- IPFire-3.x
- Update from version 0.16-20220414 to 0.17020230812
- Changelog
0.17 (up to commit 077661f, 2023-08-08)
New features
* json_patch: add first implementation only with patch application
* Add --disable-static and --disable-dynamic options to the cmake-configure
script.
* Add -DBUILD_APPS=NO option to disable app build
* Minimum cmake version is now 3.9
Significant changes and bug fixes
* When serializing with JSON_C_TO_STRING_PRETTY set, keep the opening and
closing curly or square braces on same line for empty objects or arrays.
* Disable locale handling when targeting a uClibc system due to problems
with its duplocale() function.
* When parsing with JSON_TOKENER_STRICT set, integer overflow/underflow
now result in a json_tokener_error_parse_number. Without that flag
values are capped at INT64_MIN/UINT64_MAX.
* Fix memory leak with emtpy strings in json_object_set_string
* json_object_from_fd_ex: fail if file is too large (>=INT_MAX bytes)
* Add back json_number_chars, but only because it's part of the public API.
* Entirely drop mode bits from open(O_RDONLY) to avoid warnings on certain
platforms.
* Specify dependent libraries, including -lbsd, in a more consistent way so
linking against a static json-c works better
* Fix a variety of build problems and add & improve tests
* Update RFC reference to https://www.rfc-editor.org/rfc/rfc8259
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 1.6.1 to 1.6.3
- The old url and download url have not been updated for 4 years. Current updates are now
done in the new git repository
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/
The two latest updates, 1.6.2 and 1.6.3 were both released in 2020
- Changelog is not available. All changes can be found by reviewing the commits in the new
git repository.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 608 to 643
- Changelog
643
Fix problem when a program piping into less reads from the tty, like sudo asking for password (github #368).
Fix search modifier ^E after ^W.
Fix bug using negated (^N) search (github #374).
Fix bug setting colors with -D on Windows build (github #386).
Fix reading special chars like PageDown on Windows (github #378).
Fix mouse wheel scrolling on Windows (github #379).
Fix erroneous EOF when terminal window size changes (github #372).
Fix compile error with some definitions of ECHONL (github #395).
Fix crash on Windows when writing logfile (github #405).
Fix regression in exit code when stdin is /dev/null and output is a file (github #373).
Add lesstest test suite to production release (github #344).
Change lesstest output to conform with automake Simple Test Format (github #399).
633
Add LESSUTFCHARDEF environment variable (github #275).
Add # command (github #330).
Add ^S search modifier (github #196).
Add --wordwrap option (github #113).
Add --no-vbell option (github #304).
Add --no-search-headers option (github #44).
Add --modelines option (github #89).
Add --intr option (github #224).
Add --proc-backspace, --proc-tab and --proc-return options (github #335).
Add --show-preproc-errors option (github #258).
Add LESS_LINES and LESS_COLUMNS environment variables (github #84).
Add LESS_DATA_DELAY environment variable (github #337).
Allow empty "lines" field in --header option.
Update Unicode tables.
Improve ability of ^X to interrupt F command (github #49).
Status column (-J) shows off-screen matches.
Parenthesized sub-patterns in searches are colored with unique colors, if supported by the regular expression library (github #196).
Don't allow opening a tty as file input unless -f is set (github #309).
Don't require newline input after +&... option (github #339).
Fix incorrect handling of some Private Use Unicode characters.
Fix ANSI color bug when overstriking with colored chars (github #276).
Fix compiler const warning (github #279).
Fix signal race in iread (github #280).
Fix reading procfs files on Linux (github #282).
Fix --ignore-case with ctrl-R (no regex) search (github #300).
Fix bug doing repeat search after setting & filter (github #299).
Fix bug doing repeat search before non-repeat search.
Fix crash with -R and certain line lengths (github #338).
Fix input of Windows dead keys (github #352).
Don't retain search options from a cancelled search (github #302).
Don't call realpath on fake filenames like "-" (github #289).
Implement lesstest test suite.
Convert function parameter definitions from K&R to C89 (github #316).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 4.4 to 4.4.1
- Changelog
4.4.1
This release is primarily a bug-fix release.
A complete list of bugs fixed in this version is available here:
https://sv.gnu.org/bugs/index.php?group=make&report_id=111&fix_release_id=110&set=custom
* WARNING: Backward-incompatibility!
In previous releases it was not well-defined when updates to MAKEFLAGS made
inside a makefile would be visible. This release ensures they are visible
immediately, even when invoking $(shell ...) functions. Also, command line
variable assignments are now always present in MAKEFLAGS, even when parsing
makefiles.
Implementation provided by Dmitry Goncharov <dgoncharov@users.sf.net>
* New feature: Parallel builds of archives
Previously it was not possible to use parallel builds with archives. It is
still not possible using the built-in rules, however you can now override
the built-in rules with a slightly different set of rules and use parallel
builds with archive creation. See the "Dangers When Using Archives" section
of the GNU Make manual, and https://savannah.gnu.org/bugs/index.php?14927
* Previously target-specific variables would inherit their "export" capability
from parent target-specific variables even if they were marked private. Now
private parent target-specific variables have no affect. For more details
see https://savannah.gnu.org/bugs/index.php?61463
* Disable FIFO jobserver on GNU/Hurd and Cygwin
Experimentation shows that the new FIFO-based jobserver doesn't work well on
GNU/Hurd or Cygwin: revert these systems to use the pipe-based jobserver.
* Updates to allow building on OS/2
Provided by KO Myung-Hun <komh78@gmail.com>
* New platform: GNU Make is supported on z/OS
Thanks to Igor Todorovski <itodorov@ca.ibm.com> for the patches and testing
assistance.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 6.03 to 6.05.01
- Changelog
6.05.01
- Build system:
- Ignore dot-dirs within $MANDIR
6.05
New and rewritten pages
man2/
ioctl_pipe.2
man3/
regex.3
man5/
erofs.5
Newly documented interfaces in existing pages
bpf.2
EAGAIN
ioctl_userfaultfd.2
UFFD_FEATURE_EXACT_ADDRESS
prctl.2
PR_GET_AUXV
recv.2
MSG_CMSG_CLOEXEC
statx.2
STAT_ATTR_MOUNT_ROOT
syscall.2
ENOSYS
resolv.conf.5
no-aaaa
RES_NOAAAA
tmpfs.5
CONFIG_TRANSPARENT_HUGEPAGE
ip.7
IP_LOCAL_PORT_RANGE
rtnetlink.7
IFLA_PERM_ADDRESS
New and changed links
man3type/
regex_t.3type (regex(3))
regmatch_t.3type (regex(3))
regoff_t.3type (regex(3))
Global changes
- Types:
- Document functions using off64_t as if they used off_t (except
for lseek64()).
