Adolf Belka [Sat, 19 Nov 2022 17:51:48 +0000 (18:51 +0100)]
libpipeline: Update to version 1.5.7
- Update from 1.5.6 to 1.5.7
- Update of rootfile
- Changelog
Version: 1.5.7
* lib/Makefile.am (libpipeline_la_LDFLAGS): Bump -version-info to 6:7:5.
Make socketpair configure tests compatible with C23
K&R-style zero-argument function definitions will no longer be
permitted.
* m4/pipeline-socketpair.m4 (PIPELINE_SOCKETPAIR_PIPE,
PIPELINE_SOCKETPAIR_MODE): Use `int main(void)`, not `int main()`.
* NEWS.md: Document this.
Update pre-commit hooks
* .pre-commit-config.yaml (pre-commit-hooks): Update to v4.3.0.
(clang-format): Update to v14.0.6.
Update manual page date
* man/libpipeline.3 (.Dd): Update to the date of the last substantial
modification. Leaving this as 2010 suggested more antiquity than we
need to suggest.
Update home page URL
* README.md: Use `https://libpipeline.gitlab.io/libpipeline/`.
* lib/libpipeline.pc.in (URL): Likewise.
web: Update last release
* web/index.html: Update to 1.5.6.
web: Fix last-modified date generation
* .gitlab-ci.yml: Replace `@DATE@` with the current date in
`public/index.html`.
* web/index.html: Use `@DATE@` template.
web: Assorted URL updates
* web/index.html: Update Git URLs to GitLab. Chase various redirects
and/or switch to HTTPS. Remove old Savannah link.
Add GitLab Pages site
* .gitlab-ci.yml (stages): Add deploy.
(pages): New job.
* web/index.html, web/libpipeline-lightning-talk.odp, web/standard.css,
web/white.css: New files.
Transferred Git repository to new group
* README.md: Change GitLab URL to
https://gitlab.com/libpipeline/libpipeline.
* NEWS.md: Document this.
Add notes to libpipeline(3) of when functions were added
* man/libpipeline.3 (DESCRIPTION, ENVIRONMENT): Add various "Added in"
notes.
* NEWS.md: Document this.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sat, 19 Nov 2022 17:51:35 +0000 (18:51 +0100)]
libassuan: Update to version 2.5.5
- Update from 2.5.4 to 2.5.5
- Update of rootfile
- Changelog
Release 2.5.5.
Support Unicode when starting servers on Windows.
* src/assuan-socket.c (utf8_to_wchar): Rename to
(_assuan_utf8_to_wchar): this and give global scope.
* src/system-w32.c (__assuan_spawn): Use CreateProcessW.
m4: Update with newer autoconf constructs.
* src/libassuan.m4: Replace AC_HELP_STRING to AS_HELP_STRING.
build: Update to newer autoconf constructs.
* configure.ac: Use AC_CONFIG_HEADERS instead of AM_CONFIG_HEADER.
Use AC_USE_SYSTEM_EXTENSIONS instead of AC_GNU_SOURCE.
Use AS_HELP_STRING instead of AC_HELP_STRING.
(AC_TYPE_SIGNAL): Remove.
(AC_DECL_SYS_SIGLIST): Remove.
* m4/Makefile.am (EXTRA_DIST): Update.
* m4/gnupg-pth.m4: Remove.
* m4/onceonly.m4: Remove.
* m4/socklen.m4: Update from gnulib.
* m4/libtool.m4: Update from libgpg-error.
* m4/gpg-error.m4: Update from libgpg-error.
Fix crash when logging.
* src/assuan-logging.c (_assuan_log_control_channel): Use gpgrt_malloc.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sat, 19 Nov 2022 14:40:34 +0000 (15:40 +0100)]
readline: Update to version 8.2 plus patch 1
- Update from version 8.1 to 8.2 plus patch 1
- Update of rootfile
- Changelog
version 8.2
There is a new framework for readline timeouts, including new public
functions to set timeouts and query how much time is remaining before a
timeout hits, and a hook function that can trigger when readline times out.
There is a new state value to indicate a timeout. There is a new option:
`enable-active-region'. This separates control of the active region and
bracketed-paste. It has the same default value as bracketed-paste, and
enabling bracketed paste enables the active region. Users can now turn off
the active region while leaving bracketed paste enabled. Two new bindable
string variables are available; their values are terminal escape sequences
that set the color used to display the active region and turn it off,
respectively. If set, these are used in place of terminal standout mode.
Finally, Readline now checks for changes to locale settings
(LC_ALL/LC_CTYPE/LANG) each time it is called, and modifies the appropriate
locale-specific display and key binding variables when the locale changes.
There are a few bug fixes in the redisplay code when restoring the prompt
after a digit-argument prompt or incremental search back to a prompt that
contains invisible multibyte characters. There are more checks for read
errors, especially in the middle of readline commands; previous versions
could loop or return incorrect data. Full details are below.
GNU Readline is a library which provides programs with an input
facility including command-line editing and history. Editing
commands similar to both emacs and vi are included. The GNU
History library, which provides facilities for managing a list of
previously-typed command lines and an interactive command line
recall facility similar to that provided by csh, is also present.
The history library is built as part of the readline as well as
separately.
1. Changes to Readline
a. Fixed a problem with cleaning up active marks when using callback mode.
b. Fixed a problem with arithmetic comparison operators checking the version.
c. Fixed a problem that could cause readline not to build on systems without
POSIX signal functions.
d. Fixed a bug that could cause readline to crash if the application removed
the callback line handler before readline read all typeahead.
e. Added additional checks for read errors in the middle of readline commands.
f. Fixed a redisplay problem that occurred when switching from the digit-
argument prompt `(arg: N)' back to the regular prompt and the regular
prompt contained invisible characters.
g. Fixed a problem with restoring the prompt when aborting an incremental
search.
h. Fix a problem with characters > 128 not being displayed correctly in certain
single-byte encodings.
i. Fixed a problem with unix-filename-rubout that caused it to delete too much
when applied to a pathname consisting only of one or more slashes.
j. Fixed a display problem that caused the prompt to be wrapped incorrectly if
the screen changed dimensions during a call to readline() and the prompt
became longer than the screen width.
k. Fixed a problem that caused the \r output by turning off bracketed paste
to overwrite the line if terminal echo was disabled.
l. Fixed a bug that could cause colored-completion-prefix to not display if
completion-prefix-display-length was set.
m. Fixed a problem with line wrapping prompts when a group of invisible
characters runs to the right edge of the screen and the prompt extends
longer then the screen width.
n. Fixed a couple problems that could cause rl_end to be set incorrectly by
transpose-words.
o. Prevent some display problems when running a command as the result of a
trap or one bound using `bind -x' and the command generates output.
p. Fixed an issue with multi-line prompt strings that have one or more
invisible characters at the end of a physical line.
q. Fixed an issue that caused a history line's undo list to be cleared when
it should not have been.
r. When replacing a history entry, make sure the existing entry has a non-NULL
timestamp before copying it; it may have been added by the application, not
the history library.
2. New Features in Readline
a. There is now an HS_HISTORY_VERSION containing the version number of the
history library for applications to use.
b. History expansion better understands multiple history expansions that may
contain strings that would ordinarily inhibit history expansion (e.g.,
`abc!$!$').
c. There is a new framework for readline timeouts, including new public
functions to set timeouts and query how much time is remaining before a
timeout hits, and a hook function that can trigger when readline times
out. There is a new state value to indicate a timeout.
d. Automatically bind termcap key sequences for page-up and page-down to
history-search-backward and history-search-forward, respectively.
e. There is a new `fetch-history' bindable command that retrieves the history
entry corresponding to its numeric argument. Negative arguments count back
from the end of the history.
f. `vi-undo' is now a bindable command.
g. There is a new option: `enable-active-region'. This separates control of
the active region and bracketed-paste. It has the same default value as
bracketed-paste, and enabling bracketed paste enables the active region.
