- Update from version 10.43 to 10.44
- Update of rootfile
- Changelog
10.44
This is mostly a bug-fix and tidying release. There is one new function, to set
a maximum size for a compiled pattern. The maximum name length for groups is
increased to 128. Some auxiliary files for building under VMS are added.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 6.8 to 6.9.1
- Update of rootfile
- Changelog details can be see in the file named Changes in the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 6.7.1 to 6.9.2
- Update of rootfile
- Update of e2fsprogs to 1.47.1 changed a variable from inode_includes to
ext2fs_inode_includes. btrfs-progs version 6.7.1 failed to build as it was still looking
for the old variable name. The fix for e2fsprogs 1.47.1 was implemented in btrfs-progs
version 6.9
- Changelog
6.9.2
subvol list: fix accidental trimming of subvolume name
check: revert checking file extent item 'ram_bytes'
libbtrfsutil:
patchlevel version update 1.3.2
fix accidentally closing fd passed to subvolume iterator
6.9.1 (Not to be used)
fix detection of intermediate super block flags (e.g. csum change and other conversions)
raid-stripe-tree support (still experimental):
moved under experimental build flags (mkfs, convert)
format change, removed encoding type; backward incompatible
receive dump: escape special chars in xattr names and values, and clone source path
tune change csum: fix reservation size when starting a transaction
other:
new and updated tests
updated CI images, new reference build targets
cleanups and refactoring
6.9
mkfs:
if --force used, don't continue if the mount status cannot be determined (e.g. due to permissions)
fix minimum size calculation on zoned devices, make it work with option -b
check:
option --clear-ino-cache removed (functionality still provided in 'rescue' command group)
detect and repair wrong file extent item ram_bytes value
qgroup clear-stale:
sync the filesystem before search to read the up to date state
handle cases where qgroup cannot be deleted due to uncleaned subvolume or when squota is enabled
qgroup show: display status of qgroup regarding the cleaning of the subvolume or if it's squota
receive: fix stream parsing on strict alignment hosts (e.g. ARM v5 or v6)
tune change-csum: fix check of dev-replace status item, continue if no dev-replace in progress
dump-tree: print contents of dev-replace status item
convert: fix extent iteration to handle prealloc/unwritten extents
libbtrfsutil:
patchlevel version update 1.3.1
fix potentially unaligned access to send stream
create library links to all version levels
libbtrfs:
patchlevel version update 0.1.3
fix potentially unaligned access to send stream
create library links to all version levels
build:
fix compatibility with e2fsprogs 1.47.1
fix header file dependency tracking
-O2 by default
other:
new and updated tests
ASAN and UBSAN test coverage in CI
documentation updates
6.8.1
mkfs: fix writing on zoned device when block-group-tree is selected
tune: fix writing on zoned device with option --convert-to-block-group-tree
check:
more progress and error messages
unify handling of unknown command line options with other commands
subvolume delete: remove options --delete-qgroup and --no-delete-qgroup (added in 6.6.3), qgroup deletion does not always work due to delayed background processing of subvolume or set value in sysfs:ggroup/drop_subtree_threshold
other:
misc refactoring
error handling fixes reported by gcc -fanalyzer
documentation updates
new and updated tests
6.8
fix --enqueue option timeout handling
subvolume: remove support for undocumented options -c and -x, functionality disabled in kernel
libbtrfsutil:
version 0.1.3, backward compabile
add aliases for all existing functions with unified naming scheme
updated header defintions for recently added kernel features
send: v3 supported in experimental mode
other:
docs: manual page references, graphs, enhancements, clarifications
error handling fixes
cleanups and refactoring
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 4.15.1 to 4.16.0
- Update rootfile
- sobump in rootfile. Ran find-dependencies but no other linked programs identified.
- nscd is disabled in glibc so it has been disabled in shadow. nscd is enabled by default.
- id and groups (deprecated in shadow) are used from coreutils in IPFire.
- Changelog
4.16.0
The shadow implementations of id(1) and groups(1) are deprecated in favor of the
GNU coreutils and binutils versions. They will be removed in 4.17.0.
Support for rlogind in the login(1) implementation has been removed. That is, the
login(1) -r flag has been removed.
The libsubid major version has been bumped, since it now requires specification of
the module's free() implementation.
4.15.2
Bugfix release.
This release includes a large amount of fixes, including memory leaks,
leaks of other resources such as file descriptors, added missing error
handling, and more.
4.15.3
Bugfix release.
This release includes changes to the build system, packaging, and tests;
most of which, were reported by Debian packagers. There's also a fix
for check_subid_range.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Everytime an update has been done on squid the access.log file has been replaced with an
empty file, losing whatever messages have been in the log.
- This has been the case since squid was implemented in IPFire.
- Update of rootfile to comment out var/log/squid/access.log
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 4.20.1 to 4.20.2
- Update of rootfile for both x86_64 and aarch64
- After doing a grep into the config directories I realised that the xxxMACHINExxx phrase
is only added into rootfiles in the main common or package directories and not in the
x86_64 and aarch64
- In the past I have submitted the samba rootfile with x86_64 replaced by xxxMACHINExxx.