- Build system:
- Keep file modes in the release tarball.
- Fix symlink installation (`make install LINK_PAGES=symlink`).
- Add support for using bzip2(1), lzip(1), and xz(1) when installing
pages and creating release tarballs.
- Create reproducible release tarballs.
- Move makefiles from lib/ to share/mk/.
- Support mdoc(7) pages.
- Relicense Makefiles as GPL-3.0-or-later.
- Build PostScript and PDF manual pages.
- Add support for running our build system on arbitrary source
trees; this makes it possible to easily run our linters on another
project's manual pages as easily as `make lint MANDIR=~/src/groff`
- Licenses:
- Relicense ddp.7 from VERBATIM_ONE_PARA to Linux-man-pages-copyleft.
- Relicense dir_colors.5 from LDPv1 to GPL-2.0-or-later.
- Use new SPDX license identifiers:
- Linux-man-pages-1-para (was VERBATIM_ONE_PARA)
- Linux-man-pages-copyleft-2-para (was VERBATIM_TWO_PARA)
- Linux-man-pages-copyleft-var (was VERBATIM_PROF)
- ffix:
- use `\%`
- un-bracket tbl(1) tables
Changes to individual pages
The manual pages (and other files in the repository) have been improved
beyond what this changelog covers. To learn more about changes applied
to individual pages, use git(1).
6.04
Newly documented interfaces in existing pages
proc.5
KPF_PGTABLE (Linux 4.18)
landlock.7
LANDLOCK_ACCESS_FS_REFER (Linux 5.19)
LANDLOCK_ACCESS_FS_TRUNCATE (Linux 6.02)
udp.7
UDP_GRO (Linux 5.0)
UDP_SEGMENT (Linux 4.18)
Global changes
- Sections:
- Add HISTORY.
- HISTORY: Restore C89 references.
- Repurpose VERSIONS.
- Simplify STANDARDS.
- SYNOPSIS: Mark several functions as deprecated.
- Build system:
- Support installing in different mandirs
(e.g., man3typedir='/usr/share/man/man3').
- Support installing compressed pages (Z='.gz').
- Support installing link pages as symlinks (LINK_PAGES='symlink').
- Add make(1) 'check' target. This has been split from 'lint'.
'lint' will check the source code, and 'check' will check the
rendered pages (as a user will read them). There are currently
several pages that fail this `make check`, and distributors that
depend on this can workaround it by touching a few files:
$ make check -k -j >/dev/null 2>/dev/null;
$ make check -k 2>/dev/null;
GREP .tmp/man/man1/memusage.1.check-catman.touch
TROFF .tmp/man/man2/fanotify_init.2.cat.set
TROFF .tmp/man/man2/gettimeofday.2.cat.set
TROFF .tmp/man/man2/s390_sthyi.2.cat.set
GREP .tmp/man/man3/mallopt.3.check-catman.touch
TROFF .tmp/man/man3/unlocked_stdio.3.cat.set
TROFF .tmp/man/man4/console_codes.4.cat.set
TROFF .tmp/man/man4/lirc.4.cat.set
GREP .tmp/man/man4/smartpqi.4.check-catman.touch
GREP .tmp/man/man4/veth.4.check-catman.touch
TROFF .tmp/man/man5/proc.5.cat.set
GREP .tmp/man/man5/slabinfo.5.check-catman.touch
TROFF .tmp/man/man5/tzfile.5.cat.set
TROFF .tmp/man/man7/address_families.7.cat.set
TROFF .tmp/man/man7/ascii.7.cat.set
TROFF .tmp/man/man7/bpf-helpers.7.cat.set
GREP .tmp/man/man7/keyrings.7.check-catman.touch
GREP .tmp/man/man7/uri.7.check-catman.touch
TROFF .tmp/man/man8/tzselect.8.cat.set
TROFF .tmp/man/man8/zdump.8.cat.set
TROFF .tmp/man/man8/zic.8.cat.set
After touching the previous files, `make check` will succeed:
$ make check -k 2>/dev/null | awk '{print $2}' | xargs touch;
$ make check -j >/dev/null;
$ echo $?
0
Changes to individual pages
The manual pages (and other files in the repository) have been improved
beyond what this changelog covers. To learn more about changes applied
to individual pages, use git(1).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 0.64.1 to 1.3.0
- Changelog is too large to include here. Details can be reviewed at
https://mesonbuild.com/Release-notes.html
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 0.9.4 to 0.9.7
- Changelog is the commits from the naster branch since version 0.4.5
https://github.com/opensvc/multipath-tools/commits/master
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 10.73.42 to 10.73.43
- Changelog
10.73.43
jpegtopnm: Many fixes to -dumpexif. Always broken.
(-dumpexif was new in Netpbm 9.18 (September 2001))
pamtopng: fix -chroma option: always rejected. Always broken.
pamtopng was new in Netpbm 10.70 (June 2015).
pnmtopng: fix -rgb option: always rejected. Always broken
-rgb was new in Netpbm 10.30 (October 2005).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 0.52.21 to 0.52.24
- Changelog
0.52.24
- add support for python3.13
- fix compiler warnings
0.52.23
- fix automatic height of menu/list in whiptail (broken in 0.52.22)
- fix automatic width of whiptail --yesno box
- fix automatic width in whiptail with unicode characters
- fix automatic width with whiptail --noitem and --notags options
- fix spacing with longer tags in whiptail
- avoid overlapping backtitle in whiptail with automatic height
0.52.22
- fix crash in whiptail with new libpopt
- switch from usleep to nanosleep (Rosen Penev)
- fix libnewt.pc to enable static linking (Alexey Sheplyakov)
- fix LDFLAGS order in snack linking (Sam James)
- use CFLAGS when compiling snack
- improve configure.ac (Thomas Kuehne)
- install header and libnewt.pc with shared library (Michael Olbrich)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 3.1.2 to 3.1.4
- Changelog
3.1.4
* Fix incorrect key and IV resizing issues when calling EVP_EncryptInit_ex2(),
EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() with OSSL_PARAM parameters
that alter the key or IV length ([CVE-2023-5363]).
3.1.3
* Fix POLY1305 MAC implementation corrupting XMM registers on Windows.
The POLY1305 MAC (message authentication code) implementation in OpenSSL
does not save the contents of non-volatile XMM registers on Windows 64
platform when calculating the MAC of data larger than 64 bytes. Before
returning to the caller all the XMM registers are set to zero rather than
restoring their previous content. The vulnerable code is used only on newer
x86_64 processors supporting the AVX512-IFMA instructions.
