mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-25 18:32:57 +02:00
14ecdd86f1e57949858b47aa2a449e051bf3ee3a
9800 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Adolf Belka
|
ba6d6014ff |
ffmpeg: Update to version 7.0.2
- Update from version 6.0 to 7.0.2
- Removal of mathpops patch as content now included in source tarball.
- Update of rootfile
- sobump means that mpd, shairport-sync and minidlna need to be shipped
- minidlna also requires an update due to a variable name change from ffmpeg-7.0 onwards
- Changelog
7.0.2
avcodec/snow: Fix off by 1 error in run_buffer
avcodec/utils: apply the same alignment to YUV410 as we do to YUV420 for snow
avformat/iamf_parse: Check for 0 samples
swscale: [loongarch] Fix checkasm-sw_yuv2rgb failure.
avcodec/aacps_tablegen_template: don't redefine CONFIG_HARDCODED_TABLES
avutil/hwcontext_vaapi: use the correct type for VASurfaceAttribExternalBuffers.buffers
avcodec/pcm-bluray/dvd: Use correct pointer types on BE
avcodec/pngenc: fix sBIT writing for indexed-color PNGs
avcodec/pngdec: use 8-bit sBIT cap for indexed PNGs per spec
avformat/mov: check that child boxes of trak are only present inside it
avformat/mov: check that sample and chunk count is 1 for HEIF
avcodec/videotoolboxenc: Fix bitrate doesn't work as expected
avdevice/dshow: Don't skip audio devices if no video device is present
avcodec/hdrenc: Allocate more space
avcodec/cfhdenc: Height of 16 is not supported
avcodec/cfhdenc: Allocate more space
avcodec/osq: fix integer overflow when applying factor
avcodec/osq: avoid using too large numbers for shifts and integers in update_residue_parameter()
avcodec/vaapi_encode: Check hwctx
avcodec/proresdec: Consider negative bits left
avcodec/alsdec: Clear shift_value
avcodec/hevc/hevcdec: Do not allow slices to depend on failed slices
avformat/mov: add an EOF check in IPRP
avfilter/vf_xfade: Check ff_inlink_consume_frame() for failure
avutil/slicethread: Check pthread_*_init() for failure
avutil/frame: Check log2_crop_align
avutil/buffer: Check ff_mutex_init() for failure
avformat/xmv: Check this_packet_size
avformat/webpenc: Check filesize in trailer
avformat/ty: rec_size seems to only need 32bit
avformat/tty: Check avio_size()
avformat/siff: Basic pkt_size check
avformat/sauce: Check avio_size() for failure
avformat/sapdec: Check ffurl_get_file_handle() for error
avformat/nsvdec: Check asize for PCM
avformat/mp3dec: Check header_filesize
avformat/mp3dec; Check for avio_size() failure
avformat/mov: Use 64bit for str_size
avformat/mm: Check length
avformat/hnm: Check *chunk_size
avformat/hlsenc: Check ret
avformat/bintext: Check avio_size() return
avformat/asfdec_o: Check size of index object
avfilter/vf_scale: Check ff_scale_adjust_dimensions() for failure
avfilter/scale_eval: Use 64bit, check values in ff_scale_adjust_dimensions()
avfilter/vf_lut3d: Check av_scanf()
avfilter/vf_elbg: Use unsigned for shifting into the top bit
avfilter/vf_premultiply: Use AV_PIX_MAX_PLANES
avfilter/vf_deshake_opencl: Ensure that the first iteration initializes the best variables
avformat/iamf_parse: Check for negative sample sizes
swscale/output: Fix integer overflows in yuv2rgba64_X_c_template
avformat/mxfdec: Reorder elements of expression in bisect loop
avutil/timecode: Use a 64bit framenum internally
avcodec/pnmdec: Use 64bit for input size check
avformat/mov: Check extradata in mov_read_iacb()
avcodec/mpeg12enc: Use av_rescale() in vbv_buffer_size computation
avcodec/utvideoenc: Use unsigned shift to build flags
avcodec/j2kenc: Merge dwt_norm into lambda
avcodec/vc2enc: Fix overflows with storing large values
avcodec/mpegvideo_enc: Do not duplicate pictures on shifting
avdevice/dshow_capture: Fix error handling in ff_dshow_##prefix##_Create()
avcodec/tiff: Check value on positive signed targets
avfilter/vf_convolution_opencl: Assert that the filter name is one of the filters
avfilter/vf_bm3d: Dont round MSE2SSE to an integer
avdevice/dshow: Remove NULL check on pin
avdevice/dshow: check ff_dshow_pin_ConnectionMediaType() for failure
avdevice/dshow: Check device_filter_unique_name before use
avdevice/dshow: Cleanup also on av_log case
avdevice/dshow_filter: Use wcscpy_s()
avcodec/flac_parser: Assert that we do not overrun the link_penalty array
avcodec/osq: avoid signed overflow in downsample path
avcodec/pixlet: Simplify pfx computation
avcodec/motion_est: Fix score squaring overflow
avcodec/mlpenc: Use 64 for ml, mr
avcodec/loco: Check loco_get_rice() for failure
avcodec/loco: check get_ur_golomb_jpegls() for failure
avcodec/leaddec: Check init_get_bits8() for failure
avcodec/imm4: check cbphi for error
avcodec/iff: Use signed count
avcodec/golomb: Assert that k is in the supported range for get_ur/sr_golomb()
avcodec/golomb: Document return for get_ur_golomb_jpegls() and get_sr_golomb_flac()
avcodec/dxv: Fix type in get_opcodes()
avcodec/cri: Check length
avcodec/xsubdec: Check parse_timecode()
avutil/imgutils: av_image_check_size2() ensure width and height fit in 32bit
avfilter/vf_tiltandshift: Free dst on error
doc/examples/mux: remove nop
avcodec/proresenc_kostya: use unsigned alpha for rotation
avformat/rtpenc_rfc4175: Use 64bit in computation if copy_offset
avformat/rtmpproto: Use AV_DICT_MATCH_CASE instead of litteral number
avformat/rtmppkt: Simplify and deobfuscate amf_tag_skip() slightly
avformat/rmdec: use 64bit for audio_framesize checks
avutil/wchar_filename: Correct sizeof
avutil/hwcontext_d3d11va: correct sizeof IDirect3DSurface9
avutil/hwcontext_d3d11va: Free AVD3D11FrameDescriptor on error
avutil/hwcontext_d3d11va: correct sizeof AVD3D11FrameDescriptor
avcodec/vvc/refs: Use unsigned mask
doc/examples/vaapi_encode: Try to check fwrite() for failure
avformat/usmdec: Initialize value
avformat/tls_schannel: Initialize ret
avformat/subfile: Assert that whence is a known case
avformat/subfile: Merge if into switch()
avformat/rtsp: Check that lower transport is handled in one of the if()
avformat/rtsp: initialize reply1
avformat/rtsp: use < 0 for error check
avformat/rtpenc_vc2hq: Check sizes
avfilter/af_aderivative: Free out on error
swscale/swscale: Use ptrdiff_t for linesize computations
avfilter/af_amerge: Cleanup on av_channel_layout_copy() failure
avfilter/af_afir: Assert format
avfilter/af_afftdn: Assert format
avfilter/af_pan: check nb_output_channels before use
cbs_av1: Reject thirty-two zero bits in uvlc code
avfilter/af_mcompand: compute half frequency in double
avfilter/af_channelsplit: Assert that av_channel_layout_channel_from_index() succeeds
avfilter/af_aresample: Cleanup on av_channel_layout_copy() failure
tools/coverity: Phase 1 study of anti-halicogenic for coverity av_rescale()
avfilter/vf_avgblur: Check plane instead of AVFrame
avfilter/drawutils: Fix depthb computation
avfilter/avf_showcwt: Check av_parse_video_rate() for failure
avformat/rdt: Check pkt_len
avformat/mpeg: Check len in mpegps_probe()
avformat/mxfenc: resurrects the error print
avdevice/dshow: Check ICaptureGraphBuilder2_SetFiltergraph() for failure
avcodec/mfenc: check IMFSample_ConvertToContiguousBuffer() for failure
avcodec/vc1_loopfilter: Factor duplicate code in vc1_b_h_intfi_loop_filter()
avcodec/vvc/ctu: Remove dead ret check
avcodec/vvc/dec: Remove constant eos_at_start
avformat/img2dec: assert no pipe on ts_from_file
avcodec/cbs_jpeg: Try to move the read entity to one side in a test
fftools/ffplay: Check vulkan_params
fftools/ffmpeg_enc: Initialize Decoder
fftools/ffmpeg_enc: Initialize fd
fftools/ffmpeg_enc: simplify opaque_ref check
avformat/mov: Check edit list for overflow
fftools/ffmpeg: Check read() for failure
avcodec/vvc/dec: Check ff_init_cabac_decoder() for failure
swscale/output: Avoid undefined overflow in yuv2rgb_write_full()
swscale/output: alpha can become negative after scaling, use multiply
avcodec/targaenc: Allocate space for the palette
avcodec/r210enc: Use av_rescale for bitrate
avcodec/jfdctint_template: Fewer integer anomalies
avcodec/snowenc: MV limits due to mv_penalty table size
tools/target_dec_fuzzer: Adjust threshold for MV30
tools/target_dec_fuzzer: Adjust threshold for jpeg2000
avformat/mxfdec: Check container_ul->desc before use
avcodec/libvpxenc: Cleanup on error
doc/developer: Provide information about git send-email and gmail
avfilter/vf_rotate: Check ff_draw_init2() return value
avformat/mov: Use int64_t in intermediate for corrected_dts
avformat/mov: Use 64bit in intermediate for current_dts
avformat/matroskadec: Assert that num_levels is non negative
avformat/libzmq: Check av_strstart()
avformat/img2dec: Little JFIF / Exif cleanup
avformat/img2dec: Move DQT after unrelated if()
avformat/imfdec: Simplify get_next_track_with_minimum_timestamp()
avdevice/xcbgrab: Check sscanf() return
fftools/cmdutils: Add protective () to FLAGS
avformat/sdp: Check before appending ","
avcodec/libx264: Check init_get_bits8() return code
avcodec/ilbcdec: Remove dead code
avcodec/vp8: Check cond init
avcodec/vp8: Check mutex init
avcodec/proresenc_anatoliy: Assert that AV_PROFILE_UNKNOWN is replaced
avcodec/pcm-dvdenc: 64bit pkt-size
avcodec/notchlc: Check init_get_bits8() for failure
avcodec/tests/dct: Use 64bit in intermediate for error computation
avcodec/scpr3: Check add_dec() for failure
avcodec/rv34: assert that size is not 0 in rv34_gen_vlc_ext()
avcodec/wavpackenc: Use unsigned for potential 31bit shift
avcodec/vvc/mvs: Initialize mvf
