Adolf Belka [Tue, 7 Apr 2026 15:10:52 +0000 (17:10 +0200)]
liburcu: Update to version 0.15.6
- Update from version 0.15.5 to 0.15.6
- No change to rootfile
- Changelog
0.15.6
* urcu-mb: Add missing TSAN annotation to _urcu_mb_read_lock_update
* lfstack: Coding style cleanup
* urcu-qsbr: Use CMM_SEQ_CST_FENCE for _urcu_qsbr_thread_online
* urcu-mb: Use CMM_SEQ_CST_FENCE for _urcu_mb_read_lock_update
* urcu-qsbr: Use CMM_SEQ_CST_FENCE for quiescent state update and offline
* urcu-mb: Use CMM_SEQ_CST_FENCE for _urcu_mb_read_unlock_update_and_wakeup
* Fix: Only include linux/time_types.h when __NR_futex_time64 is defined
* Use __NR_futex_time64 in futex syscall wrapper
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 7 Apr 2026 15:10:51 +0000 (17:10 +0200)]
libsodium: Update to version 1.0.21
- Update from version 1.0.20 to 1.0.21
- Update of rootfile
- Changelog
1.0.21
This point release includes all the changes from 1.0.20-stable, which
include a security fix for the `crypto_core_ed25519_is_valid_point()`
function, as well as two new sets of functions:
- The new `crypto_ipcrypt_*` functions implement mechanisms for securely
encrypting and anonymizing IP addresses as specified in https://ipcrypt-std.github.io
- The `sodium_bin2ip` and `sodium_ip2bin` helper functions have been added
to complement the `crypto_ipcrypt_*` functions and easily convert addresses
between bytes and strings.
- XOF: the `crypto_xof_shake*` and `crypto_xof_turboshake*` functions
are standard extendable output functions. From input of any length, they can
derive output of any length with the same properties as hash functions. These
primitives are required by many post-quantum mechanisms, but can also be used
for a wide range of applications, including key derivation, session encryption
and more.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Tue, 7 Apr 2026 15:10:50 +0000 (17:10 +0200)]
libpng: Update to version 1.6.56
- Update from version 1.6.55 to 1.6.56
- Update of rootfile
- Fixes for two high severity CVE's
- Changelog
1.6.56
Fixed CVE-2026-33416 (high severity):
Use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE`.
(Reported by Halil Oktay and Ryo Shimada;
fixed by Halil Oktay and Cosmin Truta.)
Fixed CVE-2026-33636 (high severity):
Out-of-bounds read/write in the palette expansion on ARM Neon.
(Reported by Taegu Ha; fixed by Taegu Ha and Cosmin Truta.)
Fixed uninitialized reads beyond `num_trans` in `trans_alpha` buffers.
(Contributed by Halil Oktay.)
Fixed stale `info_ptr->palette` after in-place gamma and background
transforms.
Fixed wrong channel indices in `png_image_read_and_map` RGB_ALPHA path.
(Contributed by Yuelin Wang.)
Fixed wrong background color in colormap read.
(Contributed by Yuelin Wang.)
Fixed dead loop in sPLT write.
(Contributed by Yuelin Wang.)
Added missing null pointer checks in four public API functions.
(Contributed by Yuelin Wang.)
Validated shift bit depths in `png_set_shift` to prevent infinite loop.
(Contributed by Yuelin Wang.)
Avoided undefined behavior in library and tests.
Deprecated the hardly-ever-tested POINTER_INDEXING config option.
Added negative-stride test coverage for the simplified API.
Fixed memory leaks and API misuse in oss-fuzz.
(Contributed by Owen Sanzas.)
Implemented various fixes and improvements in oss-fuzz.
(Contributed by Bob Friesenhahn and Philippe Antoine.)
Performed various refactorings and cleanups.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:20 +0000 (14:03 +0200)]
btrfs-progs: Update to version 6.19.1
- Update from version 6.17.1 to 6.19.1
- Update of rootfile
- Version 6.18 was skipped
- Changelog
6.19.1
* fix balance filter 'usage' that was incorrectly used for ranged usage
* core:
* fix tree-checker vararg format print
* stability fixes
* compiler warning fixes
* other:
* CI updates, action version updates, more build targets
* cleanups, refactoring
* minor documentation updates
6.19
* mkfs:
* make block-group-tree default (support since linux 6.1), use -O ^bgt to
* unset it for backward compatibility
* speed up initial device discard by processing the ranges in order
* disable block-group-tree feature if a dependent feature is explicitly
unselected (like disabling no-holes), instead of erroring out
* check:
* add ability to detect and fix missing orphan items in deleted subvolumes
* add ability to fix inode refs from directory items
* enhance detection on unknown inode keys
* libbtrfsutil:
* minor version update to 1.4.0
* add missing aliases for API updates done in 0.1.3, C and python
* libbtrfs:
* patchlevel version update 0.1.5
* error handling updates
* fixes:
* with DUP profile and mixed sequential and conventional zoned make sure
to track the right write pointers
* scrub: fix ETA wraparound calculations, when many files get deleted
during the operation bytes_scrubbed and bytes_total get too much out of
sync, the ETA will be 0
* corrupt-block: add ability to specify key value when corrupting item keys
* experimental features:
* initial remap tree support (new logical-to-logical mapping layer),
coming in linux 7.0
* other:
* error handling improvements
* CI updates
* code cleanups and refactoring
* documentation updates
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:19 +0000 (14:03 +0200)]
autoconf: Update to version 2.73
- Update from version 2.72 to 2.73
- Update of rootfile
- Changelog
2.73
New features
autoreconf has a new option to exclude certain steps
autoreconf --exclude <tool>[,<tool>[,…]] tells autoreconf not to
run any of the listed tools, even if it appears to be necessary.
This is useful, for example, in situations where autoreconf’s
heuristics for when to run each tool are incorrect. (All such
situations are considered bugs; please report them.) It may also
be useful in “bootstrap” scripts that can use autoreconf for most
of the work but need to take manual control over execution of some
of the tools.
In older versions of Autoconf, it is possible to get the same effect
by setting TOOL=true in the environment for each tool that should not
be run.
Patch originally developed by the OpenEmbedded project.
Notable bug fixes
AC_PROG_GO and AC_PROG_A68 now honor GOFLAGS and A68FLAGS set by the user
AC_C_FLEXIBLE_ARRAY_MEMBER and AC_PROG_LEX handle Solaris 10 better
autoheader takes more care not to overwrite hand-written config.h.in
Before overwriting an existing config.h.in, autoheader now checks
for the marker comment on the first line that indicates it was
generated by autoheader. It can be forced to overwrite a
config.h.in that doesn’t have that marker by using the new option
--replace-handwritten.
AC_OUTPUT issues an error if called with more than three arguments
All prior versions of GNU autoconf ignore extra arguments to AC_OUTPUT.
However, some software’s configure scripts expect a modified version
of autoconf in which a fourth argument does something useful.
The error is intended to stop redistributors of those programs
from regenerating the configure script with a version of autoconf
that does not have those modifications, as this is likely to produce
a broken configure script.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 20250814.0 to 20260107.1
- Update of rootfile
- Changelog 20260107.1
absl::StringResizeAndOverwrite(): A new function in
absl/strings/resize_and_overwrite.h that acts as a polyfill for C++23's
std::basic_string::resize_and_overwrite. This allows for efficient resizing
and in-place initialization of strings, avoiding the overhead of default
initialization, which is particularly useful when working with C-style APIs
that write directly to a buffer. See #1136 (comment) for performance notes.
absl::chunked_queue: A new container in absl/container/chunked_queue.h
optimized for use as a FIFO (First-In, First-Out) queue.
absl::linked_hash_map and absl::linked_hash_set: New hash containers that
maintain iteration order matching the insertion order. These are available in
absl/container/linked_hash_map.h and absl/container/linked_hash_set.h.
absl::down_cast: Added to absl/base/casts.h. This function provides a safer
way to perform downcasts in a polymorphic type hierarchy. In debug builds (or
when hardened asserts are enabled), it uses dynamic_cast to verify the
validity of the cast and terminates the program if the cast is invalid. In
optimized builds, it uses static_cast for performance.
Mutex Deprecations: Legacy Mutex methods and MutexLock pointer constructors
have been marked as deprecated. Users should migrate to the recommended APIs.
The polyfill type absl::string_view is now an alias for std::string_view in all
builds. (9ebd93a)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:54 +0000 (14:03 +0200)]
libpciaccess: Update to version 0.19
- Update from version 0.17 to 0.19
- No change to rootfile
- Build process has been changed from autotools to meson
- Changelog
0.19
This release adds a new pci_device_is_boot_display() API, with support
currently implemented only for Linux systems using sysfs.
It also adds a -Dinstall-scanpci option to the meson configuration for
those who want to install this version of scanpci.
In addition, it corrects build issues on FreeBSD 15 and DragonFly, and
fixes a long-standing bug if there were multiple users of libpciaccess
in the same process and one called pci_system_cleanup before the others
were done using pciaccess.
Improve man page formatting
meson: Add -Dinstall-scanpci option, defaulting to false
gitlab CI: drop the ci-fairy check-mr job
common_vgaarb: Fix -Wtautological-constant-out-of-range-compare warning
Fix compilation on DragonFly
vgaarb: Check snprintf return value
trivial: allow forks to run CI
Add support for reading 'boot_display' attribute
include: Avoid redefining __deprecated macro
Make pci_system_{init,cleanup} use reference counting
0.18.1
This release fixes the meson.build to honor meson's
-Ddefault_library={shared,static,both} flag to control which types of
library are built, instead of always forcing the build of only a shared
library.
meson: allow building static library, not just shared
0.18
Since no complaints were received about the added meson build system
in the 0.17 release (October 2022), the autoconf build system has been
removed in this release.
Remove "All rights reserved" from Oracle copyright notices
Try fopen(".../pci.ids", "re") on Solarish systems as well
Remove autotools build
gitlab-ci: use `meson setup`
gitlab-ci: don't bother to configure meson for the version check
gitlab-ci: remove unnecessary call to `meson configure`
FreeBSD: Fallback to /usr/share/misc/pci_vendors
FreeBSD: Remove sparc64 code
Fix compilation warnings when building against hurd-amd64.
linux_sysfs: Use pwrite/pread instead of 64bit versions
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:53 +0000 (14:03 +0200)]
libmpc: Update to version 1.4.0
- Update from version 1.3.1 to 1.4.0
- Update of rootfile
- Changelog
1.4.0
- New functions: mpc_exp10, mpc_exp2, mpc_log2
- Bug fixes:
- mpc_tan and mpc_tanh:
Fix wrong values and slowness for large imaginary part.
- mpc_pow: Agree on and implement the sign of the imaginary part when
both inputs are real.
- mpc_fr_div and mpc_ui_div: Treat the imaginary part of the dividend
as an exact zero and not as +0, following the C2Y draft of the C
standard. This changes the signs of zeroes in some results.
- Generate the pkg-config file mpc.pc
- Add support for non-standard complex types (_Dcomplex, _Lcomplex) under
Windows
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:52 +0000 (14:03 +0200)]
libmicrohttpd: Update to version 1.0.3
- Update from version 1.0.2 to 1.0.3
- Update of rootfile
- Changelog
1.0.3
This is a bugfix release.
