Adolf Belka [Wed, 29 Apr 2026 17:50:28 +0000 (19:50 +0200)]
openssh: Resolve configure unrecognised option(s)
- configure: WARNING: unrecognized options: --with-md5-passwords
- use of md5 for passwords was removed in version 8.9 in 2022
- Option has been removed
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- configure: WARNING: unrecognized options: --disable-nls
- Checked the tarballs all the way back to 2.4.0 (2001) and nls has never been a
configure option that can be selected.
- Based on that the option has been removed.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 29 Apr 2026 17:50:24 +0000 (19:50 +0200)]
gnutls: Resolve configure unrecognised option(s)
- configure: WARNING: unrecognized options: --disable-guile
- The guile bindings were removed and made into a separate package in version 3.8.0
in 2023
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 29 Apr 2026 17:50:23 +0000 (19:50 +0200)]
frr: Resolve configure unrecognised option(s)
- configure: WARNING: unrecognized options: --disable-irdp
- The irdp code was removed from frr in version 10.5.0 so the disable option is no
longer required
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 29 Apr 2026 17:50:22 +0000 (19:50 +0200)]
flac: Resolve configure unrecognised option(s)
- configure: WARNING: unrecognized options: --disable-xmms-plugin
- the xmms plugin was removed from flac in version 1.4.2 in 2022 so the option is no
longer needed and has been removed
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 29 Apr 2026 17:50:21 +0000 (19:50 +0200)]
dnsdist: Resolve configure unrecognised option(s)
- I was searching in the _build.ipfire.log file to resolve something else and I noticed
that there were several packages with the same message.
configure: WARNING: unrecognized options:
- I investigated the options for each package and identified if the option was no longer
valid or if it had been replaced with another option which had not been identified
when it occurred.
- This patch set resolves all the unrecognised configure options except for one that
needs further investigation (tcl) and this has been confirmed ny a search in the
-build.ipfire.log created after the build with all the changes in this patch set.
- For dnsdist two options had their names changed in version 1.4.0 in around 2019.
- --enable-openssl has become --with-libssl
- --disable-gnutls has become --without-gnutls
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 28 Apr 2026 12:11:07 +0000 (14:11 +0200)]
knot: Update to version 3.5.4
- Update from 3.4.2 to 3.5.4
- Update of rootfile
- find-dependencies run due to sobump. No issues identified.
- Changelog
3.5.4
Features:
- knotd: configurable ZERO-COPY XDP mode (see 'xdp.zero-copy')
- mod-dnserr: module for DNS error reporting
Improvements:
- knotd: 'zone-update-error' statistic counter covers more situations
- knotd: 'zone.catalog-zone' configuration option is ignored if not needed
- knotd: dynamic reconfiguration logs item value in debug mode
- knotd: memory optimizations when reloading a zone file
- knotd: improved interoperability with Bind9 Offline KSK operations
- knotd: improved performance of updated zone check
- knotd: increased maximum configuration database reader limit by 3
- knotd: new warning logs if primaries are outdated during zone refresh
- kxdpgun: JSON output is stream of newline-delimited objects instead of a list
- kxdpgun: extended throughput statistics
- libs: support for loading private ALIAS record type
- libs: upgraded embedded libngtcp2 to 1.22.0
- debian: switched to sysusers.d and tmpfiles.d configurations (Thanks to Luca Boccassi)
- doc: various improvements
Bugfixes:
- mod-onlinesign: incorrect next NSEC owner name leading to a DoS (Thanks to Shang Kunjie)
- knotd: server crash upon receiving a malformed resource record over XFR (Thanks to Haruto Kimura)
- knotd: generated catalog not updated if reconfigured without server restart
- knotd: some cross-zone reconfigurations not handled correctly
- knotd: configuration control transaction not recoverable after a semantic error
- knotd: zone loaded from Redis backend incrementally for non-continuous changes
- knotd: server crash when accessing an HSM in parallel by multiple background workers
- knotd: insufficient module unloading if error
- modules: some module hook registrations not checked for errors
- mod-geoip: server crash if record owner missing in configuration file
- libs: insufficient checks for malformed resource records (Thanks to Haruto Kimura)
- redis: incorrect arity check and use-after-free in AOF (Thanks to Haruto Kimura)
- redis: various issues when processing empty data
3.5.3
Features:
- knotd: added statistics counter for failed zone update (see 'zone-update-error')
- knotd: new D-Bus signal for zones not updated (see 'server.dbus-event')
- knotc: optional parameter for delayed old KSK removal upon submission (see 'zone-ksk-submitted')
- libs: added support for the RESINFO record type
Improvements:
- knotd: zone inclusion deletes the whole subtree of glues and junk from the parent
- knotd: supported unsigned input ZONEMD validation if enabled DNSSEC signing and ZONEMD generate
- knotd: DNSSEC signing not required for key restore
- knotd: increased defaults for 'database.timer-db-max-size' and 'database.kasp-db-max-size'
- knotd: database connection pool is purged if reconfigured
- knotd: removed shutdown delay if connected to a database
- knotd: optimized memory trimming frequency for many zones
- knotd: primary server sends NOTIFY after answering started, not sooner
- redis: GnuTLS is not required to build the module alone !1809
- libs: improved detection of PKCS #11 support !1830
- libs: upgraded embedded libngtcp2 to 1.19.0
- samples: added JSON support to probe_dump (Thanks to Benedikt Heine)
- doc: extended and updated table of compatible PKCS #11 devices
Bugfixes:
- knotd: DS push not replanned if reconfigured during DS submission
- knotd: missing check for empty zone when flushing
- knotd: missing catalog update clear if error
- knotd: failed to parse database address without port specification
- knotd: incorrect thread synchronization when dumping timers
- knotd: server crashes when outbound QUIC connection is closed unexpectedly
- knotd: zone not reloaded from database if not updated incrementally
- knotd: UNIX socket path containing a single colon considered an IPv6 address
- keymgr: program crashes when importing a malformed key
- kdig: missing address context deinitialization when iterating over addresses
- kdig: missing AA flag on NOTIFY query
3.5.2
Features:
- knotd: configurable zone timer storage mode (see 'database.timer-db-sync')
- libknot: added support for the DSYNC record type
- redis: new module command for printing zone information (see 'KNOT.ZONE.INFO')
Improvements:
- knotd: queries to a catalog zone are now allowed also for ACL rules with action 'query'
- knotd: denied query to a catalog zone is responded to with NOTAUTH instead of REFUSED
- knotd: existing PID file is reused if it matches current PID !1819
- knotd: zone purge has its own zone event
- knotd: optimized zone timer storage
- knotd: optimized ACL evaluation
- keymgr: added more algorithms to keystore-test and keystore-bench
- mod-dnstap: added detection for protoc
- libs: upgraded embedded libngtcp2 to 1.18.0
- redis: added support for zone data replication
- redis: extended logging
- doc: various improvements
Bugfixes:
- knotd: failed to receive zone with ZONEMD if enabled DNSSEC signing and ZONEMD generate
- knotd: refresh with pinned master not rescheduled when tolerance period expired
- knotd: failed to build with older libhiredis without TLS support
- knotd: misleading error message when attempting to sign empty zone
- mod-rrl: failed to compile if target architecture was specified
- libknot: failed to dump RRSet if the initial output buffer was too small
- libdnssec: missing digest.h in dnssec.h
- redis: defective communication with sentinel
- redis: failed zone load was not rescheduled
- redis: several memory leaks
3.5.1
Features:
- knotc: new command for setting zone SOA serial (see 'zone-serial-set')
Improvements:
- knotd: zone database listen configuration now accepts a hostname value
- knotd: support for specifying multiple zone databases (see 'zone-db-listen')
- knotd: added serial parameter to D-Bus event 'external_verify'
- libs: upgraded embedded libngtcp2 to 1.16.0
- configure: new option for specifying Redis module destination (see '--with-redisdir')
- configure: Redis support is fully optional (see '--enable-redis') (Thanks to Nicolas Parlant)
- deb,rpm: renamed inappropriate package 'redis-knot' to 'redis-module-knot'
Bugfixes:
- knotd: failed to build on PowerPC and MIPS
- knotd: missing some checks for file operations
- knotd: zones added via knotc conf-set include not loaded until restart
- knotd: zone-diff after zone-begin prints misleading SOA removal
- knotd: failed to load from other PEM keystores if PKCS #11 keystore is configured
- knotd: failed to restore PKCS #11 keystore #960
- knotc: failed to compile on GNU Hurd
- keymgr: missing deprecation warning for 'local-serial' command
- configure: linked with libhiredis even when configured with --disable-redis
- deb,rpm: incorrect destination for Redis module (see 'Database zone backend')
3.5.0
Features:
- knotd: database zone backend using Redis/Valkey (see 'Database zone backend')
- knotd: support for multiple control sockets (see 'control.listen')
- knotd: external zone validation (see 'External validation')
- knotd: authorization based on certificate hostname validation (see 'DNS over QUIC')
- knotd: multiple keystores can be specified per policy (see 'DNSSEC multiple keystores')
- knotd: specified resource record types can be omitted when loading (see 'zone.zonefile-skip')
- knotd: configurable delay before zone change processing (see 'zone.update-delay')
- knotd: subzone flattening (see 'zone.include-from')
Improvements:
- knotd: optimized dynamic zone addition/removal for many zones
- knotd: optimized catalog updates for many zones
- knotd: replaced a poor atomic fallback with a spin-lock-protected version
- knotd: support for independent SOA serial series on the secondary side
- knotd: self-signed certificate contains SAN instead of CN
- knotd: removed RCU synchronization lock between unrelated zones' updates
- knotd: zone-reload/reload fails if there is a module configuration error
- knotd: control interfaces are started before zones loading
- knotd: session ticket pool is purged on server reload if changed credentials
- knotc: status returns 'Loading' if the server is not yet answering
- knotc: extended tab completion for details, filters, and paths
- kzonecheck: zone origin auto-detection uses SOA owner from the checked zone file
- libknot: XDP drops packets with too many or inappropriate extended IPv6 headers
- libknot: extended XDP checks for correct packets
- libknot: semantically malformed resource records are dumped in generic format
- libs: upgraded embedded libngtcp2 to 1.15.0
- knot-exporter: less confusing option parsing and documentation
- doc: various improvements
Bugfixes:
- knotd: if multiple primaries send NOTIFY concurrently, only the last remote is queried
- knotd: failed to build on macOS with POSIX semaphores
- knotd: early zone free due to RCU-delayed update cleanup
- knotd: server crashes if "" value overrides template master value
- knot-exporter: label collisions caused by duplicate metrics (Thanks to Guillaume Cornet)
Packaging:
- deb,rpm: keymgr extracted to a separate package knot-keymgr
- deb,rpm: new package redis-knot with a Knot module for Redis/Valkey
- docker: upgraded to Debian trixie-slim
Compatibility:
- license: project relicensed to GPL-2.0-or-later
- knotd: new default value of 'policy.nsec3-salt-length' is 0
- knot-exporter: renamed some metrics, labes, or units (see 'Migration')
3.4.8
Features:
- keymgr: implemented key pregeneration for later use (see 'for-later')
Improvements:
- knotd: decreased remote session ticket lifetime to 1200 seconds
- knotd: TCP connection is not shared between SOA and XFR if 'remote.no-edns' is set
- knotd: 'zone.notify-delay' now applies to every outgoing NOTIFY
- knotd: reduced timers database size by omitting zero timer values
- knotd: zone-reload can be called on an expired zone
- knotd: improved configuration commit performance when many zones are present
- keymgr: allowed boolen key flags without an explicit 'on' value
- keymgr: support for colon separators in keyid specification
- utils: added INTERNET and CHAOS aliases for IN and CH class names
- libs: upgraded embedded libngtcp2 to 1.14.0
- doc: various improvements
Bugfixes:
- knotd: possible use after free if member zone is reused when full reload
- knotd: incorrect zone update revert adjustments
3.4.7
Features:
- knotd: implemented optional NOTIFY delay upon zone loading (see 'zone.notify-delay')
- knotd: failed ZONEMD validation emits 'dnssec-invalid' D-Bus event
- kdig: added option for delayed reading of next transfer message (see '+msgdelay')
- kzonecheck: new parameter for job count (see '-j')
Improvements:
- knotd: semantic checks support DS algorithms 5 and 6
- knotd: pending generation of reverse records is logged as warning
- knotd: DNSKEY synchronization considers keytag modulo for better reliability
- knotd: zone-(un)set parser errors no longer logged by the server
- knotd: more verbose zone-(un)set parser errors are returned to the client
- knotc: configuration warnings are printed only with the conf-check command
- kdig: enabled TLS 1.2 support (with warning)
- kdig: more verbose TLS/QUIC certificate information - SAN (see '-dd')
- mod-rrl: disabled optimized KRU version on macOS to fix CPU issues
- libknot: added two specific variants of KNOT_EAGAIN error (KNOT_NET_EAGAIN, KNOT_ETRYAGAIN)
- libs: upgraded embedded libngtcp2 to 1.13.0
- knot-exporter: added maximum libknot version dependency #956
- knot-exporter: removed return statement from a finally block #957
- packaging: new knot-exporter and python3-libknot RPM subpackages
- doc: simplified highlighting of options enabled by default
- doc: various improvements
Bugfixes:
- knotd: false warning for missing glue if NS is at other delegation
- knotd: missing rdata canonicalization in zone-(un)set operations
- knotd: missing check for member zone configured with a non-generated catalog
- knotd: benevolent IXFR skips whole rrset when ignoring a record
- knotd: missing next remove key action log during KSK/algorithm rollover
- knotd: missing catalog template configuration checks
- knotd: missing check for empty QUIC connection in XDP mode
- libknot: incorrect trailing rdata check in packet parser
- kdig: ignored DoQ response from dnsdist #954
- packaging: uninstalling lib*t64 packages removes files from upstream packages
3.4.6
Improvements:
- knotd: default TSIG algorithm is now 'hmac-sha256'
- knotd: added zone expiration info to the failed zone refresh log
- knotd: reverse record generation now accepts multiple forward zones to be reversed
- keymgr: underscores are now tolerated instead of dashes in command names
- keymgr: correct mnemonic 'rsasha1-nsec3-sha1' is used instead of 'rsasha1nsec3sha1'
- kdig: new '+[no]doflag' alias for '+[no]dnssec' #952
- kdig: documented default option values #951
- kxdpgun: extended JSON output with some packet statistics
- doc: various updates and improvements
Bugfixes:
- knotd: failed to stop the server if 'dbus-event: running` is set
- knotd: TLS 0-RTT not working if compiled with the QUIC support
- knotd: TLS handshake fails on FreeBSD
- knotd: outbound QUIC communication fails on FreeBSD
- knotd: KSK submission not ignored in the manual key management mode
- knotd: failed to bind to a UNIX socket on recent Linux kernels
- kzonecheck: failed to check non-trivial zones through standard input
3.4.5
Features:
- knotd: support for SOA serial shift (see 'serial-modulo')
- knotd: new server statistics (see 'tcp-io-timeout"' and 'tcp-idle-timeout')
Improvements:
- knotd: better signing performance of many zones in parallel by
moving 'last_signed_serial' from KASP database to timer database
- knotd: the 'terminated inactive client' TCP log moved to debug level
- knotd: allowed initial DDNS to an empty zone
- knotd: extended backup and flush argument checks
- knotd: new debug logs for zone events suspension
- libs: upgraded embedded libngtcp2 to 1.11.0
- doc: new section Multi-primary, updates
Bugfixes:
- libdnssec: inappropriate DNSKEY flags evaluation
- libknot: incorrect VLAN map size calculation for XDP
3.4.4
Features:
- knotd: added support for EDNS ZONEVERSION
- kdig: added support for EDNS ZONEVERSION (see '+zoneversion')
Improvements:
- knotd: improved control error detection and reporting
- kdig: proper section names for exported DDNS messages
- libs: upgraded embedded libngtcp2 to 1.10.0
- python: expanded documentation for the libknot control API
- doc: updated XDP prerequisites
Bugfixes:
- knotd: a DNAME record at the zone apex with active NSEC3 not accepted via XFR
- knotd: configuration abort times out if no active transaction
- knotd: defective serial modulo result if it overflows
- knotd: TLS connections not properly terminated
- knotd: maximum zone TTL not correctly recomputed after RRSIG TTL change
- knotd: zone hangs if zone reload fails (Thanks to solidcc2)
- knotd: statistics dump generates invalid YAML output if XDP is enabled #947
- knotd: insufficient check for incomplete control message
- mod-dnstap: used incorrect type for DDNS messages
- knot-exporter: failed to run with Python 3.11 or older
- tests: test_atomic and test_spinlock require building with the daemon enabled #946
3.4.3
Improvements:
- knotd: improved processing of QNAMEs containing zero bytes
- knotd: zone expiration now aborts possible zone control transaction #929
- knotd: generated catalog memeber metadata is stored when the zone is loaded
- knotd: new configuration check for using default NSEC3 salt length, which will change
- mod-rrl: added QNAME (if possible) and transport protocol to log messages
- mod-rrl: increased defaults for 'log-period' to 30 secs, 'rate-limit' to 50,
'instant-rate-limit' to 125, and 'time-rate-limit' to 5 ms
- kxdpgun: added space separators to some printed values for better readability
- libs: upgraded embedded libngtcp2 to 1.9.1
- knot-exporter: zone timers metric is now disabled by default (see '--zone-timers')
- packaging: added build dependency softhsm for PKCS #11 testing on RPM distributions
- doc: updated description of DNSSEC key management and module RRL
Bugfixes:
- knotd: more active ZSKs cause cumulative ZSK rollovers
- knotd: zone purge clears active generated catalog member metadata
- mod-rrl: authorized requests are rate limited #943
- kdig: misleading warning about timeout during QUIC connection
- keymgr: public-only keys are marked as missing in the list output
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 28 Apr 2026 12:11:11 +0000 (14:11 +0200)]
samba: Update to version 4.24.1
- Update from version 4.23.6 to 4.24.1
- Update of rootfiles for all three architectures
- Changelog
4.24.1
* BUG 16057: autobuild fails if /proc/version contains trailing space
* BUG 16035: use after free in streams_xattr_connect()
* BUG 16042: rpc workers with long living clients grow server memory keytab
* BUG 16058: vfs_snapper failing to access or enumerate files in subfolders
* BUG 16040: Samba is not build with FORTIFY_SOURCE
* BUG 16055: Fix tests with MIT Kerberos 1.22.x
4.24.0
NEW FEATURES/CHANGES
Authentication information audit support
There are some Active Directory attributes that are not secret, but
are relied on in some forms of authentication. Changes to these
attributes could indicate surreptitious activity. The
"dsdb_password_audit" and "dsdb_password_json_audit" debug classes now
log changes to the following attributes:
* altSecurityIdentities
* dNSHostName
* msDS-AdditionalDnsHostName
* msDS-KeyCredentialLink
* servicePrincipalName
For the JSON logs, changes to these will be logged with the "action"
field set to "Auth info change".
vfs_streams_xattr can hold larger streams
On Linux the size of a single extended attribute is limited to 65536
bytes of size. For some file systems, this is also the overall limit
of space for xattrs, but for example xfs can hold more than that 64k
of extended xattrs, although the individual xattr is still limited to
64k. Setting
streams_xattr:max xattrs per stream = 1
to a higher value than 1 will allow Samba to shard the stream to more
than one xattr. It has an artificial limit of 16 for a maximum stream
length of 1MB.
Support for remote password management (Entra ID SSPR, Keycloak)
When a system such as Entra ID or Keycloak wants to change a user's
password in its own database as well as in AD, it will use a password
reset, meaning it does not transmit the old password to the domain
controller. Normally a password reset avoids password history and age
checks, which would allow a cloud password change to bypass
on-premises password policies. To address this, a password reset using
the "policy hints" control should respect password policies, as if it
were an ordinary password change. Both Entra ID and Keycloak use this,
but until now Samba did not understand this control, and would reject
these reset requests.
Now Samba AD will recognise the policy hints control and enforce local
policy. This allows Microsoft Entra self-service password reset (SSPR)
to work, and for Keycloak to work with the "password policy hints
enabled" option.
Kerberos PKINIT KeyTrust logon support
Samba servers configured with the embedded heimdal KDC and running as an ADDC,
now support "Windows Hello for Business Key-Trust logons". This allows the
PKINIT authentication mechanism to be used with self-signed keys.
The samba-tool computer and user commands have a new "keytrust"
sub-command which allows for the setting and viewing of the public key
details for computer and user accounts. This stores the public key
details in msDS-KeyCredentialLink attribute of the account.
msDS-KeyCredentialLink validation
Updates to the msDS-KeyCredentialLink attribute are validated against the
rules specified by MS-ADTS 3.1.1.5.3.1.1.6.
Kerberos PKINIT strong/flexible key mappings
Samba servers configured with the embedded heimdal KDC and running as an ADDC
now support "Windows Strong and Flexible key mappings" as outlined in
Microsoft KB5014754: Certificate-based authentication changes on Windows domain
controllers.
The default enforcement mode ("full") allows only strong certificate
mappings. The smb.conf option
strong certificate binding enforcement = compatibility
will allow weak mappings where the certificate is newer than the user
account. The option "none" will allow any mappings.