avcodec/tests/jpeg2000dwt: Use 64bit in comparission
avcodec/tests/jpeg2000dwt: Use 64bit in err2 computation
avformat/fwse: Remove always false expression
avcodec/sga: Make it clear that the return is intentionally not checked
avformat/asfdec_f: Use 64bit for preroll computation
avformat/argo_asf: Use 64bit in offset intermediate
avformat/ape: Use 64bit for final frame size
avformat/ac4dec: Check remaining space in ac4_probe()
avdevice/pulse_audio_enc: Use av_rescale() to avoid integer overflow
avcodec/vlc: Cleanup on multi table alloc failure in ff_vlc_init_multi_from_lengths()
avcodec/tiff: Assert init_get_bits8() success in unpack_gray()
avcodec/tiff: Assert init_get_bits8() success in horizontal_fill()
tools/decode_simple: Check avcodec_send_packet() for errors on flushing
swscale/yuv2rgb: Use 64bit for brightness computation
swscale/x86/swscale: use a clearer name for INPUT_PLANER_RGB_A_FUNC_CASE
avutil/tests/opt: Check av_set_options_string() for failure
avutil/tests/dict: Check av_dict_set() before get for failure
avdevice/dshow: fix badly indented line
avformat/demux: resurrect dead stores
avcodec/tests/bitstream_template: Assert bits_init8() return
tools/enc_recon_frame_test: Assert that av_image_get_linesize() succeeds
avformat/iamf_writer: disallow Opus extradata with mapping family other than 0
avformat/iamf_parse: sanitize audio_roll_distance values
avformat/iamf: byteswap values in OpusHeader
avformat/iamf: rename Codec Config seek_preroll to audio_roll_distance
avformat/iamf_writer: fix coded audio_roll_distance values
avformat/iamf_writer: fix PCM endian-ness flag
avformat/movenc: fix channel count and samplerate fields for IAMF tracks
avformat/iamf_parse: keep substream count consistent
avformat/iamf_parse: add missing padding to AAC extradata
avformat/iamf_parse: 0 layers are not allowed
avformat/iamf_parse: consider nb_substreams when accessing substreams array
avformat/iamf_parse: Remove dead case
avcodec/png: more informative error message for invalid sBIT size
avcodec/pngdec: avoid erroring with sBIT on indexed-color images
avfilter/vf_tiltandshift: fix buffer offset for yuv422p input
avutil/timestamp: avoid possible FPE when 0 is passed to av_ts_make_time_string2()
avformat/mov: add more checks for infe atom size
avformat/mov: check for EOF inside the infe list parsing loop
avformat/mov: check extent_offset calculation for overflow
avformat/mov: check that iloc offset values fit on an int64_t
avcodec/pngenc: fix mDCv typo
avcodec/pngdec: fix mDCv typo
avcodec/nvenc: fix segfault in intra-only mode
avdevice/avfoundation: add external video devices
aarch64: Add OpenBSD runtime detection of dotprod and i8mm using sysctl
fftools/ffplay_renderer: use correct NULL value for Vulkan type
qsv: Initialize impl_value
avutil/hwcontext_qsv: fix GCC 14.1 warnings
avcodec/mediacodecenc: workaround the alignment requirement for H.265
avcodec/mediacodecenc: workaround the alignment requirement only for H.264
lavc/lpc: fix off-by-one in R-V V compute_autocorr
lavc/vp9: reset segmentation fields when segmentation isn't enabled
configure: enable ffnvcodec, nvenc, nvdec for FreeBSD
lavc/sbrdsp: fix potential overflow in noise table
7.0.1
lavc/flacdsp: do not assume maximum R-V VL
avformat/flacdec: Reorder allocations to avoid leak on error
avcodec/adts_parser: Don't presume buffer to be padded
avformat/movenc: Check av_malloc()
avcodec/vp8: Return error on error
avformat/mov: store sample_sizes as unsigned ints
avformat/vvc: fix parsing sps_subpic_id
avformat/vvc: initialize some ptl flags
avcodec/mscc & mwsc: Check loop counts before use
avcodec/mpegvideo_enc: Fix potential overflow in RD
avcodec/mpeg4videodec: assert impossible wrap points
avcodec/mpeg12dec: Use 64bit in bit computation
avcodec/vqcdec: Check init_get_bits8() for failure
avcodec/vvc/dec: Check init_get_bits8() for failure
avcodec/vble: Check av_image_get_buffer_size() for failure
avcodec/vp3: Replace check by assert
avcodec/vp8: Forward return of ff_vpx_init_range_decoder()
avcodec/jpeg2000dec: remove ST=3 case
avcodec/qsvdec: Check av_image_get_buffer_size() for failure
avcodec/exr: Fix preview overflow
avcodec/decode: decode_simple_internal() only implements audio and video
avcodec/fmvc: remove dead assignment
avcodec/h2645_sei: Remove dead checks
avcodec/h264_slice: Remove dead sps check
avcodec/lpc: copy levenson coeffs only when they have been computed
avutil/tests/base64: Check with too short output array
libavutil/base64: Try not to write over the array end
avcodec/cbs_av1: Avoid shift overflow
fftools/ffplay: Check return of swr_alloc_set_opts2()
tools/opt_common: Check for malloc failure
doc/examples/demux_decode: Simplify loop
avformat/concatdec: Check file
avcodec/mpegvideo_enc: Fix 1 line and one column images
avcodec/amrwbdec: assert mode to be valid in decode_fixed_vector()
avcodec/wavarc: fix integer overflow in decode_5elp() block type 2
swscale/output: Fix integer overflow in yuv2rgba64_full_1_c_template()
swscale/output: Fix integer overflow in yuv2rgba64_1_c_template
avcodec/av1dec: Change bit_depth to int
avcodec/av1dec: bit_depth cannot be another values than 8,10,12
avcodec/avs3_parser: assert the return value of init_get_bits()
avcodec/avs2_parser: Assert init_get_bits8() success with const size 15
avfilter/avfiltergraph: return value of ff_request_frame() is unused
avformat/mxfdec: Check body_offset
avformat/kvag: Check sample_rate
avcodec/atrac9dec: Check init_get_bits8() for failure
avcodec/ac3_parser: Check init_get_bits8() for failure
avcodec/pngdec: Check last AVFrame before deref
avcodec/hevcdec: Check ref frame
doc/examples/qsv_transcode: Initialize pointer before free
doc/examples/qsv_transcode: Simplify str_to_dict() loop
doc/examples/vaapi_transcode: Simplify loop
doc/examples/qsv_transcode: Simplify loop
avcodec/cbs_h2645: Check NAL space
avfilter/vf_thumbnail_cuda: Set ret before checking it
avfilter/signature_lookup: Dont copy uninitialized stuff around
avfilter/signature_lookup: Fix 2 differences to the refernce SW
avcodec/x86/vp3dsp_init: Set correct function pointer, fix crash
avformat/mp3dec: change bogus error message if read_header encounters EOF
avformat/mp3dec: simplify inner frame size check in mp3_read_header
avformat/mp3dec: only call ffio_ensure_seekback once
avcodec/cbs_h266: read vps_ptl_max_tid before using it
avcodec/cbs_h266: fix sh_collocated_from_l0_flag and sh_collocated_ref_idx infer
avformat/vvc: fix parsing some early VPS bitstream values
avformat/vvc: fix writing general_constraint_info bytes
avutil/ppc/cpu: Also use the machdep.altivec sysctl on NetBSD
lavd/v4l2: Use proper field type for second parameter of ioctl() with BSD's
vulkan_av1: Fix force_integer_mv value
vaapi_av1: Fix force_integer_mv value
av1dec: Add force_integer_mv derived field for decoder use
avutil/iamf: fix offsets for mix_gain options
avformat/iamfdec: check nb_streams in header read
avformat/mov: free the infe allocated item data on failure
avformat/iamf_writer: reject duplicated stream ids in a stream group
avformat/mov: don't read key_size bytes twice in the keys atom
avformat/mov: take into account the first eight bytes in the keys atom
avformat/mov: fix the check for the heif item parsing loop
avutil/iamf: fix mix_gain_class name
av1dec: Fix RefFrameSignBias calculation
avcodec/codec_par: always clear extradata_size in avcodec_parameters_to_context()
avcodec/mediacodecenc: Fix return empty packet when bsf is used
avcodec/hevcdec: Fix precedence, bogus film grain warning
avcodec/hevcdec: fix segfault on invalid film grain metadata
lavc/vvc: Skip enhancement layer NAL units
avformat/mov: ignore old infe box versions
vulkan_av1: add workaround for NVIDIA drivers tested on broken CTS
lavc/vulkan_av1: Use av1dec reference order hint information
lavc/av1: Record reference ordering information for each frame
doc/encoders: add missing libxvid option
doc/encoders: remove non-existent flag
fate/ffmpeg: Avoid dependency on samples
avcodec/wavpack: Remove always-false check
avcodec/wavpack: Fix leak and segfault on reallocation error
avcodec/lossless_videoencdsp: Don't presume alignment in diff_bytes
avcodec/ppc/h264dsp: Fix left shifts of negative numbers
7.0
- DXV DXT1 encoder
- LEAD MCMP decoder
- EVC decoding using external library libxevd
- EVC encoding using external library libxeve
- QOA decoder and demuxer
- aap filter
- demuxing, decoding, filtering, encoding, and muxing in the
ffmpeg CLI now all run in parallel
- enable gdigrab device to grab a window using the hwnd=HANDLER syntax
- IAMF raw demuxer and muxer
- D3D12VA hardware accelerated H264, HEVC, VP9, AV1, MPEG-2 and VC1 decoding
- tiltandshift filter
- qrencode filter and qrencodesrc source
- quirc filter
- lavu/eval: introduce randomi() function in expressions
- VVC decoder (experimental)
- fsync filter
- Raw Captions with Time (RCWT) closed caption muxer
- ffmpeg CLI -bsf option may now be used for input as well as output
- ffmpeg CLI options may now be used as -/opt <path>, which is equivalent
to -opt <contents of file <path>>
- showinfo bitstream filter
- a C11-compliant compiler is now required; note that this requirement
will be bumped to C17 in the near future, so consider updating your
build environment if it lacks C17 support
- Change the default bitrate control method from VBR to CQP for QSV encoders.