It primarily fixes a list traversal issue that could
cause connection handling issues when other connections
were suspended.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:51 +0000 (14:03 +0200)]
libinih: Update to version 62
- Update from version 61 to 62
- No chgange to rootfile
- Changelog
62
This release adds INIReader::ParseErrorMessage() to the C++ wrapper, to return
a human-readable error string when there's a parse error. There are also
other minor fixes. Thanks @DimitriPapadopoulos and @msquire for your
contributions.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:50 +0000 (14:03 +0200)]
libid3tag: Update to version 0.16.4
- Update from version 0.16.3 to 0.16.4
- Update of rootfile
- Patch removed as now included in this tarball
- Changelog
0.16.4
* Allow files greater than 2 GiB on 32-bit UNIX-based/UNIX-like systems.
* Add support for generating source packages with CPack.
* id3_tag_parse() now returns the number of parsed frames so far instead of
trashing the entire tag.
* Update ID3v1 genre list.
* Add genres from Winamp 5.60.
* Rename offensive genre.
* Auto-generate genre list code at build time.
* Require gperf at build time to generate gperf code.
* Bump minimum required CMake version to 3.10.
* Reorganize source tree.
* Fix mojibake with UTF-16LE-encoded tags.
* Fix build under pure C toolchain.
* Fix support for PIC frames, including setting the correct MIME type.
* Fix some miscellaneous build warnings.
* Improve iTunes compatibility.
* Apply more patches from Perl's Audio::Scan and FreeBSD.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:47 +0000 (14:03 +0200)]
libcap-ng: Update to version 0.9.2
- Update from version 0.9 to 0.9.2
- Update of rootfile
- Changelog
0.9.2
- Added netcap --advanced option for attack surface discovery and inventory
- Added acct name to pscap --tree output
- Code cleanups and deep review of all functions for correctness
- Add colorized output to netcap --advanced
- Improve correctness of cap-audit captures
- Update man pages
0.9.1
- Deprecate captest
- In cap-audit, if tested app uses file system based capabilities, drop setpcap
- In cap-audit, fully resolve paths before classifying
- In cap-audit, add JSON escaping to output
- In cap-audit, filter pre-exec, startup, and shutdown capability noise
- pscap now has a --tree disply mode
- More code cleanups
- Improve output alignment of various utilities (Miroslav Koškár)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:46 +0000 (14:03 +0200)]
libarchive: Update to version 3.8.6
- Update from version 3.8.5 to 3.8.6
- Update of rootfile
- Changelog
3.8.6
Notable fixes:
libarchive: fix incompatibility with Nettle 4.x (#2858)
libarchive: fix NULL pointer dereference in archive_acl_from_text_w() (#2859)
bsdunzip: fix ISO week year and Gregorian year confusion (#2860)
7zip: ix SEGV in check_7zip_header_in_sfx via ELF offset validation (#2864)
7zip: fix out-of-bounds access on ELF 64-bit header (#2875)
RAR5 reader: fix infinite loop in rar5 decompression (#2877)
RAR5 reader: fix potential memory leak (#2892)
RAR5: fix SIGSEGV when archive_read_support_format_rar5 is called twice
(#2893)
CAB reader: fix memory leak on repeated calls to
archive_read_support_format_cab (#2895)
mtree reader: Fix file descriptor leak in mtree parser cleanup
(CWE-775, #2878)
various small bugfixes in code and documentation
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:45 +0000 (14:03 +0200)]
keepalived: Update to version 2.3.4
- Update from version 2.3.1 to 2.3.4
- No change to rootfile
- Changelog
2.3.4
Improvements
core: properly restore process priorities after a reload.
core: allow specifying iproute_usr_dir even if no iproute2 support.
core: include network namespace name when error opening namespace fds.
core: resolve lang warning when comparing ordering of function addresses.
The only reason function addresses are compared is with a red-black
tree to quickly convert a function address into its name. It clearlt
isn’t a sandard thing to do to compare ordering of function addresses,
but it this case it is quite valid.
core: stop repeatedly calling getpid(). We only need to call getpid() once
per process, and can then save the value. A PID of a given process is
never going to change!
core: add code to calculate maximum stack usage and use it for no_swap.
When a process has no_Swap specified, if we want to ensure that the
stack is resident in memory we need to know the maximum size that it
is likely to grow to. This commit adds diagnostic code (usually
disabled) to report maximum usage, so that the code can be updated to
know, in advance, the maximum likely stack usage.
core: set CLOEXEC flag on all file descriptors except stdin/stdout/stderr.
core: set CLOEXEC flag on streams (fopen/popen).
snmp: set CLOEXEC on file descriptors opened by snmp.
snmp: use close_range() if available for closing snmp file descriptors.
core: call close_range() if available before exec’ing scripts.
Fixes
build: fix snap build process.
vrrp: fix segfault at reload when DBus re-enabled. If dbus as enabled,
then a reload disabled it, and another reload re-enabled it, then
keepalived would often segfault. This is resolved by clearing
dbus_startup_completed when dbus is stopped.
vrrp: fix track_process warn identified by -Wflex-array-member-not-at-end.
notify: fix resolving group name to gid for scripts. If a group had a
large number of members, the memory allocated for getgrnam_r() could
be insufficient and the call fail. This commit now allocates as much
memory as the size of the group file, which should be sufficient.
ipvs: resolve infinity loop when SMTP_CHECKers have ‘host’ config.
core: fix keepalived not coredumping after a reload. This made it very
difficult to resolve segfaults occurring due to a reload.
vrrp: document and fix specifying iproute_etc_dir and iproute_usr_dir.
build: fix some RHEL 7 and friends compilation problems.
core: fix memory leak in track_file.
2.3.3
New
vrrp: don’t allow unicast instance without interface to have a VMAC. If
the interface is not configured, we can’t know what interface to add
the VMAC to.
vrrp: Add setting IP_FREEBIND/IPV6_FREEBIND socket option. This allows
creating and configuring unicast sockets before the configured source
address is added to the system.
core: add O_CLOEXEC flag to pidfiles.
vrrp: Support logging rate-limiting specified by RFC 9568
vrrp: add option for address owner to drop received VRRP packets.
RFC 9568 (and RFC 5798 and RFC 3768) state that an address owner must
drop any received VRRP packets. The consequence of this is that if
there is more than one VRRP instance configured with priority 255 then
they will all be in master state simultaneously. It seems more
sensible for such received packets to be processed normally, and all
but the VRRP instance with the primary IP address will revert to
backup state. RFC 9568 appears to allow more than one instance to have
priority 255, since section 8.3.2 was changed from “No more than one
router on the link is to be configured with priority 255, especially
if preemption is set” (note the contradiction here) to “only a single
VRRP Router on the link SHOULD be configured with priority 255” and
then descibes the situation if there is more than one such router.
keepalived defaults to processing received packets when the local
priority is 255, but the option added by this patch allows working in
accordance with the RFC, i.e. to drop any received packets.
Improvements
core: Allow building on very old systems with kernels < 3.15. Open file
descriptor locks were introduced in Linux 3.15, so we cannot use that
type of locking on systems with older kernels (e.g. CentOS 7, which of
course is no longer supported). Since this problem only occurs on
kernels no longer supported by keepalived this commit simply removes
the file locking, rather than implementing a more comprehensive
solution. It is expected that at some point, in order to simplify the
code, support for kernels no longer supported by any of the main
distros will be removed from keepalived.
doc: add oldest distro versions with their EOL dates and kernel versions.
docker: Install linux-headers pkg to build in Docker.
vrrp: handle checking ip utility version properly with BusyBox.
snap: Misc snap improvements.
build: make default _FORTIFY_SOURCE setting 3. Various distros already
use _FORTIFY_SOURCE=3 by default, so we should do so too.
vrrp: check the iproute2 directories exist when read first file
vrrp: create /etc/iproute2 directory if it doesn’t exist.
vrrp: Restore priority 255 if duplicate address owner detected. The VRRP
RFCs assume that only one device is configured as the address owned
for any VRID. keepalived has extended functionality which detects if
two (or more) systems are configured as the address owner (this is
completely invalid configuration). To avoid multiple systems acting as
address owner, and hence all of them remaining in master mode,
keepalived will reduce an address owner’s priority to 254 if the other
device configured as address owner does not go away. This commit
restores the priority of a vrrp instance to 255 if it had reduced it
to 254 to avoid multiple VRRP instances simultaneously advertising
that they are the address owner.
vrrp: Only reduce address owner priority if primary ip address lower. If a
VRRP instance is configured as address owner and it detects another
device also advertising it is the address owner, only initially reduce
our priority if our primary IP address is lower than the other
device’s primary IP address.
vrrp: if duplicate address owners, reduce priority if other won’t. If a
VRRP instance is configured as address owner and it detects another
device also advertising it is the address owner, we don’t reduce our
priority if our primary IP address is higher than the other device’s
primary IP address. However, if the other system, with a lower
primary IP address, won’t reduce its priority (e.g. it is not a
keepalived implementation), then we will reduce our priority after a
suitable time.
vrrp: add more helpful log messages if duplicate address owner.
vrrp: log rate-limited message if advert has no VIPs.
vrrp: log rate-limited warning if VRRPv3 advert interval mismatch.
vrrp: it is not an error if VIPs in advert do not match configured. We
should accept a VRRP advert if the VIPs in an advert do not match our
configuration, but just log a rate-limited warning.
vrrp: update saved master address when receive high priority advert. If we
are in master state and receive a higher priority advert, saving the
new master address saves checking VIPs twice.
vrrp: include source address in log after receiving a bad advert.
vrrp: check that VIPs are not duplicated.
vrrp: check TTL/HL and unicast source ip even when not checking VIPs. The
checking of TTL/HL and unicast source ip was only being done if the
VIPs were being checked, whereas they should be checked even if the
VIPs are not being checked.
vrrp: change rx_ttl_hop_limit to rx_ttl_hl. The name was confusing since
it suggested the value was a limit.
vrrp: identify unicast peer in unicast_peer block configuration errors.
vrrp: detect and reject duplicate unicast_peers in configuration.
vrrp: add logging a change of master when detailed logging enabled.
vrrp: handle a reload with no more startup_delay. During the
vrrp_startup_delay time, if keepalived is reloaded with no more
startup_delay, the startup_delay is never timed out and all received
adverts is discarded. The commit causes the startup_delay timer to be
reinstated after a reload with no more startup_delay if the timer has
not yet expired.
vrrp: Skip running not idle vrrp scripts. When a vrrp script is to be run
(initially or after specified interval), first it is checked if it’s
in IDLE state. If not a log message is printed informing about
skipping run due to script being either running or timed out. However
despite not being idle the code continues to run new script process.
In heavily loaded systems this caused running multiple instances of
vrrp script at the same time. This patch brings back missing return,
which was lost during refactoring.
codeQL: update codeQL.yml
vrrp: add checks that interface fault flags not inconsistent. When a fault
is added in down_instance() or cleared in try_up_instance() check that
the flag that is being modified is not already set or cleared, as
appropriate. This check is enabled by configure option
–enable-fault-flags-check.
vrrp: use a fault flag if num_track_faults is non zero. It simplifies the
code to set a fault flag is num_track_faults is non-zero and clear the
flag if num_track_faults is zero.
vrrp: don’t attempt to send advert if socket is closed. This avoids an
unnecessary log message.
vrrp: don’t have multiple tracking objects for a VRRP instance. The code
did have separate tracking objects for dynamic and non dynamic
tracking objects for a VRRP instance. It also would add an addition
dynamic tracking object every time a tracked interface was created,
causing down_instance() to be called multiple times when an interface
was deleted and previous creations of the interface. Prior to the
patch to add fault flag bits this resulted in the vrrp instance not
coming back up after the interface was recreated. Ths issue of vrrp
instances remaining in fault state after after deletion and
re-creation of interfaces is now resolved.
vrrp: delay deleting VMACs are parent interface is deleted. The interface
structure needs to have the ifindex set for the first pass through the
VRRP instances, but it must be unset when the VMACs are cleaned up.
vrrp: don’t change link local IPv6 address when extra added to base if. If
an additional link local address was added to the base interface of a
VMAC, keepalived was changing the source address of adverts to be the
new address. The commit makes keepalived change the source address if
the one it is using is deleted.
track: don’t overwrite track file at startup unless configured to.
vrrp: allow interface up debounce timer to exceed 2 * advert interval.