The mappings for an account should be placed in the altSecurityIdentities
attribute and follow the syntax documented in KB5014754.
Kerberos PKINIT SID extension
PKINIT authentication now supports certificates containing an Object SID
extension (extension 1.3.6.1.4.1.311.25.2), this is considered to be a STRONG
mapping for KB5014754.
The computer and user samba-tool commands have a new sub-command
"generate-csr" to generate certificate signing requests.
KDC includes PAC by default
Samba will ignore the value provided by the client in "PA-PAC-REQUEST"
and always include a PAC in responses, unless "kdc always generate
pac" is set to "no".
KDC can insist clients request canonicalization
Canonicalization of principal client names is not mandatory in
Kerberos (per RFC4120), but must be requested by the client. In some
circumstances allows a client to deceive Active Directory member
servers (known as the "dollar ticket" attack).
The new configuration option "kdc require canonicalization" can be
used to require that clients request canonicalization; if they do not,
their AS_REQ requests will be rejected as if the account was unknown.
The default value is "no", for backward compatibility. Windows clients
will ask for canonicalization by default, so in Windows-heavy
environments it is safe and recommended to set this to "yes".
KDC can avoid potentially confusing canonicalization
Currently when the client does not request canonicalization, when the
KDC looks up a name and there is no match it will append a "$" to the
name and try again. An attacker who can create arbitrary machine
accounts can sometimes get tickets for Unix users by mimicking their
names (the "dollar ticket" attack).
The configuration option
kdc name match implicit dollar without canonicalization = no
can be used to disable this behaviour for clients that do not request
canonicalization. Probably this only affects traditional Unix clients,
as Windows clients use canonicalization. If affected clients want a
ticket for a machine account, they will have to use the full name
including the dollar (e.g. "server$", not "server").
If the "kdc require canonicalization" option cannot be set to "yes"
(because some clients do not request canonicalization) setting this
option to "no" is a good alternative.
KDC provides Kerberos acceptors with canonical client names
By default the KDC will now send Kerberos services the canonicalized
name (the sAMAccountName from the PAC) rather than trusting the cname.
To return to the old behaviour, use
krb5 acceptor report canonical client name = no
in the smb.conf.
This currently affects Heimdal KDC only, not MIT.
KDC recommended configuration:
strong certificate binding enforcement full
kdc always include pac yes
kdc require canonicalization yes
If unable to use "kdc require canonicalization" = "yes", then
"kdc name match implicit dollar without implicit canonicalization" should be
set to "no" if possible.
samba tool
Two new sub-commands have been added to the user and computer commands:
user|computer generate-csr
Generate a Certificate signing request for an account containing the
Object SID extension (extension 1.3.6.1.4.1.311.25.2)
user|computer keytrust
Add the public key details of a self signed certificate to an account.
The command supports PEM and DER encoded public keys.
New AIO rate-limiting VFS module
A new VFS stackable module has been introduced to implement rate-limiting for
asynchronous I/O operations. Administrators can now enforce throughput ceilings
by defining limits in either operations per second or bytes per second. The
module utilizes a token-based algorithm to calculate real-time I/O load; when
limits are exceeded, it dynamically injects millisecond delays into async
operations to maintain the defined threshold.
CephFS FSCrypt support for the VFS ceph_new module
The ceph_new VFS module can now make use of the FSCrypt feature recently added
to CephFS. This enhancement enables data and file name encryption on a per
share basis. A single CephFS file system may host a mix of encrypted and
unencrypted directories.
To obtain the encryption keys needed for FSCrypt the ceph_new module includes
support for the Keybridge protocol. Keybridge is an RPC protocol based on
Varlink that can retrieve keys from a local service via a UNIX socket. Users
can choose to develop a custom Keybridge implementation or use the existing
KMIP-compatible Keybridge server available as part of the sambacc project
(https://github.com/samba-in-kubernetes/sambacc).
Domain encryption types changed to AES by default
The default value of the smb.conf option ‘kdc default domain supported enctypes’
now corresponds to ‘aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96’ (both AES
encryption types) if the domain functional level is 2008 or higher. This
addresses CVE-2026-20833.
smb.conf changes
Parameter Name Description Default
strong certificate binding enforcement New full
certificate backdating compensation New 0
kdc always include pac New yes
kdc require canonicalization New no
kdc name match implicit dollar without canonicalization
New yes
kdc default domain supported enctypes New default AES encryption types (if supported by domain)
bugfixes
* BUG 16019: incorrect behavior on rpcclient enumport with rpcd_spoolss
* BUG 16001: altSecurityIdentities X509 issuer DN order is reversed
* BUG 16000: vfs_aio_ratelimit: introduce burst-aware and persistent state
model
4.24.0rc3
* BUG 15990: No function _python_sysroot defined
* BUG 15978: leases torture test flappy
* BUG 15984: smbd: in contend_dirleases() don't bother checking when not
enabled
* BUG 15993: 'net ads kerberos kinit' should use also default ccache name
from krb5.conf
* BUG 15789: "use-kerberos=desired" broken
* BUG 15975: source3/libads/kerberos.c sets wrong failure for negative
connection cache
* BUG 15938: CTDB's statd_callout fails on sm-notify
* BUG 15939: CTDB statd_callout_notify notifies unnecessary clients and loses
their state
* BUG 15939: CTDB statd_callout_notify notifies unnecessary clients and loses
their state
* BUG 15998: Backport domain default AES encryption types to 4.24
4.24.0rc2
* BUG 15979: possible memory leak on rpc_spoolss
* BUG 15972: Winbind group resolution failure
* BUG 15979: possible memory leak on rpc_spoolss
* BUG 15977: ctdbd socket documentation is wrong
* BUG 15976: time_t related build failure on 32bit arch in 4.24.0rc1
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 28 Apr 2026 12:11:10 +0000 (14:11 +0200)]
oath-toolkit: Update to version 2.6.14
- Update from version 2.6.13 to 2.6.14
- No change to rootfile
- Changelog
2.6.14
** pam_oath: Support null_usersfile_okay parameter.
The argument no_usersfile_okay forces the module to act as if the user
is not present in the config, if the config file does not exist. This
has security implications only use if you know what you are
doing. E.g. if the file is in a mount like home and that fails to be
mounted, then this will succeed even if the OTP if configured for that
user. Patch by Luna, Jan Zerebecki, and Miika Alikirri; see
<https://codeberg.org/oath-toolkit/oath-toolkit/pulls/94>.
** pam_oath README: Suggest `KbdInteractiveAuthentication`.
Instead of deprecated `ChallengeResponseAuthentication`. Patch by
lvgenggeng, see
<https://codeberg.org/oath-toolkit/oath-toolkit/pulls/112>.
** Various build fixes including updated gnulib files.
Fixes building with glibc 2.43, see
<https://codeberg.org/oath-toolkit/oath-toolkit/issues/113>.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 28 Apr 2026 12:11:09 +0000 (14:11 +0200)]
mympd: Update to version 25.0.1
- Update from version 22.1.1 to 25.0.1
- No chanjge to rootfile
- Changelog
25.0.1
- Upd: Translation #1527 #1529
- Fix: Compile error with libmpdclient 2.24 #1528
25.0.0
This is the first release that supports only MPD 0.23.5 and higher and
Lua 5.4.x and higher.
- Feat: Use myGPIOd REST-API #1510
- Feat: Implement merge sort for linked lists
- Feat: Use a faster algorithm for shuffling linked lists
- Feat: Regularly save the myMPD state if myMPD is active
- Feat: Scripting - Add custom Lua function `mympd.firstTableValue`
- Upd: Bump requirement for MPD and Lua versions
- Upd: Search and utf8 handling improvements
- Upd: Add connection header to responses
- Upd: Improve HTTP session handling
- Fix: Check for minimum string length in json payload
- Fix: libutf8proc is an unused shared library in mympd-script #1520
24.0.3
- Upd: Split sds_extras compile unit
- Fix: test_utf8wrap still fails #1519
- Fix: Reset scrolling position on search
24.0.2
- Fix: Define NDEBUG for all release types but Debug #1515
- Fix: utf8 test failures #1514
24.0.1
- Fix: Handle invalid unicode strings #1511
24.0.0
This release improves the integrated search by using string normalization and
adding a fuzzy search option. Furthermore the mpd connection handling was
improved.
The documentation site was migrated from Mkdocs to Sphinx, because of the
deprecation of Material for Mkdocs.
- Feat: Fuzzy substring matching using the levenshtein distance
- Feat: String normalization for album, webradio, playlists and filesystem search
- Feat: Replace utf8 implementation with utf8proc library
- Feat: Add setting for default search operator
- Upd: Migrate documentation to Sphinx with Sphinx Book Theme #1495
- Upd: Move lyrics handling from mympd_api to webserver thread
- Upd: Performance improvements for mympd_api polling
- Upd: Stability improvements in MPD connection handling
- Upd: Limit length of smart playlists #1505
- Fix: Handling of HTTP connections #1503
- Fix: Endless scrolling in mobile view #1504
23.0.1
- Upd: Translations
- Upd: Mongoose 7.20
- Upd: Optimize build for openSUSE Build Service
- Fix: Segvault in album view if song title tag not exists
- Fix: Segvault in playlist view if song title tag not exists
23.0.0
This versions enhances the jukebox implementation and the album handling.
- Feat: Keep jukebox queue between myMPD restarts #1485
- Feat: Add option for Jukebox Autostart #1482
- Feat: Manually trigger refill of the jukebox queue #1483
- Feat: Configurable jukebox queue lengths #1484
- Feat: Add option for default behavior on click on tag in browse view #1472
- Feat: Optionally group songs with empty album tag in a special
`Unknown Album` album #1472
- Feat: Support large images
- Feat: Add implicit secondary sort tag to album view
- Feat: Add option to increase the size of action icons in lists #1489
- Upd: Remove obsolete config variable save_caches
- Fix: Do not reset scrolling position on update of lists #1478
- Fix: Try to keep select if list is refreshed because of an event #1479
- Fix: Song count and limit calculation for last played list #1487
- Fix: Display Disc 1 for multidisc albums #1490
22.1.2
- Upd: Translations
- Fix: Initialize mg_user_data in debug build
- Fix: Listing songs from Artists List view fails #1474
- Fix: Random select if only one entry must be added #1480
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 28 Apr 2026 12:11:08 +0000 (14:11 +0200)]
lldpd: Update to version 1.0.21
- Update from version 1.0.20 to 1.0.21
- No change to rootfile
- Changelog
1.0.21
* Changes:
+ Add "configure lldp portdescription-source" to choose how to populate port
description (#763)
* Fix:
+ Fix path traversal vulnerabilities in the privileged process (#773, #774)
+ Fix arbitrary file deletion in the privileged process (#772)
+ Fix accuracy of Dot3 MAU types advertised and add support for 200G and 400G (#771)
+ Fix detection of wireless interfaces (#738)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 28 Apr 2026 12:11:06 +0000 (14:11 +0200)]
inotify-tools: Update to version 4.25.9.0
- Update from version 4.23.9.0 to 4.25.9.0
- No change to rootfile
- Changelog
4.25.9.0
Reject fanotify-only options if fanotify is disabled by @defanor in #196
Fix formatting of man page references by @jwilk in #213
Disable SonarCloud by @ericcurtin in #214
Remove dead builds from README.md by @ericcurtin in #215
Add Fedora 39 build to github actions by @ericcurtin in #216
Add flag for forcing static compilation by @nirhaike in #220
Allow recursive watch with --include by @arnib in #229
Fix a crash on >=1024 watched files by @jankratochvil in #230
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 28 Apr 2026 12:11:01 +0000 (14:11 +0200)]
arpwatch: Update to version 3.9
- Update from version 3.8 to 3.9
- No change to rootfile
- Changelog
3.9
- Use mktemp(1) to obtain a temporary file for update-ethercodes
and avoid potiential security issues. Reported by Johannes Segitz
(jsegitz@suse.de)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 27 Apr 2026 18:47:01 +0000 (20:47 +0200)]
sed: Update to version 4.10
- Update from version 4.9 to 4.10
- Update of rootfile
- Changelog
4.10
Bug fixes
sed 's/a/b/g' (and other global substitutions) now works on input
lines longer than 2GB. Previously, matches beyond the 2^31 byte offset
would evoke a "panic" (exit 4).
[bug present since the beginning]
'sed --follow-symlinks -i' no longer has a TOCTOU race that could let
an attacker swap a symlink between resolution and open, causing sed to
read attacker-chosen content and write it to the original target.
[bug introduced in sed 4.1e]
sed no longer falsely matches when back-references are combined with
optional groups (.?) and the $ anchor. For example, this no longer
falsely matches the empty string at beginning of line:
$ echo ab | sed -E 's/^(.?)(.?).?\2\1$/X/'
Xab
[bug present since "the beginning"]
In --posix mode, sed no longer mishandles backslash escapes (\n,
\t, \a, etc.) after a named character class like [[:alpha:]].
For example, 's/^A\n[[:alpha:]]\n*/XXX/' would fail to match the
trailing newline, treating \n as a literal backslash and an 'n'
rather than a newline. This happened when an earlier backslash
escape in the same regex had already been converted, shifting the
in-place normalization buffer.
[bug introduced in sed 4.9]
sed --debug no longer crashes when a label (":") command is compiled
before the --debug option is processed, e.g., sed -f<(...) --debug.
[bug introduced in sed 4.7 with --debug]
sed no longer rejects the documented GNU extension 'a**' (equivalent
to 'a*') in Basic Regular Expression (BRE) mode. Previously, this
worked only with -E (ERE mode), even though grep has always accepted
it in BRE mode.
[bug present since "the beginning"]
sed no longer rejects "\c[" in regular expressions
[bug present since the beginning]
'sed --follow-symlinks -i' no longer mishandles an operand that is a
short symbolic link to a long symbolic link to a file.
[bug introduced in sed 4.9]
Fix some some longstanding but unlikely integer overflows.
Internally, 'sed' now more often prefers signed integer arithmetic,
which can be checked automatically via 'gcc -fsanitize=undefined'.
Changes in behavior
In the default C locale, diagnostics now quote 'like this' (with
apostrophes) instead of `like this' (with a grave accent and an
apostrophe). This tracks the GNU coding standards.
'sed --posix' now warns about uses of backslashes in the 's' command
that are handled by GNU sed but are not portable to other
implementations.
Build-related
builds no longer fail on platforms without the <getopt.h> header or
getopt_long function.
[bug introduced in sed 4.9]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Mon, 27 Apr 2026 18:47:00 +0000 (20:47 +0200)]
man-pages: Update to version 6.18
- Update from version 6.17 to 6.18
- Update of rootfile
- Changelog
6.18
New and rewritten pages
man2/
futex_waitv.2
man3/
aprintf.3
io_destroy.3 (previously, io_destroy(2))
io_setup.3 (previously, io_setup(2))
rawmemchr.3 (previously, memchr(3))
stpcpy.3 (previously, strcpy(3))
strchrnul.3 (previously, strchr(3))
strdupa.3 (previously, strdup(3))
strnul.3
strtok_r.3 (previously, strtok(3))
Newly documented interfaces in existing pages
man2/
landlock_create_ruleset.2
struct landlock_ruleset_attr::scoped
LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_OFF
LANDLOCK_RESTRICT_SELF_LOG_SAME_EXEC_OFF
LANDLOCK_RESTRICT_SELF_LOG_NEW_EXEC_ON
LANDLOCK_CREATE_RULESET_ERRATA
landlock_restrict_self.2
LANDLOCK_RESTRICT_SELF_TSYNC
statmount.2
req.mnt_ns_id
STATMOUNT_MNT_NS_ID
STATMOUNT_MNT_OPTS
STATMOUNT_FS_SUBTYPE
STATMOUNT_SB_SOURCE
STATMOUNT_OPT_ARRAY
STATMOUNT_OPT_SEC_ARRAY
STATMOUNT_{UIDMAP,GIDMAP}
STATMOUNT_SUPPORTED_MASK
req.mnt_ns_fd
STATMOUNT_BY_FD
truncate.2
ENOSPC
man3/
printf.3
scanf.3
%wN
man5/
core.5
%f
FC
man7/
landlock.7
LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_OFF
LANDLOCK_RESTRICT_SELF_LOG_SAME_EXEC_OFF
LANDLOCK_RESTRICT_SELF_LOG_NEW_EXEC_ON
LANDLOCK_CREATE_RULESET_ERRATA
LANDLOCK_RESTRICT_SELF_TSYNC
New and changed links
man3/
strndupa.3 (strdupa(3))
vaprintf.3 (aprintf(3))
Global changes
- man/
- man3/
- Document how string functions relate to each other.
- Separate documentation of system calls and of libaio wrappers.
Changes to individual files
The manual pages and other files in the repository have been improved
beyond what this changelog covers. To learn more about changes applied
to individual pages, or the authors of changes, use git(1)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:00 +0000 (13:44 +0200)]
coreutils: Update to version 9.11
- Update from version 9.10 to 9.11
- No change to rootfile
- Changelog
9.11
Bug fixes
'dd' now always diagnoses partial writes correctly upon write failure.
Previously it may have indicated that only full writes were performed.
[This bug was present in "the beginning".]
'fold' will no longer truncate output when encountering 0xFF bytes.
[bug introduced in coreutils-9.8]
'fold' is again responsive to its input. Previously it would have delayed
processing until 256KiB was read from the input.
[bug introduced in coreutils-9.8]
'kill --help' now has links to valid anchors in the html manual.
[bug introduced in coreutils-9.10]
When configured with --enable-systemd, the commands 'pinky',
'uptime', 'users', and 'who' no longer consider the systemd session
classes 'greeter', 'lock-screen', 'background', 'background-light',
and 'none' to be users.
[bug introduced in coreutils-9.4]
'pwd' on ancient systems will no longer overflow a buffer
when operating in deep paths longer than twice the system PATH_MAX.
[bug introduced in coreutils-9.6]
'stat --printf=%%N' no longer performs unnecessary checks of the QUOTING_STYLE
environment variable.
[bug introduced in coreutils-8.26]
'timeout' no longer exits abruptly when its parent is the init process, e.g.,
when started by the entrypoint of a container.
[bug introduced in coreutils-9.10]
New Features
'cut' now supports multi-byte input and delimiters. Consequently
the -c option is now honored, and no longer an alias for -b, and
the -n option is now honored, and no longer ignored.
Also the -d option supports multi-byte delimiters.
'cut' adds new options for better compatibility:
The -w,--whitespace-delimited option was added to support blank aligned fields
and for better compatibility with FreeBSD/macOS.
The -O option was added as an alias for the --output-delimiter option,
for better compatibility with busybox/toybox.
The -F option was added as an alias for -w -O ' '
for better compatibility with busybox/toybox.
'date --date' now parses dot delimited dd.mm.yy format common in Europe.
This is in addition to the already supported mm/dd/yy and yy-mm-dd formats.
Changes in behavior
'cksum --check' now uses shell quoting when required, to more robustly
escape file names output in diagnostics.
This also affects md5sum, sha*sum, and b2sum.
Improvements
'cat' now uses zero-copy I/O on Linux when appropriate, to improve throughput.
E.g., throughput improved 6x from 12.9GiB/s to 81.8GiB/s on a Power10 system.
'df --local' recognises more file system types as remote.
Specifically: autofs, ncpfs, smb, smb2, gfs, gfs2, userlandfs.
'df' improves duplicate mount suppression, by checking each mount against
all previously kept entries for the same device, not just the latest one.
'expand' and 'unexpand' now support multi-byte characters.
'groups' and 'id' will now exit sooner after a write error,
which is significant when listing information for many users.
'install' now allows the combination of the --compare and
--preserve-timestamps options.
'fold', 'join', 'numfmt', 'uniq' now use more consistent blank character
determination on non GLIBC platforms. For example \u3000 (ideographic space)
will be considered a blank character on all platforms.
'nl' now supports multi-byte --section-delimiter characters.
'shuf -i' now operates up to two times faster on systems with unlocked stdio
functions.
'tac' will now exit sooner after a write error, which is significant when
operating on a file with many lines.
'timeout' now properly detects when it is reparented by a subreaper process on
Linux instead of init, e.g., the 'systemd --user' process.
'wc -l' now operates up to four and a half times faster on hosts that support
Neon instructions.
'wc -m' now operates up to 2.6 times faster on GLIBC when processing
non-ASCII UTF-8 characters.
'yes' now uses zero-copy I/O on Linux to significantly increase throughput.
E.g., throughput improved 15x from 11.6GiB/s to 175GiB/s on a Power10 system.
Build-related
./configure --enable-single-binary=hardlinks is now supported on systems
with dash as the system shell at /bin/sh.
[issue introduced in coreutils-9.10]
The test suite may have failed with a "Hangup" error if run non-interactively.
[issue introduced in coreutils-9.10]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:01 +0000 (13:44 +0200)]
git: Update to version 2.54.0
- Update from version 2.53.0 to 2.54.0
- Update of rootfile
- Changelog
2.54.0
UI, Workflows & Features
"git add -p" and friends note what the current status of the hunk
being shown is.
"git history" history rewriting (experimental) command has been
added.
"git replay" is taught to drop commits that become empty (not the
ones that are empty in the original).