- removed deprecated ffmpeg CLI options -psnr and -map_channel
- DVD-Video demuxer, powered by libdvdnav and libdvdread
- ffprobe -show_stream_groups option
- ffprobe (with -export_side_data film_grain) now prints film grain metadata
- AEA muxer
- ffmpeg CLI loopback decoders
- Support PacketTypeMetadata of PacketType in enhanced flv format
- ffplay with hwaccel decoding support (depends on vulkan renderer via libplacebo)
- dnn filter libtorch backend
- Android content URIs protocol
- AOMedia Film Grain Synthesis 1 (AFGS1)
- RISC-V optimizations for AAC, FLAC, JPEG-2000, LPC, RV4.0, SVQ, VC1, VP8, and more
- Loongarch optimizations for HEVC decoding
- Important AArch64 optimizations for HEVC
- IAMF support inside MP4/ISOBMFF
- Support for HEIF/AVIF still images and tiled still images
- Dolby Vision profile 10 support in AV1
- Support for Ambient Viewing Environment metadata in MP4/ISOBMFF
- HDR10 metadata passthrough when encoding with libx264, libx265, and libsvtav1
6.1
- libaribcaption decoder
- Playdate video decoder and demuxer
- Extend VAAPI support for libva-win32 on Windows
- afireqsrc audio source filter
- arls filter
- ffmpeg CLI new option: -readrate_initial_burst
- zoneplate video source filter
- command support in the setpts and asetpts filters
- Vulkan decode hwaccel, supporting H264, HEVC and AV1
- color_vulkan filter
- bwdif_vulkan filter
- nlmeans_vulkan filter
- RivaTuner video decoder
- xfade_vulkan filter
- vMix video decoder
- Essential Video Coding parser, muxer and demuxer
- Essential Video Coding frame merge bsf
- bwdif_cuda filter
- Microsoft RLE video encoder
- Raw AC-4 muxer and demuxer
- Raw VVC bitstream parser, muxer and demuxer
- Bitstream filter for editing metadata in VVC streams
- Bitstream filter for converting VVC from MP4 to Annex B
- scale_vt filter for videotoolbox
- transpose_vt filter for videotoolbox
- support for the P_SKIP hinting to speed up libx264 encoding
- Support HEVC,VP9,AV1 codec in enhanced flv format
- apsnr and asisdr audio filters
- OSQ demuxer and decoder
- Support HEVC,VP9,AV1 codec fourcclist in enhanced rtmp protocol
- CRI USM demuxer
- ffmpeg CLI '-top' option deprecated in favor of the setfield filter
- VAAPI AV1 encoder
- ffprobe XML output schema changed to account for multiple
variable-fields elements within the same parent element
- ffprobe -output_format option added as an alias of -of
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
Michael Tremer
|
290e8b5a99 |
core189: Ship sysvinit
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
9f029c8e08 |
core189: Ship suricata because of the updated Rust compiler
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
34b3e9a0a2 |
rust: Update to version 1.80.1
- Update from version 1.67.0 to 1.80.1 - Update of rootfile (x86_64 & aarch64) - Changelog is too large to include here. There are more than 1000 lines from 1.67.0 to 1.80.1 Details can be found at https://doc.rust-lang.org/stable/releases.html Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
ae330c5074 |
core189: Ship p11-kit
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
c26ea9ee01 |
p11-kit: Update to version 0.25.5
- Update from version 0.25.3 to 0.25.5
- Update of rootfile
- Changelog
0.25.5
* iter: fix recursive attribute loading [PR#642]
* fix building on FreeBSD 14.0 (amd64) [PR#644]
* test fix [PR#645]
0.25.4
* rpc: add support for recursive attributes [PR#624, PR#629, PR#631, PR#633]
* p11-kit: add function to check run-time version of the library [PR#637]
* p11-kit: expose version information through macros [PR#635]
* p11-kit: add option to specify CKA_ID in generate-keypair and import-object
commands [PR#615]
* p11-kit: add --provider option to specify PKCS#11 module when using p11-kit
commands [PR#611]
* p11-kit: fix a bug where eddsa mechanism isn't recognized in generate-keypair
[PR#617]
* p11-kit: fallback to C_GetFunctionList when C_GetInterface returns
CKR_FUNCTION_NOT_SUPPORTED [PR#622]
* bug and build fixes [PR#603, PR#604, PR#605, PR#606, PR#609, PR#614, PR#616,
PR#619, PR#627, PR#628, PR#632, PR#636, PR#639]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
7648f3afe4 |
core189: Ship GnuTLS
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
c5fe41d3f9 |
gnutls: Update to version 3.8.7
- Update from version 3.8.5 to 3.8.7
- Update of rootfile
- Changelog
3.8.7
** libgnutls: New configure option to compile out DSA support
The --disable-dsa configure option has been added to completely disable DSA
algorithm support.
** libgnutls: Experimental support for X25519Kyber768Draft00 key exchange in TLS
For testing purposes, the hybrid post-quantum key exchange defined
in draft-tls-westerbaan-xyber768d00 has been implemented using
liboqs. Since the algorithm is still not finalized, the support of
this key exchange is disabled by default and can be enabled with
the --with-liboqs configure option.
3.8.6
** libgnutls: PBMAC1 is now supported as a MAC mechanism for PKCS#12
To be compliant with FIPS 140-3, PKCS#12 files with MAC based on
PBKDF2 (PBMAC1) is now supported, according to the specification
proposed in draft-ietf-lamps-pkcs12-pbmac1.
** libgnutls: SHA3 extendable output functions (XOF) are now supported
SHA3 XOF, SHAKE128 and SHAKE256, are now usable through a new
public API gnutls_hash_squeeze.
** API and ABI modifications:
gnutls_pkcs12_generate_mac3: New function
gnutls_pkcs12_flags_t: New enum
gnutls_hash_squeeze: New function
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Adolf Belka
|
f093cb3fbe |
binutils: Update to version 2.43
- Update from version 2.42 to 2.43
- Update of rootfile (x86_64 & aarch64)
- Changelog
2.43
* Update copyright years
* config.sub: recognize nanoMIPS CPUs
* config.guess: recognize ironclad OS
* config.sub: recognize ironclad OS
* config.sub: recognize *-*-uefi
* Recognize the VideoCore 4 processor
* config.guess: detect LLVM-libc via features.h
* config.sub: add LLVM-libc support
* .pre-commit-config.yaml: Bump black hook to 24.3.0
* .pre-commit-config.yaml: New.
* Makefile.def: Add configure-gdbserver and all-gdbserver
dependencies on all-libiconv.
* Makefile.in: Re-generate.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
76ffe6380c |
core189: Ship the new toolchain
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
fb0aac9beb |
Start Core Update 189
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
d1f7d501c1 | Merge remote-tracking branch 'ms/toolchain-2024-08-02' into next | ||
|
Michael Tremer
|
0e2cf06a8c |
core188: Ship suricata and arping because of SO bump in libnet
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
9207afd883 |
core188: Ship lang.pl
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
9287c6c9c7 |
core188: Ship the network AQM script
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
bd4e688e64 |
core188: Ship backup.pl
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
9db251ee0b |
linux: Tidy up the messy KVER variable
This variable never actually held the kernel version. There were always suffixes appended and other things changed about it. This makes it a lot simpler as this variable now holds the actual kernel version. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
d54e39f935 |
gnupg: This package no longer seems to be able to link against LDAP
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
79ed909531 |
autoconf-archive: New package
These macros are needed to run autoreconf for db-5.3.28. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
1a28d6ef4b |
GCC: Update to 14.2.0
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
dec1a72c6c |
glibc: Update to 2.40
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
Arne Fitzenreiter
|
7e70a93aaa |
kernel: update to 6.6.46
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> |
||
|
Michael Tremer
|
0eb5b5f9e1 |
core188: Ship the suricata init script
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
b33dcb2c3f |
epson-inkjet-orinter-escpr: Update to 1.8.5
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
33a2aff416 |
core188: Ship unbound
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
Matthias Fischer
|
d388d0c103 |
unbound: Update to 1.21.0
For details see: https://nlnetlabs.nl/projects/unbound/download/#unbound-1-21-0 Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
0915078267 |
netsnmpd: Update to version 5.9.3
- Update from version 5.9.1 to 5.9.3
- Version 5.9.4 exists but it is indicated that SNMP over TLS and/or DTLS is not
functioning properly with various versions of OpenSSL. However I could not find which
versions mentioned in the News or Changelog. The problem will be fixed in a future
version. There are no CVE fixes in 5.9.4, only a relatively few bug fixes so I
decided to wait for the fixed version in case there are users using TLS with SNMP.
- Update of rootfile
- 6 CVE fixes in 5.9.3
- Changelog
5.9.3
security:
- These two CVEs can be exploited by a user with read-only credentials:
- CVE-2022-24805 A buffer overflow in the handling of the INDEX of
NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
- CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable
can cause a NULL pointer dereference.
- These CVEs can be exploited by a user with read-write credentials:
- CVE-2022-24806 Improper Input Validation when SETing malformed
OIDs in master agent and subagent simultaneously
- CVE-2022-24807 A malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an
out-of-bounds memory access.