There was no need to limit the up debounce timer in the same way that
the down debounce timer has to be limited, so this commit removes the
2 * advert interval upper limit.
vrrp: update delayed start time on reload if vrrp_startup_delay changed.
vrrp: ignore IPv6 tentative addresses. We can’t do anything with them, and
they are not usable, so we now wait until we are notified that the
address is no longer tentative before we consider using it.
Fixes
parser: Fix error handling for HEX_STR parsing in UDP_CHECK. Fixes an
issue where HEX_STR values with a trailing 0xff were incorrectly
treated as errors. This HEX_STR is used in UDP_CHECK configuration,
particularly in the payload and require_reply fields.
ipvs: Fix segfault when using track_file checker.
ipvs: Fix delay_loop for TCP_CHECK.
scheduler: Fix segfault caused double erase from child_pid rbtree. In a
situation when a child was timed out, but not yet processed, the
thread is THREAD_CHILD_TIMEOUT type and remains on ready queue. If it
gets terminated in this state, it needs to be removed from rb tree
child_pid and transitioned to THREAD_CHILD_TERMINATED, but without
additional moving it to ready queue as it is already there. The erase
from child_pid tree is required to clean up pid from not terminated
childs tree, but it needs to be done exactly once as rb tree
implementation is not guarded against double removal. Erasing or
adding same element multiple times, leads to malformed red-black tree
and segmentation faults. This patch removes double erase in described
scenario.
build: fix compilation failure if building without VMACs.
vrrp: fix reading of iproute2 conf files when directories don’t exist.
vrrp: fix segfault when instance has no interface configured. If a vrrp
instance has no interface configured (so it is unicast), processing
SIGUSR1 resulted ina segfault.
vrrp: Don’t segfault if open_sockpool_socket() fails to open sockets. If a
unicast VRRP instance is configured and the unicast_src_ip does not
exist on the system, then the bind() fails and the sockets are not
opened. This commit ensures that in that case vrrp->sockets is not
dereferenced. This is not a real fix to the problem. We need to track
the addition and removal of unicast_src_ip addresses, and enter fault
state if the address in not configured, or when it is removed.
vrrp: interface add should call setup_interface(). When an interface is
(re-)added, setup_interface() should be called even if vrrp->flags is
set (eg VRRP_FLAG_NOPREEMPT).
vrrp: fix recreating a VMAC interface with IPv6. The sin6_scope_id was not
being updated if a VMACs underlying interface were deleted and
recreated, causing the bind() call to fail. This commit now correctly
updates the sin6_scope_id field in mcast_daddr.
vrrp: fix persistent FAULT state with use_vmac when interfaces renamed. If
an existing base interface of a VMAC is renamed, delete the VMAC since
the configure base interface no longer exists. When an existing
interface is renamed to match the base interface for a VMAC for a VRRP
instance, for IPv6 when the VMAC interface is created a link local
address is added, so clear the NO_ADDRESS fault flag by calling
try_up_instance(). For IPv4 we do not add an address to the VMAC when
it is created, so will wait for notlink notifications of addresses on
the base interface, which can then be added to be VMAC.
vrrp: fix keepalived warning of ipsets specified without iptables.
keepalived was warning that using ipsets had been specified but
iptables had not been specified, even if ipsets had not been specified.
2.3.2
New
all: add –ignore-sigint option. This is needed for running keepalived
under GDB (see https://bugzilla.kernel.org/show_bug.cgi?id=9039#c8).
vrrp: allow specifing interval amd timeout to milli-second resolution.
Although running track_scripts too rapidly can have use cause heavy
system load, there are use cases for being able to run scripts more
frequently than 1 second, and also at intervals not in whole seconds.
This commit adds the option to be able to specify the interval and
timeout timers to a resolution in milli-seconds.
Improvements
vrrp: remove need for route to have configured interface to track it. If a
virtual route did not have an interface configured, keepalived would
log a warning saying that it could not track the route, and then would
disable tracking of that route. It appears that it is not necessary to
know the interface in order to track the route, and in any event the
netlink message received after adding the route identifies the
interface for the route if it is appropriate. So this commit removes
the requirement to specify an interface in order to track a route.
intall: Update INSTALL instructions - add openSUSE.
ipvs: Retry ipvs_nl_send_message() in ipvs_getinfo(). If we have to call
keepalived_modprobe() for the ip_vs module, on some distros (e.g.
RHEL based ones but not Fedora) we need to call ipvs_nl_send_message()
twice in ipvs_getinfo(), since the first call fails. On most distros
keepalived_modprobe() does not need to be called, since calling
genl_ctrl_resolve(sock, IPVS_GENL_NAME) loads the ip_vs module.
core: improve error message for process event listen.
all: Properly handle an include file name ending with ‘’.
vrrp: Allow for Ethernet frame padding for short packets. Some network
interface cards do not strip Ethernet frame padding before passing a
packet to userspace (recvmesg()). keepalived checks the received
packet length but wasn’t allowing for extra bytes to be received that
were added as frame padding. This commit allows for frame padding to
be received and not report an incorrect packet length.
vrrp: Remove duplicate dumping of master advert interval. Don’t write
master advert interval in keepalived.data twice when using VRRPv3 and
the VRRP instance is in backup state.
vrrp: Handle empty ipset names with vrrp_ipsets keyword. We now handle
empty ipset names and return a config error.
vrrp: handle empty iptables chain names - vrrp_iptables keyword. We now
return an error if a chain name is empty.
vrrp-ipvs: handle empty nftables chain names. We now return an error if a
chain name is empty.
vrrp: use configured vrrp ipset names rather than ignore them.
vrrp: check configured vrrp ipset names are all different. If a pair of
configured ipset names are the same, there will be an error when using
the ipsets. This commits checks and logs an error if two ipset names
are the same.
core: remove some duplicate include files.
core: ensure only one instance of keepalived can run per config_id. There
was a window when keepalived starts up when if two (or more) instances
were starting at the same time, they might not detect the other
instance is running. This commit add advisort file locking on the PID
files to ensure that only one instance can run at a time.
vrrp: Duplicate/drop MLDv1 listener reports on VMACs. MLDv2 listener
reports were being handled, but not MLDv1. This commit now adds
handling of MLDv1 listener reports as well.
all: Ensure pid file exists when respawning child process. If a child
process is respawned, the old pidfile may or may not still exist. If
it doesn’t exist, we need to recreate it. If it still exists we need
to reset our file offset and truncate the file before re-wrighting it.
all: better pidfile handling after reload.
vrrp: add thread_timer_expired keyword as a synonym of
timer_expired_backup. The release notes referred to
thread_timer_expired, so it is added for completeness but logs a
message to change the keyword to timer_expired_backup.
bfd: use time_t to avoid implicit ptr type casting. This fixes an
incompatible pointer type [-Wincompatible-pointer-types] issue when
compiling keepalived with GCC 14 [1] in 32-bit architectures where
time_t size is 64 bits.
vrrp-ipvs: Stop setting SO_LINGER on TCP sockets. Setting SO_LINGER causes
the close() call to block until the first of: 1. the ACK of the FIN is
received 2. the SO_LINGER timeout expires Since the SO_LINGER timeout
was set to 5 seconds, if the FIN or the subsequent ACK were lost, then
keepalived would block for 5 seconds, which must not be allowed to
happen. The only TCP sockets that keepalived opens are for TCP_CHECK,
HTTP_GET, SSL_GET, SMTP_CHECK and sending notify emails. For all of
these, for any data that keepalived sends it receives data in
response, and so there is no purpose in using SO_LINGER. Removing
setting SO_LINGER will stop the occasional ‘A thread timer expired
5.1nnnnn seconds ago’, as reported in issue #2271.
all: use correct format specifier for time fields. 32 bit Debian uses a 32
bit TIMESIZE, whereas 32 bit Ubuntu uses a 64 bit TIMESIZE. This means
that on 32 bit Ubuntu some time types need to be printed using “%lld”,
whereas on 32 bit Debian, and on 64 bit systems “%ld” is what is
needed. Using the wrong format specifier was causing compilation
warnings on 32 bit Debian. The issue impacts printing time_t, struct
timeval tv_sec and tv_usec and struct timespec tv_sec fields.
Peversely, on a 32 bit system when TIMESIZE is 64, struct timeval
tv_usec is 64 bits, whereas struct timesec tv_nsec is 32 bits. The
commit adds configure time checking of the right format specifiers to
use, and adds definitions PRI_time_t, PRI_tv_sec, PRI_ts_sec etc.
core: update addattr_l to match current iproute2 code - almost. The
alignment calculations were not coerect, so this commit updates
addattr_l to match the iproute2 version, EXCEPT there appears to be 1
issue in the iproute2 code when NLMSG_ALIGN is used when RTA_ALIGN
should be used. The difference is entirely cosmetic (at the moment)
since the functionality of the 2 macros is currently identical.
lib: add micro-second timers to memory allocation debugging. Previously
the time was logged for memory allocation/freeing operations in
seconds. When comparing when memory was allocated/freed to debugging
logging via a log file, it was helpful, in terms of being able to
identify the sequence of events, to have the time of memory
allocations etc logged in micro-seconds.
vrrp: on reload only configured track_script name was checked. On a
reload, only the configured name of a track_script was being checked
to see if the new config track_script matched the old config
track_script. If the script to be executed were changed, but the
configured named of the script were kept the same, then the status of
the old script would be transferred to the new script, despite the
scripts being completely different. This commit now checks that the
script really is the same, in terms of the path, parameters and user
executing the script.
vrrp: On reload with addresses added to VRRP instance send 2nd GARPs. If
garp_master_delay is non zero, then after a reload when VIPs are added
to a VRRP instance in master state, as well as the initial block of
GARP messages that are sent, the messages need to be repeated after
garp_master_delay seconds. This commit adds sending the second block.
vrrp: merge vrrp instance garp_pending and gna_pending flags. Combine
garp_pending and gna_pending flags into a single flags; that is all
that is necessary and simplifies the code.
vrrp: Use timer threads for delayed sending of GARPs/GNAs. Previously
whenever a VRRP instance send an advert, it checked to see if any more
GARPs/GNAs were due to be sent, either for garp_master_delay or
garp_master_refresh. Using timer threads removes the checking every
time an advert is sent, and the relevant code is only triggered when a
timer expires.
vrrp: stop using alloc_strvec() for parsing rttables files. It was a good
idea at the time, but is not really appropriate. The parsing can be
done just as simply without using alloc_strvec().
all: stop “unmatched quotes” warning for quoted strings. If a line with a
quoted string has unbalanced quote characters when parsed as a
standard (not quoted) string, an innapropriate warning was issued for
unmatches quotes. This commit now stops the warning. This commit is
not elegant, and it would be appreciated if a neater solution could be
found. If anyone has a better solution, please submit a pull request
or raise an issue explaining the solution.
all: change checking process name at reload to include not NULL checks.