Users can now turn off the active region while leaving bracketed paste
enabled.
h. rl_completer_word_break_characters is now `const char *' like
rl_basic_word_break_characters.
i. Readline looks in $LS_COLORS for a custom filename extension
(*.readline-colored-completion-prefix) and uses that as the default color
for the common prefix displayed when `colored-completion-prefix' is set.
j. Two new bindable string variables: active-region-start-color and
active-region-end-color. The first sets the color used to display the
active region; the second turns it off. If set, these are used in place
of terminal standout mode.
k. New readline state (RL_STATE_EOF) and application-visible variable
(rl_eof_found) to allow applications to detect when readline reads EOF
before calling the deprep-terminal hook.
l. There is a new configuration option: --with-shared-termcap-library, which
forces linking the shared readline library with the shared termcap (or
curses/ncurses/termlib) library so applications don't have to do it.
m. Readline now checks for changes to locale settings (LC_ALL/LC_CTYPE/LANG)
each time it is called, and modifies the appropriate locale-specific display
and key binding variables when the locale changes.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sat, 19 Nov 2022 14:40:05 +0000 (15:40 +0100)]
bash: Update to version 5.2 plus patches 1 to 9
- Update from version 5.1.16 to version 5.2 plus patches 1 to 9
- Update of rootfile
- Changelog
This is a terse description of the new features added to bash-5.2 since
the release of bash-5.1. As always, the manual page (doc/bash.1) is
the place to look for complete descriptions.
1. New Features in Bash
a. The bash malloc returns memory that is aligned on 16-byte boundaries.
b. There is a new internal timer framework used for read builtin timeouts.
c. Rewrote the command substitution parsing code to call the parser recursively
and rebuild the command string from the parsed command. This allows better
syntax checking and catches errors much earlier. Along with this, if
command substitution parsing completes with here-documents remaining to be
read, the shell prints a warning message and reads the here-document bodies
from the current input stream.
d. The `ulimit' builtin now treats an operand remaining after all of the options
and arguments are parsed as an argument to the last command specified by
an option. This is for POSIX compatibility.
e. Here-document parsing now handles $'...' and $"..." quoting when reading the
here-document body.
f. The `shell-expand-line' and `history-and-alias-expand-line' bindable readline
commands now understand $'...' and $"..." quoting.
g. There is a new `spell-correct-word' bindable readline command to perform
spelling correction on the current word.
h. The `unset' builtin now attempts to treat arguments as array subscripts
without parsing or expanding the subscript, even when `assoc_expand_once'
is not set.
i. There is a default value for $BASH_LOADABLES_PATH in config-top.h.
j. Associative array assignment and certain instances of referencing (e.g.,
`test -v' now allow `@' and `*' to be used as keys.
k. Bash attempts to expand indexed array subscripts only once when executing
shell constructs and word expansions.
l. The `unset' builtin allows a subscript of `@' or `*' to unset a key with
that value for associative arrays instead of unsetting the entire array
(which you can still do with `unset arrayname'). For indexed arrays, it
removes all elements of the array without unsetting it (like `A=()').
m. Additional builtins (printf/test/read/wait) do a better job of not
parsing array subscripts if array_expand_once is set.
n. New READLINE_ARGUMENT variable set to numeric argument for readline commands
defined using `bind -x'.
o. The new `varredir_close' shell option causes bash to automatically close
file descriptors opened with {var}<fn and other styles of varassign
redirection unless they're arguments to the `exec' builtin.
p. The `$0' special parameter is now set to the name of the script when running
any (non-interactive) startup files such as $BASH_ENV.
q. The `enable' builtin tries to load a loadable builtin using the default
search path if `enable name' (without any options) attempts to enable a
non-existent builtin.
r. The `printf' builtin has a new format specifier: %Q. This acts like %q but
applies any specified precision to the original unquoted argument, then
quotes and outputs the result.
s. The new `noexpand_translations' option controls whether or not the translated
output of $"..." is single-quoted.
t. There is a new parameter transformation operator: @k. This is like @K, but
expands the result to separate words after word splitting.
u. There is an alternate array implementation, selectable at `configure' time,
that optimizes access speed over memory use (use the new configure
--enable-alt-array-implementation option).
v. If an [N]<&WORD- or [N]>&WORD- redirection has WORD expand to the empty
string, treat the redirection as [N]<&- or [N]>&- and close file descriptor
N (default 0).
w. Invalid parameter transformation operators are now invalid word expansions,
and so cause fatal errors in non-interactive shells.
x. New shell option: patsub_replacement. When enabled, a `&' in the replacement
string of the pattern substitution expansion is replaced by the portion of
the string that matched the pattern. Backslash will escape the `&' and
insert a literal `&'.
y. `command -p' no longer looks in the hash table for the specified command.
z. The new `--enable-translatable-strings' option to `configure' allows $"..."
support to be compiled in or out.
aa. The new `globskipdots' shell option forces pathname expansion never to
return `.' or `..' unless explicitly matched. It is enabled by default.
bb. Array references using `@' and `*' that are the value of nameref variables
(declare -n ref='v[@]' ; echo $ref) no longer cause the shell to exit if
set -u is enabled and the array (v) is unset.
cc. There is a new bindable readline command name:
`vi-edit-and-execute-command'.
dd. In posix mode, the `printf' builtin checks for the `L' length modifier and
uses long double for floating point conversion specifiers if it's present,
double otherwise.
ee. The `globbing' completion code now takes the `globstar' option into account.
ff. `suspend -f' now forces the shell to suspend even if job control is not
currently enabled.
gg. Since there is no `declare -' equivalent of `local -', make sure to use
`local -' in the output of `local -p'.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 3390200 to 3400000
- Update of rootfile not required
- Changelog
version 3.40.0 On 2022-11-16
Add support for compiling SQLite to WASM and running it in web browsers. NB: The WASM build and its interfaces are considered "beta" and are subject to minor changes if the need arises. We anticipate finalizing the interface for the next release.
Add the recovery extension that might be able to recover some content from a corrupt database file.
Query planner enhancements:
Recognize covering indexes on tables with more than 63 columns where columns beyond the 63rd column are used in the query and/or are referenced by the index.
Extract the values of expressions contained within expression indexes where practical, rather than recomputing the expression.
The NOT NULL and IS NULL operators (and their equivalents) avoid loading the content of large strings and BLOB values from disk.
Avoid materializing a view on which a full scan is performed exactly once. Use and discard the rows of the view as they are computed.
Allow flattening of a subquery that is the right-hand operand of a LEFT JOIN in an aggregate query.
A new typedef named sqlite3_filename is added and used to represent the name of a database file. Various interfaces are modified to use the new typedef instead of "char*". This interface change should be fully backwards compatible, though it might cause (harmless) compiler warnings when rebuilding some legacy applications.
Add the sqlite3_value_encoding() interface.
Security enhancement: SQLITE_DBCONFIG_DEFENSIVE is augmented to prohibit changing the schema_version. The schema_version becomes read-only in defensive mode.
Enhancements to the PRAGMA integrity_check statement:
Columns in non-STRICT tables with TEXT affinity should not contain numeric values.
Columns in non-STRICT tables with NUMERIC affinity should not contain TEXT values that could be converted into numbers.
Verify that the rows of a WITHOUT ROWID table are in the correct order.
Enhance the VACUUM INTO statement so that it honors the PRAGMA synchronous setting.
Enhance the sqlite3_strglob() and sqlite3_strlike() APIs so that they are able to accept NULL pointers for their string parameters and still generate a sensible result.
Provide the new SQLITE_MAX_ALLOCATION_SIZE compile-time option for limiting the size of memory allocations.
Change the algorithm used by SQLite's built-in pseudo-random number generator (PRNG) from RC4 to Chacha20.
Allow two or more indexes to have the same name as long as they are all in separate schemas.
Miscellaneous performance optimizations result in about 1% fewer CPU cycles used on typical workloads.
version 3.39.3 (2022-09-05):
Use a statement journal on DML statement affecting two or more database rows if the statement makes use of a SQL functions that might abort. See forum thread 9b9e4716c0d7bbd1.