The help text and the documentation for the "--expire" option of
"git worktree [list|prune]" have been improved.
When "git show-index" is run outside a repository, it silently
defaults to SHA-1; the tool now warns when this happens.
"git merge-file" can be run outside a repository, but it ignored
all configuration, even the per-user ones. The command now uses
available configuration files to find its customization.
"auto filter" logic for large-object promisor remote.
"git rev-list" and friends learn "--maximal-only" to show only the
commits that are not reachable by other commits.
Command line completion (in contrib/) update for
"stash import/export".
"git repo info" learns "--keys" action to list known keys.
Extend the alias configuration syntax to allow aliases using
characters outside ASCII alphanumeric (plus -).
A signature on a commit that was GPG signed a long time ago ought to
be still valid after the key that was used to sign it has expired,
but we showed them in alarming red.
"git subtree split --prefix=P <commit>" now checks the prefix P
against the tree of the (potentially quite different from the
current working tree) given commit.
"git add -p" learned a new mode that allows the user to revisit a
file that was already dealt with.
Allow the directory in which reference backends store their data to
be specified.
"gitweb" has been taught to be mobile friendly.
"git apply --directory=./un/../normalized/path" now normalizes the
given path before using it.
"git maintenance" starts using the "geometric" strategy by default.
"git config list" is taught to show the values interpreted for
specific type with "--type=<X>" option.
"git add <submodule>" has been taught to honor
submodule.<name>.ignore that is set to "all" (and requires "git add
-f" to override it).
Hook commands are now allowed to be defined (possibly centrally)
in the configuration files, and run multiple of them for the same
hook event.
The way end-users can add their own "git <cmd>" subcommand by
storing "git-<cmd>" in a directory on their $PATH has not been
documented clearly, which has been corrected.
"git send-email" learns to pass hostname/port to Authen::SASL
module.
"git send-email" learns to support use of client-side certificates.
"git send-email" has learned to be a bit more careful when it
accepts charset to use from the end-user, to avoid y (mistaken
yes when expecting a charset like UTF-8) and other nonsense.
"git status" learned to show comparison between the current branch
and various other branches listed on status.compareBranches
configuration.
"git repo structure" command learns to report maximum values on
various aspects of objects it inspects.
"git rebase" learns "--trailer" option to drive the
interpret-trailers machinery.
"git fast-import" learned to optionally replace signature on
commits whose signatures get invalidated due to replaying by
signing afresh.
"git history" learned the "split" subcommand.
The reference-transaction hook was taught to be triggered before
taking locks on references in the "preparing" phase.
"git apply" now reports the name of the input file along with the
line number when it encounters a corrupt patch, and correctly
resets the line counter when processing multiple patch files.
The HTTP transport learned to react to "429 Too Many Requests".
"git repo info -h" and "git repo structure -h" limit their help output
to the part that is specific to the subcommand.
"git format-patch --cover-letter" learns to use a simpler format
instead of the traditional shortlog format to list its commits with
a new --commit-list-format option and format.commitListFormat
configuration variable.
git backfill learned to accept revision and pathspec arguments.
"git replay" (experimental) learns, in addition to "pick" and
"replay", a new operating mode "revert".
"git replay" now supports replaying down to the root commit.
Handling of signed commits and tags in fast-import has been made more
configurable.
"git config list" is the official way to spell "git config -l" and
"git config --list". Use it to update the documentation.
Performance, Internal Implementation, Development Support etc.
Avoid local submodule repository directory paths overlapping with
each other by encoding submodule names before using them as path
components.
The string_list API gains a new helper, string_list_sort_u(), and
new unit tests to extend coverage.
Improve set-up time of a perf test.
ISO C23 redefines strchr and friends that traditionally took
a const pointer and returned a non-const pointer derived from it to
preserve constness (i.e., if you ask for a substring in a const
string, you get a const pointer to the substring). Update code
paths that used non-const pointer to receive their results that did
not have to be non-const to adjust.
Rename three functions around the commit_list data structure.
Transaction to create objects (or not) is currently tied to the
repository, but in the future a repository can have multiple object
sources, which may have different transaction mechanisms. Make the
odb transaction API per object source.
"git merge-ours" is taught to work better in a sparse checkout.
Allow recording process ID of the process that holds the lock next
to a lockfile for diagnosis.
Reduce dependency on the_repository of xdiff-interface layer.
Code clean-up to use the commit_stack API.
"git diff --anchored=<text>" has been optimized.
A CodingGuidelines update.
Add process ancestry data to trace2 on macOS to match what we
already do on Linux and Windows. Also adjust the way Windows
implementation reports this information to match the other two.
A handful of places used refs_for_each_ref_in() API incorrectly,
which has been corrected.
Some tests assumed "iconv" is available without honoring ICONV
prerequisite, which has been corrected.
Revamp object enumeration API around odb.
Additional tests were introduced to see the interaction with netrc
auth with auth failure on the http transport.
A couple of bugs in use of flag bits around odb API has been
corrected, and the flag bits reordered.
Plumb gitk/git-gui build and install procedure in meson based
builds.
The code to accept shallow "git push" has been optimized.
Simplify build procedure for oxskeychain (in contrib/).
Fix dependency screw-up in meson-based builds.
Wean the mailmap code off of the_repository dependency.
API clean-up for the worktree subsystem.
The last uses of the_repository in "tree-diff.c" have been
eradicated.
Clean-up the code around "git repo info" command.
Mark the merge-ort codebase to prevent more uses of the_repository
from getting added.
The core.attributesfile is intended to be set per repository, but
was kept track of by a single global variable in-core, which has
been corrected by moving it to per-repository data structure.
Use the hook API to replace ad-hoc invocation of hook scripts via
the run_command() API.
Code refactoring around refs-for-each-* API functions.
The parse-options API learned to notice an options[] array with
duplicated long options.
(merge 237e520d81 rs/parse-options-duplicated-long-options later to maint).
The code to maintain mapping between object names in multiple hash
functions is being added, written in Rust.
A bit of OIDmap API enhancement and cleanup.
Move gitlab CI from macOS 14 images that are being deprecated.
The object source API is getting restructured to allow plugging new
backends.
Reduce dependence on the global the_hash_algo and the_repository
variables of wt-status code path.
The way combined list-object filter options are parsed has been
revamped.
Editorconfig filename patterns were specified incorrectly, making
many source files inside subdirectories unaffected, which has been
corrected.
The run_command() API lost its implicit dependency on the singleton
the_repository instance.
The unit test helper function was taught to use backslash
mnemonic notation for certain control characters like "\t", instead
of octal notation like "\011".
Adjust test-lint to allow "sed -E" to use ERE in the patterns.
Clar (unit testing framework) update from the upstream.
Reduce system overhead "git upload-pack" spends on relaying "git
pack-objects" output to the "git fetch" running on the other end of
the connection.
Add a coccinelle rule to break the build when "struct strbuf" gets
passed by value.
Further work on incremental repacking using MIDX/bitmap
The logic to count objects has been cleaned up.
Tweak the build infrastructure by moving tools around.
Uses of prio_queue as a LIFO stack of commits have been written
with commit_stack.
The cleanup of remaining bitmaps in "ahead_behind()" has been
simplified.
split-index.c has been updated to not use the global the_repository
and the_hash_algo variables.
The unsigned integer that is used as a bitset to specify the kind
of branches interpret_branch_name() function has been changed to
use a dedicated enum type.
Various updates to contrib/diff-highlight, including documentation
updates, test improvements, and color configuration handling.
Code paths that loop over another array to push each element into a
strvec have been rewritten to use strvec_pushv() instead.
In case homebrew breaks REG_ENHANCED again, leave an in-code comment
to suggest use of our replacement regex as a workaround.
MinGW build updates.
The way dash 0.5.13 handles non-ASCII contents in here-doc
is buggy and breaks our existing tests, which unfortunately
have been rewritten to avoid triggering the bug.
Object name handling (disambiguation and abbreviation) has been
refactored to be backend-generic, moving logic into the respective
object database backends.
pack-objects’s --stdin-packs=follow mode learns to handle
excluded-but-open packs.
A few code paths that spawned child processes for network
connection weren’t wait(2)ing for their children and letting "init"
reap them instead; they have been tightened.
Adjust the codebase for C23 that changes functions like strchr()
that discarded constness when they return a pointer into a const
string to preserve constness.
A handful of inappropriate uses of the_repository have been
rewritten to use the right repository structure instance in the
read-cache.c codepath.
Internals of "git fsck" have been refactored to not depend on the
global the_repository variable.
Reduce dependency on the_repository in add-patch.c file.
The way the "git log -L<range>:<file>" feature is bolted onto the
log/diff machinery is being reworked a bit to make the feature
compatible with more diff options, like -S/G.
Further work to adjust the codebase for C23 that changes functions
like strchr() that discarded constness when they return a pointer into
a const string to preserve constness.
"git rev-list --maximal-only" has been optimized by borrowing the
logic used by "git show-branch --independent", which computes the
same kind of information much more efficiently.
Fixes since v2.53
HTTP transport failed to authenticate in some code paths, which has
been corrected.
(merge ed0f7a62f7 ap/http-probe-rpc-use-auth later to maint).
The computation of column width made by "git diff --stat" was
confused when pathnames contain non-ASCII characters.
(merge 04f5d95ef7 lp/diff-stat-utf8-display-width-fix later to maint).
The "-z" and "--max-depth" documentation (and implementation of
"-z") in the "git last-modified" command have been updated.
(merge 9dcc09bed1 tc/last-modified-options-cleanup later to maint).
A handful of code paths that started using batched ref update API
(after Git 2.51 or so) lost detailed error output, which have been
corrected.
(merge eff9299eac kn/ref-batch-output-error-reporting-fix later to maint).
"git blame --ignore-revs=… --color-lines" did not account for
ignored revisions passing blame to the same commit an adjacent line
gets blamed for.
(merge d519082d4e rs/blame-ignore-colors-fix later to maint).
Coccinelle rules update.
(merge 60614838a4 tc/memzero-array later to maint).
Giving "git last-modified" a tree (not a commit-ish) died an
uncontrolled death, which has been corrected.
(merge 525ef52301 tc/last-modified-not-a-tree later to maint).
Test contrib/ things in CI to catch breakages before they enter the
"next" branch.
(merge c591c3ceff jc/ci-test-contrib-too later to maint).
A handful of documentation pages have been modernized to use the
"synopsis" style.
(merge a34d1d53a6 ja/doc-synopsis-style-even-more later to maint).
Small clean-up of xdiff library to remove unnecessary data
duplication.
(merge 5086213bd2 pw/xdiff-cleanups later to maint).
Update sample commit-msg hook to complain when a log message has
material mailinfo considers the end of log message in the middle.
(merge 83804c361b pw/commit-msg-sample-hook later to maint).
"git pack-objects --stdin-packs" with "--exclude-promisor-objects"
fetched objects that are promised, which was not wanted. This has
been fixed.
(merge f4eff7116d ps/pack-concat-wo-backfill later to maint).
"git switch <name>", in an attempt to create a local branch <name>
after a remote tracking branch of the same name gave an advice
message to disambiguate using "git checkout", which has been
updated to use "git switch".
(merge 12fee11f21 jc/checkout-switch-restore later to maint).
It does not make much sense to apply the "incomplete-line"
whitespace rule to symbolic links, whose contents almost always
lack the final newline. "git apply" and "git diff" are now taught
to exclude them for a change to symbolic links.
(merge 6a41481c6d jc/whitespace-incomplete-line later to maint).
"git format-patch --from=<me>" did not honor the command line
option when writing out the cover letter, which has been corrected.
Update build procedure for mergetool documentation in meson-based builds.
(merge 58e4eeeeb5 pw/meson-doc-mergetool later to maint).
An earlier attempt to optimize "git subtree" discarded too much
relevant histories, which has been corrected.
A prefetch call can be triggered to access a stale diff_queue entry
after diffcore-break breaks a filepair into two and freed the
original entry that is no longer used, leading to a segfault, which
has been corrected.
(merge 2d88ab078d hy/diff-lazy-fetch-with-break-fix later to maint).
"git fetch --deepen" that tries to go beyond merged branch used to
get confused where the updated shallow points are, which has been
corrected.
(merge 3ef68ff40e sp/shallow-deepen-relative-fix later to maint).
"fsck" iterates over packfiles and its access to pack data caused
the list to be permuted, which caused it to loop forever; the code
to access pack data by "fsck" has been updated to avoid this.
(merge 13eb65d366 ps/fsck-stream-from-the-right-object-instance later to maint).
"git log --graph --stat" did not count the display width of colored
graph part of its own output correctly, which has been corrected.
(merge 064b869efc lp/diff-stat-utf8-display-width-fix later to maint).
The configuration variable format.noprefix did not behave as a
proper boolean variable, which has now been fixed and documented.
(merge ea3a62c40e kh/format-patch-noprefix-is-boolean later to maint).
CI fix.
(merge eb35167dd4 ps/ci-reduce-gitlab-envsize later to maint).
"git diff --no-index --find-object=<object-name>" outside a
repository of course wouldn’t be able to find the object and died
while parsing the command line. The command is made to die in a
bit more user-friendly way.
(merge b0ddc7947c mm/diff-no-index-find-object later to maint).
Fix typo-induced breakages in fsmonitor-watchman sample hook.
(merge 41366e4677 pt/fsmonitor-watchman-sample-fix later to maint).
"git for-each-repo" started from a secondary worktree did not work
as expected, which has been corrected.
(merge e87493b9b4 ds/for-each-repo-w-worktree later to maint).
The construct test "$(command)" = expectation loses the exit
status from the command, which has been fixed by breaking up the
statement into pieces.
(merge d3edca979a fp/t3310-unhide-git-failures later to maint).
While discovering a ".git" directory, the code treats any stat()
failure as a sign that a filesystem entity .git does not exist
there, and ignores ".git" that is not a "gitdir" file or a
directory. The code has been tightened to notice and report
filesystem corruption better.
(merge 1dd27bfbfd ty/setup-error-tightening later to maint).
Plug a few leaks where mmap’ed memory regions are not unmapped.
(merge a8a69bbb64 jk/unleak-mmap later to maint).
A test now uses the symbolic constant $ZERO_OID instead of 40 "0" to
work better with SHA-256 as well as SHA-1.
(merge 30310f3cc4 ss/t3200-test-zero-oid later to maint).
Instead of hardcoded origin, use the configured default remote
when fetching from submodules.
(merge 3b5fb32da8 ng/submodule-default-remote later to maint).
The code in "git help" that shows configuration items in sorted
order was awkwardly organized and prone to bugs.
"imap-send" used to use functions whose use is going to be removed
with OpenSSL 4.0; rewrite them using public API that has been
available since OpenSSL 1.1 since 2016 or so.
(merge 6392a0b75d bb/imap-send-openssl-4.0-prep later to maint).
Fix an example in the user-manual.
(merge 5514f14617 gj/user-manual-fix-grep-example later to maint).
The final clean-up phase of the diff output could turn the result of
histogram diff algorithm suboptimal, which has been corrected.
(merge e417277ae9 yc/histogram-hunk-shift-fix later to maint).
"git diff -U<num>" was too lenient in its command line parsing and
took an empty string as a valid <num>.
(merge 4f6a803aba ty/doc-diff-u-wo-number later to maint).
The handling of the incomplete lines at the end by "git
diff-highlight" has been fixed.
merge-file --object-id used to trigger a BUG when run in a linked
worktree, which has been fixed.
(merge 57246b7c62 mr/merge-file-object-id-worktree-fix later to maint).
"git apply -p<n>" parses <n> more carefully now.
(merge d05d84c5f5 mf/apply-p-no-atoi later to maint).
A test to run a .bat file with whitespaces in the name with arguments
with whitespaces in them was flaky in that sometimes it got killed
before it produced expected side effects, which has been rewritten to
make it more robust.
(merge 3ad4921838 jk/t0061-bat-test-update later to maint).
"git ls-remote +refs/tags/:refs/tags/ https://…" run outside a
repository would dereference a NULL while trying to see if the given
refspec is a single-object refspec, which has been corrected.
(merge 4e5dc601dd kj/refspec-parsing-outside-repository later to maint).
Fix a regression in writing the commit-graph where commits with dates
exceeding 34 bits (beyond year 2514) could cause an underflow and
crash Git during the generation data overflow chunk writing.
The value of a wrong pointer variable was referenced in an error
message that reported that it shouldn’t be NULL.
(merge 753ecf4205 yc/path-walk-fix-error-reporting later to maint).
The check in "receive-pack" to prevent a checked out branch from
getting updated via updateInstead mechanism has been corrected.
"git backfill" is capable of auto-detecting a sparsely checked out
working tree, which was broken.
(merge 339eba65a7 th/backfill-auto-detect-sparseness-fix later to maint).
add_files_to_cache() used diff_files() to detect only the paths that
are different between the index and the working tree and add them,
which does not need rename detection, which interfered with unnecessary
conflicts.
(merge c0ce43376b ng/add-files-to-cache-wo-rename later to maint).
Doc mark-up update for entries in the glossary with bulleted lists.
(merge a65cbd87ea jk/doc-markup-sub-list-indentation later to maint).
CI dependency updates.
(merge 4bdb17e3a8 jc/ci-github-actions-use-checkout-v5 later to maint).
Other code cleanup, docfix, build fix, etc.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:03 +0000 (13:44 +0200)]
harfbuzz: Update to version 14.2.0
- Update from version 14.0.0 to 14.2.0
- Update of rootfile
- Changelog
14.2.0
- GPU library:
* New color-glyph paint renderer, based on design by Lê Duy Quang.
`hb_gpu_paint_t` walks a font's paint tree (COLRv0 or COLRv1) and encodes
its layers (solid fills, linear / radial / sweep gradients, transforms,
composite groups) into a compact blob.
A new fragment-shader function `hb_gpu_paint()` renders the blob in
premultiplied RGBA; monochrome glyphs are handled transparently via a
synthesized foreground-colored layer.
Shader sources provided in GLSL, WGSL, MSL, and HLSL.
* Paint encoder limitations: the encoder sets `unsupported` and returns
`NULL` when `num_ops` would exceed 32767, `push_group` nests deeper than 4,
or the paint tree calls back through the image callback (PaintImage).
Nested glyph clips are intersected up to 3 levels; a few composite modes
use approximate fallbacks; `push_clip_rectangle` is silently ignored.
* Encode entry point now returns extents and auto-clears the encoder; the
standalone `get_extents()` is gone.
* Gradient color stop interpolation now happens in premultiplied space per
the OpenType COLR specification.
* The foreground color sentinel (`is_foreground`) now correctly preserves the
paint-tree alpha from the encoded color data instead of discarding it.
* The hb-gpu utility gains `--draw` / `--paint` flags with per-font
auto-detect, and `--output-file` / `-o` for headless single-frame rendering
to a PPM image.
- Vector library:
* New PDF output backend. Vector paint glyphs now render to PDF page content,
producing scalable COLRv0 / COLRv1 color-glyph artwork (solid fills, linear
/ radial / sweep gradients, blend modes, PNG images with transparency) that
can be embedded directly in PDF documents. Useful for PDF producers such as
LibreOffice that want crisp, resolution-independent color emoji.
* New SVG id prefix API on paint allows prefixing document references, which
allows for embedding multiple SVGs in the same page without name clashes
(`hb_vector_paint_set_svg_prefix`).
* Removed glyph path dedup from vector draw and paint. Each glyph is emitted
inline; no `<defs>` / `<use>` caching.
* `_glyph()` functions are now thin convenience wrappers documented as
equivalent expansions of the underlying font draw/paint API.
* Drop glyph-source rendering of SVG-in-OT fonts.
- Raster library:
* Drop glyph-source rendering of SVG-in-OT fonts.
- Across Draw / Paint subsystems:
* `_reset()` methods gain matching`_clear()` companions that drop accumulated
data while preserving user configuration. Getter companions added for
setters across raster, vector, and gpu types.
- Various fuzzer fixes for raster, vector, and GPU libraries.
- Paint API:
* New arbitrary-path clip: `hb_paint_push_clip_path_start` / `_end` let
callers clip to a caller-supplied outline, not just a font glyph.
`push_clip_path_start()` returns the draw-funcs (and matching draw data)
for the backend’s path accumulator; the caller drives `hb_draw_*()` into
it, then calls `push_clip_path_end()`, followed by painted ops, then
`hb_paint_pop_clip()` to release the clip. Implemented for all paint
backends: vector (SVG defs + clipPath + url ref), vector PDF (q / path / W
n), raster (path rendered to an alpha mask, intersected with the current
clip), and GPU (the path is encoded into a Slug sub-blob so the fragment
shader clips against it the same way it clips against glyph outlines).
- Shaping:
* Indic: categorize U+1CF5 and U+1CF6 as CS.
- Changed API
* GPU library:
- `hb_gpu_draw_glyph()` now returns `void` (was `hb_bool_t`). Use
`hb_gpu_draw_glyph_or_fail()` if you need the success status.