- CVE-2022-24808 A malformed OID in a SET request to
NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
- CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
can cause a NULL pointer dereference.
- To avoid these flaws, use strong SNMPv3 credentials and do not share them.
If you must use SNMPv1 or SNMPv2c, use a complex community string
and enhance the protection by restricting access to a given IP address
range.
- Thanks are due to Yu Zhang of VARAS@IIE and Nanyu Zhong of VARAS@IIE for
reporting the following CVEs that have been fixed in this release, and
to Arista Networks for providing fixes.
misc:
- Snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is
expanded in ${datarootdir} so datarootdir must be set before
@datadir@ is used.
general: Many bug fixes
5.9.2
skipped due to a last minute library versioning found bug -- use 5.9.3 instead
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Adolf Belka
|
8cdc44bc70 |
oci-cli: Update to version 3.45.2
- Update from version 3.29.4 to 3.45.2 - Update of rootfile - Changelog is too large to include here. Details can be found at https://github.com/oracle/oci-cli/releases Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
849bcfd188 |
ghostscript: Update to version 10.03.1
- Update from version 10.03.0 to 10.03.1
- Update of rootfile
- Several CVE fixes in this release
- Changelog
10.03.1
Fixes for CVE-2024-33869, CVE-2023-52722, CVE-2024-33870, CVE-2024-33871 and
CVE-2024-29510
IMPORTANT: For the 10.04.0 release (fall/autumn 2024) we will be adding
protection for device selection from PostScript input. This will mean that,
by default, only the device specified on the command line will be permitted.
Similar to the file permissions, there will be a "--permit-devices="
allowing a comma separation list of allowed devices. This will also take a
single wildcard "*" allowing any device.
Any application which relies on allowing PostScript to change devices during
a job will have to be aware, and take action to deal with this change.
The exception is "nulldevice", switching to that requires no special action.
A vulnerability was identified in the way Ghostscript/GhostPDL called
tesseract for the OCR devices, which could allow arbitrary code execution.
As as result, we strongly urge anyone including the OCR devices in their
build to update as soon as possible.
As of this release (10.03.1) pdfwrite creates PDF files with XRef streams
and ObjStm streams. This can result in considerably smaller PDF output
files. See Vector Devices for more details.
Ghostscript/pdfwrite now supports passing through PDF "Optional Content".
Our efforts in code hygiene and maintainability continue.
The usual round of bug fixes, compatibility changes, and incremental
improvements.
(9.53.0) We have added the capability to build with the Tesseract OCR
engine. In such a build, new devices are available
(pdfocr8/pdfocr24/pdfocr32) which render the output file to an image, OCR
that image, and output the image "wrapped" up as a PDF file, with the OCR
generated text information included as "invisible" text (in PDF terms, text
rendering mode 3).
Mainly due to time constraints, we only support including Tesseract from
source included in our release packages, and not linking to
Tesseract/Leptonica shared libraries. Whether we add this capability will
be largely dependent on community demand for the feature.
See Enabling OCR for more details.
Incompatible changes
(10.03.1) Almost all the "internal" PostScript procedures defined during the
interpreter startup are now "executeonly", further reducing the attack
surface of the interpreter.
The nature of these procedures means there should be no impact for
legitimate usage, but it is possible it will impact uses which abuse the
previous accessibility (even for legitimate reasons). Such cases may now
require "DELAYBIND", See DELAYBIND
(10.03.1) The "makeimagedevice" non-standard operator has been removed. It
allowed low level access to the graphics library in a way that was,
essentially impossible to secure.
(10.03.1) The "putdeviceprops", "getdeviceprops", "finddevice",
"copydevice", "findprotodevice" non-standard operators have all been
removed. They provided functionality that is either accessible through
standard operators, or should not be used by user PostScript.
(10.03.1) The process of "tidying" the PostScript namespace should have
removed only non-standard and undocumented operators. Nevertheless, it is
possible that any integrations or utilities that rely on those non-standard
and undocumented operators may stop working or may change behaviour.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Adolf Belka
|
ee4c4c787e |
fmt: Update to version 11.0.2
- Update from version 11.0.1 to 11.0.2
- Update of rootfile
- Changelog
11.0.2
- Fixed compatibility with non-POSIX systems
(https://github.com/fmtlib/fmt/issues/4054,
https://github.com/fmtlib/fmt/issues/4060).
- Fixed performance regressions when using `std::back_insert_iterator` with
`fmt::format_to` (https://github.com/fmtlib/fmt/issues/4070).
- Fixed handling of `std::generator` and move-only iterators
(https://github.com/fmtlib/fmt/issues/4053,
https://github.com/fmtlib/fmt/pull/4057). Thanks @Arghnews.
- Made `formatter<std::string_view>::parse` work with types convertible to
`std::string_view` (https://github.com/fmtlib/fmt/issues/4036,
https://github.com/fmtlib/fmt/pull/4055). Thanks @Arghnews.
- Made `volatile void*` formattable
(https://github.com/fmtlib/fmt/issues/4049,
https://github.com/fmtlib/fmt/pull/4056). Thanks @Arghnews.
- Made `Glib::ustring` not be confused with `std::string`
(https://github.com/fmtlib/fmt/issues/4052).
- Made `fmt::context` iterator compatible with STL algorithms that rely on
iterator category (https://github.com/fmtlib/fmt/issues/4079).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
71d9948c3b |
core188: Ship SQLite
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
b14dab3033 |
core188: Ship intel-microcode
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
61e6011d4e |
sdl2: Update to version 2.30.6
- Update from version 2.30.1 to 2.30.6
- Update of rootfile
- Changelog
2.30.6
Improved detection of Nintendo Switch Pro controller report mode
Fixed a rare crash when a controller is disconnected
Fixed creating a framebuffer with KMSDRM on some systems
2.30.5
Respect SDL_HINT_RENDER_DRIVER when creating an accelerated window surface
Clean up any accelerated renderer in SDL_DestroyWindowSurface()
Disable low level USB controller support on Android by default (can be
enabled by setting "SDL_ENV.SDL_JOYSTICK_HIDAPI" metadata to "1" in
AndroidManifest.xml)
Fixed USB permissions dialog on Android 14
Fixed controller mapping matching when one entry has a CRC specified and
another doesn't
Enable joystick support on FreeBSD when building using CMake
Reduced input latency when using an fcitx IME on Linux
Fixed graphical corruption on Raspberry Pi
Fixed crash when using an unstable sort function in SDL_qsort (you shouldn't
do this, but at least it won't crash)
2.30.4
Android rotation will respect user rotation lock preferences
Fixed spurious Left-Ctrl key input when the Right Alt key (AltGr) is pressed
on Windows
Added support for the Saitek Cyborg V.3 Rumble Pad in PS3 mode
Added support for the Razer Kitsune in PS5 mode
Added Linux bindings for the Qanba Drone 2 Arcade Joystick
Leave Nintendo Online controllers in simple report mode so they work with
DirectInput games
Enable using libusb for GameCube controllers when available
2.30.3
Fixed Win+V handling (pasting from clipboard history) on Windows
Fixed Caps Lock and Backspace key mapping for the Colemak keyboard layout on
Windows
Fixed mouse warp on XWayland
Reduced startup time when scanning for game controllers on Linux
Fixed building with C89 compilers
Fixed building with the GDK SDK on Windows
2.30.2
Fixed performance regression initializing controllers on Linux
Added support for the 6-button SEGA Mega Drive Control Pad for Nintendo Online
Added support for the MadCatz Saitek Side Panel Control Deck
Added support for the Hori Fighting Stick EX2
Added support for the Yawman Arrow flightstick
Added a gamepad mapping for the Defender Joystick Cobra R4
Fixed the gamepad mapping for the Sanwa Supply JY-P76USV controller
Poll for the initial controller state when using DirectInput
Allow using SDL_RWFromFile() with named pipes
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
6f10be4979 |
core188: Ship readline
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
8127b73812 |
core188: Ship lz4
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
90dfbe816a |
lz4: Update to version 1.10.0
- Update from version 1.9.4 to 1.10.0
- Update of rootfile
- Changelog
1.10.0
cli : multithreading compression support: improves speed by X times threads allocated
cli : overlap decompression with i/o, improving speed by ~+60%
cli : support environment variables LZ4_CLEVEL and LZ4_NBWORKERS
cli : license of CLI more clearly labelled GPL-2.0-or-later
cli : fix: refuse to compress directories
cli : fix dictionary compression benchmark on multiple files
cli : change: no more implicit `stdout` (except when input is `stdin`)
lib : new level 2, offering mid-way performance (speed and compression)
lib : Improved lz4frame compression speed for small data (up to +160% at 1KB)
lib : Slightly faster (+5%) HC compression speed (levels 3-9), by @JunHe77
lib : dictionary compression support now in stable status
lib : lz4frame states can be safely reset and reused after a processing error (described by @QrczakMK)
lib : `lz4file` API improvements, by @vsolontsov-volant and @t-mat
lib : new experimental symbol `LZ4_compress_destSize_extState()`
build: cmake minimum version raised to 3.5
build: cmake improvements, by @foxeng, @Ohjurot, @LocalSpook, @teo-tsirpanis, @ur4t and @t-mat
build: meson scripts are now hosted into `build/` directory, by @eli-schwartz
build: meson improvements, by @tristan957
build: Visual Studio solutions generated by `cmake` via scripts
port : support for loongArch, risc-v, m68k, mips and sparc architectures
port : improved Visual Studio compatibility, by @t-mat
port : freestanding support improvements, by @t-mat
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
4ebb8df54e |
core188: Ship knot
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
16f1486a94 |
core188: Ship iproute2
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
e083a19f8f |
core188: Ship hwdata
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
292817ad93 |
git: Update to version 2.46.0
- Update from version 2.45.2 to 2.46.0
- Update of rootfile
- Changelog
2.46.0
UI, Workflows & Features
* The "--rfc" option of "git format-patch" learned to take an
optional string value to be used in place of "RFC" to tweak the
"[PATCH]" on the subject header.