Use a mutex to protect the PRAGMA temp_store_directory and PRAGMA data_store_directory statements, even though they are deprecated and documented as not being threadsafe. See forum post 719a11e1314d1c70.
Other bug and warning fixes. See the timeline for details.
version 3.39.4 (2022-09-29):
Fix the build on Windows so that it works with -DSQLITE_OMIT_AUTOINIT
Fix a long-standing problem in the btree balancer that might, in rare cases, cause database corruption if the application uses an application-defined page cache.
Enhance SQLITE_DBCONFIG_DEFENSIVE so that it disallows CREATE TRIGGER statements if one or more of the statements in the body of the trigger write into shadow tables.
Fix a possible integer overflow in the size computation for a memory allocation in FTS3.
Fix a misuse of the sqlite3_set_auxdata() interface in the ICU Extension.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 18 Nov 2022 22:51:36 +0000 (23:51 +0100)]
openssl: Update to version 1.1.1s
- Update from version 1.1.1q to 1.1.1s
- Update of rootfile
- Changelog
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
*) Fixed a regression introduced in 1.1.1r version not refreshing the
certificate data to be signed before signing the certificate.
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
*) Fixed the linux-mips64 Configure target which was missing the
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
platform.
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
causing incorrect results in some cases as a result.
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
report correct results in some cases
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
different key sizes
*) Added the loongarch64 target
*) Fixed a DRBG seed propagation thread safety issue
*) Fixed a memory leak in tls13_generate_secret
*) Fixed reported performance degradation on aarch64. Restored the
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
The new algorithm is still used for 32 bit targets.
*) Added a missing header for memcmp that caused compilation failure on some
platforms
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 18 Nov 2022 22:51:21 +0000 (23:51 +0100)]
dehydrated: Update to version 0.7.1
- Update from version 0.7.0 to 0.7.1
- Update of rootfile not required
- Changelog
## [0.7.1] - 2022-10-31
## Changed
- `--force` no longer forces domain name revalidation by default, a new argument `--force-validation` has been added for that
- Added support for EC secp521r1 algorithm (works with e.g. zerossl)
- `EC PARAMETERS` are no longer written to privkey.pem (didn't seem necessary and was causing issues with various software)
## Fixed
- Requests resulting in `badNonce` errors are now automatically retried (fixes operation with LE staging servers)
- Deprecated `egrep` usage has been removed
## Added
- Implemented EC for account keys
- Domain list now also read from domains.txt.d subdirectory (behaviour might change, see docs)
- Implemented RFC 8738 (validating/signing certificates for IP addresses instead of domain names) support (this will not work with most public CAs, if any!)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 18 Nov 2022 22:50:43 +0000 (23:50 +0100)]
libnetfilter_conntrack: Update to version 1.0.9
- Update from version 1.0.8 to 1.0.9
- Update of rootfile
- Changelog
1.0.9
This release comes with the new nfct_nlmsg_build_filter() function that
allows to add metadata for kernel-side filtering of conntrack entries
during conntrack table dump.
The nfct_query() API supports the new NFCT_Q_FLUSH_FILTER argument,
it allows to flush only ipv4 or ipv6 entries from the connection
tracking table.
nfct_snprint family of functions have been updated.
SCTP conntrack entries now support 'heartbeat sent/acked' state.
Entries offloaded to hardware include '[HW_OFFLOAD]' in the formatted
output string.
Notable bugs fixed with this release include:
Fix buffer overflows and out-of-bounds accesses in the
nfct_snprintf() functions.
nfct_nlmsg_build() did not work for ICMP flows unless all ICMP attributes
were set in the reply tuple too, this affected the 'conntrack' tool
where updates (e.g. setting the conntrack mark to a different value)
of ICMP flows would not work.
- Detailed Changes
src: Handle negative snprintf return values properly
src: Fix nfexp_snprintf return value docs
conntrack: Replace strncpy with snprintf to improve null byte handling
conntrack: Fix incorrect snprintf size calculation
include: Add ARRAY_SIZE() macro
conntrack: Fix buffer overflow on invalid icmp type in setters
conntrack: Move icmp request>reply type mapping to common file
conntrack: Fix buffer overflow in protocol related snprintf functions
conntrack: Fix buffer overflows in __snprintf_protoinfo* like in *2str fns
examples: check return value of nfct_nlmsg_build()
libnetfilter_conntrack.pc.in: add LIBMNL_LIBS to Libs.Private
conntrack: dccp print function should use dccp state
conntrack: sctp: update states
include: add CTA_STATS_CLASH_RESOLVE
include: sync uapi header with nf-next
src: add support for status dump filter
include: add CTA_STATS_CHAIN_TOOLONG from linux 5.15 uapi
libnetfilter_conntrack: bump version to 1.0.9
build: use the right automake variables
Update .gitignore
build: update obsolete autoconf macros
conntrack: fix invmap_icmpv6 entries
conntrack: Don't use ICMP attrs in decision to build repl tuple
src: add IPS_HW_OFFLOAD flag
conntrack: add flush filter command
build: missing internal/proto.h in Makefile.am
conntrack: add nfct_nlmsg_build_filter() helper
conntrack: don't cancel nest on unknown layer 4 protocols
tests: Fix for missing qa-connlabel.conf in tarball
tests: Add simple tests to TESTS variable
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 18 Nov 2022 22:50:42 +0000 (23:50 +0100)]
conntrack-tools: Update to version 1.4.7
- Update from 1.4.6 to 1.4.7
- Update of rootfile not required
- Requires update fo libnetfilter_conntrack from 1.0.8 to 1.0.9
- Changelog
conntrack-tools 1.4.7
This release contains new features:
* IPS_HW_OFFLOAD flag specifies that a conntrack entry has been
offloaded into the hardware
* 'clash_resolve' and 'chaintoolong' stats counters
* Default to unspec family if '-f' flag is absent to improve support for
dual-stack setups
* Support filtering events by IP address family
* Support flushing per IP address family
* Add "save" output format representing data in conntrack parameters
* Support loading conntrack commands from a batch file, e.g. generated
by "save" output format
* Annotate portid in events by the program name (if found)
* Accept yes/no as synonyms to on/off in conntrackd.conf
* Support user space helper auto-loading upon daemon startup, relieving
users from manual 'nfct add helper' calls
* Filter dumps by status on kernel side if possible
* Accept to filter for any status other than SEEN_REPLY using
'UNREPLIED'
* Use libmnl internally
* Reuse netlink socket for improved performance with bulk CT entry loads
* Remove '-o userspace' flag and always tag user space triggered events
* Introduce '-A' command, a variant of '-I' which does not fail if the
entry exists already
... and fixes:
* ICMP entry creation would fail when reply data was specified
* Sync zone value also
* Log external inject problems as warning only
* Endianness bug parsing IP addresses
* Ignore conntrack ID when looking up cache entries to allow for stuck
old ones to be replaced eventually
* Broken parsing of IPv6 M-SEARCH requests in ssdp cthelper
* Eliminate the need for lazy binding in nfct
* Fix for use of unknown protocol values
* Sanitize protocol value parsing, catch illegal values
* Ensure unknown protocol values are included in '-o save' dumps
... and documentation updates:
* Fixed examples in manual
* Refer to nf_conntrack sysctl instead of the deprecated ip_conntrack
one
* Misc updates to the manual
* Add an older example script creating an active-active setup using the
cluster match
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Some users assume that "check filesystem" does more than just
trigger a simple "fsck" run. This patch changes the button label to avoid
confusion. - NL translation
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
Matthias Fischer [Fri, 18 Nov 2022 19:19:26 +0000 (20:19 +0100)]
bind: Update to 9.16.35
For details for 9.16.35 and 9.16.34 (we skipped the last) see:
https://downloads.isc.org/isc/bind9/9.16.35/doc/arm/html/notes.html#notes-for-bind-9-16-35
"Notes for BIND 9.16.35
Bug Fixes
A crash was fixed that happened when a dnssec-policy zone that used
NSEC3 was reconfigured to enable inline-signing. [GL #3591]
In certain resolution scenarios, quotas could be erroneously reached
for servers, including any configured forwarders, resulting in SERVFAIL
answers being sent to clients. This has been fixed. [GL #3598]
rpz-ip rules in response-policy zones could be ineffective in some
cases if a query had the CD (Checking Disabled) bit set to 1. This has
been fixed. [GL #3247]
Previously, if Internet connectivity issues were experienced during the
initial startup of named, a BIND resolver with dnssec-validation set to
auto could enter into a state where it would not recover without
stopping named, manually deleting the managed-keys.bind and
managed-keys.bind.jnl files, and starting named again. This has been
fixed. [GL #2895]
The statistics counter representing the current number of clients
awaiting recursive resolution results (RecursClients) could overflow in
certain resolution scenarios. This has been fixed. [GL #3584]
Previously, BIND failed to start on Solaris-based systems with hundreds
of CPUs. This has been fixed. [GL #3563]
When a DNS resource record’s TTL value was equal to the resolver’s
configured prefetch “eligibility” value, the record was erroneously not
treated as eligible for prefetching. This has been fixed. [GL #3603]
...