- `hb_gpu_paint_glyph()` now returns `void` (was `hb_bool_t`) and
internally synthesizes a foreground-colored layer for non-color glyphs
via `hb_font_paint_glyph()`, so every glyph with an outline produces
output. Use `hb_gpu_paint_glyph_or_fail()` (which delegates to
`hb_font_paint_glyph_or_fail()`) if you need to distinguish color vs
synthesized paint. Encoder-level limits (unsupported ops, group-stack
overflow) no longer fail paint_glyph; they surface from
`hb_gpu_paint_encode()` returning `NULL`.
- `hb_gpu_draw_encode()` now takes an `extents` out-parameter and
auto-clears the encoder on return.
- `hb_gpu_draw_darken()` renamed to `hb_gpu_stem_darken()`.
* Vector library:
- `hb_vector_svg_set_precision()` and its paint counterpart renamed to
`hb_vector_draw_set_precision()` / `hb_vector_paint_set_precision()`
(SVG-specific naming is inaccurate with the PDF backend added).
- `hb_vector_draw_glyph()` / `hb_vector_paint_glyph()` now return `void`
(were `hb_bool_t`). Paint additionally gains a draw fallback for
non-color glyphs. Use the matching `_or_fail()` variants for the
`hb_bool_t` return.
* Raster library:
- `hb_raster_draw_glyph()` / `hb_raster_paint_glyph()` now return `void`
(were `hb_bool_t`). Paint additionally gains a draw fallback for
non-color glyphs. Use the matching `_or_fail()` variants for the
`hb_bool_t` return.
* General:
- Many read-only getters gained const on their object argument.
- Six public draw / paint funcs getters across raster, vector, and gpu now
take a const-pointer to the relevant context instance instead of being
singletons:
hb_raster_draw_get_funcs (const hb_raster_draw_t *)`
hb_raster_paint_get_funcs (const hb_raster_paint_t *)
hb_vector_draw_get_funcs (const hb_vector_draw_t *)
hb_vector_paint_get_funcs (const hb_vector_paint_t *)
hb_gpu_draw_get_funcs (const hb_gpu_draw_t *)
hb_gpu_paint_get_funcs (const hb_gpu_paint_t *)
This is what lets vector_paint dispatch to SVG- vs PDF- flavored
callbacks transparently when called from outside code; the others
currently use the instance for symmetry only.
- New API
* Draw:
+HB_DRAW_LINE_CAP_BUTT
+HB_DRAW_LINE_CAP_ROUND
+HB_DRAW_LINE_CAP_SQUARE
+hb_draw_line_cap_t
+hb_draw_line()
+hb_draw_rectangle()
+hb_draw_circle()
* Paint:
+hb_paint_push_clip_path_start_func_t
+hb_paint_push_clip_path_end_func_t
+hb_paint_sweep_gradient_tile_func_t
+hb_paint_push_group_for_func_t
+hb_paint_push_group_for()
+hb_paint_funcs_set_push_group_for_func()
+hb_paint_reduce_linear_anchors()
+hb_paint_normalize_color_line()
+hb_paint_sweep_gradient_tiles()
+hb_paint_push_clip_path_start()
+hb_paint_push_clip_path_end()
+hb_paint_funcs_set_push_clip_path_start_func()
+hb_paint_funcs_set_push_clip_path_end_func()
* GPU library:
+HB_GPU_SHADER_STAGE_VERTEX
+HB_GPU_SHADER_STAGE_FRAGMENT
+HB_GPU_SHADER_LANG_INVALID
+hb_gpu_shader_stage_t
+hb_gpu_paint_t
+hb_gpu_paint_create_or_fail()
+hb_gpu_paint_reference()
+hb_gpu_paint_destroy()
+hb_gpu_paint_set_user_data()
+hb_gpu_paint_get_user_data()
+hb_gpu_paint_get_funcs()
+hb_gpu_paint_set_palette()
+hb_gpu_paint_get_palette()
+hb_gpu_paint_set_custom_palette_color()
+hb_gpu_paint_clear_custom_palette_colors()
+hb_gpu_paint_set_scale()
+hb_gpu_paint_get_scale()
+hb_gpu_paint_glyph()
+hb_gpu_paint_encode()
+hb_gpu_paint_clear()
+hb_gpu_paint_reset()
+hb_gpu_paint_recycle_blob()
+hb_gpu_paint_shader_source()
+hb_gpu_paint_glyph_or_fail()
+hb_gpu_shader_source()
+hb_gpu_draw_shader_source()
+hb_gpu_draw_clear()
+hb_gpu_draw_get_scale()
+hb_gpu_draw_glyph_or_fail()
* Raster library:
+hb_raster_draw_clear()
+hb_raster_draw_glyph_or_fail()
+hb_raster_paint_clear()
+hb_raster_paint_glyph_or_fail()
+hb_raster_paint_set_palette()
+hb_raster_paint_get_palette()
+hb_raster_paint_get_foreground()
+hb_raster_paint_set_background()
+hb_raster_paint_get_background()
* Vector library:
+HB_VECTOR_FORMAT_PDF
+hb_vector_draw_clear()
+hb_vector_draw_get_precision()
+hb_vector_draw_get_format()
+hb_vector_draw_glyph_or_fail()
+hb_vector_draw_new_path()
+hb_vector_draw_set_foreground()
+hb_vector_draw_get_foreground()
+hb_vector_draw_set_background()
+hb_vector_draw_get_background()
+hb_vector_paint_clear()
+hb_vector_paint_get_precision()
+hb_vector_paint_get_format()
+hb_vector_paint_get_foreground()
+hb_vector_paint_set_background()
+hb_vector_paint_get_background()
+hb_vector_paint_get_palette()
+hb_vector_paint_glyph_or_fail()
+hb_vector_paint_set_svg_prefix()
+hb_vector_paint_get_svg_prefix()
- Removed API
* GPU library:
-hb_gpu_shader_fragment_source() (replaced by hb_gpu_shader_source(stage))
-hb_gpu_shader_vertex_source() (replaced by hb_gpu_shader_source(stage))
-hb_gpu_draw_get_extents() (extents are now an out-parameter of hb_gpu_draw_encode())
* Vector library:
-hb_vector_draw_set_flat()
-hb_vector_draw_get_flat()
-hb_vector_paint_set_flat()
-hb_vector_paint_get_flat()
14.1.0
- GPU library improvements:
* Add anti-aliased rendering for small sizes.
* Store font scale in blob header.
* Port scale/ppem support to MSL, WGSL, and HLSL shaders.
* Fix contour breaks and bounds quantization in encode.
* Fix garbled rendering after font change in web demo.
* Various robustness fixes.
- Various fuzzing fixes for `harfbuzz-raster`, `harfbuzz-gpu` and
`harfbuzz-vector` libraries.
- Move `HB_NO_CFF` from `HB_LEAN` to `HB_NO_DRAW` closure, and fix
`HB_TINY` build.
- New API:
+hb_gpu_draw_set_scale()
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:02 +0000 (13:44 +0200)]
glib: Update to version 2.88.0
- Update from version 2.87.0 to 2.88.0
- Update of rootfile
- 3 CVE fixes in 2.87.3
- 3 CVE fixes in 2.87.1
- Changelog
2.88.0
* Bugs fixed:
- !5097 gslice: Factor out a size helper macro and stop using MAX in a public
header
2.87.5
* Brown paper bag release to attempt to fix the dist-job in CI; this caused it
to be impossible to build a release archive for 2.87.4
* Bugs fixed:
- !5096 ci: Force a git clone and update the index when running dist-job
2.87.4
* Avoid installing broken symlinks as part of the test data for the gdatetime
tests (!5054, work by Alessandro Astone)
* Fix `g_file_set_contents()` with non-ASCII filenames on Windows (#3873, work
by Lukas K.)
* Bugs fixed:
- #3688 Documentation issue with g_slice_new and g_slice_new0 (Philip
Withnall)
- #3730 Unclear assertion failure message when `G_PARAM_CONSTRUCT` and
`G_PARAM_CONSTRUCT_ONLY` are both specified (depuc8)
- #3814 vs2019-arm64 CI fails with ninja error (Philip Withnall)
- #3873 g_file_set_contents broken on windows for non-ASCII filenames
- #3885 Documentation of g_file_info_get_is_backup() doesn’t define what a
backup file is (depuc8)
- #3897 GLocalFileInfo's set_symlink() is backwards (Philip Withnall)
- #3905 Memory leak in g_desktop_app_info_launch_uris_with_spawn (correctmost)
- !5030 gsocketconnection: Set an error when closed if no address is cached
- !5037 minor doc fixes
- !5047 i18n: Update and correction for Occitan
- !5048 ci: Install gi-docgen in the Fedora CI image
- !5049 Update Serbian translation
- !5050 Update Swedish translation
- !5051 Update French translation
- !5052 Update Bulgarian translation
- !5053 Update Romanian translation
- !5054 tests: Create unix_localtime root directory structure at runtime
- !5055 Update Chinese (China) translation
- !5056 Update Japanese translation
- !5057 Update Korean translation
- !5058 Update Georgian translation
- !5059 Update Ukrainian translation
- !5060 Update Lithuanian translation
- !5061 Update French translation
- !5062 Update Hungarian translation
- !5064 Update Portuguese translation
- !5065 Update Nepali translation
- !5066 i18n: Update for Occitan
- !5068 Update Turkish translation
- !5069 Update Brazilian Portuguese translation
- !5070 Update Galician translation
- !5071 Update Kazakh translation
- !5075 Update Polish translation
- !5076 Update Catalan translation
- !5077 Update Slovenian translation
- !5078 gio-tool-launch: Fix a filename leak
- !5080 Update Catalan translation
- !5081 Update Danish translation
- !5082 Update Polish translation
- !5084 Update British English translation
- !5085 Update Georgian translation
- !5087 Update Nepali translation
- !5088 tests: Fix a minor memory leak in the socket test
- !5089 ci: Drop workaround for GitLab submodule checkout bug
- !5090 Prevent iptosmessage test failures on FreeBSD and Hurd
- !5091 gobject: Disable new construct property check with G_DISABLE_CHECKS
* Translation updates:
- Bulgarian (Alexander Alexandrov Shopov)
- Catalan (Victor Dargallo, Jordi Mas)
- Chinese (China) (luming zh)
- Danish (Ask Hjorth Larsen)
- English (United Kingdom) (Bruce Cowan)
- French (Guillaume Bernard)
- Galician (Francisco Diéguez Souto)
- Georgian (Ekaterine Papava)
- Hungarian (Balázs Úr)
- Japanese (Makoto Sakaguchi)
- Kazakh (Baurzhan Muftakhidinov)
- Korean (Changwoo Ryu)
- Lithuanian (Aurimas Aurimas Černius)
- Nepali (Pawan Chitrakar)
- Occitan (post 1500) (Mejans)
- Polish (Victoria)
- Portuguese (Hugo Carvalho)
- Portuguese (Brazil) (Rafael Fontenelle)
- Romanian (Antonio Marin)
- Serbian (Miloš Popović)
- Slovenian (Martin)
- Swedish (Anders Jonsson)
- Turkish (Emin Tufan Çetin)
- Ukrainian (Yuri Chornoivan)
2.87.3
* Improved support for `GNotification` on Windows (#3867, #3869, work by
Oscar Pernia Moreno)
* Fix module lookups via `GModule` on Cygwin (#3741, work by Ailin Nemui)
* Fix local timezone lookup with nested symlinks in `/etc/localtime` (#3816,
work by Alessandro Astone)
* Fix ordering and sequential consistency of gatomic memory barriers on MSVC
and fallback GCC code paths (#3829, #3852, work by Luca Bacci)
* Fix various integer overflow bugs (#3870, #3871, #3872, CVE-2026-1484,
CVE-2026-1485, CVE-2026-1489, work by Marco Trevisan)
* Add `GSocketControlMessage` subclasses for receiving `IP_TOS` and
`IPV6_TCLASS` (!4846, work by Jakub Adam)
* Support polling more than 1024 FDs on macOS (!4953, work by Ihar Hrachyshka)
* Remove platform-specific backward compatibility from GLib-2.0 as it’s
impossible to support (#3839, !4881, work by Marco Trevisan)
* Improve introspection annotations for delimiters on `g_strsplit_set()` (this
may require changes in introspection bindings)
* Basic support for building and running some functionality on tvOS and watchOS
(!4992, work by Nirbheek Chauhan)
* Add `g_get_monotonic_time()` variant with nanosecond precision (!5004, work
by Benjamin Otte)
* Bugs fixed:
- #3628 Add test suite for gdbus tool (Philip Withnall)
- #3741 GModule incorrectly searches for cyg....so instead of cyg....dll on
Cygwin (Ailin Nemui)
- #3816 Local timezone wrongly considered to be UTC if timezone file in
/usr/share/zoneinfo is a symlink (Alessandro Astone)
- #3829 [RFC] gatomic: Memory barriers should be reversed (Luca Bacci)
- #3839 Broken Unix/Win32 specific GIRs
- #3852 MSVC and GCC-fallback atomics are not sequentially consistent (Luca
Bacci)
- #3863 Iterating over a short (preallocated) GVariant bytestring invalidly
refs a NULL GBytes (Christian Hergert)
- #3865 callable-info/native-address test fails on big endian (Alessandro
Astone)
- #3867 win32: Notifications without body won't show up
- #3869 gnotification-win32: Re-initialize tray icon if `explorer.exe` got
restarted
- #3870 (CVE-2026-1484) (YWH-PGM9867-168) Integer Overflow -> Buffer Underflow
on Glib through glib/gbase64.c via g_base64_encode_close() leads to OOB
Write (Marco Trevisan (Treviño))
- #3871 (CVE-2026-1485) (#YWH-PGM9867-169) Buffer underflow on Glib through
gio/gcontenttype-fdo.c via parse_header() lead to OOB Read/Write (Marco
Trevisan (Treviño))
- #3872 (CVE-2026-1489) (#YWH-PGM9867-171) Integer Overflow on Glib through
glib/guniprop.c via output_marks() lead to OOB Write in
glib/gutf8.c:g_unichar_to_utf8() (Marco Trevisan (Treviño))
- #3877 hash test failing randomly on MSYS2 (Luca Bacci)
- #3880 Integer overflow in gio-launch-desktop from over-long environment
variables (Philip Withnall)
- #3881 Integer overflow in g_resource_find_overlay() from over-long
environment variables (Philip Withnall)
- #3883 Integer overflow in `g_path_get_basename()` when passed an extremely
long path (length ≈SSIZE_MAX) (Philip Withnall)
- #3886 Crash in gdbus-tool on invalid --method argument format (Philip
Withnall)
- #3895 date_time_lookup_era unsafely caches `setlocale` pointer (Philip
Withnall)
- !4846 gio: Add GSocketControlMessage subclasses for receiving IP_TOS and
IPV6_TCLASS
- !4953 darwin: Support g_poll:maxfd >= FD_SETSIZE
- !4957 gstrfuncs: Annotate g_strsplit_set() as taking a byte array of
delimiters
- !4966 gio-tool-{copy,move}: Fix incorrect transfer rate calculation and
improve visualization
- !4968 markup: Better error reporting
- !4970 gutf8: Clarify docs about negative return values
- !4971 gutf8: Use size_t internally for some length calculations
- !4976 docs: Fix a typo and specify a codeblock is C
- !4977 gobject: Add nullable annotation to g_weak_ref_get return value
- !4982 markup: Initialize tag positions
- !4985 ci/fedora, glib/casemap: Add tests for the Azerbaijani cases
- !4987 giomodule: Simplify macro usage for getting the giomodule dir, don't
use it on iOS
- !4991 gio/gdatainputstream: Mark bytes as potentially unused
- !4992 Disable or stub out fork/execv* usage when targeting tvOS and watchOS
- !4993 Windows: Add test-profile
- !4996 Fix some small regressions in the iOS build
- !4997 meson: Add guesses for compute_int to speed up cross-compile setup
- !5002 Update Lithuanian translation
- !5004 Add g_get_monotonic_time() variant with nanosecond precision
- !5006 gfileutils: Fix a regression in `g_path_get_basename()` for plain
files
- !5008 Update Swedish translation
- !5009 Update Kazakh translation
- !5011 Update Romanian translation
- !5012 Compilation fixes for CLangCL and older MSVC
- !5013 Update Czech translation
- !5014 Update Russian translation
- !5015 GApplication: make send_notification / withdraw_notification thread-
safe
- !5018 Update Ukrainian translation
- !5020 Update Romanian translation
- !5021 Update Lithuanian translation
- !5023 Update Greek translation
- !5024 Update Chinese (China) translation
- !5025 Update Slovenian translation
- !5026 Update Brazilian Portuguese translation
- !5027 Update Basque translation
- !5028 gvalue: Update default terminology to initial
- !5029 Update Bulgarian translation
- !5031 Update Galician translation
- !5032 Update Hungarian translation
- !5034 Fix const qualifiers where discarded
- !5036 Address more size types issues
- !5038 Update Kazakh translation
- !5039 Update Catalan translation
- !5040 gsettings-tool: Fix leaks when running set commands
- !5041 gsettings-tool: Fix leaks when specifying invalid schemas
- !5042 Update Spanish translation
* Translation updates:
- Basque (Asier Saratsua Garmendia)
- Bulgarian (Alexander Alexandrov Shopov)
- Catalan (Victor Dargallo)
- Chinese (China) (luming zh)
- Czech (Daniel Rusek)
- Galician (Fran Diéguez)
- Greek, Modern (1453-) (Efstathios Iosifidis)
- Hungarian (Balázs Úr)
- Kazakh (Baurzhan Muftakhidinov)
- Lithuanian (Aurimas Aurimas Černius)
- Portuguese (Brazil) (Juliano de Souza Camargo)
- Romanian (Antonio Marin)
- Russian (Artur S0)
- Slovenian (Martin)
- Spanish (Daniel Mustieles)
- Swedish (Anders Jonsson)
- Ukrainian (Yuri Chornoivan)
2.87.2
* Add initial support for `GNotification` on Windows (#3857, work by
Oscar Pernia Moreno)
* Bugs fixed:
- #3850 g_strsplit_set docs are misleading (Matthias Clasen)
- #3857 win32: Add support for notifications using Shell_NotifyIcon API
- #3858 glib-compile-resources: Incorrect compiler detection on Windows when
building GTK causes a DoS (L. E. Segovia)
- #3863 Iterating over a short (preallocated) GVariant bytestring invalidly
refs a NULL GBytes (Christian Hergert)
- #3864 gir-tracker-bot posting diffs against too-recent-`main` (Marco
Trevisan (Treviño))
- #3867 win32: Notifications without body won't show up
- !4918 gio/unixmounts: use bsearch() to check for set inclusion
- !4949 gdesktopappinfo: Fix -Wsign-conversion warnings
- !4950 gobject: Fix -Wshorten-64-to-32 warnings and enable warning flag
- !4958 gtestutils: Avoid pointless logging string handling in gtestutils
- !4959 glib-unix: Implement g_unix_fd_query_path for Cygwin
- !4964 gio: Fix some -Wsign-conversion warnings
- !4965 gmodule: Enable -Wshorten-64-to-32 warnings for gmodule
- !4967 Fixup unicode 17
2.87.1
* Several low-risk CVE fixes (#3827, #3834, #3845)
* Fix return type of `gi_callable_info_get_closure_native_address()` (#3859,
work by Philip Chimento)
* Tweak thread pool handling for `GTask` threads to prevent stalls (#3840, work
by Ignazio Pillai)
* Respect `NO_COLOR` environment variable in log output (!4898, work by
Aaron Andersen)
* Update file system type lists to mark more file system types as system ones
and to recognise `ntfs3` file systems (!4916 and #3828, work by
Christian Hergert and Alexander Schwinn)
* Add `G_GNUC_FLAG_ENUM` attribute to mark enums as flags (!4900, work by
Philip Chimento)
* Add a static CRT constructor and fusion manifest XML for GLib utilities on
Windows so that `stderr` can be unbuffered and streams are flushed on exit
(#3733, work by Luca Bacci)
* Fix `G_FILE_MONITOR_WATCH_HARD_LINKS` on Windows (#3819, work by Jehan)
* Bugs fixed:
- #74 ignore case and '-' vs '_' differences when maching on enum/flag
nick/name (Emmanuel Fleury)
- #1181 Test failure: check_expected_events
- #3360 msys2-mingw32 CI failure: mingw-w64-i686-gcc and mingw-w64-i686-gcc-
objc are in conflict
- #3733 gi-compile-repository.py test intermittently fails on Windows with
empty stderr (Luca Bacci)
- #3818 g_main_context_check with a NULL context crashes (Michiel Jan Laurens
de Hoon)
- #3819 G_FILE_MONITOR_WATCH_HARD_LINKS flag does not monitor files on Windows
- #3827 (CVE-2025-13601) (#YWH-PGM9867-134) Incorrect calculation of buffer
size in g_escape_uri_string() (Philip Withnall)
- #3828 NTFS not detected by g_file_info_get_attribute_string
- #3834 (CVE-2025-14087) (#YWH-PGM9867-145) Buffer underflow on Glib through
glib/gvariant via bytestring_parse() or string_parse() leads to OOB Write
(Philip Withnall)
- #3840 GTask: g_task_run_in_thread never starts pending tasks (Ignazio
Pillai)
- #3843 glib: Integer overflow in `g_bytes_new_from_bytes()` leads to
corrupted `GBytes` object (Philip Withnall)
- #3845 (CVE-2025-14512) GIO: Integer overflow in file attribute escaping
(Philip Withnall)
- #3851 Integer overflow in `g_buffered_input_stream_peek()` leads to
segmentation fault (Philip Withnall)
- #3859 Return type of gi_callable_info_get_closure_native_address() should be
void* (Philip Chimento)
- !4883 ci: Do not use anymore only/except deprecated syntax
- !4885 ci: Track changes to gir files using artifacts and MRs comments
- !4898 glog: respect NO_COLOR environment variable
- !4899 genvironment: consider macOS behavior when testing g_getenv
- !4900 Add G_GNUC_FLAG_ENUM
- !4904 glog: guard NO_COLOR environment variable check with a GOnce for
performance reasons
- !4907 completion: fix error on nounset mode unknown completions
- !4908 glocalfile: Complain if `faccessat` sets an unusual error and use
AT_FDCWD
- !4909 glocalfile: Fix trash user cancellation not reported on Windows
- !4910 ci: Use issue bot native support for $ISSUE_BOT_API_TOKEN_FILE
- !4913 gdbusprivate: check length of path to GDBus binary
- !4916 gio/gunixmounts: mark some file-system types as system
- !4920 tests: Fix static-link test when running installed
- !4921 gutf8: Add tests and clarify documentation for g_unichar_to_utf8()
- !4922 ci: Enable the gobject-introspection build for the debian-stable-i386
job
- !4923 Added AIX implementation of g_unix_fd_query_path
- !4926 Fix g_strcompress docs (mod 256)
- !4928 Update of the Occitan translation
- !4930 gio/gunixmounts: Mark more file systems as system internal
- !4931 gio/gunixmounts: Replace /bin/efi with /boot/efi
- !4937 docs(GResource): Tweak overlays description
- !4939 gsocks4aproxy: Fix a buffer leak when finishing connecting
- !4941 gsignal: Cleanup handler disconnection avoiding unneeded operations
- !4942 gio: Fix a few -Wsign-conversion warnings
- !4943 ci: Some fixups on the gir checker
* Translation updates:
- Occitan (post 1500) (Mejans)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:06 +0000 (13:44 +0200)]
iperf3: Update to version 3.21
- Update from version 3.19 to 3.21
- No change to rootfile
- 3 CVE fixes were applied in version 3.19.1
- Changelog
3.21
* Notable user-visible changes
* Support has been added for Global Segmentation Offload (GSO) and
Global Receive Offload (GRO) under Linux (PR #1926, PR #2007,
also note that a number of other pull requests were submitted
towards this functionality).