It seems to have worked, so the replacement probably occurs even in the architecture
specific directories but it doesn't need to be used there as the directory is clearly
only for that one architecture.
- Changelog
4.20.2
* BUG 15662: vfs_widelinks with DFS shares breaks case insensitivity.
* BUG 13213: Samba build is not reproducible.
* BUG 15569: ldb qsort might r/w out of bounds with an intransitive compare
function.
* BUG 15625: Many qsort() comparison functions are non-transitive, which can
lead to out-of-bounds access in some circumstances.
* BUG 15638: Need to change gitlab-ci.yml tags in all branches to avoid CI
bill.
* BUG 15654: We have added new options --vendor-name and --vendor-patch-
revision arguments to ./configure to allow distributions and packagers to
put their name in the Samba version string so that when debugging Samba the
source of the binary is obvious.
* BUG 15665: CTDB RADOS mutex helper misses namespace support.
* BUG 13019: Dynamic DNS updates with the internal DNS are not working.
* BUG 14981: netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with
SysvolReady=0.
* BUG 15412: Anonymous smb3 signing/encryption should be allowed (similar to
Windows Server 2022).
* BUG 15573: Panic in dreplsrv_op_pull_source_apply_changes_trigger.
* BUG 15620: s4:nbt_server: does not provide unexpected handling, so winbindd
can't use nmb requests instead cldap.
* BUG 15642: winbindd, net ads join and other things don't work on an ipv6
only host.
* BUG 15659: Segmentation fault when deleting files in vfs_recycle.
* BUG 15664: Panic in vfs_offload_token_db_fetch_fsp().
* BUG 15666: "client use kerberos" and --use-kerberos is ignored for the
machine account.
* BUG 15435: Regression DFS not working with widelinks = true.
* BUG 15633: samba-gpupdate - Invalid NtVer in netlogon_samlogon_response.
* BUG 15653: idmap_ad creates an incorrect local krb5.conf in case of trusted
domain lookups.
* BUG 15660: The images don't build after the git security release and CentOS
8 Stream is EOL.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The SSH daemon has been split into a listener and session daemon to have
a smaller attack vector since the listener does not need to implement
the SSH protocol.
In order to keep SSH working, we need to ship the session daemon, too.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 9.7p1 to 9.8p1
- Update of rootfile
- Changelog
9.8p1
-There is a fix for CVE-2024-6387
-The number of changes is too large to show all here. As well as the CVE fix and
another security related fix there are a log of bug fixes as well. The details can
seen at https://www.openssh.com/txt/release-9.8
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- tshark in the past had its own version of speexdsp used only for some "arbitrary
resampling code" used for the build of tshark.
- speexdsp has been removed from tshark so it is now a build requirement.
- It is only used for the build of tshark so the rootfile has all entries commented out.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 4.0.8 to 4.2.5
- Update of rootfile
- Version 4.2.5 requires asciidoctor to be built for tshark to build. Despite lots of
investigation and testing out various commands, tshark will not build if asciidoctor is
not present, even if the docs are not going to be used. It is only required for the
build
- To build asciidoctor ruby has to be installed. It is only required for the build of
asciidoctor
- tshark has previously had its own version of speexdsp built in. It is only used to
provide some "arbitrary resampling code" during the build and does not end up in the
running tshark system. Version 4.2.5 has removed the internal speexdsp code but it
is still a required dependency for building, so speexdsp also need to be installed but
only for the build stage.
- The associated patches with this one provide the build installation of ruby, asciidoctor
and speexdsp. With these installed tshark was able to be built.
- version 4.0.8 and 4.2.5 of tshark were tested out on a vm system with the command
"tshark -c 100 > tshark" and this wrote 100 packets from the vm red0 interface to a
text file. Both the old and new versions provided the same sort of result. To a first
level of testing this shows that the 4.2.5 version is functioning as the previous
version was.
- This version had an sobump so find-dependencies was run. All files linked to the three
libraries in tshark are all also in tshark. No other package is linked to.