Notes for BIND 9.16.34
Bug Fixes
Changing just the TSIG key names for primaries in catalog zones’ member
zones was not effective. This has been fixed. [GL #3557]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Minor adjustments to make it apply to the current state of "next", and
removal of chown operation in OpenSSL's LFS file, which would have lead
to the Diffie-Hellman group file being writable by nobody, for which
there is no necessity.
Fixes: #12632
From: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
clamav 0.105.1: New package to resolve several CVEs
For details see:
https://blog.clamav.net/2022/10/new-packages-for-clamav-01037-01044.html
Fixes:
"CVE-2022-37434 - A critical severity vulnerability in the zlib library.
CVE-2022-40303 - A high severity vulnerability in the libxml2 library.
Note: As of writing, the details of this CVE are not published.
However, you can find additional details on other sites.
CVE-2022-40304 - A high severity vulnerability in the libxml2 library.
Note: As of writing, the details of this CVE are not published.
However, you can find additional details on other sites."
Adolf Belka [Wed, 9 Nov 2022 18:57:34 +0000 (19:57 +0100)]
iotop: Modified rootfile with python-3.10.8
- rootfile for iotop is significantly different with python-3.10.8 compared to 3.10.1
Many entries now missing and iotop placed in bin instead of sbin despite source tarball
setup.py having a "dirty hack to make sure iotop is installed in sbin instead of bin"
- Added lines to lfs to move iotop from /bin to /sbin
- Tested iotop out with python-3.10.8 installed vm system and it worked without any
problems, the same as the existing version running with python-3.10.1
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:33 +0000 (19:57 +0100)]
libplist: Update rootfile for operation with python-3.10.8
- With python-3.10.8 the plist.so is no longer available in the site packages.
libplist libraries are still available.
- libplist is only used as a dependency for shairport-sync
Tested by installing shairport-sync and starting/stopping it. Started and stopped
successfully without any error messages. This would suggest that the libplist
libraries are probably being picked up successfully. Cannot test properly as I have
no Apple/iOS or related products.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:32 +0000 (19:57 +0100)]
python3-flit:Modify lfs to work with python-3.10.8
- The change to python-3.10.8 caused the rootfile to have temp build files from /root/.cache
to be included in it. Added commands to remove these temp build files so they were not
included to the rootfile.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:31 +0000 (19:57 +0100)]
python3-urllib3:Update to version 1.26.12 and to work with python-3.10.8
- Updated from version 1.26.9 to 1.26.12
- Update of rootfile
- Changelog
1.26.12 (2022-08-22)
* Deprecated the `urllib3[secure]` extra and the `urllib3.contrib.pyopenssl` module.
Both will be removed in v2.x. See this `GitHub issue <https://github.com/urllib3/urllib3/issues/2680>`_
for justification and info on how to migrate.
1.26.11 (2022-07-25)
* Fixed an issue where reading more than 2 GiB in a call to ``HTTPResponse.read`` would
raise an ``OverflowError`` on Python 3.9 and earlier.
1.26.10 (2022-07-07)
* Removed support for Python 3.5
* Fixed an issue where a ``ProxyError`` recommending configuring the proxy as HTTP
instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:30 +0000 (19:57 +0100)]
python3-typing_extensions:Update to version 4.4.0 and to work with python-3.10.8
- Updated from version 4.1.1 to 4.4.0
- Update of rootfile
- Changelog
# Release 4.4.0 (October 6, 2022)
- Add `typing_extensions.Any` a backport of python 3.11's Any class which is
subclassable at runtime. (backport from python/cpython#31841, by Shantanu
and Jelle Zijlstra). Patch by James Hilton-Balfe (@Gobot1234).
- Add initial support for TypeVarLike `default` parameter, PEP 696.
Patch by Marc Mueller (@cdce8p).
- Runtime support for PEP 698, adding `typing_extensions.override`. Patch by
Jelle Zijlstra.
- Add the `infer_variance` parameter to `TypeVar`, as specified in PEP 695.
Patch by Jelle Zijlstra.
# Release 4.3.0 (July 1, 2022)
- Add `typing_extensions.NamedTuple`, allowing for generic `NamedTuple`s on
Python <3.11 (backport from python/cpython#92027, by Serhiy Storchaka). Patch
by Alex Waygood (@AlexWaygood).
- Adjust `typing_extensions.TypedDict` to allow for generic `TypedDict`s on
Python <3.11 (backport from python/cpython#27663, by Samodya Abey). Patch by
Alex Waygood (@AlexWaygood).
# Release 4.2.0 (April 17, 2022)
- Re-export `typing.Unpack` and `typing.TypeVarTuple` on Python 3.11.
- Add `ParamSpecArgs` and `ParamSpecKwargs` to `__all__`.
- Improve "accepts only single type" error messages.
- Improve the distributed package. Patch by Marc Mueller (@cdce8p).
- Update `typing_extensions.dataclass_transform` to rename the
`field_descriptors` parameter to `field_specifiers` and accept
arbitrary keyword arguments.
- Add `typing_extensions.get_overloads` and
`typing_extensions.clear_overloads`, and add registry support to
`typing_extensions.overload`. Backport from python/cpython#89263.
- Add `typing_extensions.assert_type`. Backport from bpo-46480.
- Drop support for Python 3.6. Original patch by Adam Turner (@AA-Turner).
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:27 +0000 (19:57 +0100)]
python3-setuptools:Update to version 65.4.1 and to work with python-3.10.8
- Updated from version 62.0.0 to 65.4.1
- Update of rootfile
- Changelog is too large to include here. Details can be found in the CHANGES.rst file
in the source tarball. Most of the changes are bug fixes
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:26 +0000 (19:57 +0100)]
python3-semantic_version:Update to version 2.10.0 and to work with python-3.10.8
- Updated from version 2.9.0 to 2.10.0
- Update of rootfile
- Changelog
2.10.0 (2022-05-26)
*New:*
* `132 <https://github.com/rbarrois/python-semanticversion/issues/132>`_:
Ensure sorting a collection of versions is always stable, even with
build metadata.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:24 +0000 (19:57 +0100)]
python3-rsa:Update to version 4.9 and to work with python-3.10.8
- Updated from version 4.8 to 4.9
- Update of rootfile
- Changelog
## Version 4.9 - release 2022-07-20
- Remove debug logging from `rsa/key.py`
([#194](https://github.com/sybrenstuvel/python-rsa/issues/194)).
- Remove overlapping slots in `PrivateKey` and `PublicKey`.
([#189](https://github.com/sybrenstuvel/python-rsa/pull/189)).
- Do not include CHANGELOG/LICENSE/README.md in wheel
([#191](https://github.com/sybrenstuvel/python-rsa/pull/191)).