The code was using the reload variable as an indicator that
prev_global_data was not NULL, and this was causing some static code
analysers to to flag up NULL pointer dereferences. The patch
explicitly checks whether prev_global_data is NULL or not, since this
is synonymous with testing the reload variable.
all: clear pointers to old data structures freed after reload. This means
that if that if there is a subsequent reference to the old data via
thoe old_global_data, or old{bfd,check,vrrp} pointers, it should cause
a segfault rather than undefined behaviour. It will also make it more
straightford to debug any problem should it occur.
vrrp: update location of iproute config files. Since iproute2 version 3.3
the location of the config files has been configurable, with the
default being /etc/iproute2. Since version 4.4 there has been an
rt_tables.d sub-directory. Version 4.10 added an rt_protos.d
sub-directory, and version 6.5 added a second directory
(/usr/lib/iproute2 or /usr/lib64/iproute) which 6.7 changed to
/usr/share/iproute2 as the default. No major distro appears to change
the default locations, and the only distro that used verion 6.5 or 6.6
was Fedora 40, but that has now upgraded to 6.7 so we are not bothered
with the /usr/lib* options. The two directories have configure
options, and if they are not specified, configure attempts to get the
locations from the ip-route man page or the ip executable.
vrrp: Specify protocol for IP addresses that keepalived adds. This is
similar to being able to specify a protocol of ip routes and rules.
vrrp: Add configure option to update /etc/rt_addrprotos. If there is no
keepalived entry in rt_addrprotos create an entry which is removed
when keepalived terminates. This will allow ip address show to display
the protocol of an address as “keepalived” rather than 0x12.
vrrp: always add a keepalived entry to rt_addrprotos is none exists.
doc: Some updates.
Fixes
vrrp: Handle a reload before vrrp_delayed_start has expired. If
keepalived reloaded its configuration before a specified
vrrp_startup_delay had expired, the startup_delay was never being
timed out, and so all received adverts would be discarded. The commit
caused the startup_delay timer to be reinstated after a reload if the
timer has not yet expired.
ipvs: Update status code of misc checker if changes while in fault state.
The exit code of a misc checker can be read via SNMP. The misc check
code was not updating the last exit code if the checker was not
dynamic, the checker was already down (i.e. returned a non 0 exit
code), and the exit code changed from the previous exit code. This
meant that the exit code reported via SNMP was not the latest exit
code, but the exit code that caused the status of the checker to
change. This commit now updates the last exit code, even if the
checker is already down.
vrrp: Ensure VRRPv3 advert interval strictly <= 40.95 seconds. If an
advert interval of 40.958 seconds was configured, it was being round
up to 40.96 after the check that the advert interval was less than
40.96. The consequence of this was that adverts were being sent at
40.96 second intervals, but worse, the advert interval in the VRRP
packet was set to 0. This commit now ensures that after the rounding
the advert interval is <= 40.95 seconds.
vrrp: fix track process reinitialize fork delay timer. Github user
Bbulatov identified that terminate_delay was being used when
fork_delay should have been used. While investigating, it was also
found, albeit in a debug message that fork_delay was used where
terminate_delay should have been used. Further, the process state was
being updated immediately even if the fork_delay was being invoked.
vrrp: fix memory leak if error in vrrp_ipsets configuration.
vrrp: stop memory leak when error in configuring vrrp_iptables.
bfd: make alloc_bfd() return NULL rather than false on error. alloc_bfd()
returns a bfd_t *, but in the case of errors it was returning false,
which clearly should have been NULL. This issues was identified by
compiling with -std=c23.
vrrp: fix corruption of master-child_pid red black tree. Child process
thread_t structures use two red-black trees, one for the timeout, and
the other for pids. It is important to ensure that threads are removed
from the child_pid RB tree at the correct time. This was not happening
when reloads were occurring and there was a THREAD_CHILD_TIMEOUT
thread on the ready list. A few other instances of the thread not
being removed from the child_pid RB tree correctly, which are also
resolved by this commit.
all: Fix parsing of xNN in quoted strings. Following x keepalived
processed all following hex digits, but only returned one byte. For
example x20file would result in a byte 0x0f followed by the string
“ile”. This commit limits the number of hex digits consumed to 2.
all: fix parsing of escaped characters in quoted strings.
core: fix error report in json version parser.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 20260210 to 20260227
- No change to rootfile
- Changelog 20260227
Purpose
- Update for functional issues. Refer to [Intel® Xeon® 6700P-B/6500P-B-Series SoC with P-Cores](https://cdrdv2.intel.com/v1/dl/getContent/843306/view?wapkw=intel%20xeon%206700P-B) for details.
Updated Platforms
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| GNR-D | B0/B1 | 06-ae-01/97 | 010002f3 | 01000303 | Xeon 6700P-B/6500P-B Series SoC with P-Cores
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:42 +0000 (14:03 +0200)]
harfbuzz: Update to version 14.0.0
- Update from version 12.3.2 to 14.0.0
- Update of rootfile
- Changelog
14.0.0
- New `libharfbuzz-gpu` library: GPU text rasterization based on the
Slug algorithm by Eric Lengyel. Encodes glyph outlines on the CPU
into compact blobs that the GPU decodes and rasterizes directly in
the fragment shader, with no intermediate bitmap atlas.
Shader sources provided in GLSL, WGSL, MSL, and HLSL.
New `hb-gpu` installed utility for interactive GPU text rendering.
Live web demo: https://harfbuzz.github.io/hb-gpu-demo/
- New `harfbuzz-world.cc` amalgamated source for building a subset of
all HarfBuzz libraries into one compilation unit, driven by a custom
`hb-features.h`.
- Updated README with libraries overview and project description.
- Various bug fixes.
- New API:
+ hb_gpu_draw_t
+ hb_gpu_draw_create_or_fail()
+ hb_gpu_draw_reference()
+ hb_gpu_draw_destroy()
+ hb_gpu_draw_set_user_data()
+ hb_gpu_draw_get_user_data()
+ hb_gpu_draw_get_funcs()
+ hb_gpu_draw_glyph()
+ hb_gpu_draw_encode()
+ hb_gpu_draw_get_extents()
+ hb_gpu_draw_reset()
+ hb_gpu_draw_recycle_blob()
+ hb_gpu_shader_lang_t
+ hb_gpu_shader_fragment_source()
+ hb_gpu_shader_vertex_source()
13.2.1
- Fix regression in tracing messages from previous release.
13.2.0
- Fix `hb-view` glyph positioning with `--glyphs` input from `hb-shape --ned`.
- Various fuzzing fixes for `harfbuzz-subset`, `harfbuzz-raster` and
`harfbuzz-vector` libraries.
- Various improvements to tracing messages.
- Various documentation improvements.
- New API:
+ HB_OT_SHAPE_BUFFER_FORMAT_SERIAL
+ hb_ot_shape_get_buffer_format_serial()
13.1.1
- Support gzip-compressed `SVG` glyphs in `harfbuzz-raster` and
`harfbuzz-vector` libraries. This new functionality requires `zlib`, and will
not be available if HarfBuzz is built without `zlib`.
- Improve handling of `SVG` glyphs in `harfbuzz-raster` and
`harfbuzz-vector` libraries.
- Further harden application of `stch` feature against malicious fonts.
- Various fuzzing fixes.
- Various build fixes:
* Add missing `chafa` dependency to `hb-raster` utility, and remove
accidental `cairo` dependency.
* Don’t build raster and vector fuzzers if the library is disabled.
* Add meson options for enabling / disabling `libpng` and `zlib`.
* Support building `harfbuzz-raster` and `harfbuzz-vector` libraries with
CMake.
13.1.0
- The `harfbuzz-raster` library can now render bitmap color glyph formats
(`CBDT` and `sbix`). It now also has an API to serialize / deserialize images
to and from PNGs. This new functionality requires `libpng`, and will not be
available if HarfBuzz is built without `libpng`.
- Install `hb-raster` command line utility.
- Fix overflow when applying `stch` feature with malicious fonts.
- Fix memory leaks in `harfbuzz-raster` and `harfbuzz-vector` in error
conditions, as well as more robust handling of allocation failures.
- Various documentation improvements and build fixes.
- New API:
+hb_raster_image_serialize_to_png_or_fail()
+hb_raster_image_deserialize_from_png_or_fail()
13.0.1
- Bug fixes in rendering `COLR` v1 fonts.
- Various build fixes.
13.0.0
- New experimental drawing and rendering libraries:
* New public `hb-vector` API for vector output of glyph outlines. The only
supported output format currently is SVG.
The new API is available in a separate `harfbuzz-vector` library.
* New public `hb-raster` API for rasterizing glyphs to A8 / BGRA32 images.
The new API is available in a separate `harfbuzz-raster` library.
* Both APIs are still experimental and subject to change.
* Both libraries support monochrome as well as vector color glyph formats
(`COLR` v0, v1, and `SVG`).
* Additionally, `hb-vector` supports also bitmap color glyph formats (`CBDT`
and `sbix`).
* New command line utilities to accompany the new APIs: `hb-vector` and
`hb-raster`. They share many of the same options as `hb-view`.
- New subset flag `HB_SUBSET_FLAGS_DOWNGRADE_CFF2` to convert instantiated
`CFF2` table to `CFF `. This options will desubroutinize `CFF2` table and
convert it to CID-keyed `CFF` table. This is useful for compatibility with
older renderers that do not support `CFF2` table, including embedding
instantiated fonts in PDF documents.
- The `hb-view` command-line utility got a few bells and whistles as well,
including support for logical / ink extents (with the default being the union
of both), stroke, and an option to rotate glyph foreground colors
(rainbow coloring).
- New API to inspect color-glyph documents in `SVG` table.
- New API to signal that the buffer content was changed by the client in
message callbacks.
- Improve `VARC` drawing accuracy with multiple transform / rounding fixes.
- Don’t reject malformed `cmap` subtables, a regression from 12.3.0 when we
stopped sanitizing malformed tables.
- Disallow calling `hb_buffer_set_message_func()` from within the message
callback.
- Various performance optimizations, fuzzing fixes, and documentation
improvements.
