
limited and the code does not even try to detect cases where it prints incorrect
syntax (for example if values have a quote in them). It will be removed without
replacement.
Boolean parameters such as share=on / share=off could be written in short form as
share and noshare. This is now deprecated and will cause a warning.
-chardev backend aliases tty and parport are aliases that will be removed. Instead,
the actual backend names serial and parallel should be used.
The delay option for socket character devices is now deprecated.
Userspace local APIC with KVM (-M kernel-irqchip=off)
hexadecimal sizes with scaling multipliers (e.g. 0x20M)
-spice password=string is deprecated now. Use password-secret option instead.
opened property of rng-* objects
loaded property of secret and secret_keyring
MIPS Trap-and-Emulate KVM support
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 1 Dec 2021 12:29:45 +0000 (13:29 +0100)]
socat: Update to version 1.7.4.2
- Update from 1.7.3.4 to 1.7.4.2
- Update fo rootfile not required
- Changelog is too long to include here. Full details can be found in the CHANGES file in
the source tarball. Following is summary notes for each release from website
1.7.4.2 fixes a lot of bugs, e.g., for options -r and -R.
1.7.4.1 fixes compilation on 32 bit systems and file transfer with OpenSSL.
1.7.4.0 fixes a couple of bugs including a very theoretical security issue,
restauration of DTLS using UDP, some porting issues, and last but not
least several new features: VSOCK support, OpenSSL SNI, raw data dump, and more.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Peter Müller [Fri, 3 Dec 2021 21:09:19 +0000 (22:09 +0100)]
Core Update 163: Ship Squid 4.16
Since the patches for Squid 5.x are still awaiting some feedback
regarding the number of file descriptors, shipping the latest version of
Squid's 4.x branch is a reasonable interim solution to have known bugs
and security vulnerabilities covered.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Adolf Belka [Wed, 1 Dec 2021 12:29:19 +0000 (13:29 +0100)]
sdparm: Update version to 1.12
- Update from 1.10 to 1.12
- Update of rootfile not required
- Changelog
sdparm-1.12 [20210421] [svn: r347]
- add Command duration limits T2A and T2B mpages
- add Sequestered command fields in Control extension mpage
- SAS/SPL disconnect-reconnect mpage: BILUNIT and CTLUNIT
fields added (21-021r3)
- vpd: SCSI Feature Sets [0x92]: add ZBC feature sets
- add SAT ATA Feature control mpage (20-085r4)
- block device char vpd page: add zoned strings
- expand Out of band management control mpage (spl5r08)
- vpd: add Format presets and Concurrent positioning
ranges pages
- vpd: standard inquiry: add hot_pluggable field
- sg_lib: allows access to cache mpage's WCE for nvme
- start using autoconf 2.70
- point svn:externals to sg3_utils release 1.46 (rev 891)
sdparm-1.11 [20200303] [svn: r334]
- Allow ZBC mode pages to use existing SBC mpages
as permitted by zbc2r04 chapter 6.4.1 table 70
- add --out_mask=OM option for mode page control
bitmask (current, changeable, default and/or saveable)
- add --examine option to iterate over mode+vpd pages
- add Out of band management control mpage (spl5r01)
- expand SAS configure port mode page [0x19,0x2] with
configure port mode fields (spl5r07)
- accept additional transport acronyms (e.g. ib for srp)
- power condition mpage: rename fields IDLE->IDLE_A;
STANDBY->STANDBY_Z; ICT->IACT and SCT->SZCT
- device configuration extension mpage: expand PEWS
field with added PE_UN (PEWS units) field (ssc5r05)
- add Zoned block device control mpage (zbc2r04a)
- --defaults option can be used twice: reverts all
pages to their defaults (new in spc5r11, RTD bit)
- vpd: decode TransportIDs in SCSI port page
- --all option used twice lists all VPD pages
- decode SCSI Feature sets page (spc5r16)
- extended inquiry data, sync with spc5r09 + sbc4r11
- 3 party copy page improvements including
Copy group identifier
- block limits and block limit extension VPD pages:
add extra info about corner cases
- add maximum inquiry|mode_page change logs fields
to extended inquiry vpd page (spc5r17)
- fully implement Device constituents VPD page
- command=capacity with --long force read capacity(16)
with full reporting of response
- --wscan option: expand bus type to include NVMe
- mode page output with -HHH suitable for --inhex=
- add flexible geometery page (obsolete) sbc2r00
- point svn:externals to rev 843 of sg3_utils [v 1.45]
- convert many two valued 'int's to bool
- shellcheck corrections on scripts
- upgrade automake to version 1.15 (U16.04)
- rework configure.ac and src/Makefile.am
- add --enable-debug to ./configure
- update BSD license from 3 to 2 clause aka FreeBSD
license (without reference to FreeBSD project)
- debian: bump compat file contents from 7 to 10
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
projects / ipfire-2.x.git / log