- Fixed Key Generation Unittest: Public and Private keys are assigned the wrong way around
([#188](https://github.com/sybrenstuvel/python-rsa/pull/188)).
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:23 +0000 (19:57 +0100)]
python3-requests:Update to version 2.28.1 and to work with python-3.10.8
- Updated from version 2.27.1 to 2.28.1
- Update of rootfile
- Changelog
2.28.1 (2022-06-29)
**Improvements**
- Speed optimization in `iter_content` with transition to `yield from`. (#6170)
**Dependencies**
- Added support for chardet 5.0.0 (#6179)
- Added support for charset-normalizer 2.1.0 (#6169)
2.28.0 (2022-06-09)
**Deprecations**
- ⚠️ Requests has officially dropped support for Python 2.7. ⚠️ (#6091)
- Requests has officially dropped support for Python 3.6 (including pypy3.6). (#6091)
**Improvements**
- Wrap JSON parsing issues in Request's JSONDecodeError for payloads without
an encoding to make `json()` API consistent. (#6097)
- Parse header components consistently, raising an InvalidHeader error in
all invalid cases. (#6154)
- Added provisional 3.11 support with current beta build. (#6155)
- Requests got a makeover and we decided to paint it black. (#6095)
**Bugfixes**
- Fixed bug where setting `CURL_CA_BUNDLE` to an empty string would disable
cert verification. All Requests 2.x versions before 2.28.0 are affected. (#6074)
- Fixed urllib3 exception leak, wrapping `urllib3.exceptions.SSLError` with
`requests.exceptions.SSLError` for `content` and `iter_content`. (#6057)
- Fixed issue where invalid Windows registry entires caused proxy resolution
to raise an exception rather than ignoring the entry. (#6149)
- Fixed issue where entire payload could be included in the error message for
JSONDecodeError. (#6036)
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:22 +0000 (19:57 +0100)]
python3-pytz:Update to version 2022.4 and to work with python-3.10.8
- Updated from version 2022.1 to 2022.4
- Update of rootfile
- Changelog
2022.4
An update to pytz has been released, containing the IANA 2022d timezone database.
There are no code changes.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:21 +0000 (19:57 +0100)]
python3-pyparsing:Update to version 3.0.9 and to work with python-3.10.8
- Updated from version 3.0.7 to 3.0.9
- Update of rootfile
- Changelog
Version 3.0.9 -
- Added Unicode set `BasicMultilingualPlane` (may also be referenced
as `BMP`) representing the Basic Multilingual Plane (Unicode
characters up to code point 65535). Can be used to parse
most language characters, but omits emojis, wingdings, etc.
Raised in discussion with Dave Tapley (issue #392).
- To address mypy confusion of `pyparsing.Optional` and `typing.Optional`
resulting in `error: "_SpecialForm" not callable` message
reported in issue #365, fixed the import in exceptions.py. Nice
sleuthing by Iwan Aucamp and Dominic Davis-Foster, thank you!
(Removed definitions of `OptionalType`, `DictType`, and `IterableType`
and replaced them with `typing.Optional`, `typing.Dict`, and
`typing.Iterable` throughout.)
- Fixed typo in jinja2 template for railroad diagrams, thanks for the
catch Nioub (issue #388).
- Removed use of deprecated `pkg_resources` package in
railroad diagramming code (issue #391).
- Updated bigquery_view_parser.py example to parse examples at
https://cloud.google.com/bigquery/docs/reference/legacy-sql
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:20 +0000 (19:57 +0100)]
python3-pyfuse3:Update to version 3.2.2 and to work with python-3.10.8
- Updated from version 3.2.1 to 3.2.2
- Version 3.2.2 is a cythonised version of 3.2.1 resulting in no longer requiring Cython
- Update of rootfile
- Changelog
Release 3.2.2 (2022-09-28)
* remove support for python 3.5 (broken, out of support by python devs)
* cythonize with latest Cython 0.29.x (brings Python 3.11 support)
* use github actions for CI, remove travis-ci
* update README: minimal maintenance, not developed
* update setup.py with tested python versions
* examples/tmpfs.py: work around strange kernel behaviour (calling SETATTR after
UNLINK of a (not open) file): respond with ENOENT instead of crashing.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:17 +0000 (19:57 +0100)]
python3-idna:Update to version 3.4 and to work with python-3.10.8
- Updated from version 3.3 to 3.4
- Update of rootfile
- Changelog
3.4 (2022-09-14)
- Update to Unicode 15.0.0
- Migrate to pyproject.toml for build information (PEP 621)
- Correct another instance where generic exception was raised instead of
IDNAError for malformed input
- Source distribution uses zeroized file ownership for improved
reproducibility
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:16 +0000 (19:57 +0100)]
python3-docutils:Update to version 0.19 and to work with python-3.10.8
- Updated from version 0.18.1 to 0.19
- Update of rootfile
- Changelog
Release 0.19 (2022-07-05)
* General
- Dropped support for Python 2.7, 3.5, and 3.6. and removed compatibility
hacks from code and tests.
- Code cleanup,
check PEP 8 conformity with `flake8` (exceptions in file tox.ini).
* docutils/__main__.py
- New module. Support for ``python -m docutils``.
Also used for the ``docutils`` console script `entry point`.
* docutils/core.py:
- Let `Publisher.publish()` print info and prompt when waiting for input
from a terminal (cf. https://clig.dev/#interactivity).
- Respect "input_encoding_error_handler" setting when opening a source.
* docutils/io.py
- New function `error_string()`
obsoletes `utils.error_reporting.ErrorString`.
- Class `ErrorOutput` moved here from `utils/error_reporting`.
- Use "utf-8-sig" instead of Python's default encoding if the
"input_encoding" setting is None.
- Fix error when reading of UTF-16 encoded source without trailing newline.
* docutils/parsers/__init__.py
- Aliases "markdown" and "commonmark" point to "commonmark_wrapper".
- Alias for the "myst" parser (https://pypi.org/project/myst-docutils).
- Use absolute module names in `_parser_aliases` instead of two
import attempts. (Keeps details if the `recommonmark_wrapper.py` module
raises an ImportError.)
- Prepend parser name to ImportError if importing a parser class fails.
* docutils/parsers/commonmark_wrapper.py
- New module for parsing CommonMark input. Selects a locally installed
3rd-party parser (pycmark, myst, or recommonmark).
* docutils/parsers/recommonmark_wrapper.py
- Raise ImportError, if import of the upstream parser module fails.
If called from an `"include" directive`_,
the system-message now has source/line info.
- Adapt to and test with "recommonmark" versions 0.6.0 and 0.7.1.
.. _"include" directive: docs/ref/rst/directives.html#include
* docutils/parsers/rst/__init__.py
- Update PEP base URL (fixes bug #445),
use "https:" scheme in RFC base URL.
- Add `reporter` to `Directive` class attributes.
* docutils/parsers/rst/directives/__init__.py
- `parser_name()` keeps details if converting ImportError to ValueError.
* docutils/parsers/rst/roles.py
- Don't use mutable default values for function arguments. Fixes bug #430.
* docutils/transforms/universal.py
- Fix bug #435: invalid references in `problematic` nodes
with report_level=4.
* docutils/utils/__init__.py
- `decode_path()` returns `str` instance instead of `nodes.reprunicode`.
* docutils/utils/error_reporting.py
- Add deprecation warning.
* docutils/writers/_html_base.py
- Add "html writers" to `config_section_dependencies`. Fixes bug #443.
- Write table column widths with 3 digits precision. Fixes bug #444.
* docutils/writers/html5_polyglot/__init__.py
- Add space before "charset" meta tag closing sequence.
- Remove class value "controls" from an `image` node with video content
after converting it to a "control" attribute of the <video> tag.
- Wrap groups of footnotes in an ``<aside>`` for easier styling.
* docutils/writers/pep_html/
- Use "https:" scheme in "python_home" URL default.
- Fix links in template.txt.
* setup.py:
- New "docutils" console script `entry point`__. Fixes bug #447.