- New API:
* harfbuzz:
+hb_buffer_changed()
+hb_ot_color_get_svg_document_count()
+hb_ot_color_get_svg_document_glyph_range()
+hb_ot_color_glyph_get_svg_document_index()
* harfbuzz-subset:
+HB_SUBSET_FLAGS_DOWNGRADE_CFF2
* harfbuzz-raster:
+hb_raster_draw_t
+hb_raster_extents_t
+hb_raster_format_t
+hb_raster_image_t
+hb_raster_paint_t
+hb_raster_draw_create_or_fail()
+hb_raster_draw_destroy()
+hb_raster_draw_get_extents()
+hb_raster_draw_get_funcs()
+hb_raster_draw_get_scale_factor()
+hb_raster_draw_get_transform()
+hb_raster_draw_get_user_data()
+hb_raster_draw_glyph()
+hb_raster_draw_recycle_image()
+hb_raster_draw_reference()
+hb_raster_draw_render()
+hb_raster_draw_reset()
+hb_raster_draw_set_extents()
+hb_raster_draw_set_glyph_extents()
+hb_raster_draw_set_scale_factor()
+hb_raster_draw_set_transform()
+hb_raster_draw_set_user_data()
+hb_raster_image_clear()
+hb_raster_image_configure()
+hb_raster_image_create_or_fail()
+hb_raster_image_destroy()
+hb_raster_image_get_buffer()
+hb_raster_image_get_extents()
+hb_raster_image_get_format()
+hb_raster_image_get_user_data()
+hb_raster_image_reference()
+hb_raster_image_set_user_data()
+hb_raster_paint_clear_custom_palette_colors()
+hb_raster_paint_create_or_fail()
+hb_raster_paint_destroy()
+hb_raster_paint_get_extents()
+hb_raster_paint_get_funcs()
+hb_raster_paint_get_scale_factor()
+hb_raster_paint_get_transform()
+hb_raster_paint_get_user_data()
+hb_raster_paint_glyph()
+hb_raster_paint_recycle_image()
+hb_raster_paint_reference()
+hb_raster_paint_render()
+hb_raster_paint_reset()
+hb_raster_paint_set_custom_palette_color()
+hb_raster_paint_set_extents()
+hb_raster_paint_set_foreground()
+hb_raster_paint_set_glyph_extents()
+hb_raster_paint_set_scale_factor()
+hb_raster_paint_set_transform()
+hb_raster_paint_set_user_data()
* harfbuzz-vector:
+hb_vector_draw_t
+hb_vector_extents_mode_t
+hb_vector_extents_t
+hb_vector_format_t
+hb_vector_paint_t
+hb_vector_draw_create_or_fail()
+hb_vector_draw_destroy()
+hb_vector_draw_get_extents()
+hb_vector_draw_get_funcs()
+hb_vector_draw_get_scale_factor()
+hb_vector_draw_get_transform()
+hb_vector_draw_get_user_data()
+hb_vector_draw_glyph()
+hb_vector_draw_recycle_blob()
+hb_vector_draw_reference()
+hb_vector_draw_render()
+hb_vector_draw_reset()
+hb_vector_draw_set_extents()
+hb_vector_draw_set_glyph_extents()
+hb_vector_draw_set_scale_factor()
+hb_vector_draw_set_transform()
+hb_vector_draw_set_user_data()
+hb_vector_paint_clear_custom_palette_colors()
+hb_vector_paint_create_or_fail()
+hb_vector_paint_destroy()
+hb_vector_paint_get_extents()
+hb_vector_paint_get_funcs()
+hb_vector_paint_get_scale_factor()
+hb_vector_paint_get_transform()
+hb_vector_paint_get_user_data()
+hb_vector_paint_glyph()
+hb_vector_paint_recycle_blob()
+hb_vector_paint_reference()
+hb_vector_paint_render()
+hb_vector_paint_reset()
+hb_vector_paint_set_custom_palette_color()
+hb_vector_paint_set_extents()
+hb_vector_paint_set_foreground()
+hb_vector_paint_set_glyph_extents()
+hb_vector_paint_set_palette()
+hb_vector_paint_set_scale_factor()
+hb_vector_paint_set_transform()
+hb_vector_paint_set_user_data()
+hb_vector_svg_paint_set_flat()
+hb_vector_svg_paint_set_precision()
+hb_vector_svg_set_flat()
+hb_vector_svg_set_precision()
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:41 +0000 (14:03 +0200)]
groff: Update to version 1.24.1
- Update from version 1.23.0 to 1.24.1
- Update of rootfile
- Changelog
1.24.1
This release corrects bugs in the groff 1.24.0 release, adds automated
test scripts, revises a misleading diagnostic message, and improves
documentation. There are no new features.
1.24.0
This is too large to include here. For details see the NEWS file in the tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:40 +0000 (14:03 +0200)]
frr: Update to version 10.6.0
- Update from version 10.4.1 to 10.6.0
- Update of rootfile
- Changelog is too large to include here so links porovided for each version
10.6.0
https://github.com/FRRouting/frr/releases/tag/frr-10.6.0
10.5.3
https://github.com/FRRouting/frr/releases/tag/frr-10.5.3
10.5.2
https://github.com/FRRouting/frr/releases/tag/frr-10.5.2
10.5.1
https://github.com/FRRouting/frr/releases/tag/frr-10.5.1
10.5.0
https://github.com/FRRouting/frr/releases/tag/frr-10.5.0
10.4.3
https://github.com/FRRouting/frr/releases/tag/frr-10.4.3
10.4.2
https://github.com/FRRouting/frr/releases/tag/frr-10.4.2
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:39 +0000 (14:03 +0200)]
freetype: Update to version 2.14.3
- Update from version 2.14.1 to 2.14.3
- Update of rootfile
- Changelog is too large to include here. Details can be found in the file ChangeLog
in the tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:37 +0000 (14:03 +0200)]
e2fsprogs: Update to version 1.47.4
- Update from version 1.47.3 to 1.47.4
- No change to rootfile
- Changelog
1.47.4
UI and Features
Suppress warnings in mke2fs regarding large block sizes if the kernel
supports blocksize greater than page size.
Add mke2fs extended option in root_selinux to set a SELinux security
context label for the root directory.
Enable mke2fs to support multiple -E options in the command line.
Fix e4defrag crashing when it tries to defragment an inline data file.
Fixes
Fix e2fsck incorrectly flagging fast symlinks with a large external
extended attribute (using an EA inode) as having an invalid number of
blocks.
Add a check in e2fsck for an extended attributes with a value stored in
an EA inode that has an invalid zero size.
Fix e2scrub so that it the retry loop for lvremove works properly (in
case of a temporary busy failure).
Mke2fs warnings about dax are now printed to stdout instead of stderr,
since they aren't failures.
Fix mke2fs so it won't create an orphan file inode which is larger than
what the kernel now permits when using a 64k blocksize.
Fix mke2fs -d so it can handle copying a file larger than 2 GiB.
Many bug fixes for fuse2fs and libext2fs to make fuse2fs behave more
like the Linux kernel's implementation of ext4. These were found when
running fuse2fs under xfstests, and fixing the resulting test failures.
- Set the EXT2_ERRORS_FS flag when recording errors in the superblock,
so that e2fsck will automatically try to fix the corrupted file system
- Restrict which error codes that will be recorded in the superblock to
those which indicate file system corruption, and not those that are
cuased by operational failures
- Refuse to mount a file system which is marked as having inconsistencies
- Abort and avoid mounting the file systems if there are errors parsing
the command line options
- Fix parsing the offset= option so the mount options structure doesn't
get corrupted.
- Move operations which could fail while mounting the file system to
before the fuse2fs is daemonized so that errors can be reported to the
user
- Fix the locking logic for the "-o lockfile" command-line option
- Fix a memory leak if ext2fs_close() fails
- Avoid failures when mounting a file system read-only and the user does
not have write access to the file system image or block device
- Handle the case where the underlying storage (e.g., block device) of
the file system is read-only more like the kernel. (Fixes generic/050)
- Handle the case where the user requested a read-only mount, the
underying file system storage is writeable, and there is a journal
which needs to be replayed so that it is safe to reference the file
system image. (Fixes ext4/271)
- Recheck the file system feature flags after replaying the journal in
case an unsupported feature was enabled by a journal transaction and
this causes fuse2fs to have a bellyache.
- Recheck the journal to make sure it is consistent to catch problems
caused by replaying (possibly maliciously) corrupted journals
- Make sure there is enough free space to create a symlink before
trying to create it
- Correctly report errors when deleting files back to fuse
- Always check the process gid when checking file permissions
- Don't update atime when reading executable file contents
- Correctly propagate default acls to non-directory inodes
- Set the group id ownership for newly created files in setgid directories
- Fix fssetxattr() by preserving iflags bits that don't exist in xflags
- Fix various bugs when punching holes in a file
- Fix various bugs in FITRIM
- Prevent fallocation or zero range indirect-mapped files, which don't
support unwritten extents
- Fix error handing for fuse_getgroups() and readlink(2)
- Fix various data corruption bugs when reading and writing to inline
data files
- Correctly set the ST_RDONLY flag returned by statfs(2)
- Fix potential races in op_statfs and op_destroy
- Fix relatime handling to pay attention to nanosecond portion of the
timestamp
- Fix permission checks when opening a file with O_APPEND and O_TRUNC at
the same time
- Don't truncate a newly created file so the ctime/mtime timestamps are
consistent
Various man page cleanups.
Performance, Internal Implementation, Development Support etc.
Fixed various Debian packaging issues. (Addresses Debian Bugs: #1118461)
Remove extra "pkg-config pkgconfig" in the Debian rules file. This
appears to be harmless, but it's not correct. (Addresses "Debian Bugs: #1126636)
Stop trying to test building e2fsprogs on mingw32 using Github Actions.
Sometime between November and December 2025, probably coincident with
github uploading a newer Windows 11 to windows-latest, running the test
mke2fs is now taking over 4 hours, when previously it took 8 seconds.
Update autoconf and libtool to be based on autoconf 2.72. Also updated
config.{guess,sub,rpath} to be the latest from FSF.
Fix ext2fs_block_alloc_stats_range() to pass the original parameters to
its callback function.
Change the unixfd I/O manager to close the file descriptor when it is
passed into the manager.
In the unixfd_io_manager, trust the caller to assert that the file
descriptor was opened using O_EXCL, since we can't find out whether
it's the case by checking the file flags usign fcntl's F_GETFL. Also
check using F_GETFL instead of F_GETFD.
Fix a bug in the unix_io where if there is an error when writing the I/O
channel, and a write_error handler is registered, and it requests that
the failed write is tried, the cache mutex wasn't getting reocked,
leaving the lock state inconsistent.
Fix a portability issue in fuse2fs regarding how to redirect
stdout/stderr which works across multiple C libraries. (For a detailed
description of the challenges created by different standards
specification see commit f79abd8554e6.)
Fix a portability issue so e2fsprogs can compile when the
linux/fsverity.h header file exists, but it doesn't define
FS_IOC_READ_VERITY_METADATA.