The consequences of this kind of internal application state corruption can
be various - from no consequences, if the calling application does not
depend on the contents of non-volatile XMM registers at all, to the worst
consequences, where the attacker could get complete control of the
application process. However given the contents of the registers are just
zeroized so the attacker cannot put arbitrary values inside, the most likely
consequence, if any, would be an incorrect result of some application
dependent calculations or a crash leading to a denial of service.
([CVE-2023-4807])
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 0.25.0 to 0.25.3
- Changelog
0.25.3
rpc: fix serialization of NULL mechanism pointer [#601]
fix meson build failure in macOS (appleframeworks not found) [#603]
0.25.2
fix error code checking of readpassphrase for --login option [#595]
build fixes [#594]
test fixes [#596]
0.25.1
fix probing of C_GetInterface [#535]
p11-kit: add command to list tokens [#581]
p11-kit: add command to list mechanisms supported by a token [#576]
p11-kit: add command to generate private-public keypair on a token [#551, #582]
p11-kit: add commands to import/export certificates and public keys into/from a token [#543, #549, #568, #588]
p11-kit: add commands to list and delete objects of a token [#533, #544, #571]
p11-kit: add --login option to login into a token with object and profile management commands [#587]
p11-kit: adjust behavior of PKCS#11 profile management commands [#558, #560, #583, #591]
p11-kit: print PKCS#11 URIs in list-modules [#532]
bug and build fixes [#528#529, #534, #537, #540, #541, #545, #547, #550, #557, #572, #575, #579, #585, #586, #590]
test fixes [#553, #580]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 1.50.12 to 1.51.0
- Changelog
1.51.0
- itemize: Improve script itemization
- build: Check for cairo DWrite dependency
- win32: Fix various issues and crashes
- layout: Add a missing switch case
1.50.14
- Fix underline thickness in scaled contexts
1.50.13
- win32: Add back fallback for empty fontsets
- win32: Improve DirectWrite support
- Fix word segmentation for Japanese
- Don't set backspace-deletes-char for math symbols
- coretext: Fix a crash
- cairo: Apply metrics hinting to underlines too
- Treat COLRv1 fonts as color fonts
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 0.17.2 to 0.18.0
- Changelog
0.18.0
Add options to print, clear and set executable stack state by @cgzones
in #456
Modernizations and strictness improvements by @cgzones in #464
Add feature to rename dynamic symbols by @brenoguim in #459
Adjust roundUp for 0 as input by @cgzones in #466
Avoid overlapping program header table with section header table #457 by
@brenoguim in #460
Other switches might set changed as true. Use extraStrings size. #416 by
@brenoguim in #473
Use the largest segment alignment for libraries requiring non-standard
alignments #474 by @brenoguim in #475
Add one extra page to avoid overlapping with next page if its rounded…
by @brenoguim in #469
Add zsh completion by @Freed-Wu in #490
Do not let modifyRPath taint shared strings in strtab. Fix#315 by
@brenoguim in #481
Resize segment mapping rewritten sections if needed #482 by @brenoguim
in #485
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 122 to 123
- Changelog
123
Highlights:
- better safety with deeper resctiction of the configuration files
- better safety with restricting the daemon's owner under systemd
- better safety with the systemd unit sandboxing
- less thread races during upload of the configuration
Changes
* prevent wrongful termination of runaway thread
* Stop installing /usr/share/polkit-1/rules.d as 700/polkitd
* set User/Group and don't change uid/gid if already set
* general and/or buildsystem fixes
* systemd service hardening
* Packit service integration
* pkcheck: manpage and help sync
* general fixes
* Packit service integration
* change of ownership of custom configs
* general fixes
* localization
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Upfate from version 4.19.0 to 4.19.3
- Changelog
4.19.3
This is the latest stable release of the Samba 4.19 release series.
It contains the security-relevant bugfix CVE-2018-14628:
Wrong ntSecurityDescriptor values for "CN=Deleted Objects"
allow read of object tombstones over LDAP
(Administrator action required!)
https://www.samba.org/samba/security/CVE-2018-14628.html
Description of CVE-2018-14628
All versions of Samba from 4.0.0 onwards are vulnerable to an
information leak (compared with the established behaviour of
Microsoft's Active Directory) when Samba is an Active Directory Domain
Controller.
When a domain was provisioned with an unpatched Samba version,
the ntSecurityDescriptor is simply inherited from Domain/Partition-HEAD-Object
instead of being very strict (as on a Windows provisioned domain).
This means also non privileged users can use the
LDAP_SERVER_SHOW_DELETED_OID control in order to view,
the names and preserved attributes of deleted objects.
No information that was hidden before the deletion is visible, but in
with the correct ntSecurityDescriptor value in place the whole object
is also not visible without administrative rights.
There is no further vulnerability associated with this error, merely an
information disclosure.
Action required in order to resolve CVE-2018-14628!
The patched Samba does NOT protect existing domains!
The administrator needs to run the following command
(on only one domain controller)
in order to apply the protection to an existing domain:
samba-tool dbcheck --cross-ncs --attrs=nTSecurityDescriptor --fix
The above requires manual interaction in order to review the
changes before they are applied. Typicall question look like this:
Reset nTSecurityDescriptor on CN=Deleted Objects,DC=samba,DC=org back to provision default?
Owner mismatch: SY (in ref) DA(in current)
Group mismatch: SY (in ref) DA(in current)
Part dacl is different between reference and current here is the detail:
(A;;LCRPLORC;;;AU) ACE is not present in the reference
(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY) ACE is not present in the reference
(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;DA) ACE is not present in the reference
(A;;CCDCLCSWRPWPSDRCWDWO;;;SY) ACE is not present in the current
(A;;LCRP;;;BA) ACE is not present in the current
[y/N/all/none] y
Fixed attribute 'nTSecurityDescriptor' of 'CN=Deleted Objects,DC=samba,DC=org'
The change should be confirmed with 'y' for all objects starting with
'CN=Deleted Objects'.
4.19.2
o Jeremy Allison <jra@samba.org>
* BUG 15423: Use-after-free in aio_del_req_from_fsp during smbd shutdown
after failed IPC FSCTL_PIPE_TRANSCEIVE.
* BUG 15426: clidfs.c do_connect() missing a "return" after a cli_shutdown()
call.
o Ralph Boehme <slow@samba.org>
* BUG 15463: macOS mdfind returns only 50 results.
o Volker Lendecke <vl@samba.org>
* BUG 15481: GETREALFILENAME_CACHE can modify incoming new filename with
previous cache entry value.
o Stefan Metzmacher <metze@samba.org>
* BUG 15464: libnss_winbind causes memory corruption since samba-4.18,
impacts sendmail, zabbix, potentially more.
o Martin Schwenke <mschwenke@ddn.com>
* BUG 15479: ctdbd: setproctitle not initialized messages flooding logs.
o Joseph Sutton <josephsutton@catalyst.net.nz>
* BUG 15491: CVE-2023-5568 Heap buffer overflow with freshness tokens in the
Heimdal KDC in Samba 4.19
* BUG 15477: The heimdal KDC doesn't detect s4u2self correctly when fast is
in use.