__ https://packaging.python.org/en/latest/specifications/entry-points/
* test/alltests.py
- Always encode the log file "alltests.out" using 'utf-8'.
* test/DocutilsTestSupport.py
- `exception_data()` now returns None if no exception was raised.
- `recommonmark_wrapper` only imported if upstream parser is present.
* test/test_parsers/test_rst/test_directives/test_tables.py
- Fix bug #436: Null char valid in CSV since Python 3.11.
* tools/docutils-cli.py
- Allow 3rd-party drop-in components for reader and parser, too.
- Fix help output.
- Actual code moved to docutils.__main__.py.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:15 +0000 (19:57 +0100)]
python3-colorama:Update to version 0.4.5 and to work with python-3.10.8
- Updated from version 0.4.4 to 0.4.5
- Update of rootfile
- Changelog
0.4.5
* Catch a racy ValueError that could occur on exit.
* Create README-hacking.md, for Colorama contributors.
* Tweak some README unicode characters that don't render correctly on PyPI.
* Fix some tests that were failing on some operating systems.
* Add support for Python 3.9.
* Add support for PyPy3.
* Add support for pickling with the ``dill`` module.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:14 +0000 (19:57 +0100)]
python3-click:Update to version 8.1.3 and to work with python-3.10.8
- Updated from version 8.1.2 to 8.1.3
- Update of rootfile
- Changelog
Version 8.1.3
- Use verbose form of ``typing.Callable`` for ``@command`` and
``@group``. :issue:`2255`
- Show error when attempting to create an option with
``multiple=True, is_flag=True``. Use ``count`` instead.
:issue:`2246`
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:13 +0000 (19:57 +0100)]
python3-circuitbreaker:Update to version 1.4.0 and to work with python-3.10.8
- Updated from version 1.3.2 to 1.4.0
- Update of rootfile
- Changelog
1.4.0 Latest
The circuitbreaker project has been classified as "Critical Project" on PyPI, meaning it belongs to the top 1% of all projects on PyPI based on the downloads over the last 6 months. We're working an important peace here 🙂
Fallback Function
By default, the circuit breaker will raise a CircuitBreaker exception when the circuit is opened. You can instead specify a function to be called when the circuit is opened. This function can be specified with the fallback_function parameter and will be called with the same parameters as the decorated function would be.
Custom callable for handling exceptions
The logic for handling thrown exceptions as failures can now be customized by passing a callable. The callable will be passed the exception type and value, and should return True if the exception should be treated as a failure.
Monotonic clock
Using the wall clock to measure durations is vulnerable to changes in the system clock causing misbehavior - a clock accidentally set far in the future and later reset could result in the circuit breaker remaining open for a great deal longer than expected. To solve this, a monotonic clock is now used for timing open states.
Circuitbreaker default name
The circuitbreaker default names are now taken from __qualname__ if available for more precise default naming.
Fixes and tooling
the project is now built on Github Action instead of Travis CI
building for python 3.10
applied smaller flake8 fixes
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:12 +0000 (19:57 +0100)]
python3-charset-normalizer:Update to version 2.1.1 and to work with python-3.10.8
- Updated from version 2.0.12 to 2.1.1
- Update of rootfile
- Changelog
## [2.1.1](https://github.com/Ousret/charset_normalizer/compare/2.1.0...2.1.1) (2022-08-19)
### Deprecated
- Function `normalize` scheduled for removal in 3.0
### Changed
- Removed useless call to decode in fn is_unprintable (#206)
### Fixed
- Third-party library (i18n xgettext) crashing not recognizing utf_8 (PEP 263) with underscore from [@aleksandernovikov](https://github.com/aleksandernovikov) (#204)
## [2.1.0](https://github.com/Ousret/charset_normalizer/compare/2.0.12...2.1.0) (2022-06-19)
### Added
- Output the Unicode table version when running the CLI with `--version` (PR #194)
### Changed
- Re-use decoded buffer for single byte character sets from [@nijel](https://github.com/nijel) (PR #175)
- Fixing some performance bottlenecks from [@deedy5](https://github.com/deedy5) (PR #183)
### Fixed
- Workaround potential bug in cpython with Zero Width No-Break Space located in Arabic Presentation Forms-B, Unicode 1.1 not acknowledged as space (PR #175)
- CLI default threshold aligned with the API threshold from [@oleksandr-kuzmenko](https://github.com/oleksandr-kuzmenko) (PR #181)
### Removed
- Support for Python 3.5 (PR #192)
### Deprecated
- Use of backport unicodedata from `unicodedata2` as Python is quickly catching up, scheduled for removal in 3.0 (PR #194)
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:11 +0000 (19:57 +0100)]
python3-cffi:Update to version 1.15.1 and to work with python-3.10.8
- Updated from version 1.15.0 to 1.15.1
- Update of rootfile
- Changelog
v1.15.1
If you call ffi.embedding_api() but don’t write any extern “Python” function there, then the resulting C code would fail an assert. Fixed.
Updated Windows/arm64 embedded libffi static lib to v3.4.2, and scripted to ease future updates (thanks Niyas Sait!)
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:08 +0000 (19:57 +0100)]
python3-attrs:Update to version 22.1.0 and to work with python-3.10.8
- Updated from version 21.4.0 to 22.1.0
- Update of rootfile
- Changelog
22.1.0 (2022-07-28)
Backwards-incompatible Changes
- Python 2.7 is not supported anymore.
Dealing with Python 2.7 tooling has become too difficult for a volunteer-run project.
We have supported Python 2 more than 2 years after it was officially discontinued and feel that we have paid our dues.
All version up to 21.4.0 from December 2021 remain fully functional, of course.
`#936 <https://github.com/python-attrs/attrs/issues/936>`_
- The deprecated ``cmp`` attribute of ``attrs.Attribute`` has been removed.
This does not affect the *cmp* argument to ``attr.s`` that can be used as a shortcut to set *eq* and *order* at the same time.
`#939 <https://github.com/python-attrs/attrs/issues/939>`_
Changes
- Instantiation of frozen slotted classes is now faster.
`#898 <https://github.com/python-attrs/attrs/issues/898>`_
- If an ``eq`` key is defined, it is also used before hashing the attribute.
`#909 <https://github.com/python-attrs/attrs/issues/909>`_
- Added ``attrs.validators.min_len()``.
`#916 <https://github.com/python-attrs/attrs/issues/916>`_
- ``attrs.validators.deep_iterable()``'s *member_validator* argument now also accepts a list of validators and wraps them in an ``attrs.validators.and_()``.
`#925 <https://github.com/python-attrs/attrs/issues/925>`_
- Added missing type stub re-imports for ``attrs.converters`` and ``attrs.filters``.
`#931 <https://github.com/python-attrs/attrs/issues/931>`_
- Added missing stub for ``attr(s).cmp_using()``.
`#949 <https://github.com/python-attrs/attrs/issues/949>`_
- ``attrs.validators._in()``'s ``ValueError`` is not missing the attribute, expected options, and the value it got anymore.
`#951 <https://github.com/python-attrs/attrs/issues/951>`_
- Python 3.11 is now officially supported.
`#969 <https://github.com/python-attrs/attrs/issues/969>`_
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:07 +0000 (19:57 +0100)]
python3-arrow:Update to version 1.2.3 and to work with python-3.10.8
- Updated from version 1.2.2 to 1.2.3
- Update of rootfile
- Changelog
1.2.3 (2022-06-25)
- [NEW] Added Amharic, Armenian, Georgian, Laotian and Uzbek locales.
- [FIX] Updated Danish locale and associated tests.