Update the Malay translations.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Sun, 5 Apr 2026 12:03:36 +0000 (14:03 +0200)]
curl: Update to version 8.19.0
- Update from version 8.18.0 to 8.19.0
- No change to rootfile
- Changelog
8.19.0
Changes:
o we stopped the bug bounty [23]
o cmake: add `CURL_BUILD_EVERYTHING` option [51]
o initial support for MQTTS [81]
o tool: support fractions for --limit-rate and --max-filesize [79]
o tool_cb_hdr: with -J, use the redirect name as a backup [147]
o vquic: drop support for OpenSSL-QUIC [80]
o windows: add build option to use the native CA store [82]
o windows: bump minimum to Vista (from XP) [12]
Bugfixes:
o altsvc: only accept 17 byte dates from files [22]
o asyn-ares: abort with OOM error when Curl_dnscache_mk_entry fails [107]
o async-ares: blocking resolve timeout handling, better [239]
o badwords: move into ./scripts, speed up [187]
o build: add missing `GENERATEDCERTS` files [210]
o build: adjust minimum version for some clang picky warnings [211]
o build: check `MSG_NOSIGNAL` directly, drop detection and interim macro [26]
o build: constify `memchr()`/`strchr()`/etc result variables (cont.) [85]
o build: detect and include `inttypes.h` again [13]
o build: do not include wolfSSL header in `curl_setup.h` [215]
o build: drop duplicate C includes [54]
o build: drop global suppression of `-Wformat-nonliteral`, fix fallouts [19]
o build: drop unused `snprintf()` feature check on Windows [261]
o build: fix `-Wunused-macros` warnings, and related tidy-ups [176]
o build: fix building rare combinations [109]
o build: fully omit verbose strings and code when disabled [113]
o build: globally suppress DJGPP warnings in `FD_SET()` [56]
o build: merge TrackMemory (`CURLDEBUG`) into debug-enabled option [46]
o build: move curl stat struct type to the curlx namespace [156]
o build: opt-in MSVC to C99-style verbose logging logic [108]
o build: require POSIX `strdup()` [159]
o build: tidy up and dedupe `strdup` functions [162]
o cf-socket: ignore SOCK_CLOEXEC etc for socktype equality checks [226]
o cf-socket: use SOCK_CLOEXEC in socket_open when available [130]
o checksrc-all.pl: skip non-repository files [144]
o checksrc: do not apply `BANNEDFUNC` to struct member functions [35]
o checksrc: warn for leading spaces before the preprocessor hash [72]
o clang-tidy: add missing and delete redundant parentheses [155]
o clang-tidy: add more missing parentheses in macro values [224]
o clang-tidy: avoid/silence `bugprone-not-null-terminated-result` [222]
o clang-tidy: check `bugprone-macro-parentheses`, fix fallouts [212]
o clang-tidy: drop redundant conditions reported by
`misc-redundant-expression` [217]
o clang-tidy: enable `bugprone-signed-char-misuse`, fix fallouts [227]
o clang-tidy: enable more checks [225]
o clang-tidy: enable scanning headers [205]
o clang-tidy: fix issues found with build-fuzzing [275]
o clang-tidy: silence more minor issues found by v22 [276]
o cmake/FindMbedTLS: add workaround for missing static MSVC
`mbedcrypto.lib` 4.0.0 [174]
o cmake: add `CURL_DROP_UNUSED` option to reduce binary sizes [105]
o cmake: add native clang-tidy support for tests, with concatenated
sources [223]
o cmake: always build curlu and curltool test libs in unity mode [190]
o cmake: always define `CURL::win32_winsock` on Windows in
`curl-config.cmake` [104]
o cmake: convert `curl_add_clang_tidy_test_target()` macro to function [281]
o cmake: enable binutils ld workaround for all toolchains at build-time [57]
o cmake: fix `LOCATION` property access condition (debug) [241]
o cmake: fix `LOCATION` property read errors in target debug function [243]
o cmake: fix building with `CMAKE_FIND_PACKAGE_PREFER_CONFIG=ON` [254]
o cmake: fix confusing error when a dependency is undetected in
`curl-config.cmake` [169]
o cmake: fix logic for openssl/zlib binutils ld workaround [71]
o cmake: fix passing system header directories to clang-tidy for tests [221]
o cmake: fix system include directory position for clang-tidy in tests [284]
o cmake: improve clang-tidy test command-line reproduction [242]
o cmake: minor fixes to test targets after prev [214]
o cmake: normalize uppercase hex winver (for display) [191]
o cmake: omit `curl.rc` from curltool lib [209]
o cmake: reference OpenSSL and ZLIB imported targets only when enabled [41]
o cmake: replace internal option with a new `tt` (test tools) target [220]
o cmake: silence potential unused var warnings in C++ test snippet [201]
o cmake: silence silly Apple clang warnings in C89 mode, test in CI [14]
o cmake: silence useless compiler warnings triggered by the FASTBuild
generator [43]
o cmake: skip binutils ld hack if zlib/openssl target is not `IMPORTED` [90]
o cmake: warn for invalid `CURL_TARGET_WINDOWS_VERSION` values [192]
o cmke: add `*_USE_STATIC_LIBS` options for 9 dependencies [49]
o config-plan9: set `HAVE_STDINT_H` again [17]
o config2setopts: acknowledge OOM error from CURLOPT_MIMEPOST [120]
o config2setopts: fix for --disable-aws build configuration [34]
o configure: drop always true `if` check (Windows) [250]
o content_encoding: return 'identity' if none other exists [235]
o curl: add -I and -i to -h important [135]
o curl: limit Windows-specific code to Windows builds, other tidy-ups [48]
o curl_easy_nextheader.md: a new transfer invalidates 'prev' [69]
o curl_get_line: drop single-use macro [93]
o curl_multi_perform.md: resolve inconsistency [143]
o curl_ntlm_core: merge two `#if` blocks [177]
o curl_setup.h: drop extra header guard for internal include [91]
o curl_setup.h: merge back single-use internal header `curl_setup_once.h` [78]
o curl_setup.h: simplify curl memory macro mappings [163]
o curl_setup_once: allow CURL_DEBUGASSERT for customization [125]
o CURLINFO_CONTENT_LENGTH_DOWNLOAD_T.md: fix available protocols [97]
o curlx: drop unused `curlx_saferealloc()` [161]
o digest: escape double quotes and backslashes in realm and nonce [83]
o digest: fix memory leak in auth_create_digest_http_message() [263]
o digest: handle quotes in the path [50]
o docs/INSTALL: update configure details [45]
o docs/libcurl: unify WARNING use [89]
o docs: add LibreELEC to DISTROS.md
o docs: add reproducible example for generating man page [95]
o docs: avoid starting sentences with However, [175]
o docs: avoid using the word 'magic' [256]
o docs: clarify --ipv4 and --ipv6 [149]
o docs: document the need for a 64-bit type and stdint.h [118]
o docs: drop basically [229]
o docs: explicitly call out Slowloris as not a security flaw [6]
o docs: fix grammar nitpicks [128]
o docs: handle error in `curl_global_init*` examples [204]
o docs: replace instances of the vague qualifier 'quite' [171]
o docs: reword explanation of --variable option [150]
o docs: some nitpicks [277]
o docs: use dot instead of comma at end of sentences [168]
o easy: reset errorbuf on eyeballing success [179]
o easy: reset pausing when resetting request [218]
o examples/usercertinmem: use modern OpenSSL API, drop mentions of RSA [188]
o examples: improve OpenSSL certificate examples [248]
o examples: omit forward declarations, apply misc fixes [60]
o FAQ: syntax improvements [230]
o fopen.h: simplify curl memory macro mappings [160]
o ftp: replace a `curlx_free()` with `curlx_dyn_free()` [86]
o ftp: split ftp_state_use_port into sub functions [172]
o GOVERNANCE.md: Post-Daniel BDFL [31]
o gss: exclude verbose error logic from non-verbose builds [122]
o h2+h3: align stream close handling [131]
o hostip.c: fix leak of addrinfo [11]
o hostip6: remove debug-only code [24]
o hostip: fix unreachable code in rare build configuration [74]
o http/3: add description for known server error codes [15]
o http1: fix potential NULL dereference in `Curl_h1_req_parse_read()` [268]
o http: only send bearer if auth is allowed [228]
o http_aws_sigv4: fix query normalization of %2b [117]
o imap: add a check for Curl_meta_get() [157]
o imap: check `imap_sendf()` printf masks at compile-time [67]
o imap: skip literals inside quoted strings [30]
o include: avoid recursive macros [182]
o include: mask computed auth/proto bitmasks to 32 bits [145]
o INSTALL-CMAKE.md: document Apple framework options [53]
o INSTALL.md: fix typo [278]
o INSTALL.md: suggest `-Wl,-dead_strip` for Apple targets [68]
o KNOWN_BUGS.md: absolute Unix domain filename for SOCKS on Windows [37]
o ldap: silence clang-tidy v22 warning [279]
o ldap: silence potential unused variable warning (OS400) [55]
o lib: delete unused local includes [181]
o lib: disable websockets early if no http [140]
o lib: make sigpipe handling more lazy [52]
o lib: reorder protocol functions to avoid forward declarations (email) [76]
o lib: reorder protocol functions to avoid forward declarations (ftp) [75]
o lib: reorder protocol functions to avoid forward declarations
(misc cont.) [66]
o lib: reorder protocol functions to avoid forward declarations (misc) [77]
o lib: reorder protocol functions to avoid forward declarations (ssh) [65]
o lib: separate scheme info from protocol implementation [42]
o lib: skip compiling code with features disabled [189]
o lib: use (u)int64_t instead of long long [39]
o libcurl docs: reduce 'since ...' in descriptions [28]
o libcurl-security.md: fix typos and add a point about URLs
o libtests: drop two redundant `memset()`s [110]
o Makefile.am: delete RPM targets referencing non-existent files [9]
o Makefile.am: drop stray VC project files from dist [5]
o managen: silence Perl warnings [141]
o mbedtls: guard TLS 1.3 + session tickets usage inside ifdef [260]
o mbedtls: no pinnedpubkey wo MBEDTLS_SSL_KEEP_PEER_CERTIFICATE [29]
o mbedtls: remove newline from failf() call [25]
o mbedtls: split mbed_connect_step1 into sub functions [166]
o md4, md5: drop redundant forward declarations [64]
o md4, md5: replace custom types with `uint32_t` [111]
o memdebug: include `backtrace.h` as system header [148]
o mime: drop fallback for unused `R_OK` macro [58]
o mimepost: allocate main struct on-demand [20]
o mk-ca-bundle.pl: drop support for obsolete/insecure fingerprint algos [138]
o mod_curltest: silence unused argument compiler warning [63]
o mprintf: drop old sprintf fallback [7]
o mprintf: rename internal enum to avoid collision with AmigaOS symbol [183]
o mprintf: silence clang-tidy `readability-suspicious-call-argument` [262]
o mprintf: use `_snprintf()` when compiled with VS2013 and older [280]
o mqtt: better too-big-message-check [73]
o mqtt: fix EOF handling [231]
o mqtt: verify Remaining Length for CONNACK and PUBACK [153]
o msvc: drop exception, make `BIT()` a bitfield with Visual Studio [2]
o msvc: VS2026: unlock picky warning in cmake, test in CI [198]
o multi: avoid a theoretical 32-bit wrap [186]
o multi: fix unreachable code compiler warning [264]
o multi: probe for IPv6 functionality in multi_init() [114]
o multi: split multi_runsingle into sub functions [197]
o multi: update timer unconditionally in multi_remove_handle [158]
o ngtcp2: stabilize recv [18]
o noproxy: simplify, don't mix const non-const in strchr() [88]
o openldap: avoid forward declarations in ldaps code [62]
o openssl+ech: workaround for insecure handshakes [238]
o openssl: adapt to OpenSSL master adding const to more APIs [253]
o OpenSSL: check reuse of sessions for verify status [142]
o openssl: disable local keylog feature if built-in upstream [178]
o openssl: fix compiler warning with OpenSSL master [193]
o openssl: fix potential NULL dereference when loading certs (Windows) [165]
o openssl: fix potential OOB read in debug/verbose logging [216]
o plan9: drop special build and orphaned references [33]
o proxy-auth: additional tests [232]
o pytest: remove 03_02 [127]
o quiche: use PRIu64 for outputting the stream id [184]
o rand: drop impossible preprocessor branches (wincrypt) [246]
o rand: drop scan-build silencer [245]
o ratelimit: download finetune [16]
o request.h: rename parameter 'buf' to 'req' in Curl_req_send [219]
o REUSE: drop broken reference to `MAIL-ETIQUETTE` [59]
o rtsp: fix assertion failure on zero-length RTP payload [180]
o rtspd: fix to check `realloc()` result [173]
o runtests: pass config filename to stunnel in native format (Windows) [94]
o schannel: refactor: reduce variable scopes, fix comment, fix indent [196]
o send: drop `CURL_UNCONST()` from buffer argument on most platforms [116]
o setopt: fix checking range for CURLOPT_MAXCONNECTS [92]
o setopt: refuse blobs with zero length [167]
o setup-os400.h: drop no longer used custom type `u_int32_t` [112]
o sigpipe: unset SA_SIGINFO since it is using sa_handler [40]
o silent.md: also mention it shuts off warning messages [213]
o smb: free the path in the request struct properly [137]
o smb: include arpa/inet.h for NonStop [195]
o socket: check result of SO_NOSIGPIPE [124]