4.19.1
This is a security release in order to address the following defects:
o CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to
existing unix domain sockets on the file system.
https://www.samba.org/samba/security/CVE-2023-3961.html
o CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with
OVERWRITE disposition when using the acl_xattr Samba VFS
module with the smb.conf setting
"acl_xattr:ignore system acls = yes"
https://www.samba.org/samba/security/CVE-2023-4091.html
o CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all
attributes, including secrets and passwords. Additionally,
the access check fails open on error conditions.
https://www.samba.org/samba/security/CVE-2023-4154.html
o CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the
server block for a user-defined amount of time, denying
service.
https://www.samba.org/samba/security/CVE-2023-42669.html
o CVE-2023-42670: Samba can be made to start multiple incompatible RPC
listeners, disrupting service on the AD DC.
https://www.samba.org/samba/security/CVE-2023-42670.html
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 6.5 to 6.6
- Changelog
6.6
Improvements
Implemented --kill-on-exit option that instructs the tracer to set
PTRACE_O_EXITKILL option to all tracee processes and not to detach them
on cleanup so they will not be left running after the tracer exit.
Implemented automatic activation of --kill-on-exit option when
--seccomp-bpf is enabled and -p/--attach option is not used.
Implemented decoding of map_shadow_stack syscall.
Implemented decoding of FSCONFIG_CMD_CREATE_EXCL fsconfig command.
Implemented decoding of IFLA_BRPORT_BACKUP_NHID netlink attribute.
Implemented decoding of SECCOMP_IOCTL_NOTIF_SET_FLAGS ioctl.
Implemented decoding of UFFDIO_CONTINUE, UFFDIO_POISON, and
UFFDIO_WRITEPROTECT ioctls.
Updated lists of ARCH_*, BPF_*, DEVCONF_*, IORING_*, KEXEC_*, MAP_*, NT_*,
PTRACE_*, QFMT_*, SEGV_*, UFFD_*, V4L2_*, and XDP_* constants.
Updated lists of ioctl commands from Linux 6.6.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 7.0.3 to 7.1
- Changelog
7.1 (18 October 2023)
* Language
. new generic definition commands, @defblock, @defline and @deftypeline,
for definitions without automatic index entries
. new @linemacro facility eases use of generic definition commands
. new command @link creates plain links (supported output formats only)
. @cartouche takes an argument to specify the cartouche title
. you can use the new commands @nodedescription and @nodedescriptionblock
to give text to be used in menu descriptions in Info and HTML output
* texi2any
. @itemx at the beginning of a @table is now an error, not a warning
. better validity checking of deeply nested commands
. check that @set and @clear only appear at the start of a line
. warn about missing menu entries even if CHECK_NORMAL_MENU_STRUCTURE is
not set. you can turn this off by setting CHECK_MISSING_MENU_ENTRY to 0.
. no longer use --enable-encoding and --disable-encoding to determine
whether to output encoded characters (instead of entities or commands)
for HTML, XML, DocBook and LaTeX; instead, use the value of the
OUTPUT_CHARACTERS customization variable.
. stricter checks on input encoding, in particular more warnings and
errors with malformed UTF-8
. support any input file encoding if support exists in the operating
system, not just a selected list of encodings
. resolve an alias referring to another alias at definition time
. internally, use "source marks" to keep all Texinfo source information that
is not in the final tree (location of macros, values and included files
expansion, @if* blocks, DEL comment, and @ protecting end of line on @def*
lines)
. HTML output:
. format @subentry and index entries with @seealso or @seeentry in a more
similar way to printed output
. output @shortcontents before @contents by default
. omit colons after index entries by default. this can still be
configured with INDEX_ENTRY_COLON.
. add @example syntax highlighting as a texi2any extension
. no more capitalization of @sc argument in HTML Cross-references
. change @point expansion to U+22C6 in HTML Cross-references
. if a @node is not associated with a sectioning command but is
followed by a heading command not usually associated to nodes
such as @heading and this command appears before other formatted
content, the heading command is assumed to supply the node heading.
you can customize this with USE_NEXT_HEADING_FOR_LONE_NODE.
. Info output:
. new variable ASCII_DASHES_AND_QUOTES, on by default,
outputs ASCII characters for literal quote or hyphen characters
in source, rather than UTF-8. this makes it easier to search
Info files.
. new ASCII_GLYPH variable for using ASCII renditions for glyph
commands (like @bullet)
. ASCII_PUNCTUATION still includes the effect of these new variables.
. new variables AUTO_MENU_DESCRIPTION_ALIGN_COLUMN and AUTO_MENU_MAX_WIDTH
control the format of descriptions in generated menus
. XML output:
. place menu leading text and menu separators in elements instead
of attributes
* texi2dvi
. macro expansion with texi2any requires at least version 5.0 (only
happens with --expand option or with very old texinfo.tex)
* texinfo.tex
. in @code, ` and ' output by default with backtick and undirected
single quote glyphs in the typewriter font. you can still configure
this using the @codequoteundirected/@codequotebacktick commands.
. do not insert a space for @ def line continuation, matching the behavior
of texi2any
. align section titles in table of contents when more than 10 sections
. microtype is off by default, for speed
. page headings generation is no longer linked to the @titlepage command
* info
. when going Up, position cursor on menu entry for current node
. allow mouse scrolling support regardless of termcap entries. this
supports some more xterm configurations.
. do not use "/index" as a possible file extension for Info files
* Distribution
. autoconf 2.71, automake 1.16.5, gettext 0.21
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 015 to 017
- Changelog
017
lsusb: fix up [unknown] vendor and product strings.
lsusb: fix build warning for dump_billboard_alt_mode_capability_desc()
lsusb: add fallback names for 'lsusb -v' output
names: simplify get_vendor_product_with_fallback() a bit
Honor system libdir and includedir
016
usbutils: lsusb-t: print entries for devices with no interfaces
Fix a typo in usb-spec.h
lsusb.py.in: Display (device) power/wakeup via -w option.
Fix an incorrect length value in hid descriptor.
Fix misalignments in hid device descripptor.