* The credential helper protocol, together with the HTTP layer, have
been enhanced to support authentication schemes different from
username & password pair, like Bearer and NTLM.
* Command line completion script (in contrib/) learned to complete
"git symbolic-ref" a bit better (you need to enable plumbing
commands to be completed with GIT_COMPLETION_SHOW_ALL_COMMANDS).
* When the user responds to a prompt given by "git add -p" with an
unsupported command, list of available commands were given, which
was too much if the user knew what they wanted to type but merely
made a typo. Now the user gets a much shorter error message.
* The color parsing code learned to handle 12-bit RGB colors, spelled
as "#RGB" (in addition to "#RRGGBB" that is already supported).
* The operation mode options (like "--get") the "git config" command
uses have been deprecated and replaced with subcommands (like "git
config get").
* "git tag" learned the "--trailer" option to futz with the trailers
in the same way as "git commit" does.
* A new global "--no-advice" option can be used to disable all advice
messages, which is meant to be used only in scripts.
* Updates to symbolic refs can now be made as a part of ref
transaction.
* The trailer API has been reshuffled a bit.
* Terminology to call various ref-like things are getting
straightened out.
* The command line completion script (in contrib/) has been adjusted
to the recent update to "git config" that adopted subcommand based
UI.
* The knobs to tweak how reftable files are written have been made
available as configuration variables.
* When "git push" notices that the commit at the tip of the ref on
the other side it is about to overwrite does not exist locally, it
used to first try fetching it if the local repository is a partial
clone. The command has been taught not to do so and immediately
fail instead.
* The promisor.quiet configuration knob can be set to true to make
lazy fetching from promisor remotes silent.
* The inter/range-diff output has been moved to the end of the patch
when format-patch adds it to a single patch, instead of writing it
before the patch text, to be consistent with what is done for a
cover letter for a multi-patch series.
* A new command has been added to migrate a repository that uses the
files backend for its ref storage to use the reftable backend, with
limitations.
* "git diff --exit-code --ext-diff" learned to take the exit status
of the external diff driver into account when deciding the exit
status of the overall "git diff" invocation when configured to do
so.
* "git update-ref --stdin" learned to handle transactional updates of
symbolic-refs.
* "git format-patch --interdiff" for multi-patch series learned to
turn on cover letters automatically (unless told never to enable
cover letter with "--no-cover-letter" and such).
* The "--heads" option of "ls-remote" and "show-ref" has been been
deprecated; "--branches" replaces "--heads".
* For over a year, setting add.interactive.useBuiltin configuration
variable did nothing but giving a "this does not do anything"
warning. The warning has been removed.
* The http transport can now be told to send request with
authentication material without first getting a 401 response.
* A handful of entries are added to the GitFAQ document.
* "git var GIT_SHELL_PATH" should report the path to the shell used
to spawn external commands, but it didn't do so on Windows, which
has been corrected.
Performance, Internal Implementation, Development Support etc.
* Advertise "git contacts", a tool for newcomers to find people to
ask review for their patches, a bit more in our developer
documentation.
* In addition to building the objects needed, try to link the objects
that are used in fuzzer tests, to make sure at least they build
without bitrot, in Linux CI runs.
* Code to write out reftable has seen some optimization and
simplification.
* Tests to ensure interoperability between reftable written by jgit
and our code have been added and enabled in CI.
* The singleton index_state instance "the_index" has been eliminated
by always instantiating "the_repository" and replacing references
to "the_index" with references to its .index member.
* Git-GUI has a new maintainer, Johannes Sixt.
* The "test-tool" has been taught to run testsuite tests in parallel,
bypassing the need to use the "prove" tool.
* The "whitespace check" task that was enabled for GitHub Actions CI
has been ported to GitLab CI.
* The refs API lost functions that implicitly assumes to work on the
primary ref_store by forcing the callers to pass a ref_store as an
argument.
* Code clean-up to reduce inter-function communication inside
builtin/config.c done via the use of global variables.
* The pack bitmap code saw some clean-up to prepare for a follow-up topic.
* Preliminary code clean-up for "git send-email".
* The default "creation-factor" used by "git format-patch" has been
raised to make it more aggressively find matching commits.
* Before discovering the repository details, We used to assume SHA-1
as the "default" hash function, which has been corrected. Hopefully
this will smoke out codepaths that rely on such an unwarranted
assumptions.
* The project decision making policy has been documented.
* The strcmp-offset tests have been rewritten using the unit test
framework.
* "git add -p" learned to complain when an answer with more than one
letter is given to a prompt that expects a single letter answer.
* The alias-expanded command lines are logged to the trace output.
* A new test was added to ensure git commands that are designed to
run outside repositories do work.
* A few tests in reftable library have been rewritten using the
unit test framework.
* A pair of test helpers that essentially are unit tests on hash
algorithms have been rewritten using the unit-tests framework.
* A test helper that essentially is unit tests on the "decorate"
logic has been rewritten using the unit-tests framework.
* Many memory leaks in the sparse-checkout code paths have been
plugged.
* "make check-docs" noticed problems and reported to its output but
failed to signal its findings with its exit status, which has been
corrected.
* Building with "-Werror -Wwrite-strings" is now supported.
* To help developers, the build procedure now allows builders to use
CFLAGS_APPEND to specify additional CFLAGS.
* "oidtree" tests were rewritten to use the unit test framework.
* The structure of the document that records longer-term project
decisions to deprecate/remove/update various behaviour has been
outlined.
* The pseudo-merge reachability bitmap to help more efficient storage
of the reachability bitmap in a repository with too many refs has
been added.
* When "git merge" sees that the index cannot be refreshed (e.g. due
to another process doing the same in the background), it died but
after writing MERGE_HEAD etc. files, which was useless for the
purpose to recover from the failure.
* The output from "git cat-file --batch-check" and "--batch-command
(info)" should not be unbuffered, for which some tests have been
added.
* A CPP macro USE_THE_REPOSITORY_VARIABLE is introduced to help
transition the codebase to rely less on the availability of the
singleton the_repository instance.
* "git version --build-options" reports the version information of
OpenSSL and other libraries (if used) in the build.
* Memory ownership rules for the in-core representation of
remote.*.url configuration values have been straightened out, which
resulted in a few leak fixes and code clarification.
* When bundleURI interface fetches multiple bundles, Git failed to
take full advantage of all bundles and ended up slurping duplicated
objects, which has been corrected.
* The code to deal with modified paths that are out-of-cone in a
sparsely checked out working tree has been optimized.
* An existing test of oidmap API has been rewritten with the
unit-test framework.
* The "ort" merge backend saw one bugfix for a crash that happens
when inner merge gets killed, and assorted code clean-ups.
* A new warning message is issued when a command has to expand a
sparse index to handle working tree cruft that are outside of the
sparse checkout.
* The test framework learned to take the test body not as a single
string but as a here-document.
* "git push '' HEAD:there" used to hit a BUG(); it has been corrected
to die with "fatal: bad repository ''".
* What happens when http.cookieFile gets the special value "" has
been clarified in the documentation.
Bug Fixes
* "git rebase --signoff" used to forget that it needs to add a
sign-off to the resulting commit when told to continue after a
conflict stops its operation.
* The procedure to build multi-pack-index got confused by the
replace-refs mechanism, which has been corrected by disabling the
latter.
* The "-k" and "--rfc" options of "format-patch" will now error out
when used together, as one tells us not to add anything to the
title of the commit, and the other one tells us to add "RFC" in
addition to "PATCH".
* "git stash -S" did not handle binary files correctly, which has
been corrected.
* A scheduled "git maintenance" job is expected to work on all
repositories it knows about, but it stopped at the first one that
errored out. Now it keeps going.
* zsh can pretend to be a normal shell pretty well except for some
glitches that we tickle in some of our scripts. Work them around
so that "vimdiff" and our test suite works well enough with it.
* Command line completion support for zsh (in contrib/) has been
updated to stop exposing internal state to end-user shell
interaction.
* Tests that try to corrupt in-repository files in chunked format did
not work well on macOS due to its broken "mv", which has been
worked around.
* The maximum size of attribute files is enforced more consistently.
* Unbreak CI jobs so that we do not attempt to use Python 2 that has
been removed from the platform.
* Git 2.43 started using the tree of HEAD as the source of attributes
in a bare repository, which has severe performance implications.
For now, revert the change, without ripping out a more explicit
support for the attr.tree configuration variable.
* The "--exit-code" option of "git diff" command learned to work with
the "--ext-diff" option.
* Windows CI running in GitHub Actions started complaining about the
order of arguments given to calloc(); the imported regex code uses
the wrong order almost consistently, which has been corrected.
* Expose "name conflict" error when a ref creation fails due to D/F
conflict in the ref namespace, to improve an error message given by
"git fetch".
(merge 9339fca23e it/refs-name-conflict later to maint).
* The SubmittingPatches document now refers folks to manpages
translation project.
* The documentation for "git diff --name-only" has been clarified
that it is about showing the names in the post-image tree.
* The credential helper that talks with osx keychain learned to avoid
storing back the authentication material it just got received from
the keychain.
(merge e1ab45b2da kn/osxkeychain-skip-idempotent-store later to maint).
* The chainlint script (invoked during "make test") did nothing when
it failed to detect the number of available CPUs. It now falls
back to 1 CPU to avoid the problem.
* Revert overly aggressive "layered defence" that went into 2.45.1
and friends, which broke "git-lfs", "git-annex", and other use
cases, so that we can rebuild necessary counterparts in the open.
* "git init" in an already created directory, when the user
configuration has includeif.onbranch, started to fail recently,
which has been corrected.
* Memory leaks in "git mv" has been plugged.
* The safe.directory configuration knob has been updated to
optionally allow leading path matches.
* An overly large ".gitignore" files are now rejected silently.
* Upon expiration event, the credential subsystem forgot to clear
in-core authentication material other than password (whose support
was added recently), which has been corrected.
* Fix for an embarrassing typo that prevented Python2 tests from running
anywhere.
* Varargs functions that are unannotated as printf-like or execl-like
have been annotated as such.