- [INTERNAl] Small fixes to CI.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:57:03 +0000 (19:57 +0100)]
rust-pyo3:Update to version 0.15.2 - required by python3-cryptography
- Updated from version 0.15.1 to 0.15.2
- Update of rootfile
- Changelog
## [0.15.2] - 2022-04-14
### Packaging
- Backport of PyPy 3.9 support from PyO3 0.16. [#2262](https://github.com/PyO3/pyo3/pull/2262)
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:56:56 +0000 (19:56 +0100)]
rust-chrono:Update to version 0.4.22 required by python3-cryptography
- Updated from version 0.4.19 to 0.4.22
- Update of rootfile
- Update of metadata patch as more windows related entries in Cargo.toml to be excluded
- Changelog
## 0.4.22
* Allow wasmbindgen to be optional on `wasm32-unknown-unknown` target [(#771)](https://github.com/chronotope/chrono/pull/771)
* Fix compile error for `x86_64-fortanix-unknown-sgx` [(#767)](https://github.com/chronotope/chrono/pull/767)
* Update `iana-time-zone` version to 1.44 [(#773)](https://github.com/chronotope/chrono/pull/773)
## 0.4.21
* Fall back to UTC timezone in cases where no timezone is found [(#756)](https://github.com/chronotope/chrono/pull/756)
* Correctly detect timezone on Android [(#756)](https://github.com/chronotope/chrono/pull/756)
* Improve documentation for strftime `%Y` specifier [(#760)](https://github.com/chronotope/chrono/pull/760)
## 0.4.20
* Add more formatting documentation and examples.
* Add support for microseconds timestamps serde serialization/deserialization (#304)
* Fix `DurationRound` is not TZ aware (#495)
* Implement `DurationRound` for `NaiveDateTime`
* Implement `std::iter::Sum` for `Duration`
* Add `DateTime::from_local()` to construct from given local date and time (#572)
* Add a function that calculates the number of years elapsed between now and a given `Date` or `DateTime` (#557)
* Correct build for wasm32-unknown-emscripten target (#568)
* Change `Local::now()` and `Utc::now()` documentation from "current date" to "current date and time" (#647)
* Fix `duration_round` panic on rounding by `Duration::zero()` (#658)
* Add optional rkyv support.
* Add support for microseconds timestamps serde serialization for `NaiveDateTime`.
* Add support for optional timestamps serde serialization for `NaiveDateTime`.
* Fix build for wasm32-unknown-emscripten (@yu-re-ka #593)
* Make `ParseErrorKind` public and available through `ParseError::kind()` (#588)
* Implement `DoubleEndedIterator` for `NaiveDateDaysIterator` and `NaiveDateWeeksIterator`
* Fix panicking when parsing a `DateTime` (@botahamec)
* Add support for getting week bounds based on a specific `NaiveDate` and a `Weekday` (#666)
* Remove libc dependency from Cargo.toml.
* Add the `and_local_timezone` method to `NaiveDateTime`
* Fix the behavior of `Duration::abs()` for negative durations with non-zero nanos
* Add compatibility with rfc2822 comments (#733)
* Make `js-sys` and `wasm-bindgen` enabled by default when target is `wasm32-unknown-unknown` for ease of API discovery
* Add the `Months` struct and associated `Add` and `Sub` impls
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:56:55 +0000 (19:56 +0100)]
python3-cryptography:Update to version 38.0.1 and to work with python-3.10.8
- Updated from version 36.0.2 to 38.0.1
- Update of rootfile
- Changelog
38.0.1 - 2022-09-07
Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically seen in large CRLs).
38.0.0 - 2022-09-06
Final deprecation of OpenSSL 1.1.0. The next release of cryptography will drop support.
We no longer ship many linux 2010 wheels. Users should upgrade to the latest pip to ensure this doesn’t cause issues downloading wheels on their platform. We now ship manylinux_2_28 wheels for users on new enough platforms.
Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check Installation for documentation on installing a newer rustc if required.
decrypt() and related methods now accept both str and bytes tokens.
Parsing CertificateSigningRequest restores the behavior of enforcing that the Extension critical field must be correctly encoded DER. See the issue for complete details.
Added two new OpenSSL functions to the bindings to support an upcoming pyOpenSSL release.
When parsing CertificateRevocationList and CertificateSigningRequest values, it is now enforced that the version value in the input must be valid according to the rules of RFC 2986 and RFC 5280.
Using MD5 or SHA1 in CertificateBuilder and other X.509 builders is deprecated and support will be removed in the next version.
Added additional APIs to SignedCertificateTimestamp, including signature_hash_algorithm, signature_algorithm, signature, and extension_bytes.
Added tbs_precertificate_bytes, allowing users to access the to-be-signed pre-certificate data needed for signed certificate timestamp verification.
KBKDFHMAC and KBKDFCMAC now support MiddleFixed counter location.
Fixed RFC 4514 name parsing to reverse the order of the RDNs according to the section 2.1 of the RFC, affecting method from_rfc4514_string().
It is now possible to customize some aspects of encryption when serializing private keys, using encryption_builder().
Removed several legacy symbols from our OpenSSL bindings. Users of pyOpenSSL versions older than 22.0 will need to upgrade.
Added AES128 and AES256 classes. These classes do not replace AES (which allows all AES key lengths), but are intended for applications where developers want to be explicit about key length.
37.0.4 - 2022-07-05
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.5.
37.0.3 - 2022-06-21 (YANKED)¶
Attention
This release was subsequently yanked from PyPI due to a regression in OpenSSL.
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.4.
37.0.2 - 2022-05-03
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.3.
Added a constant needed for an upcoming pyOpenSSL release.
37.0.1 - 2022-04-27
Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error.
Restored some legacy symbols for older pyOpenSSL users. These will be removed again in the future, so pyOpenSSL users should still upgrade to the latest version of that package when they upgrade cryptography.
37.0.0 - 2022-04-26
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2.
BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL 2.9.x and 3.0.x. The new minimum LibreSSL version is 3.1+.
BACKWARDS INCOMPATIBLE: Removed signer and verifier methods from the public key and private key classes. These methods were originally deprecated in version 2.0, but had an extended deprecation timeline due to usage. Any remaining users should transition to sign and verify.
Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by the OpenSSL project. The next release of cryptography will be the last to support compiling with OpenSSL 1.1.0.
Deprecated Python 3.6 support. Python 3.6 is no longer supported by the Python core team. Support for Python 3.6 will be removed in a future cryptography release.
Deprecated the current minimum supported Rust version (MSRV) of 1.41.0. In the next release we will raise MSRV to 1.48.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check Installation for documentation on installing a newer rustc if required.
Deprecated CAST5, SEED, IDEA, and Blowfish because they are legacy algorithms with extremely low usage. These will be removed in a future version of cryptography.
Added limited support for distinguished names containing a bit string.
We now ship universal2 wheels on macOS, which contain both arm64 and x86_64 architectures. Users on macOS should upgrade to the latest pip to ensure they can use this wheel, although we will continue to ship x86_64 specific wheels for now to ease the transition.
This will be the final release for which we ship manylinux2010 wheels. Going forward the minimum supported manylinux ABI for our wheels will be manylinux2014. The vast majority of users will continue to receive manylinux wheels provided they have an up to date pip. For PyPy wheels this release already requires manylinux2014 for compatibility with binaries distributed by upstream.
Added support for multiple OCSPSingleResponse in a OCSPResponse.
Restored support for signing certificates and other structures in X.509 with SHA3 hash algorithms.
TripleDES is disabled in FIPS mode.
Added support for serialization of PKCS#12 CA friendly names/aliases in serialize_key_and_certificates()
Added support for 12-15 byte (96 to 120 bit) nonces to AESOCB3. This class previously supported only 12 byte (96 bit).
Added support for AESSIV when using OpenSSL 3.0.0+.
Added support for serializing PKCS7 structures from a list of certificates with serialize_certificates.
Added support for parsing RFC 4514 strings with from_rfc4514_string().
Added AUTO to PSS. This can be used to verify a signature where the salt length is not already known.
Added DIGEST_LENGTH to PSS. This constant will set the salt length to the same length as the PSS hash algorithm.