- Changelog
There are 13 releases between 4.0.8 and 4.2.5 so the changelist is too large to
include here. Details can be found in the release notes for each version at
https://www.wireshark.org/docs/relnotes/
21 CVE vulnerabilities have been fixed that were identified in 7 of the 13 versions.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 1.5.5 to 1.5.6
- Update of rootfile
- Changelog
1.5.6 (Mar 2024)
api: Promote `ZSTD_c_targetCBlockSize` to Stable API by @felixhandte
api: new `ZSTD_d_maxBlockSize` experimental parameter, to reduce streaming decompression memory, by @terrelln
perf: improve performance of param `ZSTD_c_targetCBlockSize`, by @Cyan4973
perf: improved compression of arrays of integers at high compression, by @Cyan4973
lib: reduce binary size with selective built-time exclusion, by @felixhandte
lib: improved huffman speed on small data and linux kernel, by @terrelln
lib: accept dictionaries with partial literal tables, by @terrelln
lib: fix CCtx size estimation with external sequence producer, by @embg
lib: fix corner case decoder behaviors, by @Cyan4973 and @aimuz
lib: fix zdict prototype mismatch in static_only mode, by @ldv-alt
lib: fix several bugs in magicless-format decoding, by @embg
cli: add common compressed file types to `--exclude-compressed`` by @daniellerozenblit
cli: fix mixing `-c` and `-o` commands with `--rm`, by @Cyan4973
cli: fix erroneous exclusion of hidden files with `--output-dir-mirror` by @felixhandte
cli: improved time accuracy on BSD, by @felixhandte
cli: better errors on argument parsing, by @KapJI
tests: better compatibility with older versions of `grep`, by @Cyan4973
tests: lorem ipsum generator as default backup content, by @Cyan4973
build: cmake improvements by @terrelln, @sighingnow, @gjasny, @JohanMabille, @Saverio976, @gruenich, @teo-tsirpanis
build: bazel support, by @jondo2010
build: fix cross-compiling for AArch64 with lld by @jcelerier
build: fix Apple platform compatibility, by @nidhijaju
build: fix Visual 2012 and lower compatibility, by @Cyan4973
build: improve win32 support, by @DimitriPapadopoulos
build: better C90 compliance for zlibWrapper, by @emaste
port: make: fat binaries on macos, by @mredig
port: ARM64EC compatibility for Windows, by @dunhor
port: QNX support by @klausholstjacobsen
port: MSYS2 and Cygwin makefile installation and test support, by @QBos07
port: risc-v support validation in CI, by @Cyan4973
port: sparc64 support validation in CI, by @Cyan4973
port: AIX compatibility, by @likema
port: HP-UX compatibility, by @likema
doc: Improved specification accuracy, by @elasota
bug: Fix and deprecate ZSTD_generateSequences (#3981)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- lfs copies the required headers to the /usr/include directory.
- rootfile has all entries commented out as utfcpp is only required for the build.
- Added utfcpp into make.sh prior to taglib.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 3.23.5 to 3.23.12
- Update of rootfile
- Changelog
3.23.12
Added support for the following new Printers:
HP OfficeJet Pro 9130b series
HP OfficeJet Pro 9120b series
HP OfficeJet Pro 9110b series
HP Color LaserJet Enterprise Flow MFP X58045z
HP Color LaserJet Enterprise Flow MFP X58045zs
HP Color LaserJet Enterprise MFP X58045dn
HP Color LaserJet Enterprise MFP X58045
HP LaserJet Pro P1106 plus
HP LaserJet Pro P1108 plus
3.23.8
Added support for following new Distro's:
OpenSuse 15.5
Fedora 38
Ubuntu 23.04
Added support for the following new Printers:
HP Color LaserJet Pro MFP 4301dwe
HP Color LaserJet Pro MFP 4301fdne
HP Color LaserJet Pro MFP 4301fdwe
HP Color LaserJet Pro MFP 4301cdwe
HP Color LaserJet Pro MFP 4301cfdne
HP Color LaserJet Pro MFP 4301cfdwe
HP Color LaserJet Pro MFP 4302dwe
HP Color LaserJet Pro MFP 4302fdne
HP Color LaserJet Pro MFP 4302fdwe
HP Color LaserJet Pro MFP 4302cdwe
HP Color LaserJet Pro MFP 4302fdn
HP Color LaserJet Pro MFP 4302fdw
HP Color LaserJet Pro MFP 4303dw
HP Color LaserJet Pro MFP 4303fdn
HP Color LaserJet Pro MFP 4303fdw
HP Color LaserJet Pro MFP 4303cdw
HP Color LaserJet Pro MFP 4303cfdn
HP Color LaserJet Pro MFP 4303cfdw
HP Color LaserJet Pro 4201dne
HP Color LaserJet Pro 4201dwe
HP Color LaserJet Pro 4201cdne
HP Color LaserJet Pro 4201cdwe
HP Color LaserJet Pro 4202dne
HP Color LaserJet Pro 4202dwe
HP Color LaserJet Pro 4202dn
HP Color LaserJet Pro 4202dw
HP Color LaserJet Pro 4203dn
HP Color LaserJet Pro 4203dw
HP Color LaserJet Pro 4203cdn
HP Color LaserJet Pro 4203cdw
HP DeskJet 2800 All-in-One Printer series
HP DeskJet 2800e All-in-One Printer series
HP DeskJet Ink Advantage 2800 All-in-One Printer series
HP DeskJet 4200 All-in-One Printer series
HP DeskJet 4200e All-in-One Printer series
HP DeskJet Ink Advantage 4200 All-in-One Printer series
HP DeskJet Ink Advantage Ultra 4900 All-in-One Printer series
Known issues:
1. USB print feature is not working properly with FW version 6.17.X.X for
HP Color LaserJet Pro MFP 4303 devices
2. An I/O error is observed when attempting to add a HP Color LaserJet
Pro MFP 4303series device via wireless option.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