* "git am" has a safety feature to prevent it from starting a new
session when there already is a session going. It reliably
triggers when a mbox is given on the command line, but it has to
rely on the tty-ness of the standard input. Add an explicit way to
opt out of this safety with a command line option.
(merge 62c71ace44 jk/am-retry later to maint).
* A leak in "git imap-send" that somehow escapes LSan has been
plugged.
* Setting core.abbrev too early before the repository set-up
(typically in "git clone") caused segfault, which as been
corrected.
* When the user adds to "git rebase -i" instruction to "pick" a merge
commit, the error experience is not pleasant. Such an error is now
caught earlier in the process that parses the todo list.
* We forgot to normalize the result of getcwd() to NFC on macOS where
all other paths are normalized, which has been corrected. This still
does not address the case where core.precomposeUnicode configuration
is not defined globally.
* Earlier we stopped using the tree of HEAD as the default source of
attributes in a bare repository, but failed to document it. This
has been corrected.
* "git update-server-info" and "git commit-graph --write" have been
updated to use the tempfile API to avoid leaving cruft after
failing.
* An unused extern declaration for mingw has been removed to prevent
it from causing build failure.
* A helper function shared between two tests had a copy-paste bug,
which has been corrected.
* "git fetch-pack -k -k" without passing "--lock-pack" (which we
never do ourselves) did not work at all, which has been corrected.
* CI job to build minimum fuzzers learned to pass NO_CURL=NoThanks to
the build procedure, as its build environment does not offer, or
the rest of the build needs, anything cURL.
(merge 4e66b5a990 jc/fuzz-sans-curl later to maint).
* "git diff --no-ext-diff" when diff.external is configured ignored
the "--color-moved" option.
(merge 0f4b0d4cf0 rs/diff-color-moved-w-no-ext-diff-fix later to maint).
* "git archive --add-virtual-file=<path>:<contents>" never paid
attention to the --prefix=<prefix> option but the documentation
said it would. The documentation has been corrected.
(merge 72c282098d jc/archive-prefix-with-add-virtual-file later to maint).
* When GIT_PAGER failed to spawn, depending on the code path taken,
we failed immediately (correct) or just spew the payload to the
standard output (incorrect). The code now always fail immediately
when GIT_PAGER fails.
(merge 78f0a5d187 rj/pager-die-upon-exec-failure later to maint).
* date parser updates to be more careful about underflowing epoch
based timestamp.
(merge 9d69789770 db/date-underflow-fix later to maint).
* The Bloom filter used for path limited history traversal was broken
on systems whose "char" is unsigned; update the implementation and
bump the format version to 2.
(merge 9c8a9ec787 tb/path-filter-fix later to maint).
* Typofix.
(merge 231cf7370e as/pathspec-h-typofix later to maint).
* Code clean-up.
(merge 4b837f821e rs/simplify-submodule-helper-super-prefix-invocation later
to maint).
* "git describe --dirty --broken" forgot to refresh the index before
seeing if there is any chang, ("git describe --dirty" correctly did
so), which has been corrected.
(merge b8ae42e292 as/describe-broken-refresh-index-fix later to maint).
* Test suite has been taught not to unnecessarily rely on DNS failing
a bogus external name.
(merge 407cdbd271 jk/tests-without-dns later to maint).
* GitWeb update to use committer date consistently in rss/atom feeds.
(merge cf6ead095b am/gitweb-feed-use-committer-date later to maint).
* Custom control structures we invented more recently have been
taught to the clang-format file.
(merge 1457dff9be rs/clang-format-updates later to maint).
* Developer build procedure fix.
(merge df32729866 tb/dev-build-pedantic-fix later to maint).
* "git push" that pushes only deletion gave an unnecessary and
harmless error message when push negotiation is configured, which
has been corrected.
(merge 4d8ee0317f jc/disable-push-nego-for-deletion later to maint).
* Address-looking strings found on the trailer are now placed on the
Cc: list after running through sanitize_address by "git send-email".
(merge c852531f45 cb/send-email-sanitize-trailer-addresses later to maint).
* Tests that use GIT_TEST_SANITIZE_LEAK_LOG feature got their exit
status inverted, which has been corrected.
(merge 8c1d6691bc rj/test-sanitize-leak-log-fix later to maint).
* The http.cookieFile and http.saveCookies configuration variables
have a few values that need to be avoided, which are now ignored
with warning messages.
(merge 4f5822076f jc/http-cookiefile later to maint).
* Repacking a repository with multi-pack index started making stupid
pack selections in Git 2.45, which has been corrected.
(merge 8fb6d11fad ds/midx-write-repack-fix later to maint).
* Fix documentation mark-up regression in 2.45.
(merge 6474da0aa4 ja/doc-markup-updates-fix later to maint).
* Work around asciidoctor's css that renders `monospace` material
in the SYNOPSIS section of manual pages as block elements.
(merge d44ce6ddd5 js/doc-markup-updates-fix later to maint).
* Other code cleanup, docfix, build fix, etc.
(merge 493fdae046 ew/object-convert-leakfix later to maint).
(merge 00f3661a0a ss/doc-eol-attr-fix later to maint).
(merge 428c40da61 ri/doc-show-branch-fix later to maint).
(merge 58696bfcaa jc/where-is-bash-for-ci later to maint).
(merge 616e94ca24 tb/doc-max-tree-depth-fix later to maint).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
727284bf0e |
core188: Ship exfatprogs
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
cca1ef9a56 |
exfatprogs: Update to version 1.2.5
- Update from version 1.1.3 to 1.2.5
- Update of rootfile
- Changelog
1.2.5
CHANGES :
* exfatprogs: remove the limitation that the device
path length cannot exceed 254 bytes.
* exfatprogs: include the test images in the release
package.
NEW FEATURES :
* fsck.exfat: check and repair the filename which has
invalid characters.
BUG FIXES :
* tune.exfat: check whether the volume has invalid
characters correctly.
* fsck.exfat: check whether the filename and volume
has invalid characters correctly.
* fsck.exfat: fix endianess issues which happen
in the big-endian system.
1.2.4
BUG FIXES :
* tune.exfat: Fix "invalid serial number" error when
setting an serial number.
* fsck.exfat: Fix memory leak in an error path
1.2.3
CHANGES :
* dump.exfat: Report sector size in bytes and cluster size in
terms of sectors.
* fsck.exfat: Show checksum value if the SetChecksum of File
directory entry is invalid.
* mkfs.exfat: Improve FAT length calculation to reduce
the FAT size.
NEW FEATURES :
* mkfs.exfat: Add the option "--sector-size".
* fsck.exfat: Support checking and repairing VendorAllcation and
VendorExtension directory entries.
BUG FIXES :
* exfatprogs: Remove unnecessary memory allocations.
* fsck.exfat: Fix corruption that can occur if the cluster size
is 512-byte.
* fsck.exfat: Fix the SecondaryCount of File directory entry
when the count of Name directory entries is 17 or higher.
* tune.exfat: Fix an error that accepts invalid serial numbers.
1.2.2
CHANGES :
* exfat2img: Allow dumps for read-only devices.
* fsck.exfat: Revert Repairing zero size directory.
NEW FEATURES :
* fsck.exfat: Repair duplicated filename.
* mkfs.exfat: Add the option "q" to print only error messages.
* mkfs.exfat: Add the option "U" to set volume GUID.
* tune.exfat: Add the option "U" / "-u" to set or print volume GUID.
BUG FIXES:
* fsck.exfat: Fix some out-of-bounds memory accesses.
* fsck.exfat: Change not to delete volume GUID directory entry.
1.2.1
CHANGES :
* fsck.exfat: Repair zero size directory.
* fsck.exfat: Four small clean-ups.
1.2.0
CHANGES :
* fsck.exfat: Keep traveling files even if there is a corrupted
directory entry set.
* fsck.exfat: Introduce the option "b" to recover a boot sector even
if an exFAT filesystem is not found.
* fsck.exfat: Introduce the option "s" to create files in
"/LOST+FOUND", which have clusters allocated but was not belonged to
any files.
* fsck.exfat: Rename '.' and '..' entry name to the one user want.
NEW FEATURES :
* fsck.exfat: Repair corruptions of an exFAT filesystem. Please refer
to fsck.exfat manpage to see what kind of corruptions can be repaired.
* exfat2img: Dump metadata of an exFAT filesystem. Please refer to
exfat2img manpage to see how to use it.
BUG FIXES:
* fsck.exfat: Fix an infinite loop while traveling files.
* tune.exfat: Fix bitmap entry corruption when adding new volume lablel.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
d150ecb42f |
core188: Ship cURL
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
b1be6000fe |
curl: Update to version 8.9.1
- Update from version 8.8.0 to 8.9.1
- Update of rootfile
- Changelog
8.9.1
Bugfixes:
cmake: detect `libssh` via `pkg-config`
cmake: detect `nettle` when building with GnuTLS
cmake: drop `if(PKG_CONFIG_FOUND)` guard for `pkg_check_modules()`
configure: limit `__builtin_available` test to Darwin
connect: fix connection shutdown for event based processing
contrithanks.sh: use -F with -v to match lines as strings
curl: more defensive socket code for --ip-tos
CURLOPT_SSL_CTX_FUNCTION.md: mention CA caching
CURLSHOPT_SHARE.md: mention sessions/cookies as not thread-safe
example/multi-uv: remove the use of globals
ftpserver.pl: make POP3 LIST serve content from the test file
GHA/windows: increase timeout for vcpkg build step
lib: survive some NULL input args
macos: fix Apple SDK bug workaround for non-macOS targets
misc: cleanup after removing years from copyright
os400: build cli manual.