* The `--bind-dev` option is now supported on macOS (PR #1945).
* Support has been added on macOS for the equivalent of the
`tcp_info` structure (#1411, PR #2008). This change results in
TCP window information being printed in human-readable output
and a number of TCP statistics being added to the JSON output.
* The iperf3 server provides more information about various error
conditions to the client (PR #1914, PR #1931, PR #1950).
* The maximum value for the `--set-mss` option is now 32K (PR
#1816). Note that this option still does not work reliably in
all cases.
* The cancellation type of child threads was changed from
`PTHREAD_CANCEL_ASYNCHRONOUS` to `PTHREAD_CANCEL_DEFERRED`
(#1991, #2003, PR #2004). This change fixes some hangs that
could occur at the end of a test.
* A race condition leading to a crash when closing sockets at the
end of a test has been fixed (PR #1990).
* iperf3 no longer erroneously prints that zero UDP packets were
lost during a lossy UDP test (#1984, PR #1988).
* A division by zero error has been avoided (PR #2002).
* The security posture of the `iperf3.service` file has been
improved considerably by updating a number of settings (PR
#1855). Note that this file is neither installed nor activated
by default.
* Notable developer-visible changes
* iperf3 finally performs `ldconfig` as a part of `make install`
on platforms that require it (#1995, PR #2005).
* Various bug fixes (PR #1960, PR #1981, PR #2001).
* Various documentation fixes (PR #1972, PR #1974, PR #1993).
3.20
* Notable user-visible changes
* Millisecond-resolution representations have been added to JSON
timestamps. (PR #1846)
* The reorder_seen metric, where available, is now available in
the JSON output. (PR #1278)
* A division by zero error has been fixed. (PR #1906)
* Some command-line options were not properly restricted to the
client or server; this problem has been fixed. (#1892 / PR #1894)
* The combination of `--udp` and `--file` is now explicitly
disallowed. (PR #1909)
* It is now possible to get both the full JSON result object as
well as streaming intermediate JSON result objects. This
functionality is enabled by using the new `--json-stream-full`
command-line flag, in addition to the existing `--json-stream`
flag (PR #1903)
* Sends with `--zerocopy` are now properly seeded with data
instead of being all-zeroes. (PR #1949)
* The `--server-max-duration` flag is now allowed on the iperf3 server to impose
a maximum duration on timed tests. (PR #1684)
* The `--rcv-timeout` flag is now ignored for `--bidir`
tests. This change prevents premature termination of
bidirectional tests. (#1766 / PR #1946)
* Several errors in the authentication code were uncovered when
building with OpenSSL 3.5.3 and later versions. These were
fixed. (#1951 / PR #1956)
* Various issues in the iperf3 manual page were fixed up. (PR
#1887, PR #1927, PR #1936, PR #1941, #1891 / PR #1952)
* Notable developer-visible changes
* A build failure with uClibc has been fixed. (#1888 / PR #1890)
* It is now possible to use the API to load RSA keys from a file.
(PR #1889)
* Some calls to sprintf() were replaced with calls to
snprintf(). There were no hazards in the code as written, but
this change might help silence some compiler warnings and
potentially prevent future vulnerabilities. (PR #1929)
* Proper error handling has been added to the `unit_atoX()`
functions. (PR #1394)
* Some memory handling errors in `t_auth` were fixed. (PR #1953)
* Minor enhancements and fixes to GitHub Actions workflows (PR
#1919, PR #1928, PR #1942).
3.19.1
* Notable user-visible changes
* SECURITY NOTE: Thanks to Han Lee with Apple Information Security
for finding and reporting several memory errors
including a buffer overflow within the
`--skip-rx-copy` option, and two memory errors
within authentication, including a heap overflow
in the plaintext password and an assert.
* An off-by-one heap overflow has been fixed in authentication.
(CVE-2025-54349, ESNET-SECADV-2025-0003)
* An assert in authentication has been removed. (CVE-2025-54350,
ESNET-SECADV-2025-0002)
* A buffer overflow in the `--skip-rx-copy` option for zerocopy
has been fixed. (CVE-2025-54351, ESNET-SECADV-2025-0001)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:08 +0000 (13:44 +0200)]
libcap-ng: Update to version 0.9.3
- Update from version 0.9.2 to 0.9.3
- Update of rootfile
- Changelog
0.9.3
- In cap-audit, split capability analysis across init and runtime phases
- If vm_sockets.h and others are not available, remove "netcap --advanced"
- Add netcap --list-interfaces & --interface to restrict output to 1 interface
- Put bash completions in /usr/share/bash-completion/completions/
- capng_change_id now detects it added setpcap and drops only if it added it
- Add capng_stage_additional_groups and its support in capng_change_id
- Add CAPNG_APPLY_BOUNDING flag to capng_change_id to direct it to apply changes
- filecap: add path-to-fd consistency check in capability write path
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:07 +0000 (13:44 +0200)]
iproute2: Update to version 7.0.0
- Update from version 6.17.0 to 7.0.0
- Update of rootfile
- Changelog is not provided. Details of changes for versions 7.0.0, 6.19.0 and 6.18.0
can be found from the git commit changes
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:09 +0000 (13:44 +0200)]
libcap: Update to version 2.78
- Update from version 2.77 to 2.78
- Update of rootfile
- Changelog
2.78
Fix mistakes in setcap for reporting errors: report them with the appropriate filename.
Thanks to Nikolas for reporting these in Bug 220245.
Fix bug in cap.GetIAB() reported and fix provided by Garret Kelly via Bug 220420.
Improve libcap managed memory allocation and support CHERI RISC-V. Reported with fix
by Chris Hofer via Bug 220415.
Add (unverified) support for the PSX mechanism on microblaze, arc, openrisc and xtensa
architectures. Thanks to Tom Petazzoni for including these in Bug 219915
Please let me know if these work or fail on these architectures.
Add C++ support to the run a .so file as an executable mechanism employed by libcap.so,
libpsx.so and pam_cap.so. Not really necessary for the libcap build tree, but wanted
to capture the details of my recent update to a Stackoverflow answer on the topic.
Use BUILD_LDFLAGS when compiling _makenames fix contributed by Khem Raj.
Fix broke some builds, so will revert and apply a more comprehensive fix.
Fixed sendmail issue discussion link. Thanks to Ariel Otilibili for noticing the
breakage and contributing a fix.
Some debugging fixes for use of the kdebug/ testing setup
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:10 +0000 (13:44 +0200)]
libgcrypt: Update to version 1.12.2
- Update from version 1.12.0 to 1.12.2
- Update of rootfile
- Changelog
1.12.2
* Bug fixes:
- Fix possible ECDH buffer overwrite with zeroes. [T8211]
- Add a missing bounds check to the Dilithium context handling.
[T8208]
- Add point validation when using the new KEM interface. [T8212]
* Other:
- Fix the dead-code of stronger_key_check for RSA. [T8171]
1.12.1
* Bug fixes:
- Fix for aSmartOS (Solaris) build problem due to AVX2 changes.
[T8071]
- Fix a regression in gcry_mpi_ec_curve_point. [T8080]
- Make sure to have MPI limbs pre-allocated in ECC and fix
Weierstrass curve use with PUBKEY_FLAG_PARAM. [T8094]
* Other:
- Add MPI configuration for NetBSD m68k. [T8069]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:11 +0000 (13:44 +0200)]
libjpeg: Update to version 3.1.4.1
- Update from version 3.1.3 to 3.1.4.1
- No change to rootfile
- Changelog
3.1.4.1
1. Fixed multiple issues, some long-standing and some that were regressions
introduced in 3.1.4, that made the CMake package config files non-relocatable
and broke the `--prefix` option to `cmake --install`.
3.1.4
1. Fixed an issue in the TurboJPEG 2.x compatibility wrapper whereby, if a
calling program attempted to decompress a lossless JPEG image using
`tjDecompress2()` with decompression scaling, the decompressed image was
unexpectedly unscaled. This could have led to a buffer overrun if the caller
allocated the packed-pixel destination buffer based on the assumption that the
decompressed image would be scaled down.
2. The SIMD dispatchers now use `getauxval()` or `elf_aux_info()`, if
available, to detect support for Neon and AltiVec instructions on AArch32 and
PowerPC Linux, Android, and *BSD systems.
3. Hardened the libjpeg API against hypothetical applications that may
erroneously set one of the exposed quantization table values to 0 just before
calling `jpeg_start_compress()`. (This would never happen in a
correctly-written program, because `jpeg_add_quant_table()` clamps all values
less than 1.)
4. Fixed a division-by-zero error that occurred when attempting to use the
jpegtran `-drop` option with a specially-crafted malformed drop image
(specifically an image in which one or more of the quantization table values
was 0.)
5. Fixed an issue in the TurboJPEG API library's data destination manager that
manifested as:
- a memory leak that occurred if a pre-allocated JPEG destination buffer
was passed to `tj3Compress*()` or `tj3Transform()`, `TJPARAM_NOREALLOC` was
unset, and it was necessary for the library to re-allocate the buffer to
accommodate the destination image, and
- a potential caller double free that occurred if pre-allocated JPEG
destination buffers were passed to `tj3Transform()`, multiple lossless
transform operations were performed, and it was necessary for the library to
re-allocate the second buffer to accommodate the second destination image.
6. Fixed an issue in `tj3Transform()` whereby, if `TJPARAM_SAVEMARKERS` was set
to 2 or 4, `TJXOPT_COPYNONE` was not specified, an ICC profile was extracted
from the source image, and another ICC profile was associated with the
TurboJPEG instance using `tj3SetICCProfile()`, both profiles were embedded in
the destination image. The documented API behavior is for `TJXOPT_COPYNONE` to
take precedence over `TJPARAM_SAVEMARKERS` and for `TJPARAM_SAVEMARKERS` to
take precedence over the associated ICC profile. Thus, `tj3Transform()` now
ignores the associated ICC profile unless `TJXOPT_COPYNONE` is specified or
`TJPARAM_SAVEMARKERS` is set to something other than 2 or 4.
7. Fixed an oversight in the libjpeg API whereby, if a calling application
manually set `cinfo.Ss` (the predictor selection value) to a value less than 1
or greater than 7 after calling `jpeg_enable_lossless()` and prior to calling
`jpeg_start_compress()`, an incorrect (all white) lossless JPEG image was
silently generated.
8. Further hardened the TurboJPEG Java API against hypothetical applications
that may erroneously pass huge values to one of the compression, YUV encoding,
decompression, YUV decoding, or packed-pixel image I/O methods, leading to
signed integer overflow in the JNI wrapper's buffer size checks that rendered
those checks ineffective.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:13 +0000 (13:44 +0200)]
libpng: Update to version 1.6.58
- Update from version 1.6.56 to 1.6.58
- Update of rootfile
- CVE fix applied in 1.6.57
- Changelog
1.6.58
Fixed a regression introduced in version 1.6.56 that caused `png_get_PLTE`
to return stale palette data after applying gamma and background transforms
in-place.
(Reported by ralfjunker <ralfjunker@users.noreply.github.com>.)
1.6.57
Fixed CVE-2026-34757 (medium severity):
Use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST`
leading to corrupted chunk data and potential heap information disclosure.
Also hardened the append-style setters (`png_set_text`, `png_set_sPLT`,
`png_set_unknown_chunks`) against a theoretical variant of the same
aliasing pattern.
(Reported by Iv4n <Iv4n550@users.noreply.github.com>.)
Fixed integer overflow in rowbytes computation in read transforms.
(Contributed by Mohammad Seet.)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:14 +0000 (13:44 +0200)]
libsodium: Update to version 1.0.22
- Update from version 1.0.21 to 1.0.22
- Update of rootfile
- Patch fix for arm build has been integrated into the tarball in this version
- Changelog
1.0.22
- Post-quantum key encapsulation is now available. ML-KEM768, the
NIST-standardized lattice-based KEM, is accessible through the
`crypto_kem_mlkem768_*()` functions.
- X-Wing, a hybrid KEM combining ML-KEM768 with X25519 for protection
against both classical and quantum adversaries, is available through the
`crypto_kem_*()` functions. X-Wing is the recommended KEM for most
applications.
- SHA-3 hash functions are now available as `crypto_hash_sha3256_*()`
and `crypto_hash_sha3512_*()`, with both one-shot and streaming APIs.
1.0.21-stable
- Performance: NEON optimizations for Argon2 on ARM platforms.
- Performance: SHA3 (Keccak1600) now leverages ARM SHA3 instructions when
available on ARM platforms.
- Performance: WebAssembly SIMD implementations of Argon2 have been added.
- Emscripten: LTO is now disabled. With Emscripten 4, LTO produced
WebAssembly modules with functions that ran significantly slower than
without it.
- Emscripten: a new option allows compilation with SIMD support.
- Emscripten: native ESM module generation is now supported.
- JavaScript sumo builds now allow up to 80 MiB memory usage, so that
`crypto_pwhash` with the interactive settings can be used in pure
JavaScript, not just WebAssembly.
- XOF state alignment has been relaxed.
- `crypto_core_keccak1600_state` has been added.
- Export missing `crypto_ipcrypt_nd_keygen()` helper function.
- `crypto_auth_hmacsha256_init` and `crypto_auth_hmacsha512_init` now
accept NULL key pointers (with a zero key length), for consistency with
other `_init` functions.
- apple-xcframework: headers are now in a Clibsodium subdirectory
to prevent module.modulemap collisions with other xcframeworks.
- Fixed compilation with GCC on aarch64 and gcc 4.x.
- On aarch64, aes256-gcm is now enabled even when not using clang,
including MSVC.
- Added compatibility with Visual Studio 2026 when toolsets do not
define PlatformToolsetVersion.
- Libsodium can be directly used as a dependency in a Zig project.
- Performance of MSVC builds has been improved.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:15 +0000 (13:44 +0200)]
libxml2: Update to version 2.15.3
- Update from version 2.15.1 to 2.15.3
- Update of rootfile
- Five CVE fixes applied in 2.15.2
- Changelog
2.15.3
Security
- parser: Pass userData to SAX text callbacks in xmlParseReference (type-confusion)
- entities: copy children in xmlCopyEntity
- c14n: Fix Type confusion in xmlC14NProcessAttrsAxis
- python: Do not decref string after adding to the list (double-free / use-after-free)
- c14n: Reuse tmp_str, xmlStrcat reallocates *cur (double-free)
Improvements
- schemas: Fix relative schemaLocation resolution in XSI assembly in streaming mode
- xmlreader: propagate reader resource loaders to validator parsers
- python: Make python bindings python2 compatible
- xmlregexp: Fix escape-sequence character range matching
- xmlreader: Free input in xmlReaderForFd (memory-leak)
- xmlstring: Free cur on every error for xmlStrncat (memory-leak)
- catalog: Free xmlCatalogResolveCache on cleanup (memory leak)
- Fix nanohttp.c build when --without-output
- test: fix mismatched signed/unsigned comparison
2.15.2
Security
- CVE-2026-1757 fix: Memory leak in xmllint Shell - shell.c
- CVE-2026-0990 fix: Prevent infinite recursion in
xmlCatalogListXMLResolve
- CVE-2026-0992 fix: Exponential behavior when handling
- parser: Fix infinite loop in xmlCtxtParseContent
- CVE-2025-10911 libxslt related: Ignore next/prev of documents when
traversing XPath
- CVE-2026-0989 fix: Add RelaxNG include limit
- xmlIO: use size_t for buffer size reallocation
- uri: fix signed integer overflow in xmlBuildRelativeURISafe
- schematron: fix memory leaks on error paths in xmlSchematronParseRule
- catalog: fix stack overflow from self-referencing SGML CATALOG entries
Improvements
- fuzz: Make fuzzy encoding match more lenient
- Fix C14N type confusion
- meson: Fix build with Meson < 1.3
- xmllint: Use zlib directly
- xmllint: New option to separate xpath results using null, --xpath0
- autotools: Make valgrind actually check for leaks
- meson: Add valgrind test setup
- Fix xmlOutputBufferGetContent output when encoder is set
- threads: don't force _WIN32_WINNT to Vista if it's set to a higher value
- dist: Add generated documentation to the dist as "dist-doc" folder
to simplify downstream packaging of doc
- Fix xmlRemoveEntity removing from wrong hash table
- use duplicating variant in relaxng to mitigate UAF
- Fix memory leak in xmlTextWriterStartAttributeNS on OOM
- meson: remove hardcoded buildtype=debug default
- Fix memory leak of prefix in xmlTextWriterStartElementNS()
- writer: Add a few extra NULL checks to avoid memory leaks on corrupt
writer path.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:16 +0000 (13:44 +0200)]
parted: Update to version 3.7
- Update from version 3.6 to 3.7
- Update of rootfile
- Changelog
3.7
Promoting alpha release to stable release 3.7
3.6.37
New Features
hurd: Support USB device names
Bug Fixes
Stop adding boot code into the MBR if it's zero when updating an
existing msdos partition table.
disk.c: Update metadata after reading partition table
Fix initialization of atr_c_locale inside PED_ASSERT
nilfs2: Fixed possible sigsegv in case of corrupted superblock
libparted: Do not detect ext4 without journal as ext2
libparted: Fix dvh disklabel unhandled exception
libparted: Fix sun disklabel unhandled exception
parted: fix do_version declaration to work with gcc 15
libparted: Fail early when detecting nilfs2
doc: Document IEC unit behavior in the manpage
parted: Print the Fixing... message to stderr
docs: Finish setup of libparted API docs
libparted: link libparted-fs-resize.so to libuuid
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:17 +0000 (13:44 +0200)]
pciutils: Update to version 3.15.0
- Update from version 3.14.0 to 3.15.0
- Update of rootfile
- Changelog
3.15.0
* New capabilities are decoded: MMIO Register Block Locator,
Flit Error Injection, Flit Logging.
* Decoding of PCIe capabilities updated to Gen7.
* Both lspci and setpci warn when the "-s" or "-d" option
is given multiple times.
* Improved display of interrupts in "lspci -vv". Routing of
interrupt pins is shown only if the pins are not disabled.
Routing of MSI(X) interrupts is shown when available
(which is currently supported by the sysfs back-end only).
* Minor improvements to Windows back-ends.
* The dump back-end can read the dump from stdin when given "-"
as a file name.
* FreeBSD supports 64-bit addresses.
* Added README.DJGPP.
* Updated pci.ids.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 11:44:18 +0000 (13:44 +0200)]
texinfo: Update to version 7.3
- Update from version 7.2 to 7.3
- Update of rootfile
- Changelog
7.3
* Language
. new commands for title page creation: @documentinfo, @publication,
and @maketitle. you can use these instead of explicit formatting
inside @titlepage.