o socketpair: clear 'err' when retrying due to EINTR [233]
o socketpair: set SO_NOSIGPIPE where possible [103]
o socks: ensure DNS is freed in failure cases. [247]
o src: simplify declaring `curl_ca_embed` [185]
o ssh: dedupe state change function [99]
o stop using the word 'just' [257]
o sws: prevent "connection monitor" to say disconnect twice
o synctime: fix use of uninitialized buffer on non-Windows [234]
o system_win32: replace manual init code with `curlx_now_init()` call [170]
o tests/server/sockfilt: avoid possible endless loop on Windows [101]
o tests/server: drop unused `curlx/version_win32.c` [151]
o tests/server: fix to clear the complete `srvr_sockaddr_union_t` variable [207]
o tests/server: tidy-up error messages (Windows) [102]
o tests: avoid assignment in `if` conditions in `first.h` [126]
o tests: convert base64 data to %b64[] [87]
o tftp: correct the filename length check [70]
o timeout handling: auto-detect effective timeout [121]
o tls: add new SSLSUPP flags for several options [32]
o tls: remove checks for DEFAULT [136]
o tool: enable header separation for HTTPS proxies [106]
o tool: improve config error messaging [208]
o tool: improve error/warning messages when output filename sanitization
fails [36]
o tool: rename curl handle and result variable in `--libcurl`-generated
code [146]
o tool: return code variable consistency [84]
o tool_cb_hdr: suppress header output when --out-null [10]
o tool_cb_prg: drop duplicate preprocessor logic [119]
o tool_dirhie: drop superfluous `F_OK` fallback (Windows) [8]
o tool_doswin: avoid memory-leak with CURL_FN_SANITIZE_* [236]
o tool_doswin: avoid Windowsisms in socket code (cont.) [134]
o tool_doswin: avoid Windowsisms in socket code [139]
o tool_doswin: document `ENABLE_VIRTUAL_TERMINAL_PROCESSING` toolchain
support [44]
o tool_getparam: avoid `-Wcomma` with Apple clang in C89 mode [38]
o tool_operate: remove 'else' for VMS [3]
o tool_operate: reset the URL --url-query between --next [237]
o typos: silence false positives found in C code [164]
o unit3205: suppress two clang-tidy false positives [206]
o URL-SYNTAX.md: fix port number mistakes for IMAP and LDAP [200]
o url.c: code/comment cleanup around conn creation [132]
o url.h: fix `-Wdocumentation` [61]
o url: fix reuse of connections using HTTP Negotiate [100]
o urlapi: use U_CURLU_URLDECODE when toggling it off unsigned [255]
o urldata.h: remove two forward-declared structs not used [4]
o urldata: byebye `conn->hostname_resolve` [240]
o urldata: change 'keep_post' into three distinct bitfields [21]
o urldata: convert 'long' fields to fixed variable types [47]
o urldata: switch to uint* types [1]
o usercertinmem: use the correct cert BIO [249]
o verbose.md: explain the { and } prefixes [96]
o vquic: fix unused variable warning reported by clang-tidy [152]
o vquic: handle SOCKEMSGSIZE correctly [129]
o vtls: dedupe common on-session-reuse logic [98]
o vtls: use ALPN http/1.0 & http/1.1 for HTTP/1.0 requests [123]
o VULN-DISCLOSURE-POLICY.md: push reports to the web form [154]
o VULN-DISCLOSURE-POLICY.md: use hackerone [202]
o winapi: use FormatMessageA instead of FormatMessageW [115]
o windows: `USE_WINSOCK` to guard winsock2 code (where missing) [133]
o windows: determine `RtlVerifyVersionInfo` address on global init [258]
o windows: tidy up `wincrypt.h` / BoringSSL/AWS-LC coexist workaround [203]
o wolfssl: fix build without USE_BIO_CHAIN [27]
o ws/tftp: include header file even when protocol disabled [194]
o x509asn1: make encodeOID stop on too long input [199]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 3 Apr 2026 12:41:31 +0000 (12:41 +0000)]
strongswan: Fix chain name when removing rules
This caused that a lot of rules have been appended to IPSECOUTPUT which
never were removed again. There were no implications but a very log
chain with a lot of redundant rules.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Fix crash when reconfiguring zone update policy during active updates.
We fixed a crash that could occur when running rndc reconfig to change
a zone's update policy (e.g., from allow-update to update-policy) while
DNS UPDATE requests were being processed for that zone.
ISC would like to thank Vitaly Simonovich for bringing this issue to
our attention. [GL #5817]
Bug Fixes
Fix intermittent named crashes during asynchronous zone operations.
Asynchronous zone loading and dumping operations occasionally
dispatched tasks to the wrong internal event loop. This threading
violation triggered internal safety assertions that abruptly terminated
named. Strict loop affinity is now enforced for these tasks, ensuring
they execute on their designated threads and preventing the crashes.
[GL #4882]
Count temporal problems with DNSSEC validation as attempts.
After the KeyTrap vulnerability (CVE-2023-50387), any temporal DNSSEC
errors were originally hard errors that caused validation failures,
even if the records had another valid signature. This has been changed;
RRSIGs outside of the inception and expiration time are not counted as
hard errors. However, these errors were not even counted as validation
attempts, so an excessive number of expired RRSIGs would cause some
non-cryptographic extra work for the validator. This has been fixed and
the temporal errors are now correctly counted as validation attempts.
[GL #5760]
Fix a possible deadlock in RPZ processing.
The named process could hang when processing a maliciously crafted
update for a response policy zone (RPZ). This has been fixed. [GL
#5775]
Fix a crash triggered by rndc modzone on a zone from a configuration
file.
Calling rndc modzone on a zone that was configured in the configuration
file caused a crash. This has been fixed. [GL #5800]
Fix the processing of empty catalog zone ACLs.
The named process could terminate unexpectedly when processing a
catalog zone ACL in an APL resource record that was completely empty.
This has been fixed. [GL #5801]
Fix a crash triggered by rndc modzone on zone that already existed in
NZF file.
Calling rndc modzone didn't work properly for a zone that was
configured in the configuration file. It could crash if BIND 9 was
built without LMDB or if there was already an NZF file for the zone.
This has been fixed. [GL #5826]
Fix potential resource leak during resolver error handling.
Under specific error conditions during query processing, resources were
not being properly released, which could eventually lead to unnecessary
memory consumption for the server. A potential resource leak in the
resolver has been fixed. [GL !11658]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 31 Mar 2026 14:16:53 +0000 (14:16 +0000)]
dnsdist: Update to 2.0.3
The issues fixed in these releases are:
- CVE-2026-0396: An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either "DynBlockRulesGroup:setSuffixMatchRule" or "DynBlockRulesGroup:setSuffixMatchRuleFFI"
- CVE-2026-0397: When the internal webserver is enabled (default is disabled), an attacker might be able to trick an administrator logged to the dashboard into visiting a malicious website and extract information about the running configuration from the dashboard
- CVE-2026-24028: An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses "newDNSPacketOverlay" to parse DNS packets
- CVE-2026-24029: When the "early_acl_drop" ("earlyACLDrop" in Lua) option is disabled (default is enabled) on a DNS over HTTPs frontend using the "nghttp2" provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL
- CVE-2026-24030: An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in denial of service
- CVE-2026-27853: An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the "DNSQuestion:changeName" or "DNSResponse:changeName" methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535 bytes, potentially leading to a crash resulting in denial of service
- CVE-2026-27854: Denial of service when using DNSQuestion:getEDNSOptions method in custom Lua code
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 24 Mar 2026 15:19:06 +0000 (15:19 +0000)]
glibc: Apply fix for GLIBC-SA-2026-0005
gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf
that specifies the library's DNS backend in the GNU C Library version
2.34 to version 2.43 could, with a crafted response from the configured
DNS server, result in a violation of the DNS specification that causes
the application to treat a non-answer section of the DNS response as a
valid answer.
A defect in the getanswer_ptr function, which implements the iteration
and extraction of the answer from the DNS response, can cause it to
incorrectly transition from the answer section to the next section while
still treating it as an answer to the question. This can happen when
the answer contains only skipped records, and the subsequent section
contains a semantically invalid T_PTR record. This is considered a
security issue because it is a violation of the DNS specification that
leads to incorrect behaviour that could result in the wrong hostname
being returned to the caller. At the time of publication, no known
affected DNS server returns results that would be incorrectly
interpreted by the library. An attacker would either need to be network
adjacent or have compromised the DNS server to use this defect to hide
returned reverse DNS results from intrusion detection systems. Even
then, the inbound connection from the attacker, or the outbound
connection from the application, would be visible to the intrusion
detection system. At best, the defect can be used to obfuscate and
delay analysis of the evolving threat.
Fix unbounded NSEC3 iterations when validating referrals to unsigned
delegations. (CVE-2026-1519)
DNSSEC-signed zones may contain high iteration-count NSEC3 records,
which prove that certain delegations are insecure. Previously, a
validating resolver encountering such a delegation processed these
iterations up to the number given, which could be a maximum of 65,535.
This has been addressed by introducing a processing limit, set at 50.
Now, if such an NSEC3 record is encountered, the delegation will be
treated as insecure.
ISC would like to thank Samy Medjahed/Ap4sh for bringing this
vulnerability to our attention. [GL #5708]
Fix memory leaks in code preparing DNSSEC proofs of non-existence.
(CVE-2026-3104)
An attacker controlling a DNSSEC-signed zone could trigger a memory
leak in the logic preparing DNSSEC proofs of non-existence, by creating
more than max-records-per-type RRSIGs for NSEC records. These memory
leaks have been fixed.
ISC would like to thank Vitaly Simonovich for bringing this
vulnerability to our attention. [GL #5742]
Prevent a crash in code processing queries containing a TKEY record.
(CVE-2026-3119)
The named process could terminate unexpectedly when processing a
correctly signed query containing a TKEY record. This has been fixed.
ISC would like to thank Vitaly Simonovich for bringing this
vulnerability to our attention. [GL #5748]
Fix a stack use-after-return flaw in SIG(0) handling code.
(CVE-2026-3591)
A stack use-after-return flaw in SIG(0) handling code could enable ACL
bypass and/or assertion failures in certain circumstances. This flaw
has been fixed.
ISC would like to thank Mcsky23 for bringing this vulnerability to our
attention. [GL #5754]
Bug Fixes
Fix the handling of key statements defined inside views.
A recent change introduced in BIND 9.20.17 hardened the key name check
when used in primaries, to immediately reject the configuration if the
key was not defined (rather than only checking whether the key name was
correctly formed). However, that change introduced a regression that
prevented the use of a key defined in a view. This has now been fixed.
[GL #5761]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Robin Roevens [Wed, 25 Mar 2026 19:26:31 +0000 (20:26 +0100)]
zabbix_agentd: Update to 7.0.24 (LTS)
- Update of rootfile not required
Bugs fixed:
- ZBX-26111 Fixed JSON output for vfs.dev.discovery DEVTYPE field
- ZBX-26500 Fixed system.users.num metric incorrect returned value
- ZBX-26383 Fixed inability to return "not supported" via user parameters
Full changelogs:
- https://www.zabbix.com/rn/rn7.0.22
- https://www.zabbix.com/rn/rn7.0.23
- https://www.zabbix.com/rn/rn7.0.24
Signed-off-by: Robin Roevens <robin.roevens@disroot.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Tue, 24 Mar 2026 15:19:06 +0000 (15:19 +0000)]
glibc: Apply fix for GLIBC-SA-2026-0005
gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf
that specifies the library's DNS backend in the GNU C Library version
2.34 to version 2.43 could, with a crafted response from the configured
DNS server, result in a violation of the DNS specification that causes
the application to treat a non-answer section of the DNS response as a
valid answer.