os400: workaround an IBM ASCII run-time library bug
RELEASE-PROCEDURE.md: remove the initial build step
runtests: fold timing details with GHA, sync `-r` tflags
tests: provide FTP directory contents in the test file
tidy-up: URL updates
TODO: thread-safe sharing
transfer: speed limiting fix for 32bit systems
vtls: avoid forward declaration in MultiSSL builds
wolfSSL: allow wolfSSL's implementation of kyber to be used
wolfssl: avoid calling get_cached_x509_store if store is uncachable
wolfssl: CA store share fix
x509asn1: unittests and fixes for gtime2str
8.9.0
Changes:
curl: add --ip-tos (IP Type of Service / Traffic Class)
curl: add --mptcp
curl: add --vlan-priority
curl: add -w '%{num_retries}'
gnutls: support CA caching
mbedtls: support CURLOPT_CERTINFO
noproxy: patterns need to be comma separated
socket: support binding to interface *AND* IP
tcpkeepalive: add CURLOPT_TCP_KEEPCNT and --keepalive-cnt
urlapi: add CURLU_NO_GUESS_SCHEME
wolfssl: support CA caching
Bugfixes:
(lib)curl.rc: set debug flag also for `CURLDEBUG` and `UNITTESTS`
asyn-thread: avoid using GetAddrInfoExW with impersonation
aws-sigv4: url encode the canonical path
BINDINGS: update java link to one that exists
build: add Debug, TrackMemory, ECH to feature list
build: add more supported attributes to the IAR compiler
build: fix llvm 16 or older + Xcode 15 or newer, and gcc
build: fix llvm 17 and older + macOS SDK 14.4 and newer
build: sync warning options between autotools, cmake & compilers
build: tidy up `__builtin_available` feature checks (Apple)
build: untangle `CURLDEBUG` and `DEBUGBUILD` macros
build: use `#error` instead of invalid syntax
cd2nroff: convert two warnings to errors
cd2nroff: use an empty "##" to signal end of .IP sequence
cf-socket: improve SO_SNDBUF update for Winsock
cf-socket: optimize curlx_nonblock() and check its return error
cf-socket: remove obsolete recvbuf
cf-socket: remove two "useless" assignments
cfilters: make Curl_conn_connect always assign 'done'
cmake: add CURL_USE_GSASL option with detection + CI test
cmake: allow `ENABLE_CURLDEBUG=OFF` with `ENABLE_DEBUG=ON`
cmake: allow SOVERSION override with `CURL_LIBCURL_SOVERSION`
cmake: alpha-sort feature list
cmake: always build unit tests with the `testdeps` target
cmake: bring `curl-config.cmake` closer to `FindCURL`
cmake: create `configurehelp.pm` like autotools does
cmake: delete unused `HAVE_LIBSSH2`, `HAVE_LIBSOCKET` macros
cmake: detect `libidn2` also via `pkg-config`
cmake: enable SOVERSION for Cygwin and `CMAKE_DLL_NAME_WITH_SOVERSION`
cmake: fix `-Wredundant-decls` in unity/mingw-w64 builds
cmake: fix brotli lib order
cmake: fix building `unit1600` due to missing `ssl/openssl.h`
cmake: fix building in unity mode
cmake: fix building with both md4 and md5 in unity mode
cmake: fix builds with detected libidn2 lib but undetected header
cmake: fix feature and protocol lists for SecureTransport
cmake: fix quotes when appending multiple options (SecureTransport)
cmake: fix test 1013 with websockets enabled and no TLS
cmake: improve wolfSSL detection
cmake: show protocols, then features
cmake: stop setting SOVERSION for the static lib target
cmake: sync CA bundle/path detection with autotools
cmake: sync protocol/feature list with `curl -V` output
cmake: use `APPLE` instead of `CMAKE_SYSTEM_NAME` string
cmake: whitespace, formatting/tidy-up in comments
cmdline-docs: "added in" cleanups
cmdline-docs: fix `--proxy-ca-native` example + tidy-ups
cmdline-opts/_PROTOCOLS.md: mention WS(S)
cmdline-opts/ech.md: shorten the help text
cmdline-opts/fail.md: expand and clarify
cmdline-opts/interface.md: expand the documentation
cmdline-opts: category cleanup
cmdline-opts: expand the parallel explanations
cmdline-opts: shorten six help texts
cmdline: expand proxy option explanations
code: language cleanup in comments
configure: CA bundle/path detection fixes
configure: fix `SystemConfiguration` detection
configure: fix pkg-config library name 'libnghttp3'
configure: fix pkg-config names (zstd, ngtcp2*)
configure: limit `SystemConfiguration` test to non-c-ares, IPv6 builds
configure: remove 'deeper' checks for `AC_CHECK_FUNCS`
configure: require a QUIC library if nghttp3 is used
configure: sort feature list, lowercase protocols, use backticks
configure: use `$EGREP` in place of `grep -E`
configure: use AC_MSG_WARN for TLS/experimental warning texts
connect-to.md: expand with examples
connection: shutdown TLS (for FTP) better
cookie-jar.md: see also --junk-session-cookies
curl-config: revert to backticks to support old target envs
curl: allow etag and content-disposition for 3xx reply
curl: bsearch the --write-out variable name
curl: check for --disable case *sensitively*
curl: list categories in --help
curl: make warnings and other messages aware of terminal width
curl: output "flying saucers" with leading carriage return
curl_easy_escape: elaborate a little on encoding a URL
curl_mprintf.md: add missing comma
curl_multi_poll.md: expand the example with an custom file descriptor
curl_str[n]equal.md: tidy up text to make them stand-alone
curl_url_set.md: libcurl only parses :// URLs
curl_url_set: elaborate on scheme guessing
curldown: make 'added-in:' a mandatory header field
CURLOPT_CONNECTTIMEOUT*: clarify, document the milliseond version
CURLOPT_ECH.md: remove repeated 'if'
CURLOPT_NETRC.md: clarify what it does on Windows
CURLOPT_RESOLVE.md: mention hostname can be wildcard ('*')
CURLOPT_SSL_VERIFYHOST.md: refresh
CURLOPT_TLSAUTH_PASSWORD/USERNAME.md: language fixups
DISTROS: add a link to the list archive
DISTROS: add AlmaLinux package source link
DISTROS: add MSYS2 (native) links
docs/cmdline-opts: fix mail-auth example TLD typo
docs/cmdline-opts: remove two superfluous "Added in" mentions
docs/libcurl: polish the single-line descriptions
docs/Makefile.am: make curl-config.1 install
docs: reference non deprecated libcurl options
docs: start markdown headers with capital letter where applicable
doh-insecure.md: expand
doh: fix cleanup
doh: fix leak and zero-length HTTPS RR crash
dump-header.md: mention minus for stdout
examples/threaded-ssl: remove locking callback code
examples: add missing binaries to .gitignore
examples: delete unused includes
examples: fix compiling with MSVC
examples: suppress deprecation warnings locally
FEATURES.md: refresh
file: separate fake headers and body with a stand-alone CRLF
ftp: remove redundant null pointer check in loop condition
get.d: clarify the explanation
GHA/windows: add MSVC wolfSSL job with test
GHA/windows: ignore FTP test results for old-mingw-w64
GHA: add MSVC UWP job, expand jobs with more options
GHA: detect and warn for more English contractions
GHA: disable MQTT and WebSocket tests in Windows jobs
GHA: disable TFTP tests in Windows jobs
GHA: enable tests 1139, 1177, 1477 on Windows
GHA: improve vcpkg cache, add BoringSSL ECH and LibreSSL MSVC jobs
GHA: unify http3 workflows into one
GHA: use vcpkg to install packages for MSVC jobs
GIT-INFO.md: remove version requirements
gnutls: improve TLS shutdown
gnutls: pass in SNI name, not hostname when checking cert
help: add flags to output and ssh categories
hostip: skip error check for infallible function call
http/3: add shutdown support
http/3: resume upload on ack if we have more data to send
http: remove "struct HTTP"
http: write last header line late
idn: fix ß with AppleIDN
idn: make macidn fail before trying conversion if name too long
idn: tweak buffer use when converting with macidn
lib/v*: tidy up types and casts
lib: add a few DEBUGASSERT(data) to aid code analyzers
lib: add failure reason on bind errors
lib: fix gcc warning in certain debug builds
lib: fix thread entry point to return `DWORD` on WinCE
lib: graceful connection shutdown
lib: prefer `var = time(NULL)` over `time(&var)`
lib: tidy up types and casts
lib: xfer_setup and non-blocking shutdown
libcurl-docs: make option lists alpha-sorted
libcurl-easy.md: now *more* than 300 options
libcurl.pc: add `Requires.private`, `Requires` for static linking
libcurl.pc: add more `Requires.private`/`Requires` dependencies
libssh: remove CURLOPT_SSL_VERIFYHOST check
macos: add workaround for gcc, non-c-ares, IPv6, compile error
macos: undo `availability` macro enabled by Homebrew gcc
managen: "added in" fixes
managen: cleanups to generate nicer-looking output
managen: error on trailing blank lines in input files
managen: fix removing backticks from subtitles
managen: insert final .fi for files ending with a quote
managen: introduce "Multi: per-URL"
managen: only output .RE for manpage output
managen: output tabs for each 8 leading spaces
managen: warn on excessively long help texts
MANUAL.md: wrap two example urls that overrun styling
mbedtls: check version before getting tls version
mbedtls: check version for cipher id
mbedtls: correct the error message for cert blob parsing failure
mbedtls: send close-notify on close
mbedtls: v3.6.0 workarounds
md4: fix compilation with OpenSSL 1.x with md4 disabled
misc: fix typos
mk-ca-bundle.pl: delay 'curl -V' execution until it is needed
multi: add multi->proto_hash, a key-value store for protocol data
multi: do a final progress update on connect failure
multi: fix multi_wait() timeout handling
multi: fix pollset during RESOLVING phase
multi: multi_getsock(), check correct socket
ngtcp2+quictls: fix cert-status use
noproxy: test bad ipv6 net size first
openssl/gnutls: rectify the TLS version checks for QUIC
openssl: fix %-specifier in infof() call
openssl: fix hostname handling when using ECH
openssl: stop duplicate ssl key logging for legacy OpenSSL
os400: make it compilable again
pytest: add ftp upload tests
pytest: include testenv/vsftpd.py in dist tarball
quic: enable UDP GRO
quic: openssl quic, cmake and doc version update to 3.3.0
quic: require at least OpenSSL 3.3 for QUIC
quic: update to quiche 0.22.0
quiche: fix operand of ‘?:’ changes signedness
request.md: language fix
request: change the struct field bodywrites to a bool, only for hyper
reuse: switch to REUSE 3.2 and REUSE.toml