Use bigger buffer to place speed value string
lsusb -h returns an error
lsusb -h fixups
lsusb -t: sort in bus order, not reverse order
lsusb -t: print ports and busses and devices with same width
lsusb -t: assign_interface_to_parent() fixups
lsusb.8.in: fix up missing '-' in text
README.md: add source location
lsusb.py: fix up wakeup logic for devices that do not support it
lsusb.py.in: add another default path for usb.ids
names.c: if a string can not be found in the usb.ids file, return [unknown]
lsusb-t: if a driver is not bound to an interface, report "[none]"
Generate usbutils.pc pkgconfig file
usbreset: Allow idProduct and idVendor to be 0
usb-devices: make shellcheck happy
lsusb: Add function that sorts the output by device ID.
lsusb: Additional sorting by bus number.
lsusb: This is a more compact implementation of the device list sort
implemented within this pull request. The output remains the same as
the one demonstrated in the previous commit.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 9.0.1916 to 9.0.2134
- Changelog can be viewed by looking at the github commits
https://github.com/vim/vim/commits/v9.0.2134
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 4.3.4-1 to 4.9.3-1
- Changelog is too large to include here. For details see
https://lxml.de/4.9/changes-4.9.2.html
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 3.42.2-2 to 3.46.0-1
- Changelog
3.46.0
build: Drop Python 3.7 support !238
build: Require glib 2.64 and gobject-introspection 1.64 !243
Add support for Python 3.12 (minor test fixes) !247
Drop GTK 2 support (after being effectively unsupported for 12 years) !182
meson: Require meson 0.56.0 !220
meson: Set PYTHONPATH in devenv !235
meson: define pycairo_dep in case pycairo=disabled !242
meson: Use pycairo from target python before pkg-config !223
Complete the PEP-451 implementation in gi.importer !229
Replace usage of deprecated FFI closure API !241
Fix invalid marshalling in some cases for boxed values, for example with
Gtk.StyleContext.get_property() !213
Consistent setting of enum and flag property !192
Fix docstring for methods that return an array and have a length (out)
argument !249
overrides: Fix incompatibility for CssProvider.load_from_data()
(GTK 4.10) !231
overrides: Allow Gdk.{Color,RGBA} instances to be compared with other
objects !233
overrides: Add overrides for Gdk.FileList in Gdk-4.0 !245
docs: Fix underline too short warning !246
docs: Fix build failure due to extlinks with Sphinx 6 !244
docs: List additional projects using PyGObject !230
docs: Update Development Environment Docs !232
docs: Update docs and code examples to GTK 4 !215
3.44.1
Fix tests with glib 2.76 !240
3.44.0
No changes compared to 3.43.1
3.43.1
Note: PyGObject is in need of more maintainers, please read
https://www.bassi.io/articles/2022/12/02/on-pygobject/
Note: This is an unstable release.
Drop support for Python 3.6 !184
meson: bump minimum version to 0.53.0 and update subprojects !227
gimodule: fix floating state of python objects created with g_object_new
!129
Gtk.Template: Accept PathLike objects as a filename !195
info: Show which type/object callables are bound to !194
IntrospectionModule: handle two threads loading type at same time !149
Port to Py_TRASHCAN_BEGIN !226
Other cleanups/improvements: !181!173
This release also includes all changes from 3.42.1 and 3.42.2
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 0.19-1 to 0.20.1-1
- Changelog
0.20.1 (2023-05-17)
Bugfix release. See HISTORY for details.
0.20 (2023-05-04)
Docutils 0.20 is the last version supporting Python 3.7 and 3.8.
General
Support Python 3.11 (patch #198 by Hugo van Kemenade).
Output changes:
HTML5:
Use dpub-ARIA role "doc-footnote" (instead of ARIA role "note") for
footnotes.
LaTeX:
Do not load the inputenc package in UTF-8 encoded LaTeX sources.
(UTF-8 is the default encoding for LaTeX2e since 2018).
Configuration changes:
Settings in the [latex2e writer] configuration file section are now
ignored by the "xetex" writer. Place common settings in section
[latex writers].
New command line setting output. Obsoletes the <destination>
positional argument (cf. future changes).
utils.find_file_in_dirs() now returns a POSIX path also on Windows;
utils.get_stylesheet_list() no longer converts \ to /.
docutils/languages/ docutils/parsers/rst/languages/
Support Ukrainian. Patch by Dmytro Kazanzhy.
test/coverage.sh
Removed. Use the coverage.py project instead, coverage run
test/alltests.py and coverage report.
tools/
Moved quicktest.py to tools/dev/.
Bugfixes and improvements (see HISTORY).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 2.3.0-1 to 2.4.2-1
- Changelog
2.4.2
Async queries could wait forever instead of respecting the timeout if
the timeout was 0 and a packet was lost. The timeout is now respected.
Restore HTTP/2 support which was accidentally broken during the https
refactoring done as part of 2.4.0.
When an inception time and lifetime are specified, the signer now sets
the expiration to the inception time plus lifetime, instead of the
current time plus the lifetime.
2.4.1
Importing dns.dnssecalgs without the cryptography module installed no
longer causes an ImportError.
A number of timeout bugs with the asyncio backend have been fixed.
DNS-over-QUIC for the asyncio backend now works for IPv6.
Dnspython now enforces that the candidate DNSKEYs for DNSSEC signatures
have protocol 3 and have the ZONE flag set. This is a standards
compliance issue more than a security issue as the legitimate authority
would have to have published the non-compliant keys as well as updated
their DS record in order for the records to validate (the DS digest
includes both flags and protocol). Dnspython will not make invalid keys
by default, but does allow them to be created and used for testing
purposes.
Dependency specifications for optional features in the package metadata
have been improved.
2.4.0
Python 3.8 or newer is required.
The stub resolver now uses instances of dns.nameserver.Nameserver to
represent remote recursive resolvers, and can communicate using DNS
over UDP/TCP, HTTPS, TLS, and QUIC. In additional to being able to
specify an IPv4, IPv6, or HTTPS URL as a nameserver, instances of
dns.nameserver.Nameserver are now permitted.
The DNS-over-HTTPS bootstrap address no longer causes URL rewriting.
DNS-over-HTTPS now only uses httpx; support for requests has been
dropped. A source port may now be supplied when using httpx.
DNSSEC zone signing with NSEC records is now supported. Thank you very
much (again!) Jakob Schlyter!
The resolver and async resolver now have the try_ddr() method, which
will try to use Discovery of Designated Resolvers (DDR) to upgrade the
connection from the stub resolver to the recursive server so that it
uses DNS-over-HTTPS, DNS-over-TLS, or DNS-over-QUIC. This feature is
currently experimental as the standard is still in draft stage.
The resolver and async resolver now have the make_resolver_at() and
resolve_at() functions, as a convenience for making queries to specific
recursive servers.