. you can use heading commands such as @heading after @node. nodes
defined this way are not part of the chapter structure of the document
(unlike if @section etc. were used).
. new command @xrefname can follow @node in place of a heading command.
this is for when you do not want any heading at all to be displayed.
. new command @namedanchor for defining text to be used for a cross-
reference to an anchor (with @xrefautomaticsectiontitle on)
. new command @thispart to print part name in headings or footings
. deprecate @clickstyle
. if there is no @documentlanguage, the language is unspecified, rather
than en_US. (texi2any will still use English strings by default,
but will not put en_US in the output, depending on output format.)
* texi2any
. texi2any uses the Perl extensions in C for converters when possible,
which results in a large speed-up for HTML output.
set the `TEXINFO_XS_CONVERT' environment variable to 0 for pure Perl.
. optional experimental texi2any program implementation in C embedding Perl.
use --enable-using-c-texi2any to prefer the C implementation.
. report leading directory components of input file names in messages
(this reverses 6.8 release change, 2021).
. when CHECK_NORMAL_MENU_STRUCTURE is on, give the line number of the
problem menu entry
. DUMP_TREE should now be a file name, or - to output to standard error
. remove USE_REL_REV variable; former effect is now always on
. (API only) rename LINKS_BUTTONS customization variable to LINKS_DIRECTIONS
. (API only) rename space direction ' ' to 'Space'
. HTML output:
. the HIGHLIGHT_SYNTAX variable can be used for syntax highlighting
of code samples. this feature was present in earlier releases but
is no longer marked as experimental.
. do not wrap the contents of <style> elements in an HTML comment,
as this is no longer needed for browser compatibility
. the --transliterate-file-names option (which sets the
TRANSLITERATE_FILE_NAMES variable) is now off by default.
. when creating redirection files with --node-files (the default),
ignore the settings of TRANSLITERATE_FILE_NAMES, BASEFILENAME_LENGTH,
and EXTENSION.
. likewise, ignore these variables for links to external manuals
(they are still used for the file names generated for the
converted manual content).
. the default setting of WORDS_IN_PAGE has changed from 300 to 200.
this means that a navigation panel is more likely to be output at
the bottom of fairly short nodes.
. use the last @printindex in the input file for the Index direction
. only output 'accesskey' attributes when splitting by node
. for locations of external manuals, use files ending with the
.cnf extension in the htmlxref.d directories (in addition to files
called htmlxref.cnf). this should make it easier to combine
information on HTML cross-references from different sources.
. in an htmlxref file, you can explicity trigger a link to a local
manual by using an empty URL
. you can set FORMAT_MENU to 'menu_no_detailmenu' to omit an
automatically generated @detailmenu from the Top node
. info.js (with INFO_JS_DIR) fixes and improvements:
. avoid pop-up over Top node and display the correct title
. --internal-links outputs more types of internal link, including
anchors, sections and floats. the possible type names reported
in the second column have changed.
. USE_NEXT_HEADING_FOR_LONE_NODE removed. former effect is now
always on.
. (API only) remove the buttons specifications with scalar references,
direction text or functions references should be used instead
. (API only) remove the Texinfo::TeX4HT customization package
. Info output:
. new experimental variable INFO_MATH_IMAGES allows outputting
images for mathematics notation
. LaTeX output:
. use UTF-8 encoding for output by default, regardless of input
encoding. override with OUTPUT_ENCODING_NAME.
. XML output:
. use HTML entities names for @H and @dotaccent accents types
* texinfo.tex
. add entries in PDF outline for index initials
. use Unicode in PDF outline for input documents encoded in UTF-8
. '@set xrefautomaticsectiontitle on' does not affect cross-references
to anchors, matching the HTML output
. separate adjacent footnote markers with commas, e.g. '1, 2' not '1 2'
* info
. you can use hook scripts to handle an info manual not being found.
these hooks can provide a message to the user with information on
how to install the manual.
. when run as 'info TOPIC INDEX-ENTRY', prefer index entries that
refer to the node that would be loaded by 'info TOPIC'. this aids
in retrieving documentation of command-line options when multiple
programs are documented in the same manual.
for example, 'info cp -- -s' goes to the documentation of the -s
option for the cp program in the coreutils manual, rather than the
-s option of any other program.
. list all customizable variables in help buffer including how they
got their values
. reuse introductory text in dir file rather than supplying our own text,
as was the case in older version of info and is the case in Emacs
. removed fallback if a node is not found in a cross-reference to
searching for a file of the same name. e.g. "* Foo::" in a menu
would go to a file called "Foo", if no node called "Foo" was found.
now only the node is looked for.
. new variable 'raw-utf8-output' supports viewing UTF-8 Info files
on MS-Windows
* Distribution
. automake 1.18.1, autoconf 2.72, gettext 0.26, libtool 2.5.4
. support for DJGPP removed
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 26 Apr 2026 21:37:41 +0000 (23:37 +0200)]
expat: Update to version 2.8.0
- Update from version 2.7.5 to 2.8.0
- Update of rootfile
- CVE fix
- Changelog
2.8.0
Security fixes:
47 1183 CVE-2026-41080 -- The existing hash flooding protection
(based on SipHash) only used 4 to 8 bytes of entropy for
a salt, when 16 bytes of salt are supported by the
implementation of SipHash used by Expat. Now full 16 bytes
of entropy are used to improve protection against hash
flooding attacks.
Existing API function XML_SetHashSalt is now deprecated
because of its limitations, and its use should be
considered a vulnerability. Please either use the new API
function XML_SetHashSalt16Bytes (with known-high-quality
entropy input only!) instead, or leave the derivation of
a 16-bytes hash salt from high quality entropy to Expat's
internal machinery (by *not* calling either of the two
XML_SetHashSalt* functions).
Bug fixes:
1188 Avoid propagating /dev/urandom file descriptor to child
processes
1193 Fix interpretation of `errno` after randomization calls
1195 Avoid assuming uint8_t is a character type
Other changes:
1180 1199 Add support for `getentropy(3)` as a source of entropy;
this helps with protecting against hash flooding attacks,
in particular with WASI SDK (where none of the other
entropy sources supported by libexpat are available).
1200 Autotools: Add `--without-arc4random` and
`--without-arc4random-buf`
1200 Autotools: Make `./configure` output report on available
high quality entropy sources
1173 Autotools|macOS: Sync CMake templates with CMake 4.3.0
1201 Autotools|CMake: Improve checks for `arc4random` and
`arc4random_buf` e.g. with modern glibc
1201 CMake: Report on availability of functions `arc4random` and
`arc4random_buf`
1201 CMake: Mark entropy related build switches as advanced
1189 ..
1203 1204 Extract new files from entropy extraction code
1194 Stop duplicating C tests 1:1 as C++ ("runtests_cxx")
1202 Fix a comment typo in expat_external.h
1187 Fix grammar in compile error message
1192 examples: Build warning-free with -Wwrite-strings
1171 tests: Address harmless warning from Coverity
1170 1176 Sync file headers
1190 1206 Version info bumped from 12:3:11 (libexpat*.so.1.11.3)
to 13:0:12 (libexpat*.so.1.12.0); see https://verbump.de/
for what these numbers do
Infrastructure:
1166 1167 ..
1172 1175 ..
1178 1179 ..
1185 1205 CI: Make Perl XML::Parser integration tests run against
both version 2.47 and the latest release 2.58
1169 CI: Adapt to breaking changes regarding Inno Setup
1173 CI: Adapt to breaking changes regarding CMake
1174 CI: Include public corpus of fuzzer `xml_lpm_fuzzer` with
regression testing
1181 1182 CI: Bump WASI SDK from 30 to 32
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 24 Apr 2026 16:43:00 +0000 (18:43 +0200)]
tzdata: Update to version 2026b
- Update from version 2026a to 2026b
- No change in rootfile
- Changelog
2026b
Briefly:
British Columbia moved to permanent -07 on 2026-03-09.
Some more overflow bugs have been fixed in zic.
Changes to future timestamps
British Columbia’s 2026-03-08 spring forward was its last
foreseeable clock change, as it moved to permanent -07 thereafter.
(Thanks to Arthur David Olson.) Although the change to permanent
-07 legally took place on 2026-03-09, temporarily model the change
to occur on 2026-11-01 at 02:00 instead. This works around a
limitation in CLDR v48.2 (2026-03-17). This temporary hack is
planned to be removed after CLDR is fixed.
Changes to code
zic no longer mishandles a last transition to a new time type.
zic no longer overflows a buffer when generating a TZ string like
"PST-167:59:58PDT-167:59:59,M11.5.6/-167:59:59,M12.5.6/-167:59:59",
which can occur with adversarial input. (Thanks to Naveed Khan.)
zic no longer generates a longer TZif file than necessary when
an earlier time zone abbreviation is a suffix of a later one.
As a nice side effect, zic no longer overflows a buffer when given
a long series of abbreviations, each a suffix of the next.
(Buffer overflow reported by Arthur Chan.)
zic no longer overflows an int when processing input like ‘Zone
Ouch 2147483648:00:00 - LMT’. The int overflow can lead to buffer
overflow in adversarial cases. (Thanks to Naveed Khan.)
zic now checks for signals more often.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 24 Apr 2026 16:42:58 +0000 (18:42 +0200)]
openssh: Update to version 10.3p1
- Update from version 10.2p1 to 10.3p1
- No change in rootfile
- There are three changes listed as Potentially incompatible changes. They do not look
to me like thinmgs that will affect IPFire but I am happy to be corrected.
- Changelog
10.3p1
Potentially-incompatible changes
* ssh(1), sshd(8): remove bug compatibility for implementations
that don't support rekeying. If such an implementation tries to
interoperate with OpenSSH, it will now eventually fail when the
transport needs rekeying.
* sshd(8): prior to this release, a certificate that had an empty
principals section would be treated as matching any principal
(i.e. as a wildcard) when used via authorized_keys principals=""
option. This was intentional, but created a surprising and
potentially risky situation if a CA accidentally issued a
certificate with an empty principals section: instead of being
useless as one might expect, it could be used to authenticate as
any user who trusted the CA via authorized_keys. [Note that this
condition did not apply to CAs trusted via the sshd_config(5)
TrustedUserCAKeys option.]
This release treats an empty principals section as never matching
any principal, and also fixes interpretation of wildcard
characters in certificate principals. Now they are consistently
implemented for host certificates and not supported for user
certificates.
* ssh(1): the -J and equivalent -oProxyJump="..." options now
validate user and host names for ProxyJump/-J options passed
via the command-line (no such validation is performed for this
option in configuration files). This prevents shell injection in
situations where these were directly exposed to adversarial
input, which would have been a terrible idea to begin with.
Reported by rabbit.
Security
* ssh(1): validation of shell metacharacters in user names supplied
on the command-line was performed too late to prevent some
situations where they could be expanded from %-tokens in
ssh_config. For certain configurations, such as those that use a
"%u" token in a "Match exec" block, an attacker who can control
the user name passed to ssh(1) could potentially execute arbitrary
shell commands. Reported by Florian Kohnhäuser.
We continue to recommend against directly exposing ssh(1) and
other tools' command-lines to untrusted input. Mitigations such
as this can not be absolute given the variety of shells and user
configurations in use.
* sshd(8): when matching an authorized_keys principals="" option
against a list of principals in a certificate, an incorrect
algorithm was used that could allow inappropriate matching in
cases where a principal name in the certificate contains a
comma character. Exploitation of the condition requires an
authorized_keys principals="" option that lists more than one
principal *and* a CA that will issue a certificate that encodes
more than one of these principal names separated by a comma
(typical CAs strongly constrain which principal names they will
place in a certificate). This condition only applies to user-
trusted CA keys in authorized_keys, the main certificate
authentication path (TrustedUserCAKeys/AuthorizedPrincipalsFile)
is not affected. Reported by Vladimir Tokarev.
* scp(1): when downloading files as root in legacy (-O) mode and
without the -p (preserve modes) flag set, scp did not clear
setuid/setgid bits from downloaded files as one might typically
expect. This bug dates back to the original Berkeley rcp program.
Reported by Christos Papakonstantinou of Cantina and Spearbit.
* sshd(8): fix incomplete application of PubkeyAcceptedAlgorithms
and HostbasedAcceptedAlgorithms with regard to ECDSA keys.
Previously if one of these directives contains any ECDSA algorithm
name (say "ecdsa-sha2-nistp384"), then any other ECDSA algorithm
would be accepted in its place regardless of whether it was
listed or not. Reported by Christos Papakonstantinou of Cantina
and Spearbit.
* ssh(1): connection multiplexing confirmation (requested using
"ControlMaster ask/autoask") was not being tested for proxy mode
multiplexing sessions (i.e. "ssh -O proxy ..."). Reported by
Michalis Vasileiadis.
New features
* ssh(1), sshd(8): support IANA-assigned codepoints for SSH agent
forwarding, as per draft-ietf-sshm-ssh-agent. Support for the new
names is advertised via the EXT_INFO message. If a server offers
support for the new names, then they are used preferentially.
Support for the pre-standardisation "@openssh.com" extensions for
agent forwarding remains supported.
* ssh-agent(1): implement support for draft-ietf-sshm-ssh-agent
"query" extension.
* ssh-add(1): support querying the protocol extensions via the
agent "query" extension with a new -Q flag.
* ssh(1): support multiple files in a ssh_config RevokedHostKeys
directive. bz3918
* sshd(8): support multiple files in a sshd_config RevokedKeys
directive bz3918
* ssh(1): add a ~I escape option that shows information about the
current SSH connection.
* ssh(1): add an "ssh -Oconninfo user@host" multiplexing command
that shows connection information, similar to the ~I escapechar.
* ssh(1): add an "ssh -O channels user@host" multiplexing command to
get a running mux process to show information about what channels
are currently open.
* sshd(8): add 'invaliduser' penalty to PerSourcePenalties, which is
applied to login attempts for usernames that do not match real
accounts. Defaults to 5s to match 'authfail' but allows
administrators to block such attempts for longer if desired.
* sshd(8): add a GSSAPIDelegateCredentials option for the server,
controlling whether it accepts delegated credentials offered by
the client. This option mirrors the same option in ssh_config.
GHPR614
* ssh(1), sshd(8): support the VA DSCP codepoint in the IPQoS
directive.
* sshd(8): convert PerSourcePenalties to using floating point time,
allowing penalties to be less than a second. This is useful if you
need to penalise things you expect to occur at >=1 QPS.
* ssh-keygen(1): support writing ED25519 keys in PKCS8 format.
GHPR570
* Support the ed25519 signature scheme via libcrypto.
Bugfixes
* sshd(8): make IPQoS first-match-wins in sshd_config, like other
configuration directives. bz3924
* sshd(8): fix potential crash when MaxStartups is using a single
argument (i.e. not using the MaxStartps x:y:z form) to a value
below 10. bz3941
* sshd(8): fix a potential hang during key exchange if needed DH
group values were missing from /etc/moduli.
* ssh-agent(1): fix return values from extensions to be correct wrt
draft-ietf-sshm-ssh-agent: extension requests should indicate
failure using SSH_AGENT_EXTENSION_FAILURE rather than the generic
SSH_AGENT_FAILURE error code. This allows the client to discern
between "the request failed" and "the agent doesn't support this
extension".
* ssh(1): use fmprintf for showing challenge-response name and info
to preserve UTF-8 characters where appropriate. Prompted by GitHub
PR#452.
* scp(1): when uploading a directory using sftp/sftp (e.g. during a
recursive transfer), don't clobber the remote directory
permissions unless either we created the directory during the
transfer or the -p flag was set. bz3925
* All: implement missing pieces of FIDO/webauthn signature support,
mostly related to certificate handling and enable acceptance of this
signature format by default. bz3748 GHPR624 GHPR625
* sshd_config(5): make it clear that DenyUsers/DenyGroups overrides
AllowUsers/AllowGroups. Previously we specified the order in which
the directives are processed but it was ambiguous as to what
happened if both matched.
* ssh(1): don't try to match certificates held in an agent to
private keys. This matching is done to support certificates that
were loaded without their private key material, but is
unnecessary for agent-hosted certificate which always have
private key material available in the agent. Worse, this matching
would mess up the request sent to the agent in such a way as to
break usage of these keys when the key usage was restricted in
the agent. bz3752
* sftp(1): if editline has been switched to vi mode (i.e. via "bind
-v" in .editrc), setup a keybinding so that command mode can be
entered.
* ssh(1), sshd(8): improve performance of keying the sntrup761 key
agreement algorithm.
* ssh(1), sshd(8): enforce maximum packet/block limit during
pre-authentication phase.
* sftp(1): don't misuse the sftp limits extension's open-handles
field. This value is supposed to be the number of handles a
server will allow to be opened and not a number of outstanding
read/write requests that can be sent during an upload/download.
* sshd(8): don't crash at connection time if the main sshd_config
lacks any subsystem directive but one is defined in a Match block.
bz3906
* sshd_config(5): add a warning next to the ForceCommand directive
that forcing a command doesn't automatically disable forwarding.
* sshd_config(5): add a warning that TOKENS are replaced without
filtering or escaping and that it's the administrator's
responsibility to ensure they are used safely in context.
* scp(1): correctly quote filenames in verbose output for local->
local copies. bz3900
* sshd(8): don't mess up the PerSourceNetBlockSize IPv6 mask if
sscanf didn't decode it. GHPR598
* ssh-add(1): when loading FIDO2 resident keys, set the comment to
the FIDO application string. This matches the behaviour of
ssh-keygen -K. GHPR608
* sshd(8): don't strnvis() log messages that are going to be logged
by sshd-auth via its parent sshd-session process, as the parent
will also run them though strnvis(). Prevents double-escaping of
non-printing characters in some log messages. bz3896
* ssh-agent(1): escape SSH_AUTH_SOCK paths that are sent to the
shell as setenv commands. Unbreaks ssh-agent for home directory
paths that contain whitespace. bz3884
* All: Remove unnecessary checks for ECDSA public key validity.
* sshd(8): activate UnusedConnectionTimeout only after the last
channel has closed. Previously UnusedConnectionTimeout could fire
early after a ChannelTimeout. This was not a problem for the
OpenSSH client because it terminates once all channels have
closed but could cause problems for other clients (e.g. API
clients) that do things differently. bz3827
* All: fix PKCS#11 key PIN entry problems introduced in
openssh-10.1/10.2. bz3879
* scp(1): when using the SFTP protocol for transfers, fix implicit
destination path selection when source path ends with "..". bz3871
* sftp(1): when tab-completing a filename, ensure that the completed
string does not end up mid-way through a multibyte character, as
this will cause a fatal() later on. GHPR#587
* ssh-keygen(1): fix crash at exit (visible via ssh-keygen -D) when
multiple keys loaded.
* scp(1)/sftp(1): correctly display bandwidths >2GBps in the
progress meter.
Portability
* sshd(8): fix condition introduced in openssh 10.2p1 stable branch
here a PAM module that changed the requested username between
SSH_MSG_USERAUTH_REQUEST messages during authentication could
confuse the PAM stack and let it proceed with a different
understanding of the active username than the rest of sshd.
Reported by Mike Damm.
* sshd(8): immediately report interactive instructions to clients
when using keyboard-interactive authentication with PAM. bz2876
* sshd(8): fix duplicate PAM messages under some situations.
* sshd(8): don't leak PAM handle on repeat invocations. bz3882
* All: support linking libcrypto implementations (e.g. BoringSSL)
that require libstdc++.
* sshd(8): fix ut_type for btmp records, correctly using
LOGIN_PROCESS and USER_PROCESS.
* sshd(8): allow uname(3) in the seccomp sandbox. This is needed by
zlib-ng on RISC-V platforms.
* All: remove remaining OpenSSL_add_all_algorithms() calls.
We already have OPENSSL_init_crypto() in the compat layer.
Prompted by github PR#606
* All: fix builds on older Mac OS wrt nfds_t.
* mdoc2man: several improvements including better support for Dl
and Ns inside Ic.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Fri, 24 Apr 2026 16:42:59 +0000 (18:42 +0200)]
openssl: Update to version 3.6.2
- Update from version 3.6.1 to 3.6.2
- Update of rootfile
- This looks to be the last release in the 3.x branch as 4.0.0 has been released.
This patch updates that last 3.x branch version as it is a security release with
eight CVE fixes in it.
Also with the major change from 3.x to 4.x we will need to ensure that there are no
issues for IPFire. I will do a separate build for 4.0.0 and test it before submitting
that patch for consideration for 203 or 204
- Changelog
3.6.2
Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
(CVE-2026-31790)
Fixed loss of key agreement group tuple structure when the DEFAULT keyword
is used in the server-side configuration of the key-agreement group list.
(CVE-2026-2673)
Fixed out-of-bounds read in AES-CFB-128 on x86-64 CPUs with AVX-512 support.
(CVE-2026-28386)
Fixed potential use-after-free in DANE client code.
(CVE-2026-28387)
Fixed NULL pointer dereference when processing a delta CRL.
(CVE-2026-28388)
Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo.
(CVE-2026-28389)
Fixed possible NULL dereference when processing CMS KeyTransportRecipientInfo.
(CVE-2026-28390)
Fixed heap buffer overflow in hexadecimal conversion.