runtests: show name and keywords for failed tests in summary
runtests: sort test IDs in summary lines
runtests: support %DATEfor YYYY-MM-DD of right now
runtests: support %VERNUM
runtests: support crlf="yes" for the <stderr> section
sectransp: fix `HAVE_BUILTIN_AVAILABLE` checks to not emit warnings
sectransp: fix clang compiler warnings, stop silencing them
sectransp: remove large cipher table
sectransp: use common code for cipher suite lookup
sendf: fix CRLF conversion of input
smtp: for starttls, do full upgrade
socket: change TCP keepalive from ms to seconds on DragonFly BSD
socket: use SOCK_NONBLOCK to eliminate extra system call
socketpair: add `eventfd` and use `SOCK_NONBLOCK` for `socketpair()`
src/Makefile.am: remove SUBDIRS assignment
system_win32: add missing curl.h include
tcpkeepalive: support TCP keep-alive parameters on Solaris <11.4
test1119: adapt for `.md` input
test1139: scan .md files instead of .3 ones
test1175: scan libcurl-errors.md, not the generated .3 version
test1486: verify that write-out.md and tool_writeout.c are in sync
test2600: disable on win32
test: add test1484, for HEAD with content
test: add test1546, chunked not last transfer encoding
tests/scripts: call it 'manpage' (single word)
tests: add pytest for --ciphers and --tls13-ciphers options
tests: delete `CharConv` remains
tests: delete redundant `!MSDOS` guard
tests: extend user/password parsing test1620
tests: fix sshd IdentityFile path for MinGW/Cygwin
tests: fix sshd UserKnownHostsFile path for MinGW/Cygwin
tests: include current directory when running test Perl commands
tests: log "Throwing away" messages before throwing away
tests: run with "--trace-config all" to provide even more info
tests: sync feature names with `curl -V`
tests: test_17_ssl_use.py clarify mbedTLS TLSv1.3 support
tests: use exec when spawning nghttpx
tidy-up: use consistent casing for Windows directories
TODO: remove some old, clarify, add something
tool_cb_hdr: return error for failed header writes
tool_operate: avoid explicitly setting verifypeer to 1
tool_operate: simplify return code handling from url_proto()
tool_writeout: get certinfo only when needing it
trace-ascii.md: mention "%" for stderr
transfer: avoid polling socket every transfer loop
transfer: conn close on paused upload
transfer: do not use EXPIRE_NOW while blocked
transfer: remove curl_upload_refill_watermark, no longer used
transfer: set CSELECT_IN if there is data pending
unit2604: use 'unitfail' instead of 'error' variable
url: allow DoH transfers to override max connection limit
urlapi: remove unused definition of HOST_BAD
variable.md: make example use expand
verify-synopsis.pl: work with .md files
vms: fixed language in comment
vtls: deprioritize Secure Transport
vtls: replace addsessionid with set_sessionid
winbuild: fix PE version info debug flag
winbuild: MS-DOS batch tidy-ups
winbuild: remove outdated WIN32 defines
windows: fix UWP builds, add GHA job
winsock: move SO_SNDBUF update into cf-socket
wolfssl: assume key_file equal to clientcert if no key_file
wolfssl: use larger error buffer when formatting errors
x509asn1: add some common ECDSA OIDs
x509asn1: ASN1tostr() should fail when 'constructed' is set
x509asn1: fallback to dotted OID representation
x509asn1: make Curl_extract_certinfo store error message
x509asn1: prevent NULL dereference
x509asn1: remove superfluous free()
x509asn1: remove two static variables
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
1e046ced88 |
core188: Ship bash
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
ad4f573733 |
core188: Ship poppler
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Adolf Belka
|
e891c3beca |
poppler: Update to version 24.08.0
- Update from version 24.03.0 to 24.08.0
- Update of rootfile
- sobump has dependency of cups-filters
- Changelog
24.08.0
core:
* Add support for modifying the appearance stream text in form field choice
* Fix buffer overflow in Windows specific font selection code
* Fix crashes in malformed files
* Internal code improvements
qt5:
* Add support for modifying the appearance stream text in form field choice
qt6:
* Add support for modifying the appearance stream text in form field choice
utils:
* pdfinfo: Fix crash in malformed documents
24.07.0
core:
* Fix crashes in broken files
* Internal code improvements
qt6:
* Add getters for document additional actions
* Implement reset forms link
qt5:
* Add getters for document additional actions
* Implement reset forms link
utils:
* pdfinfo: Fix crash in broken documents when using -dests
build system:
* Mark glib-mkenums as required
24.06.0
core:
* Performance improvements in some files
* Fix some issues with files bigger than 2^31 bytes
* Remove all cairo include guards for cairo < 1.16
* Fix MSVC build
* Internal code improvements
qt6:
* Update Qt6 doc example
* Use the non deprecated version of QString::fromUcs4
glib:
* properly document return value from poppler_font_info_scan
24.05.0
core:
* Fix signing not being totally correct in some kind of PDF files
* Assume "Adobe-Identity" for character collection. Issue #1465
* Small improvements in annotation font rendering
* Remove some GooString methods, use std::string ones instead
* Move some GooString methods to UTF.h
* Fix crash in broken files
cpp:
* cpp: Fix crash extracting text and font in some files. Issue #1477
* Change base class of ustring to char16_t
qt6:
* Add async API for certificate validation
* Fix text extraction for Landscape/Seascape pages
qt5:
* Add async API for certificate validation
* Fix text extraction for Landscape/Seascape pages
utils:
* pdfdetach: Small code improvements
* pdftops: Write compliant ps header
build system:
* Increase minimum supported base to that provided by Ubuntu 22.04
24.04.0
core:
* Optimize page text extraction speed
* Fix clipping path handling in some files. Issue #739
* Fix regression in text selection
* Fix text search across lines between paragraphs
qt6:
* Fix crash in SoundObject::data
utils:
* pdfsig: Add Catalan translation
build system:
* Build code as C++20
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|
||
|
Michael Tremer
|
25365003f6 |
core188: Ship DHCP/Unbound Bridge socket implementation
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> |
||
|
Michael Tremer
|
b058000c23 | Merge remote-tracking branch 'ms/unbound-socket' into next | ||
|
Adolf Belka
|
ca9abd894e |
nmap: Update to version 7.95
- Update from version 7.94 to 7.95
- Update of rootfile
- Changelog
7.95
o [Windows] Upgraded Npcap (our Windows raw packet capturing and
transmission driver) from version 1.75 to the latest version 1.79. It
includes many performance improvements, bug fixes and feature
enhancements described at https://npcap.com/changelog.
o Integrated over 4000 IPv4 OS fingerprints submitted since June 2020. Added
336 fingerprints, bringing the new total to 6036. Additions include iOS 15 &
16, macOS Ventura & Monterey, Linux 6.1, OpenBSD 7.1, and lwIP 2.2
o Integrated over 2500 service/version detection fingerprints submitted since
June 2020. The signature count went up 1.4% to 12089, including 9 new
softmatches. We now detect 1246 protocols, including new additions of grpc,
mysqlx, essnet, remotemouse, and tuya.
o [NSE] Four new scripts from the DINA community
(https://github.com/DINA-community)
for querying industrial control systems:
+ hartip-info reads device information from devices using the Highway
Addressable Remote Transducer protocol
+ iec61850-mms queries devices using Manufacturing Message Specification
requests. [Dennis Rösch, Max Helbig]
+ multicast-profinet-discovery Sends a multicast PROFINET DCP Identify All
message and prints the responses. [Stefan Eiwanger, DINA-community]
+ profinet-cm-lookup queries the DCERPC endpoint mapper exposed via the
PNIO-CM service.
o Upgraded included libraries: Lua 5.4.6, libpcre2 10.43, zlib 1.3.1,
libssh2 1.11.0, liblinear 2.47
o [GH#2639] Upgraded OpenSSL binaries (for the Windows builds and for
RPMs) to version 3.0.13. CVEs resolved in this update include only 2
moderate-severity issues which we do not believe affect Nmap:
CVE-2023-5363 and CVE-2023-2650
o [Zenmap][Ndiff][GH#2649] Zenmap and Ndiff now use setuptools, not distutils
for packaging.
o [Ncat][GH#2685] Fixed Ncat UDP server mode to not quit after EOF on stdin.
Reported as Debian bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039613
o [GH#2672] Fixed an issue where TCP Connect scan (-sT) on Windows would fail to
open any sockets, leading to scans that never finish. [Daniel Miller]
o [NSE] ssh-auth-methods will now print the pre-authentication banner text when
available. Requires libssh2 1.11.0 or later. [Daniel Miller]
o [Zenmap][GH#2739] Fix a crash in Zenmap when changing a host comment.
o [NSE][GH#2766] Fix TLS 1.2 signature algorithms for EdDSA.
[Daniel Roethlisberger]
o [Zenmap][GH#2706] RPM spec files now correctly require the python3 package,
not python>=3
o Improvements to OS detection fingerprint matching, including a syntax change
for nmap-os-db that allows ranges within the TCP Options string. This leads
to more concise and maintainable fingerprints. [Daniel Miller]
o Improved the OS detection engine by using a new source port for each retry.
Scans from systems such as Windows that do not send RST for unsolicited
SYN|ACK responses were previously unable to get a response in subsequent
tries. [Daniel Miller]
o Several profile-guided optimizations of the port scan engine. [Daniel Miller]
o [GH#2731] Fix an out-of-bounds read which led to out-of-memory errors when
duplicate addresses were used with --exclude
o [GH#2609] Fixed a memory leak in Nsock: compiled pcap filters were not freed.
o [GH#2658] Fixed a crash when using service name wildcards with -p, as in -p
"http*"
o [NSE] Fixed DNS TXT record parsing which caused asn-query to fail in Nmap
7.80 and later. [David Fifield, Mike Pattrick]
o [NSE][GH#2727][GH#2728] Fixed packet size testing in KNX scripts [f0rw4rd]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
|