Curio support has been removed.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 1.23.0-2 to 1.24.0-1
- Changelog
1.24.0
Dropped Python 3.7 support
Bumped meson version requirement from 0.53.0 to 0.56.0
Various cairo dependency updates for the Windows wheel build
examples: update to GTK4 #pr-307
examples: add a clip_image example #pr-316
docs: fix the build with Sphinx 6 #pr-318
Various code cleanups #pr-306
Added Python 3.12 Windows wheels
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 2022.6 to 2023.3
- As for python3-setuptools the source_dl had to be updated for the new version of pytz
- Changelog - no info on the changes could be found but it seems to follow what tzdata
updates.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 65.6.3-1 to 68.2.2-1
- arches = noarch had to be removed otherwise the build came up with the error message that
python3-setuptools could not be built for x86_64 and failed. Removing that line allowed
the build to complete successfully. All the other python3 packages that I checked did not
have that line in them.
- The source_dl line required a change for the new version as the url is not maintained with
the same structure for each version.
- Changelog is too large to include here. Details can be read at the following link
https://setuptools.pypa.io/en/stable/history.html
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 1.4.3-1 to 1.4.4-1
-Changelog
1.4.4
Use AC_SYS_LARGEFILE macro to control largefile support
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 1.4.3-1 to 1.4.4-1
- Changelog
1.4.4
New option --unverified to print unverified files
New option --missing to print missing files
New printf-format directive '%d' to print file directory
Print the algorithms being calculated on -vv
Renamed --maxdepth option to --max-depth
Support leading and trailing spaces in a file names
Support escaping of special characters in file paths
Change the simple file format to fit the sfv format
LibRHash: Remove obsolete rhash_timer functions (API breaking change)
Bugfix: Fix slash usage with wilcards on Windows
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 6.2.0-1 to 6.3.3-1
- Changelog
6.3.3
The Content-Length header and chunked Transfer-Encoding sizes are now parsed
more strictly (according to the relevant RFCs) to avoid potential
request-smuggling vulnerabilities when deployed behind certain proxies.
6.3.2
Fixed an open redirect vulnerability in StaticFileHandler under certain
configurations.
6.3.1
RequestHandler.set_cookie once again accepts capitalized keyword arguments
for backwards compatibility. This is deprecated and in Tornado 7.0 only
lowercase arguments will be accepted.
6.3.0
Highlights¶
The new Application setting xsrf_cookie_name can now be used to take
advantage of the __Host cookie prefix for improved security. To use it,
add {"xsrf_cookie_name": "__Host-xsrf", "xsrf_cookie_kwargs":
{"secure": True}} to your Application settings. Note that this feature
currently only works when HTTPS is used.
WSGIContainer now supports running the application in a
ThreadPoolExecutor so the event loop is no longer blocked.
AsyncTestCase and AsyncHTTPTestCase, which were deprecated in Tornado
6.2, are no longer deprecated.
WebSockets are now much faster at receiving large messages split into
many fragments.
General changes¶
Python 3.7 is no longer supported; the minimum supported Python version
is 3.8. Python 3.12 is now supported.
To avoid spurious deprecation warnings, users of Python 3.10 should
upgrade to at least version 3.10.9, and users of Python 3.11 should
upgrade to at least version 3.11.1.
Tornado submodules are now imported automatically on demand. This means
it is now possible to use a single import tornado statement and refer
to objects in submodules such as tornado.web.RequestHandler.
Deprecation notices¶
In Tornado 7.0, tornado.testing.ExpectLog will match WARNING and above
regardless of the current logging configuration, unless the level
argument is used.
RequestHandler.get_secure_cookie is now a deprecated alias for
RequestHandler.get_signed_cookie. RequestHandler.set_secure_cookie is
now a deprecated alias for RequestHandler.set_signed_cookie.
RequestHandler.clear_all_cookies is deprecated. No direct replacement is
provided; RequestHandler.clear_cookie should be used on individual
cookies.
Calling the IOLoop constructor without a make_current argument, which
was deprecated in Tornado 6.2, is no longer deprecated.
AsyncTestCase and AsyncHTTPTestCase, which were deprecated in Tornado
6.2, are no longer deprecated.
AsyncTestCase.get_new_ioloop is deprecated.
tornado.auth¶
New method GoogleOAuth2Mixin.get_google_oauth_settings can now be
overridden to get credentials from a source other than the Application
settings.
tornado.gen¶
contextvars now work properly when a @gen.coroutine calls a native
coroutine.
tornado.options¶
parse_config_file now recognizes single comma-separated strings (in
addition to lists of strings) for options with multiple=True.
tornado.web¶
New Application setting xsrf_cookie_name can be used to change the name
of the XSRF cookie. This is most useful to take advantage of the
__Host- cookie prefix.
RequestHandler.get_secure_cookie and RequestHandler.set_secure_cookie
(and related methods and attributes) have been renamed to
get_signed_cookie and set_signed_cookie. This makes it more explicit
what kind of security is provided, and avoids confusion with the
Secure cookie attribute and __Secure- cookie prefix. The old names
remain supported as deprecated aliases.
RequestHandler.clear_cookie now accepts all keyword arguments accepted
by set_cookie. In some cases clearing a cookie requires certain
arguments to be passed the same way in which it was set.
RequestHandler.clear_all_cookies now accepts additional keyword
arguments for the same reason as clear_cookie. However, since the
requirements for additional arguments mean that it cannot reliably
clear all cookies, this method is now deprecated.
tornado.websocket¶
It is now much faster (no longer quadratic) to receive large messages
that have been split into many fragments.
websocket_connect now accepts a resolver parameter.
tornado.wsgi¶
WSGIContainer now accepts an executor parameter which can be used to
run the WSGI application on a thread pool.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 1.3.1-1 to 1.3.2-1
- Changelog
1.3.2
Restore import-time initialization of macOS to avoid crash on thread+fork
(issue #113).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFirer-3.x
- Update from version 5.9.4-1 to 5.9.5-1
- Changelog
5.9.5
**Enhancements**
- 2196_: in case of exception, display a cleaner error traceback by hiding the
`KeyError` bit deriving from a missed cache hit.
- 2217_: print the full traceback when a `DeprecationWarning` or `UserWarning`
is raised.
- 2230_, [OpenBSD]: `psutil.net_connections`_ implementation was rewritten
from scratch:
- We're now able to retrieve the path of AF_UNIX sockets (before it was an
empty string)
- The function is faster since it no longer iterates over all processes.
- No longer produces duplicate connection entries.
- 2238_: there are cases where `Process.cwd()`_ cannot be determined
(e.g. directory no longer exists), in which case we returned either ``None``
or an empty string. This was consolidated and we now return ``""`` on all
platforms.
- 2239_, [UNIX]: if process is a zombie, and we can only determine part of the
its truncated `Process.name()`_ (15 chars), don't fail with `ZombieProcess`_
when we try to guess the full name from the `Process.cmdline()`_. Just
return the truncated name.