(CVE-2026-31789)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sat, 11 Apr 2026 11:45:32 +0000 (13:45 +0200)]
ovpnmain.cgi: Update status extraction for Connection Status
- The format of the connection status has changed and this change ensures that the
status is correctly shown in the Connection Status and Control table
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sat, 11 Apr 2026 11:45:29 +0000 (13:45 +0200)]
ovpnmain.cgi: Display only IP for Real Address in Connection Statistics Page
- In the Connection Statistics page under Real Address it was showing the IP:Port instead
of just the IP.
- The IP was being split out in $address but this variable was not then used to display
the Real Address.
- This patch fixes that so that only the IP is shown for the Real Address.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sat, 11 Apr 2026 11:45:26 +0000 (13:45 +0200)]
openvpn: Update to version 2.7.1
- Update from version 2.6.19 to 2.7.1
- Update of rootfile
- Changelog
2.7.1
Bugfixes
Fix usage of --lport inside a <connection> block - this got broken with the multi-socket patchset (GH #995)
Do not try to run auto-pam unit test when cross-compiling.
Do not break private-key passphrases of length >= 64 (GH #993)
Fix obscure ASSERT() crash on TCP connects with TAP and no ip config.
Make DCO work on FreeBSD systems that have no IPv4 support in kernel (FreeBSD PR 286263)
Make DCO work on Linux on big endian systems (namely, MIPS and PowerPC) (GH OpenVPN/ovpn-dco#96)
New features
Add a new username-only flag argument to --auth-user-pass which will now make OpenVPN only query for username and send a dummy password to the server. This is only useful if auth schemes are used on the server side that will do some sort of external challenge base on username, and not password authentication. See discussion in GH #501 (starting Jan 30, 2024).
Increase default sizing of internal hash maps to 4 * --max-clients. The default used to be 256 with a --max-clients default of 1024 - this is bad for performance, while the memory savings are minimal. On a very memory constrained system, reduce --max-clients.
Long-term code maintenance
Work on OpenSSL 4.0 API support, reducing use of ASN1_STRING members.
Remove obsolete OpenSSL 1.0.x support code from unit tests.
Improve documentation of management client versioning, replace magic numbers in the code with an enum type.
Fixup responses to management interface version command (for >= 4).
Make --enable-async-push work on FreeBSD 15 (which has native inotify support, and consequently no libinotify.pc anymore)
Adjust some code parts to new "const" handling on string function returns (ISO C23, as implemented by glibc 2.43 and newer).
Remove erroneous usage of M_ERR | M_ERRNO throughout the code.
User-visible Changes
When compiled with the AWS-LC SSL library, using --tls-cert-profile will now print a run-time warning - the library does not support it, so it would silently do nothing.
Systemd unit files: change LimitNPROC to TasksMax and increase limit (GH: #929)
Documentation improvements.
port-share: log incoming connections at verb 3, not on error level anymore (GH: #976).
2.7.0
New features
Multi-socket support for servers
OpenVPN servers now can listen on multiple sockets at the same time. Multiple --local statements in the configuration can be used to configure this. This way the same server can e.g. listen for UDP and TCP connections at the same time, or listen on multiple addresses and/or ports.
Client implementations for DNS options sent by server for Linux/BSD/macOS
Linux, BSD and macOS versions of OpenVPN now ship with a per-platform default --dns-updown script that implements proper handling of DNS configuration sent by the server. The scripts should work on systems that use systemd or resolveconf to manage the DNS setup, as well as raw /etc/resolv.conf files. However, the exact features supported will depend on the configuration method. On Linux and MacOS this should usually make split-DNS configurations supported out-of-the-box now.
Note that this new script will not be used by default if a --up script is already in use to reduce problems with backwards compatibility.
See documentation for --dns-updown and --dns for more details.
New client implementation for DNS options sent by server for Windows
The Windows client now uses NRPT (Name Resolution Policy Table) to handle DNS configurations. This adds support for split-DNS and DNSSEC and improves the compatbility with local DNS resolvers. Requires the interactive service.
On Windows the block-local flag is now enforced with WFP filters.
The block-local flag to --redirect-gateway and --redirect-private is now also enforced via the Windows Firewall, making sure packets can't be sent to the local network. This provides stronger protection against TunnelCrack-style attacks.
Windows network adapters are now generated on demand
This means that on systems that run multiple OpenVPN connections at the same time the users don't need to manually create enough network adapters anymore (in addition to the ones created by the installer).
Windows automatic service now runs as an unpriviledged user
All tasks that need privileges are now delegated to the interactive service. NOTE this has the risk of breaking existing setups if the Windows certificate store is used (cryptoapi), and the certificates are not readable for NT SERVICE\OpenVPNService.
Support for new version of Linux DCO module
OpenVPN DCO module is moving upstream and being merged into the main Linux kernel. For this process some API changes were required. OpenVPN 2.7 will only support the new API. The new module is called ovpn. Out-of-tree builds for older kernels are available. Please see the release announcements for futher information.
Support for server mode in win-dco driver
On Windows the win-dco driver can now be used in server setups.
Support for TLS client floating in DCO implementations
The kernel modules will detect clients floating to a new IP address and notify userland so both data packets (kernel) and TLS packets (sent by userland) can reach the new client IP. (Actual support depends on recent-enough kernel implementation)
Enforcement of AES-GCM usage limit
OpenVPN will now enforce the usage limits on AES-GCM with the same confidentiality margin as TLS 1.3 does. This mean that renegotiation will be triggered after roughly 2^28 to 2^31 packets depending of the packet size. More details about usage limit of AES-GCM can be found here:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-aead-limits/
Epoch data keys and packet format
This introduces the epoch data format for AEAD data channel ciphers in TLS mode ciphers. This new data format has a number of improvements over the standard "DATA_V2" format.
AEAD tag at the end of packet which is more hardware implementation friendly
Automatic key switchover when cipher usage limits are hit, similar to the epoch data keys in (D)TLS 1.3
64 bit instead of 32 bit packet ids to allow the data channel to be ready for 10 GBit/s without having frequent renegotiation
IV constructed with XOR instead of concatenation to not have (parts) of the real IV on the wire
Support for Epoch data channel on Windows, using the win-dco driver (2.8.0+)
Default ciphers in --data-ciphers
Ciphers in --data-ciphers can contain the string DEFAULT that is replaced by the default ciphers used by OpenVPN, making it easier to add an allowed cipher without having to spell out the default ciphers.
TLS alerts
OpenVPN 2.7 will send out TLS alerts to peers informing them if the TLS session shuts down or when the TLS implementation informs the peer about an error in the TLS session (e.g. mismatching TLS versions). This improves the user experience as the client shows an error instead of running into a timeout when the server just stops responding completely.
Support for tun/tap via unix domain socket and lwipovpn support
To allow better testing and emulating a full client with a full network stack OpenVPN now allows a program executed to provide a tun/tap device instead of opening a device.
The co-developed lwipovpn program based on lwIP stack allows to simulate full IP stack. An OpenVPN client using --dev-node unix:/path/to/lwipovpn can emulate a full client that can be pinged, can serve a website and more without requiring any elevated permission. This can make testing OpenVPN much easier.
For more details see lwipovpn on Github.
Allow overriding username with --override-username
This is intended to allow using --auth-gen-token in scenarios where the clients use certificates and multi-factor authentication. This will also generate a push "auth-token-user newusername" directive in push replies.
--port-share now properly supports IPv6
Issues with logging of IPv6 addresses were fixed. The feature now allows IPv6 connections towards the proxy receiver.
Support for Haiku OS
TLS1.3 support with mbedTLS (requires mbedTLS >= 3.6.4)
PUSH_UPDATE client support
It is now possible to update parts of the client-side configuration (IP address, routes, MTU, DNS) by sending a new server-to-client control message, PUSH_UPDATE,<options>. See also: https://openvpn.github.io/openvpn-rfc/openvpn-wire-protocol.html NOTE: PUSH_UPDATE client support is currently disabled if DCO is active (on all platforms).
PUSH_UPDATE server support (minimal)
New management interface commands push-update-broad and push-update-cid to send PUSH_UPDATE option updates to all clients ("there is a new DNS server") or only a specific client ID ("privileges have changed, here's a new IP address"). See doc/management-notes.txt NOTE: PUSH_UPDATE server support is currently disabled if DCO is active (on all platforms).
Support for user-defined routing tables on Linux
See the --route-table option in the manpage
PQE support for WolfSSL
Two new environment variables have been introduced to communicate desired
default gateway redirection to plugins like Network Manager, route_redirect_gateway_ipv4 and route_redirect_gateway_ipv6. See the "Environmental Variables" section in the man page
Improved logging of service events/errors to event log on Windows.
"Recursive Routing" check is now more granular, and will only drop
packets-in-tunnel if destination IP, protocol and port matches with those needed to reach the VPN server. With that change, you can now use policies that direct "everything that is not OpenVPN" into the tunnel, and have IP packets to the VPN server address arrive as expected (no such policies are currently installed by OpenVPN) (GH: #669).
COPYING: license details only relevant to our Windows installers have
been updated and moved to the openvpn-build repo
Improved BYTECOUNT support - more strictly adhere to timing interval
requested, correctly support client and server counters with Linux and Windows DCO offloading.
Improve compatibility with OpenSSL 3.6.0 (do not fail t_lpback selftest)
New option --tls-crypt-v2-max-age n to check tls-crypt-v2 timestamps
(When a client is older than n days or has no timestamp, the server
will reject it)
mbedTLS 4 support has been added.
Note that with mbedTLS 4 algorithms need to be translated to mbedTLS 4 internal IDs by OpenVPN, and some names might be missing.
Deprecated features
secret support has been removed (by default).
static key mode (non-TLS) is no longer considered "good and secure enough" for today's requirements. Use TLS mode instead. If deploying a PKI CA is considered "too complicated", using --peer-fingerprint makes TLS mode about as easy as using --secret.
This mode can still be enabled by using --allow-deprecated-insecure-static-crypto but will be removed in OpenVPN 2.8.
Support for wintun Windows driver has been removed.
OpenVPN 2.6 added support for the new dco-win driver, so it supported three different device drivers: dco-win, wintun, and tap-windows6. OpenVPN 2.7 now drops the support for wintun driver. By default all modern configs should be supported by dco-win driver. In all other cases OpenVPN will fall back automatically to tap-windows6 driver.
NTLMv1 authentication support for HTTP proxies has been removed.
This is considered an insecure method of authentication that uses obsolete crypto algorithms. NTLMv2 support is still available, but will be removed in a future release. When configured to authenticate with NTLMv1 (ntlm keyword in --http-proxy) OpenVPN will try NTLMv2 instead.
persist-key option has been enabled by default.
All the keys will be kept in memory across restart.
OpenSSL 1.0.2 support has been removed.
Support for building with OpenSSL 1.0.2 has been removed. The minimum supported OpenSSL version is now 1.1.0.
mbedTLS 2.x support has been removed
Support for building with mbedTLS 2.x has been removed (it is out of support since March 2025, and the necessary compatibility code is making maintenance and support for mbedTLS 4.x hard). The minimum supported mbedTLS version is now 3.2.1.
Compression on send has been removed.
OpenVPN 2.7 will never compress data before sending. Decompression of received data is still supported. --allow-compression yes is now an alias for --allow-compression asym.
--memstats feature removed
The --memstats option was largely undocumented and there is no known user of this feature. This feature provided very limited statistics (number of users, link bytes read/written) and we do not except any usage because of this.
Using --push in a mode that is not --mode server will now print a
clear warning that this is an unsupported operation and might cause negotiation failures.
--reneg-bytes and --reneg-packets do not work in DCO mode, and will
now print an appropriate warning.
On-connect resolving of --remote addresses in --tcp-server mode
was not working since 2.4, so the code was completely removed.
--opt-verify feature removed
This option was already deprecated and it is now being converted to a no-op. Using this option will only print a warning.
User-visible Changes
Default for --topology changed to subnet for --mode server. Previous releases always used net30 as default. This only affects configs with --mode server or --server (the latter implies the former), and --dev tun, and only if IPv4 is enabled. Note that this changes the semantics of --ifconfig, so if you have manual settings for that in your config but not set --topology your config might fail to parse with the new version. Just adding --topology net30 to the config should fix the problem. By default --topology is pushed from server to client.
--x509-username-field will no longer automatically convert fieldnames to uppercase. This was deprecated since OpenVPN 2.4, and has now been removed.
--dh none is now the default if --dh is not specified. Modern TLS implementations will prefer ECDH and other more modern algorithms anyway. And finite field Diffie Hellman is in the proces of being deprecated (see draft-ietf-tls-deprecate-obsolete-kex)
--lport 0 does not imply --bind anymore.
--redirect-gateway now works correctly if the VPN remote is not reachable by the default gateway.
--show-gateway now supports querying the gateway for IPv4 addresses.
--static-challenge option now has a third parameter format that can change how password and challenge response should be combined.
--key and --cert now accept URIs implemented in OpenSSL 3 as well as optional OpenSSL 3 providers loaded using --providers option.
--cryptoapicert now supports issuer name as well as Windows CA template name or OID as selector string.
TLS handshake debugging information contains much more details now when using recent versions of OpenSSL.
The IV_PLAT_VER variable sent by Windows clients now contains the full Windows build version to make it possible to determine the Windows 10 or Windows 11 version used.
The --windows-driver option to select between various windows drivers will no longer do anything - it's kept so existing configs will not become invalid, but it is ignored with a warning. The default is now ovpn-dco if all options used are compatible with DCO, with a fallback to tap-windows6. To force TAP (for example because a server pushes DCO incompatible options), use the --disable-dco option.
Apply more checks to incoming TLS handshake packets before creating new state - namely, verify message ID / acked ID for "valid range for an initial packet". This fixes a problem with clients that float very early but send control channel packet from the pre-float IP (Github: #704).
Use of --dh dh2048.pem in all sample configs has been replaced with --dh none. The dh2048.pem file has been removed.
The startup delay in t_client.sh has been reduced from 3s to 1s, making a noticeable difference for setups with many tests.
Changed from using uncrustify for code formatting and pre-commit checks to clang-format. This reformatted quite a bit of code, and requires that regular committers change their pre-commit checks accordingly.
On Linux, on interfaces where applicable, OpenVPN explicitly configures the broadcast address again. This was dropped for 2.6.0 "because computers are smart and can do it themselves", but the kernel netlink interface isn't, and will install "0.0.0.0". This does not normally matter, but for broadcast-based applications that get the address to use from "ifconfig", this change repairs functionality (this has been backported to 2.6.15, but is not in earlier 2.6 versions).
max-routes-per-client 0 used to be silently upgraded to 1. This now produces an error.
ifconfig and ifconfig-ipv6 values are now stored in pre-connect options cache, and will be restored to pre-connect values on reconnects if the server stops pushing the respective option.
tapctl.exe helper binary on Windows has been reworked to improve help texts (making clear that it can not only do TAP-Adapters but Win-DCO as well), add printing of the hwid to all adapter outputs, and change the default adapter type created to ovpn-dco.
The default for multihome egress interface handling has changed. 2.7.0 will default to ipi_ifindex=0, that is, leave the decision to the routing/policy setup of the operating system. The pre-2.7 behaviour (force egress = ingress interface) can be achieved with the new --multihome same-interface sub-option.
Windows openvpn.exe binary manifest now sets code page UTF8 - which has no direct effect on OpenVPN itself, but this repairs OpenSSL file loading for key/cert files with non-ASCII characters in their file names (GH: #920).
The test-crypto option no longer requires a --secret argument and will automatically generate a random key.
The configure-time option --enable-x509-alt-username is no longer conditional, and always-on (GH: #917).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 7 Apr 2026 15:10:34 +0000 (17:10 +0200)]
boost: Update to version 1_90_0
- Update from version 1_89_0 to 1_90_0
- Update of rootfiles for all three architectures
- Changelog
1_90_0
New Libraries
OpenMethod:
Open-(multi-)methods in C++17 and above, from Jean-Louis Leroy.
Updated Libraries
Asio
Added the execution::inline_exception_handling property to describe what exception handling guarantees are made when execution occurs inline.
Added inline_executor, which always executes the submitted function inline.
Changed the default candidate executor for associated_executor from system_executor to inline_executor.
Added the inline_or_executor<> adapter and inline_or() helper, which will execute inline if possible and otherwise delegate to another executor.
Added overloads of dispatch, post and defer that take a function object to be run on the target executor, and deliver the result to the completion handler.
Added the redirect_disposition completion token adapter, as a generic counterpart for redirect_error.
Annotated deprecated items with the [[deprecated]] attribute.
Added a new configuration parameter "reactor" / "reset_edge_on_partial_read", which determines whether a partial read consumes the edge when using epoll.
Added new configuration parameters "reactor" / "use_eventfd" and "reactor" / "use_timerfd" that are used to determine whether the epoll backend uses eventfd and timerfd respectively.
Added the missing preprocessor check for BOOST_ASIO_DISABLE_TIMERFD.
Implemented a compile-time feature check for std::source_location support, in addition to std::experimental::source_location.
Stopped using the deprecated boost::array::c_array() function.
Fixed a resource leak in asio::awaitable move assignment.
Fixed a memory leak in ssl stream move assignment.
Fixed a thread sanitizer issue in kqueue reactor.
Fixed handler tracking arguments in io_uring backend.
Fixed an unused parameter warning in boost::asio::detail::null_thread.
Changed the macro-based coroutine implementation to ensure deterministic case labels when __COUNTER__ is used.
Fixed synchronous SSL stream shutdown to remap error::eof as async_shutdown does.
Changed stream_file and random_access_file on Windows to treat file paths as UTF-8 encoded strings.
Added checks to experimental::parallel_group and experimental::ranged_parallel_group to detect empty operation sets.
Removed workaround for _FORTIFY_SOURCE, added address length checking to ip::basic_resolver_results.
Fixed experimental::coro to have protection against max as a macro.
Updated detection of std::aligned_alloc for newer libc++ versions.
Various documentation fixes and improvements.
Consult the Revision History for further details.
Beast:
http::parser rejects non-standard trailer fields by default.
http::basic_parser uses a dedicated callback for trailer fields.
http::field constants are updated.
Fixed allocator move/copy assignment in flat_buffer and multi_buffer.
Fixed websocket permessage-deflate error on partial message consumption.
http::buffer_body ignores empty chunks.
Added http::basic_fields::contains member function.
Removed dependency on Boost.Preprocessor and Boost.StaticAssert.
Bloom:
Added bulk-mode insertion and lookup for increased performance.
Made lookup implementation branchless for block, fast_multiblock32 and fast_multiblock64, which results in some performance gains, particularly for mixed successful/unsuccessful queries.
Charconv:
Fixed quadmath detection in CMake for cross-compilation.
Fixed an issue where a sufficiently big buffer would error as not large enough in floating point to_chars.
Compat:
Added to_underlying.hpp (contributed by Braden Ganetsky.)
Container:
Reimplemented deque. The original implementation was based on the SGI’s original data structure (similar to libstdc++). Main changes:
sizeof(deque) was 10 words, now is 4 words. Probably the lightest implementation around.
sizeof(deque::iterator) was 4 words, now is is 2 words (similar to libc++ and MSVC).)
Several internal algorithms were reimplemented to speed up the segmented nature of deque.
Defaults were slightly changed, 64 bit platforms now use 1024 byte blocks by default instead of classic SGI 512 byte blocks.
The new implementation eases further deque-like variations and optimizations in the future.
Fixed bugs/issues:
GitHub #248: "flat_map slow insertion introduced in boost-1.80.0".
GitHub #254: "C++20 std::erase_if".
GitHub #293: "UBSAN reports unaligned access error".
GitHub #294: "CMake: Add option to use header-only Boost::container".
GitHub #300: "Warnings when building with Clang 20".
GitHub #304: "Usage of boost::container::small_vector with custom allocator".
GitHub #305: "Warnings with -Wstrict-prototypes".
GitHub #307: "Fix all instances of MSVC warning C4146 (unsigned negation)".
GitHub #309: "Performance regression of boost::container::static_vector introduced in boost v1.86".
GitHub #306: "new_allocator.hpp error: '__cpp_sized_deallocation' is not defined, evaluates to 0 [-Werror,-Wundef"].
GitHub #310: "flat_map: Mention correct type in documentation of emplace and emplace_hint".
GitHub #312: "flat_map std::allocator::is_always_equal is deprecated".
GitHub #317: "Partial revert of changes for Issue #209 - compiler warnings".
GitHub #321: "devector does not work with pmr allocators".
Conversion:
Dropped dependency on Boost.SmartPtr.
Core:
The implementation of BOOST_TEST_THROWS and BOOST_TEST_NO_THROW macros defined in boost/core/lightweight_test.hpp has been changed to avoid compiler warnings on some compilers, when the macros are used in if/else blocks. As a side effect of this change, the semicolon after the macro is now necessary. (PR#205)
boost::data and boost::size are now aliases for std::data and std::size, respectively, when the latter are provided by compiler. This resolves potential ambiguities when both boost:: and std:: alternatives are found by the compiler, e.g. as a result of ADL. (PR#206)
DLL:
Fixed issues with std::error_code being passed to boost::system::error_code&. Many thanks to Thomas Klausner for the fix (PR#106).