Added support for loading RSA-PSS key types with load_pem_private_key() and load_der_private_key(). This functionality is limited to OpenSSL 1.1.1e+ and loads the key as a normal RSA private key, discarding the PSS constraint information.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:56:54 +0000 (19:56 +0100)]
python3-setuptools-scm:Update to version 7.0.5 and to work with python-3.10.8
- Updated from version 6.4.2 to 7.0.5
- Update of rootfile
- Changelog
v7.0.5
Merge pull request #746 from RonnyPfannschmidt/release-prep
v7.0.4
Merge pull request #739 from RonnyPfannschmidt/fix-738-protect-relative-to
v7.0.3
What's Changed
Hg / pip compatibility by @paugier in #729
fix #728: remove git arguments that triggered wrong branch names by @RonnyPfannschmidt in #730
fix #691 - support root in pyproject.toml even for cli by @RonnyPfannschmidt in #731
fix #727: correctly handle incomplete archivals from setuptools_scm_g… by @RonnyPfannschmidt in #732
cleanup pyproject loading and allow cli relative roots to be specified by @RonnyPfannschmidt in #736
Update the README: document support for Git archives by @Changaco in #734
v7.0.2
Merge pull request #724 from RonnyPfannschmidt/fix-722-self-bootstrap
v7.0.1
Merge pull request #719 from kojiromike/missing-importlib
v7.0.0
pre-commit update
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:56:53 +0000 (19:56 +0100)]
python3-setuptools-rust:Update to version 1.5.2 and to work with python-3.10.8
- Updated from version 1.2.0 to 1.5.2
- Update of rootfile
- Changelog
v1.5.2
Fixed
Fix regression in dylib build artifacts not being found since 1.5.0. #290
Fix regression in sdist missing examples and other supplementary files since 1.5.0. #291
v1.5.1
Fixed
Fix regression in get_lib_name crashing since 1.5.0. #280
Fix regression in Binding.Exec builds with multiple executables not finding built executables since 1.5.0. #283
v1.5.0
Added
Add support for extension modules built for wasm32-unknown-emscripten with Pyodide. #244
Changed
Locate cdylib artifacts by handling messages from cargo instead of searching target dir (fixes build on MSYS2). #267
No longer guess cross-compile environment using HOST_GNU_TYPE / BUILD_GNU_TYPE sysconfig variables. #269
Fixed
Fix RustBin build without wheel. #273
Fix RustBin setuptools install. #275
v1.4.1
Fixed
Fix crash when checking Rust version. #263
v1.4.0
Packaging
Increase minimum setuptools version to 62.4. #222
Added
Add cargo_manifest_args to support locked, frozen and offline builds. #234
Add RustBin for packaging binaries in scripts data directory. #248
Changed
Exec binding RustExtension with script=True is deprecated in favor of RustBin. #248
Errors while calling cargo metadata are now reported back to the user #254
quiet option will now suppress output of cargo metadata. #256
setuptools-rust will now match cargo behavior of not setting --target when the selected target is the rust host. #258
Deprecate native option of RustExtension. #258
Fixed
If the sysconfig for BLDSHARED has no flags, setuptools-rust won't crash anymore. #241
v1.3.0
Packaging
Increase minimum setuptools version to 58. #222
Fixed
Fix crash when python-distutils-extra linux package is installed. #222
Fix sdist built with vendored dependencies on Windows having incorrect cargo config. #223
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:56:51 +0000 (19:56 +0100)]
python3-daemon: Update to version 2.3.1 and to work with python-3.10.8
- Updated from version 2.3.0 to 2.3.1
- Update of rootfile
- Changelog
Version 2.3.1
Bugs Fixed:
* Avoid operations on a closed stream file when detecting a socket. Closes: Pagure #64. Thanks to Mark Richman for the report.
* Correct use of names to allow `from daemon import *`. Closes: Pagure #65. Thanks to July Tikhonov for the report.
Changed:
* Speed daemon start time by computing candidate file descriptors once. Closes: Pagure #40. Thanks to Alex Pyrgiotis for the report.
* Remove incorrect double-patch of objects in test cases. Closes: Pagure #62. Thanks to Miro Hrončok for the report.
* Deprecate helper function `is_socket`.
The function incorrectly causes `ValueError` when the file object is already
closed. Migrate to the new `is_socket_file` helper function instead.
Removed:
* Drop backward-compatible helpers that provided Python 2 support.
* declaration of source encoding ‘utf-8’
* absolute_import
* unicode_literals
* module-level metaclass `type`
* unification of str with unicode type
* renamed standard library exceptions and modules
* raise exception from context exception
All these are default behaviour in Python 3 and need no special
handling.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:56:50 +0000 (19:56 +0100)]
python3-build: Update to version 0.8.0 and to work with python-3.10.8
- Updated from version 0.7.0 to 0.8.0
- Update of rootfile
- Changelog
0.8.0 (2022-05-22)
Accept os.PathLike[str] in addition to str for paths in public API
(PR #392, Fixes #372)
Add schema validation for build-system table to check conformity with PEP 517
and PEP 518 (PR #365, Fixes #364)
Better support for Python 3.11 (sysconfig schemes PR #434, PR #463,
tomllib PR #443, warnings PR #420)
Improved error printouts (PR #442)
Avoid importing packaging unless needed (PR #395, Fixes #393)
Breaking Changes
Failure to create a virtual environment in the build.env module now raises
build.FailedProcessError (PR #442)
- As far as I can tell IPFire does not use the build.env module and the built iso
installed successfully
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:56:48 +0000 (19:56 +0100)]
make.sh: Addition, deletion and re-orderiong of packages for Python-3.10.8
- Addition of rust-iana-time-zone and removal of python3-Cython as updated python3-pyfuse
can be built now without Cython.
- python3-toml and python3-pyproject2setuppy moved earlier as updated python3-pyparsing
no longer has setup.py file
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Adolf Belka [Wed, 9 Nov 2022 18:56:47 +0000 (19:56 +0100)]
python3: Update to version 3.10.8
- Update from version 3.10.1 to 3.10.8
- Update of rootfile
- Changelog is too large to include hear. More details can be found at
https://docs.python.org/3.10/whatsnew/changelog.html#changelog
- Installed Iso, created from build of this python update series, into a vm testbed clone.
All pages and contents worked. No issues found on any WUI page.
Tested-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Fixed
- BandwidthDetection in BSD wasn't correctly converting kernel reported
bits per second values to Mbits per second resulting in a sanity check
being triggered and detected values not being used expect for PPPoE
interfaces which incorrectly were detected as 64000 Mbit
- Image output of 5 minute graph wasn't possible if data retention of the
5 minute time period was configured as unlimited
(pull request by Sebastian Lechte)
- Estimates and average rates weren't calculated correctly for daily,
monthly and yearly time periods when monitoring of the interface had been
started during the ongoing time period
- Estimates weren't being shown in summary output when OutputStyle or
--style was configured with a value less than 2 (vnstat)
- Alignment of column header in short output wasn't correct when
OutputStyle or --style was configured with the value 0 (vnstat)
- New
- Support input of more than 31 characters in interface name when using
interface1+interface2 syntax data merge queries
- Support passing --config option multiple times, later files override
earlier files if settings overlap (vnstat and vnstati)
- Add configuration option EstimateVisible for controlling the visibility
of the estimate line
- Add configuration option EstimateText for modifying the default
"estimated" text string when the estimate line is visible
- Add --style support to -tr / --traffic output
- Add summary option to --json and --xml outputs
- Add timestamps to --json and --xml outputs
- Add Prometheus compatible metrics endpoint cgi to examples
(examples/vnstat-metrics.cgi)"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Peter Müller [Mon, 7 Nov 2022 12:24:07 +0000 (12:24 +0000)]
Drop powertop
This has been discussed briefly in the telephone conference of
September: powertop is considered to be unnecessary, as IPFire is
optimized for performance, thus interfering with possible power
consumption reducing switches. Also, the need for powertop has been
diminished, given that x86 platforms are highly likely not to run on
batteries, and we are phasing out 32-bit ARM, where this could have been
the case.
Therefore, this patch proposes to drop powertop.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>