- 2240_, [NetBSD], [OpenBSD]: add CI testing on every commit for NetBSD and
OpenBSD platforms (python 3 only).
**Bug fixes**
- 1043_, [OpenBSD] `psutil.net_connections`_ returns duplicate entries.
- 1915_, [Linux]: on certain kernels, ``"MemAvailable"`` field from
``/proc/meminfo`` returns ``0`` (possibly a kernel bug), in which case we
calculate an approximation for ``available`` memory which matches "free"
CLI utility.
- 2164_, [Linux]: compilation fails on kernels < 2.6.27 (e.g. CentOS 5).
- 2186_, [FreeBSD]: compilation fails with Clang 15. (patch by Po-Chuan
Hsieh)
- 2191_, [Linux]: `disk_partitions()`_: do not unnecessarily read
/proc/filesystems and raise `AccessDenied`_ unless user specified
`all=False` argument.
- 2216_, [Windows]: fix tests when running in a virtual environment (patch by
Matthieu Darbois)
- 2225_, [POSIX]: `users()`_ loses precision for ``started`` attribute (off by
1 minute).
- 2229_, [OpenBSD]: unable to properly recognize zombie processes.
`NoSuchProcess`_ may be raised instead of `ZombieProcess`_.
- 2231_, [NetBSD]: *available* `virtual_memory()`_ is higher than *total*.
- 2234_, [NetBSD]: `virtual_memory()`_ metrics are wrong: *available* and
*used* are too high. We now match values shown by *htop* CLI utility.
- 2236_, [NetBSD]: `Process.num_threads()`_ and `Process.threads()`_ return
threads that are already terminated.
- 2237_, [OpenBSD], [NetBSD]: `Process.cwd()`_ may raise ``FileNotFoundError``
if cwd no longer exists. Return an empty string instead.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from vesrion 3.12.0-1 to 3.13.0-1
- Changelog
3.13.0
Help the _ped module garbage collection in the test suite (dcantrell)
Use 'return NULL' rather than 'return (PyObject *) NULL' in pydisk.c
(dcantrell)
Use Py_VISIT() in *_traverse() functions (dcantrell)
Free allocated memory for temporary string buffers (dcantrell)
Use Py_RETURN_NONE through the _ped module code (dcantrell)
Coding style updates for the C code. (dcantrell)
Some minor cleanups for the test case code (dcantrell)
Remove DeprecationWarning in py_ped_constraint_duplicate() (dcantrell)
Drop remaining Python 2.x handling from the Makefile (dcantrell)
drop six (pgajdos)
Reformat all Python source code using Python black (dcantrell)
Update the AUTHORS file (dcantrell)
Replace outdated Red Hat sample GPLv2+ boilerplates (dcantrell)
Add support for loongarch (mahailiang)
tests: Add PARTITION_LINUX_HOME to flag tests (bcl)
Add support for no_automount partition flag (bcl)
Add new disk types - disk uuid and partition uuid (bcl)
tests: Remove feature values from DiskTypeStrTestCase (bcl)
Add tests for high level partition type ID / UUID (berrange)
Add tests for low level partition type ID / UUID (berrange)
Add test base class helper for re-opening the device (berrange)
Add test base class for GPT partitions (berrange)
Fix start sector for test partition (berrange)
Add example for viewing and changing GPT partition type UUID (berrange)
Accept device path via argv for partition dump example (berrange)
Add type ID / UUID to partition dump example (berrange)
Map partition type ID / UUID accessors to Partition class (berrange)
Bind low level APIs for type ID and UUID accessors (berrange)
tests: Remove DeviceFreeAllTestCase (bcl)
Add support for new libparted disk type features in parted-3.5 (dcantrell)
Small Makefile updates (dcantrell)
Remove .travis.yml file (dcantrell)
Rename COPYING to LICENSE (dcantrell)
A few minor updates to README.md (dcantrell)
Change README to README.md (dcantrell)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 2.1.1-1 to 2.1.3-1
- Changelog
2.1.3
Implement format_map, casefold, removeprefix, and removesuffix methods. #370
Fix static typing for basic str methods on Markup. #358
Use Self for annotating return types. #379
2.1.2
Fix striptags not stripping tags containing newlines. #310
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The package has been moved to GitHub and is no longer releasing tarballs
on kernel.org.
It also requires sulogin.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch also fixes the testsuite by disabling the gather topology
test which runs fine in the hosted build environment, but fails on my
own build VM.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 5.7-2 to 6.3-1
- Changelog
6.3 (03 Sep 2023):
- Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
- Bug 4981: Work around in-call job invalidation bugs
- basic_smb_lm_auth: fix 'no previous declaration' warnings
- CacheManager: require /squid-internal-mgr/ URL path prefix
- ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]
- ... and some documentation changes
6.2 (06 Aug 2023):
- Bug 5187: Work around REQMOD satisfaction regression
- Bug 5290: pure virtual call in Ftp::Client constructor
- Fix memory leak when reconfiguring multiline all-of ACLs
- ... and a lot of code cleanups
- ... and some portability fixes on GNU/Hurd and MSWindows
6.1 (06 Jul 2023):
- Bug 5278: Log %err_code for "early" request handling errors
- Do not cache (and do not serve cached) cache manager responses
- Fix key equality comparison in LookupTable map
- Honor DNS RR TTLs larger than negative_dns_ttl
- ... and some documentation changes
6.0.3 (07 Jun 2023):
- Bug 5148: Log %Ss of failed tunnels as TCP_TUNNEL
- Do not leak Security::CertErrors created in X509_verify_cert()
- Do not erase aborted StoreMap entries that are still being read
- Fix build in environments lacking syslog
- Fix build failures in some environments due to time_t type conflicts in libdebug
- Remove obsolete caddr_t
- ... and some documentation changes
6.0.2 (30 Apr 2023):
- Avoid excessive disk I/O in some environments
- ... and several build and portability fixes
- ... and all fixes from 5.9
6.0.1 (28 Feb 2023):
- Bug 5256: Intercepting port fails to accept
- Bug 5241: Block all non-localhost requests by default
- Bug 5241: Block to-localhost, to-link-local requests by default
- Bug 5232: Fix GCC v12 build [-Wuse-after-free]
- Bug 5211: support.cc:355: "!filledCheck->sslErrors" assertion
- Bug 5194: Remove all unused debug sections
- Bug 5162: mgr:index URL do not produce MGR_INDEX template
- Bug 5129 pt1: remove Lock use from HttpRequestMethod
- Bug 5128: Translation: Fix % i typo in es/ERR_FORWARDING_DENIED
- Bug 5021: Add a script to fix spelling error with codespell
- Bug 4946: client_side_request.cc: "request != newRequest"
- Bug 4832: '!schemeAccess' assertion on exit
- Bug 4572: squidclient: Remove deprecated cache_object:// support