Fixed install with CMake. Many thanks to Yury Bura for the fix (PR#103).
Fixed size variable shadowing.
DynamicBitset:
Added C++20 iterators.
Allowed choosing the underlying container type.
Added constexpr support when compiling as C++20 or later.
Made push_back(), pop_back() and lowest_bit() more efficient.
Made the constructor from basic_string explicit.
Removed several dependencies.
Added push_front(), pop_front(), find_first_off(), find_next_off() and constructors from C-style strings and basic_string_view (the latter in C++17 or later).
Changed the stream inserter to set badbit if an exception is thrown during output.
Made the stream extractor rethrow any exception coming from the underlying vector.
Ported the documentation to MrDocs and Antora.
Filesystem:
Clear passed error_code argument on successful completion of the permissions operation. (PR#338)
On Windows, added a workaround for directory_iterator constructor failing with an "Invalid Signature" error for a Samba 3.0.2 share, when SMB signing is required. (#334)
Flyweight:
Fixed compile errors in Clang 19 and later due to P0522R0 support.
Geometry:
Major improvements
GitHub #1409: "Implement is_valid algorithm for polyhedral surfaces".
Improvements
GitHub #1413: "Add supported combinations for convert".
GitHub #1417: "Improved documentation".
GitHub #1423: "Avoid stack overflow in traverse".
Solved issues
GitHub #1006: "bg::projections::detail::epsg_to_parameters causes excessive compile times".
Various fixes of errors and warnings
GIL:
Improvements
GitHub #773: "Improved documentation (histogram and typos). Fixed the build for latest sphinx version.".
Solved issues
GitHub #778: "Fixed build with Clang".
Interprocess:
Minor documentation fixes.
Fixed bugs:
GitHub #245: "Fix UBSan runtime error (load of 'boost::interprocess::mode_t')".
GitHub #269: "Minor documentation fixes and template parameter renames".
JSON:
Removed dependencies on Boost.Align and Boost.StaticAssert.
Switched to a faster hashing algorithm.
LexicalCast:
More tests and fixes for floating-point special value conversions to integers and bool. Fixes compiler warning C4804 when lexical casting from float to bool.
Dropped dependency to Boost.TypeTraits. Many thanks to Romain Geissler for implementing the major part of the work (PR#87).
Switch from implicit to explicit type conversion to avoid compiler warnings. Many thanks to bmagistro for the PR (PR#85).
Fixed mistakes in documentation. Many thanks to ivanpanch for the PR (PR#86).
Fixed regression in unsigned short to wstring casting without wchar_t builtin type.
Locale:
Fixed B2 build files to avoid building dynamic versions of various Boost libraries when only static ones are requested (PR#266).
When ISO8859-1 or ISO8859-8 encoding is requested, allow using Windows codepages 1252 or 1255, respectively, instead of using the "C" (classic) locale when the selected Windows locale doesn’t support that ISO8859 encoding.
Enabled a workaround for an issue in Cygwins stdlib when converting some long UTF-8 sequences to UTF-16.
Log:
Fixed a missed optimization in value_ref visitation.
Fixed a possible long and useless loop on log file rotation in text_file_backend. If the log file name pattern did not include a file counter and the log file size exceeded the rotation_size limit, then the sink backend would repeatedly try to open a new log file with a different counter value and end up opening the same file every time. (#252)
Made file size checks more robust against integer overflows in text_file_backend.
Math:
Added new sub-library: Reverse-Mode Automatic Differentiation.
Added new constant: log_pi.
Added proper promotion policy support to logit, logistic_sigmoid, and logistic distributions.
Numerous fixes and edge case repairs to the special functions.
Mp11:
Updated mp_reverse_fold to work on fixed size lists
MQTT5:
Removed dependency on Boost.Spirit.
Auto-reconnection now triggers on any transport-layer error instead of a limited whitelist (#38).
Added at_transport_error callback to the Logger interface.
MSM:
Refurbished and updated the documentation to use Antora.
Added a new back-end backmp11 offering heavily reduced compile times, a refactored API and a couple of new features. Requires C++17, more details are available in the documentation.
Fixed bug GitHub #87: "boost::any stopped working as Kleene event in 1.86 in boost::msm".
Multiprecision:
Significant improvements to testing and coverage of newer cpp_double_fp_backend.
MySQL:
Deprecated support for Clang versions older than 4.0. These compilers might still work, but they won’t be actively tested in CI.
Added tests to guarantee compatibility with MySQL 9.x.
Added tests to guarantee compatibility with Clang versions up to 20, and GCC versions up to 15.
Parser:
Fixed ill-formedness when using move-only callables with closures (PR#284)
Fix wonky const-incompatibility in GlobalState parser template params (#250).
Fix ill-formedness in some cases when using the permutation parser (#268).
Fixed an error in sequence parsing that could cause some attributes to be overwritten by later parsers in a sequence (#279).
Fix the handling of opt-parsers that could leave a std::optional attribute containing a value even though the parser that produced it failed (#279 and #285).
Multiple runtime optimizations (#245, PR#254, PR#255, PR#256).
A modest compile-time and code size optimization (#250).
Make transform constexpr (PR#275).
Move-versus-forward warning mitigation (#272).
Correct the documentation for the attribute type of the if_ directive (#278).
Correct many, many typos in the docs (PR#271).
PFR:
Added an implementation based on C++26 destructuring into a pack, that fixes majority of known limitations of the library and avoids excessive template instantinations. The new implementation can be explicitly enabled/disabled by a new BOOST_PFR_USE_CPP26 macro. Many thanks to Jean-Michaël Celerier for the PR (PR#194).
Multiple fixes to CMake. Many thanks to Alexander Grund for the PRs!
Random:
Fix for construction of xoshiro family of generators from SeedSeq.
Redis:
Important changes to cancellation:
Improved the per-operation support in async_exec(), and added support for asio::cancel_after. Requests can now be cancelled at any point, and cancellations don’t interfere with other requests anyhow. Pull requests PR#310 and #226.
Deprecated the cancel_on_connection_lost and cancel_if_not_connected flags in request::config. To limit the time span that async_exec might take, use asio::cancel_after, instead. cancel_on_connection_lost default has been changed to false. Pull requests PR#329 and PR#334.
Deprecated calling cancel with operation::resolve, connect, ssl_handshake, reconnection and health_check. Users should employ cancel(operation::run), instead. Pull request PR#321.
Added support for per-operation cancellation in async_run(). Issue #319.
Added support for custom setup requests using config::setup. When setting these fields, users can replace the library-generated HELLO request by any other arbitrary request. Issue #302 and pull request PR#303.
Deprecated request::config::hello_with_priority. If you need to execute a request before any other, use config::setup, instead. Pull request PR#305.
Valkey long-term support: we guarantee Valkey compatibility starting with this release. Issue #296.
Added a request::append() function, to concatenate request objects. Issue #341.
The health checker algorithm has been redesigned to avoid false positives under heavy loads. PING commands are now only issued when the connection is idle, instead of periodically. Issue #104.
Added config::read_buffer_append_size, which allows to control the expansion of the connection’s read buffer. Pull request PR#283.
Added usage::bytes_rotated, which measures data copying when reading and parsing data from the server. Pull request PR#311.
Bug fixes:
Fixed a bug causing an exception to be thrown when parsing a response that contains an intermediate error into a generic_response. Issue #287.
Fixed a number of race conditions in the cancel() function of connection and basic_connection that could cause cancellations to be ignored. Issue #318.
Users with an empty password but a non-default username are now correctly authenticated. Issue #298.
Fixed a problem that could cause an error during HELLO to make subsequent HELLO attempts during reconnection to fail. Issue #290.
Errors during HELLO are now correctly logged. Issue #297.
SmartPtr:
The functionality enabled by the deprecated macros BOOST_SP_ENABLE_DEBUG_HOOKS, BOOST_SP_USE_STD_ALLOCATOR, and BOOST_SP_USE_QUICK_ALLOCATOR has been removed.
The header <boost/smart_ptr/detail/quick_allocator.hpp> has been marked deprecated and will be removed in a future release.
Configurations that define BOOST_NO_CXX11_HDR_ATOMIC are no longer supported; a conforming C++11 <atomic> is now required.
The deprecated macros BOOST_AC_USE_SPINLOCK, BOOST_AC_USE_PTHREADS, BOOST_SP_USE_SPINLOCK, and BOOST_SP_USE_PTHREADS are no longer functional.
Platform-specific implementations of atomic_count, sp_counted_base and spinlock are no longer used and have been removed.
Configurations that define BOOST_NO_CXX11_HDR_MUTEX are no longer supported; a conforming C++11 <mutex> is now required.
Some unused headers in boost/smart_ptr/detail/ have been removed.
Stacktrace:
Fixed missing include. Thanks to Orgad Shaneh for the fix!
Fixed URL in libbacktrace_impls.hpp, thanks to Jonathan Wakely.
StaticString:
Aligned to_static_[w]string() with std::to_[w]string() in C++26.
Removed usage of an additional buffer in to_static_[w]string().
Added resize_and_overwrite().
STLInterfaces:
Fixed ill-formedness with GCC 14 (PR#80).
Fixed ill-formedness when using move-only callables with closures.
Test:
Fixed a few warnings on Windows Clang.
TypeIndex:
Dropped dependency on Boost.Core.
Run all the tests in CMake too, Many thanks to Alexander Grund for some fixes and help.
URL:
segments_view and segments_encoded_view gained constant-time iterator-based subview constructors.
Added zone-id setters (e.g. for IPv6 link-local addresses).
Host setters now accept/propagate zone-id.
Fixed: resolve now replicates the reference fragment in all cases (#920).
Fixed: encoded_host_address assertions account for zone-id.
Refactor: replaced BOOST_STATIC_ASSERT with BOOST_CORE_STATIC_ASSERT (#934).
Refactor: preserved absolute semantics for segment subviews (#939).
Uuid:
string_generator is now constexpr on C++14 and higher.
Added header boost/uuid/constants.hpp.
Renamed boost/uuid/uuid_generators.hpp to boost/uuid/generators.hpp. The old name is retained for compatibility.
Variant2:
More functions have been marked as constexpr, including ~variant. This didn’t matter before C++20, but does now.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://github.com/htop-dev/htop/blob/main/ChangeLog
"What's new in version 3.5.0
* Implement line editor for Search, Filter and (re)naming Screens
* Add digits editing for numeric options
* Backtrace screen feature (using libunwind-ptrace)
* Add CPU SMT label option
* MemoryMeter: rework to allow full platform-specific control
* Fix CPU virtualization bar color and help text in non-detailed mode
* Add --no-meters option to hide meters
* Implement explicit NO_COLOR env support
* fix: support *-256color in $TERM key detection
* Add COLORSCHEME_NORD: Nordic inspired theme
* Add Tctl temperature reading
* Add SecondsUptimeMeter
* Adjust GPUMeter text display
* Make Ctrl-U clear the current Filter or Search string while editing it
* Make empty --filter= command line arguments invalid
* Make Infoscreen also show uppercase FILTER when filtering (F4) is active
* Graph meter dynamic scaling and percent graph drawing
* Update "total" value for non-percent bar meters
* Fix logic bug while iterating processes
* Change NetworkIOMeter "packets per second" display
* Add NetworkIOMeter description
* Rework DiskIOMeter into a combined display of 2 sub-meters
* Introduce DiskIORateMeter and DiskIOTimeMeter
* DiskIOMeter: Adjust code indent and formatting
* DiskIOMeter: Move cache update code to a new function
* Add --no-function-bar option to hide functionbar
* Fix function bar labels in Screens panel rename mode
* Make Meters function bar consistent with the Screens one
* Display a FAILED message in the FunctionBar on host scan failure
* Cancel pending renaming action for a screen in dtor of ScreensPanel
* Move prevSelected from ScreensPanel to Panel
* Only issue KEY_RECLICK when the focussed item has not changed
* Track oldFocus correctly in ScreensPanel
* Add lost focus event, make mouse actions consistent, handle rename and move explicitly across screens / meters / columns
* Make Cancel (F2, Esc) remove a newly added screen tab and not only abort the implicit rename
* Use default key list for DisplayOptions "Dec/Inc" function bar
* Make first click select option line but not toggle it, toggle with next click, handle right click
* Make the Panel items actually match what receives a mouse click
* No need for "phantom" CPU threads
* Simplify offline CPU marking
* Make the physicalID default to 0 because old Intel processors only have that
* Don't draw Meter caption if width is not enough (bar & graph)
* CPUMeter: Fix negative "x" positions of sub-meters
* Add sensors logic for Snapdragon 410
* Add sensors logic for Amlogic S905W support
* Add foot terminal to terminalSupportsDefinedKeys
* No longer write to htoprc file if it's not owned by EUID
* Remove initial enforced delay to reduce startup latency
* Improve bootup time by caching all getpwuid result
* Fix a small file descriptor leak in Settings_write()
* Keep track of the biggest PID and scale the column accordingly
* Allocate COMMAND (cmdline) and comm buffers dynamically
* Improve "comm" string highlighting in Process_makeCommandStr()
* Improve process cmdline basename matching with procExe path
* Don't make highlights of zero-length cmdline basename
* Shadow path prefixes used by NixOS
* Improve Generic_unameRelease() related code
* Linux: Check for CPU number on s390
* Linux: Handle special cases for CPU frequency data in /proc/cpuinfo
* Linux: Added support for OpenRC init system and metrics
* Linux: fix detection of NUL argument separator
* Linux: Skip loopback and MD (multi-device) driver entries in /proc/diskstats
* Darwin: Add GPUMeter code for macOS
* Darwin: Rewrite & improve Platform_getOSRelease() code
* Darwin: implement macOS version reporting in SysArchMeter
* Darwin: Handle legacy references to kIOMainPortDefault
* Darwin: Bring back conversion of process CPU time on macOS (#1638)
* PCP: Automatically reconnect PCP metrics contexts on disconnect
* PCP: Fixes to use units-based scaling in pcp-htop on macOS
* PCP: Fix PCPDynamicColumn parsing after a bad section name
* FreeBSD: Update the internal priority reference point
* NetBSD: Improve process state retrieval code
* OpenBSD: Check on AC power value being nonzero
* OpenBSD: Document sysctl indices for ACPI battery & AC code
* Solaris: Update memory info on every refresh
* Add v1.0 of the AI-Assisted Contributions Policy
* Add a Code of Conduct document for the project
* README: Add Quick Start section
* README: update instructions for those who use Arch
* Add Japanese support in htop.desktop
* Add Armenian support in htop.desktop
* docs: fix COLORS bullet list formatting and capitalization in man page
* CI: Add Github Action workflow for Coverity checking
* CI: Add libiberty and demangling support to backtrace screen build
* CI: Update LLVM/Clang versions to 22
* CI: Update FreeBSD to 15.0
* CI: Update to use OpenBSD 7.7
* build: Add packages for OpenSUSE/SLES
* build: Fix Autoconf 2.69 compatibility regressions
* build: Simplify curses header checking code
* build: remove the --with-os-release configure option
* build: Fix redundant newlines in configure help strings
* build: Allow custom search path for libnl; try pkg-config when needed
* build: Use HTOP_PKG_CHECK_MODULES in hwloc and libnl checking
* build: Introduce HTOP_PKG_CHECK_MODULES wrapper macro
* build: Introduce 'htop_search_header_dir' configure function
* build: Add configure check on whether local unwinding works
* build: Automatically detect backtrace(3) return type
* build: Use pkg-config to detect libnl3 header path
* build: Also check libunwind through pkg-config
* build: Simplify configure netlink/*.h detection code
* build: Fix netlink/*.h detection logic in configure
* build: Fix '-ffinite-math-only' configure warning
* build: Fix configure '--enable-delayacct' help text
* build: Fix a macOS AC_COMPILE_IFELSE misquoting"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://www.nano-editor.org/news.php
"2026 April 8 - GNU nano 9.0 "Le bonheur est dans le pré"
When the cursor almost goes offscreen to the right, all lines are
now scrolled sideways together, by just the amount needed to keep
the cursor in view. Use --solosidescroll or 'set solosidescroll'
to get back the old, jerky, single-line horizontal scrolling.
The viewport can be scrolled sideways (in steps of one tabsize)
with M-< and M->. See `man nanorc` if M-< and M-> should switch
between buffers (as they did earlier).
M-Left, M-Right, M-Up, and M-Down have become rebindable.
Stopping the recording of a macro immediately after starting it
cancels the recording and leaves an existing macro in place.
Feature toggles no longer break a chain of ^K cuts or M-6 copies,
except the M-K cut-from-cursor toggle.
With --mouse plus --indicator, one can click in the scrollbar area
to roughly navigate within the buffer."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 3510300 to 3530000
- Update of rootfile
- Changelog 3530000
Fix the WAL-reset database corruption bug.
Add the Query Result Formatter (QRF) library for formatting the results of SQL queries for human readability on a fixed-pitch font screen.
Add the format method to the TCL Interface so that QRF is accessible from TCL.
QRF is used for result formatting in the CLI, resulting in improved display capabilities.
New SQL language features:
Enhance ALTER TABLE to permit adding and removing NOT NULL and CHECK constraints.
The REINDEX EXPRESSIONS statement rebuilds expression indexes. (Useful to repair stale expression indexes.)
The body of TEMP triggers may now modify and/or query tables in the main schema.
Enhance VACUUM INTO so that if a URI filename is used as the target and that filename has a reserve=N query parameter with N between 0 and 255, then the reserve amount for the generated database copy is set to N.
New SQL functions:
json_array_insert()
jsonb_array_insert()
Renovations to the CLI:
Major enhancements to the .mode command.
Improved result formatting, due to the addition of the QRF extension. For example, numeric values are now right-justified by default in tabular output modes.
The default output mode for interactive CLI sessions now uses QRF to display query results in boxes formed using Unicode box-drawing characters, for improved legibility. Batch CLI sessions use the legacy output format for compatibility.
Bare (unquoted) semicolons at the end of dot-commands are silently ignored. ← Potential incompatibility!
Fix the .testcase and .check commands so that they actually work, and use those commands in scripts that are part of the standard SQLite test suite included with the source tree.
Command-line arguments that match *.sql or *.txt and are the names of non-empty files are read and interpreted as scripts of SQL statements and/or dot-commands.
The argument to the ".timer" command can now be "once", to run the timer on only the next SQL statement.
The new "--timeout S" option to the ".progress" dot-command causes SQL statements to interrupt after S seconds.
The ".indexes" command was changed so that the PATTERN argument matches the name of the index, not the name of the table being indexed (thus making the PATTERN argument actually useful). And, several new options were added to ".indexes".
New C-language interfaces:
sqlite3_str_truncate()
sqlite3_str_free()
sqlite3_carray_bind_v2()
Add the SQLITE_PREPARE_FROM_DDL option to sqlite3_prepare_v3() which permits virtual table implementations to safely prepare SQL statements that are derived from the database schema.
Added the SQLITE_UTF8_ZT constant which can be used as the encoding parameter to sqlite3_result_text64() or sqlite3_bind_text64() to indicate that the value is UTF-8 encoded and zero terminated.
The SQLITE_LIMIT_PARSER_DEPTH option is added to sqlite3_limit().
The SQLITE_DBCONFIG_FP_DIGITS option is added to sqlite3_db_config(). See also item 9b below.
Query planner improvements:
Always use a sort-and-merge algorithm for EXCEPT, INTERSECT, and UNION, since this is almost always faster than using a hash table.
Improvements to join order selection in large multi-way joins on a star schema.
Enhance the EXISTS-to-JOIN optimization so that the inserted JOIN terms are not required to be on the inner-most loops, as long as all dependencies for the EXISTS-to-JOIN loops are in outer loops.
Enhance the omit-noop-join optimization so that it is able to omit a chain of joins that do not affect the output.
Allow queries that use "GROUP BY e1 ORDER BY e2" where e1 and e2 are identical apart from ASC/DESC sort-orders to be optimized using a single index.
Allow virtual tables to optimize DISTINCT in cases where the result-set of a query does not exactly match the ORDER BY clause.
Add new interfaces to the session extension that enable an application to add changes one at a time to the sqlite3_changegroup object:
sqlite3changegroup_change_begin()
sqlite3changegroup_change_blob()
sqlite3changegroup_change_double()
sqlite3changegroup_change_int64()
sqlite3changegroup_change_null()
sqlite3changegroup_change_text()
sqlite3changegroup_change_finish()
sqlite3changegroup_config()
Improvements to floating-point ↔ text conversions.
Reimplemented to improve performance.
Rounding is now done by default to 17 significant digits, instead of 15, as was the case for all prior versions. The sqlite3_db_config(SQLITE_DBCONFIG_FP_DIGITS) API (item 6g above) can change this, if desired.
Added the self-healing index feature to deal with the stale expression index problem.
Add the "-p|--port" option to sqlite3_rsync.
Discontinue support for Windows RT.
JavaScript/WASM
Add the "opfs-wl" VFS, functionally identical to the "opfs" VFS but using Web Locks for locking, which can promise fairer lock sharing than the "opfs" bespoke protocol can. "opfs-wl" requires Atomics.waitAsync(), so requires newer browsers than "opfs" does.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / ipfire-2.x.git / log