A defect in the getanswer_ptr function, which implements the iteration
and extraction of the answer from the DNS response, can cause it to
incorrectly transition from the answer section to the next section while
still treating it as an answer to the question. This can happen when
the answer contains only skipped records, and the subsequent section
contains a semantically invalid T_PTR record. This is considered a
security issue because it is a violation of the DNS specification that
leads to incorrect behaviour that could result in the wrong hostname
being returned to the caller. At the time of publication, no known
affected DNS server returns results that would be incorrectly
interpreted by the library. An attacker would either need to be network
adjacent or have compromised the DNS server to use this defect to hide
returned reverse DNS results from intrusion detection systems. Even
then, the inbound connection from the attacker, or the outbound
connection from the application, would be visible to the intrusion
detection system. At best, the defect can be used to obfuscate and
delay analysis of the evolving threat.
Matthias Fischer [Wed, 18 Mar 2026 13:39:43 +0000 (14:39 +0100)]
suricata: Update to 8.0.4
The contents of ‘suricata-8.0.3-purge-hyperscan-cache.patch’ have been integrated in 8.0.4,
and the sources for 'humantime' are now included under '/rust/vendor/humantime'.
The lfs and the rootfile have been updated.
Build is running without seen problems.
Excerpt from changelog:
"8.0.4 -- 2026-03-12
Security #8306: krb5: internal request/response buffering leads to quadratic complexity (8.0.x backport)(HIGH - CVE 2026-31932)
Security #8297: detect/ssl: null deref with tls.alpn keyword (8.0.x backport)(HIGH - CVE 2026-31931)
Security #8295: http2: unbounded number of http2 frames per transaction (8.0.x backport)(CRITICAL - CVE 2026-31935)
Security #8293: smtp/mime: quadratic complexity while looking for url strings (8.0.x backport)(HIGH - CVE 2026-31934)
Security #8287: krb5: TCP parser never advances past the first record in a multi-record segment (8.0.x backport)
Bug #8371: dpdk: "auto" in mempool size undercalculates the mempool size for Rx/Tx descriptors (8.0.x backport)
Bug #8369: ldap: add ldap.rules file (8.0.x backport)
Bug #8367: ndpi: crashing in StorageGetById() (8.0.x backport)
Bug #8362: http2: detection should use a better architecture than the Vec escaped (8.0.x backport)
Bug #8357: ldap: abandon request incorrectly handled (8.0.x backport)
Bug #8326: hs: harden cache manipulation (8.0.x backport)
Bug #8317: ldap: no invalid_data event in case of invalid request (8.0.x backport)
Bug #8312: firewall: af-packet IPS mode overwrites firewall mode (8.0.x backport)
Bug #8309: plugins/ndpi: SIGSEGV in DetectnDPIProtocolPacketMatch (8.0.x backport)
Bug #8280: build: when documentation tools are install, make dist attempt to install files to prefix (8.0.x backport)
Bug #8268: Double log rotation with rotation flag/interval (8.0.x backport)
Bug #8260: lib: examples fail with debug validation as they create threads after threads are sealed (8.0.x backport)
Bug #8252: dpdk: (x)stats are only accessible before port stop (8.0.x backport)
Bug #8249: lua: calling metatable garbage collector with nil from a script leadsd to a null pointer dereference (8.0.x backport)
Bug #8244: hyperscan: coverity warning on stat path check (8.0.x backport)
Bug #8230: detect/app-layer-event: alert generated for the wrong packet (8.0.x backport)
Bug #8219: base64: base64_data with relative match after base64_decode:relative fails (8.0.x backport)
Bug #8207: firewall: loading rules only through yaml fails (8.0.x backport)
Bug #8167: utils-spm-hs: missing deallocators on hs_compile failure (8.0.x backport)
Bug #8164: decode/ipv6: set invalid event for wrong ip version (8.0.x backport)
Bug #7982: detect/tls: zero characters in keywords such as alt name are mishandled (8.0.x backport)
Optimization #8343: conf: stream.depth is unlimited when absent from the suricata.yaml
Optimization #8299: stream/tcp: flag 1st seen pkt w stream established (8.0.x backport)
Feature #8323: hs: add pruning stats details of removal reason (8.0.x backport)
Feature #8316: firewall: support iprep in firewall mode (8.0.x backport)
Feature #8235: rules/transform: add gunzip transform (8.0.x backport)
Feature #8233: nfs: log detailed response for versions other than v3 (8.0.x backport)
Feature #7893: hyperscan: support cache invalidation and removal (8.0.x backport)
Task #8270: rust: suppress nugatory RUSTSEC-2026-0009 for time crate (8.0.x backport)
Task #8194: psl: crate should be updated on every release (8.0.x backport)
Task #8159: build-scopes: add QA or SIMULATION mode (8.0.x backport)
Task #8097: libsuricata: add live example usage of the Suricata library (8.0.x backport)
Documentation #8331: doc: explain dcerpc.opnum doesn't support operators >,<,!,= (8.0.x backport)
Documentation #8263: doc/userguide: fix within-distance pointer graphics in payload-keywords doc (8.0.x backport)
Documentation #8240: isdataat: document different semantics between absolute and relative modes (8.0.x backport)
Documentation #8217: rules/endswith: doc wrong for offset/distance/within warning (8.0.x backport)
Documentation #8114: doc: remove mention of suricata-7 in latest docs (8.0.x backport)
Documentation #7932: devguide: add a chapter about Suricata's exception policies (8.0.x backport)"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka [Wed, 18 Mar 2026 14:14:01 +0000 (15:14 +0100)]
expat: Update to version 2.7.5
- Update from version 2.7.4 to 2.7.5
- Update of rootfile
- 3 CVE fixes applied.
- Changelog
2.7.5
Security fixes:
#1158 CVE-2026-32776 -- Fix NULL function pointer dereference for
empty external parameter entities; it takes use of both
functions XML_ExternalEntityParserCreate and
XML_SetParamEntityParsing for an application to be
vulnerable.
#1161 #1162 CVE-2026-32777 -- Protect from XML_TOK_INSTANCE_START
infinite loop in function entityValueProcessor; it takes
use of both functions XML_ExternalEntityParserCreate and
XML_SetParamEntityParsing for an application to be
vulnerable.
#1163 CVE-2026-32778 -- Fix NULL dereference in function setContext
on retry after an earlier ouf-of-memory condition; it takes
use of function XML_ParserCreateNS or XML_ParserCreate_MM
for an application to be vulnerable.
#1160 Three more unfixed vulnerabilities left
Other changes:
#1146 #1147 Autotools: Fix condition for symbol versioning check, in
particular when compiling with slibtool (not libtool)
#1156 Address Cppcheck >=2.20.0 warnings
#1153 tests: Make test_buffer_can_grow_to_max work for MinGW on
Ubuntu 24.04
#1157 #1159 Version info bumped from 12:2:11 (libexpat*.so.1.11.2)
to 12:3:11 (libexpat*.so.1.11.3); see https://verbump.de/
for what these numbers do
Infrastructure:
#1148 CI: Fix FreeBSD and Solaris CI
#1149 CI: Bump to WASI SDK 30
#1153 CI: Adapt to breaking changes with Ubuntu 22.04
#1156 CI: Adapt to breaking changes in Cppcheck
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Matthias Fischer [Wed, 18 Mar 2026 13:39:43 +0000 (14:39 +0100)]
suricata: Update to 8.0.4
The contents of ‘suricata-8.0.3-purge-hyperscan-cache.patch’ have been integrated in 8.0.4,
and the sources for 'humantime' are now included under '/rust/vendor/humantime'.
The lfs and the rootfile have been updated.
Build is running without seen problems.
Excerpt from changelog:
"8.0.4 -- 2026-03-12
Security #8306: krb5: internal request/response buffering leads to quadratic complexity (8.0.x backport)(HIGH - CVE 2026-31932)
Security #8297: detect/ssl: null deref with tls.alpn keyword (8.0.x backport)(HIGH - CVE 2026-31931)
Security #8295: http2: unbounded number of http2 frames per transaction (8.0.x backport)(CRITICAL - CVE 2026-31935)
Security #8293: smtp/mime: quadratic complexity while looking for url strings (8.0.x backport)(HIGH - CVE 2026-31934)
Security #8287: krb5: TCP parser never advances past the first record in a multi-record segment (8.0.x backport)
Bug #8371: dpdk: "auto" in mempool size undercalculates the mempool size for Rx/Tx descriptors (8.0.x backport)
Bug #8369: ldap: add ldap.rules file (8.0.x backport)
Bug #8367: ndpi: crashing in StorageGetById() (8.0.x backport)
Bug #8362: http2: detection should use a better architecture than the Vec escaped (8.0.x backport)
Bug #8357: ldap: abandon request incorrectly handled (8.0.x backport)
Bug #8326: hs: harden cache manipulation (8.0.x backport)
Bug #8317: ldap: no invalid_data event in case of invalid request (8.0.x backport)
Bug #8312: firewall: af-packet IPS mode overwrites firewall mode (8.0.x backport)
Bug #8309: plugins/ndpi: SIGSEGV in DetectnDPIProtocolPacketMatch (8.0.x backport)
Bug #8280: build: when documentation tools are install, make dist attempt to install files to prefix (8.0.x backport)
Bug #8268: Double log rotation with rotation flag/interval (8.0.x backport)
Bug #8260: lib: examples fail with debug validation as they create threads after threads are sealed (8.0.x backport)
Bug #8252: dpdk: (x)stats are only accessible before port stop (8.0.x backport)
Bug #8249: lua: calling metatable garbage collector with nil from a script leadsd to a null pointer dereference (8.0.x backport)
Bug #8244: hyperscan: coverity warning on stat path check (8.0.x backport)
Bug #8230: detect/app-layer-event: alert generated for the wrong packet (8.0.x backport)
Bug #8219: base64: base64_data with relative match after base64_decode:relative fails (8.0.x backport)
Bug #8207: firewall: loading rules only through yaml fails (8.0.x backport)
Bug #8167: utils-spm-hs: missing deallocators on hs_compile failure (8.0.x backport)
Bug #8164: decode/ipv6: set invalid event for wrong ip version (8.0.x backport)
Bug #7982: detect/tls: zero characters in keywords such as alt name are mishandled (8.0.x backport)
Optimization #8343: conf: stream.depth is unlimited when absent from the suricata.yaml
Optimization #8299: stream/tcp: flag 1st seen pkt w stream established (8.0.x backport)
Feature #8323: hs: add pruning stats details of removal reason (8.0.x backport)
Feature #8316: firewall: support iprep in firewall mode (8.0.x backport)
Feature #8235: rules/transform: add gunzip transform (8.0.x backport)
Feature #8233: nfs: log detailed response for versions other than v3 (8.0.x backport)
Feature #7893: hyperscan: support cache invalidation and removal (8.0.x backport)
Task #8270: rust: suppress nugatory RUSTSEC-2026-0009 for time crate (8.0.x backport)
Task #8194: psl: crate should be updated on every release (8.0.x backport)
Task #8159: build-scopes: add QA or SIMULATION mode (8.0.x backport)
Task #8097: libsuricata: add live example usage of the Suricata library (8.0.x backport)
Documentation #8331: doc: explain dcerpc.opnum doesn't support operators >,<,!,= (8.0.x backport)
Documentation #8263: doc/userguide: fix within-distance pointer graphics in payload-keywords doc (8.0.x backport)
Documentation #8240: isdataat: document different semantics between absolute and relative modes (8.0.x backport)
Documentation #8217: rules/endswith: doc wrong for offset/distance/within warning (8.0.x backport)
Documentation #8114: doc: remove mention of suricata-7 in latest docs (8.0.x backport)
Documentation #7932: devguide: add a chapter about Suricata's exception policies (8.0.x backport)"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / ipfire-2.x.git / log