- Bug 4528: ICAP transactions quit on async DNS lookups
- Add scripts/trace-context.pl: a debugging tool
- Remove cache_diff tool
- Remove membanger tool
- Remove pconn-banger tool
- Remove recv-announce tool
- Remove send-announce tool
- Remove tcp-banger* tools
- Remove ufsdump tool
- Remove support for Gopher protocol
- Remove support for unused libbsd
- Remove bundled GnuRegex library
- Remove CPU profiler mechanism
- Remove leakfinder (--enable-leakfinder)
- Remove --enable-kill-parent-hack
- Remove --disable-loadable-modules
- Remove unused/disabled/broken LEAK_CHECK_MODE code
- Remove SCO 3.2 support
- Remove m88k-specific support
- Remove NeXTSTEP support
- Remove HPUX compiler support
- Remove CBDATA debugging
- Require C++17
- cachemgr.cgi: Remove deprecated cache_object:// support
- ext_kerberos_ldap_group_acl: Support -b with -D
- ext_lm_group_acl: Improved username handling
- negotiate_wrapper: ensure null-termination of strings
- pinger: Fix MAX_PKT{4,6}_SZ to account for icmpEchoData padding
- HTTP: Replaced X-Cache and X-Cache-Lookup headers with Cache-Status
- HTTP: Update Host, Via, and other headers in-place when possible
- HTTP: Update status code 413 compliance
- RFC 9110: Reject different HTTP requests with unusual framing
- RFC 9111: Stop treating Warning specially
- RFC 9113: update documentation references
- RFC 9218: Priority header registration
- SSL-Bump: Remove step2+ stare-and-splice and peek-and-bump support
- TLS: Do not send more than one self-signed certificate
- TLS: Sort CA certificates in tls-cert=bundle
- TLS: Preserve configured order of intermediate CA certificate chain
- WCCP: Validate packets better
- CI: Support "negative" squid-conf-tests
- CI: Maintenance: Support custom astyle versions
- CI: test-builds.sh: in case of error dump full log
- CI: Add --progress option to test-builds.sh
- CI: Change time_units test to also work on 32bit systems
- CI: Maintenance: Update astyle version to 3.1
- Add cache_log_message directive
- Add paranoid_hit_validation directive
- Add tls_key_log to report TLS communication secrets
- Add %busy_time logformat code
- Add %transport::>connection_id logformat code
- Add %request_attempts logformat code
- Warn about some bad from-helper annotations
- Ban acl key changes in req_header, rep_header, and note ACLs
- Optimize ephemeral port reuse with IP_BIND_ADDRESS_NO_PORT
- Honor httpd_suppress_version_string in more contexts
- Honor ftp_port worker-queues option
- Log early level-0/1 debugs() messages to cache_log
- Support reliable zeroing of sensitive buffers
- Do not overwrite caching bans
- Do not blame cache_peer for 4xx CONNECT responses
- Mimic GET reforwarding decisions when our CONNECT fails
- Discarded connections do not contribute to forward_max_tries
- Honor assertions during shutdown
- Do not stop listening after "ERROR: NAT/TPROXY lookup failed..."
- Do not skip problematic regexes in ACLs
- Improve coredump_dir on FreeBSD and Solaris based OS
- Avoid reverse DNS lookups when logformat %>A is unused
- BUG: Unexpected state while connecting to ... server
- Properly track (and mark) truncated store entries
- Support "file" syntax for 'squid_error' and 'has' ACL parameters
- Allow sending "squid -k ..." signals to PID 1
- Remove bogus "found KEY_PRIVATE" WARNINGs
- Avoid "BUG #3329: Lost orphan ..." during accept problems
- Report SMP store queues state (mgr:store_queues)
- Remove 8K limit for single access.log line
- Rename ./configure option --with-libxml2 to --with-xml2
- Rename ./configure option --with-libcap to --with-cap
- Match ./configure --help parameter names with their defaults
- Remove broken -sha1 option from server_cert_fingerprint
- Fix typo in manager ACL
- Fix milliseconds in certain cache.log messages
- Fix ignore-cc/act-as-origin in wildcard split-stack ports
- Fix comm.cc:644: "address.port() != 0" assertion
- Fix StoreMap.cc "anchorAt(anchorId).reading()" assertions
- Fix double-free segmentation fault on shutdown
- Fix client_side_request.cc:2028 "request->method.id()" assertion
- Fix reconfiguration leaking tls-cert=... memory
- Fix X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY handling
- Fix "mem_obj->inmem_lo == 0" assertion in StoreEntry::swapOut()
- Fix TCP keepalive
- Fix SslBump reconfiguration leaking public key memory
- Fix socket accounting for TCP accept()
- ... and many documentation changes
- ... and much code cleanup and polishing
- ... and all fixes from 5.8
5.9 (30 Apr 2023):
- Improve reply_body_max_size matching accuracy
- ... and some documentation changes
- ... and many portability fixes
5.8 (28 Feb 2023):
- Bug 5162: mgr:index URL do not produce MGR_INDEX template
- Bug 5241: Block all non-localhost requests by default
- Bug 5241: Block to-localhost, to-link-local requests by default
- ext_kerberos_ldap_group_acl: Support -b with -D
- Fix ACL type typo in req_header, rep_header key-changing ERRORs
- ... and several compile fixes
- ... and some code cleanup and polishing
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 4.17.5-2 to 4.19.0-1
- This is a patch series together with updates to libldb, libtalloc, libtdb and
libtevent as version 4.19.0 of samba requires newer versions of all these libs.
- Changelog is a bit too large to include here.
The release notes for each of the versions can be found in the left hand
column of this link https://www.samba.org/samba/history/
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 0.13.0-2 to 0.15.0-1
- This version is required by samba-4.19.0
- Changelog - I could not find any changelog info on this package.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 1.4.7-2 to 1.4.9-1
- This version is required by samba-4.19.0
- Changelog - I could not find any changelog info on this package.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 2.3.4-2 to 2.4.1-1
- This version is required by samba-4.19.0
- Changelog - I could not find any changelog info on this package.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- IPFire-3.x
- Update from version 2.6.1-2 to 2.8.0-1
- This version is required for samba-4.19.0
- Changelog - I could not find any changelog info anywhere. Apparently there is a
git repo for this package but I could not find it.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
We have some libraries which systemd can take advantage of which have
formerly not been enabled.
This patch also fixes running the testsuite which - however - currently
does not run through.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Adolf Belka