- Update from version 3.8.3 to 3.8.5
- Update of rootfile
- Changelog
3.8.5
** libgnutls: Due to majority of usages and implementations of
RSA decryption with PKCS#1 v1.5 padding being incorrect,
leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5
is being deprecated (encryption and decryption) and will be
disabled in the future. A new option `allow-rsa-pkcs1-encrypt`
has been added into the system-wide library configuration which
allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the
RSAES-PKCS1-v1_5 is enabled by default.
** libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for
backward compatibility with GCR.
** libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1
v1.5 decryption error handling and deterministic ECDSA with earlier
versions of GMP. These were a regression introduced in the 3.8.4
release. See #1535 and !1827.
** build: Fixed a bug where building gnutls statically failed due
to a duplicate definition of nettle_rsa_compute_root_tr().
** API and ABI modifications:
GNUTLS_PKCS_PBES1_DES_SHA1: New enum member of gnutls_pkcs_encrypt_flags_t
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 6.4.36 to 6.4.38
- Update of rootfile not required
- Changelog
6.4.38
# BREAKING CHANGES:
* Tighten OpenSSL and wolfSSL version requirements again. See README.SSL.
Distributors providing older versions that they backport security fixes for
may want to patch socket.c but remember to redirect support to your
distribution's support channels.
The fetchmail maintainer only supports functionally unmodified builds with
publicly available SSL/TLS library versions.
fetchmail will refuse to build against OpenSSL 1.0.2 older than 1.0.2u,
or wolfSSL older than 5.6.2. It will warn about OpenSSL older than 3.0.9,
or between 3.1.0 and 3.1.4, or wolfSSL older than 5.6.6.
# TRANSLATIONS: language translations were updated by these fine people:
(in reverse alphabetical order of language codes):
* ru: Kirill Isakov [Russian]
* eo: Keith Bowes [Esperanto]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 2.6.9 to 2.6.11
- Update of rootfile not required
- Changelog
2.6.11
** liboath: Handle invalid base32 encoded secrets. Fixes: #41.
The gnulib update in version 2.6.10 made the base32 encoding functions
reject invalid encodings, but it appears as if these are wildly used.
We now accept invalid encodings again. Thanks to Dorancé Martínez and
Seres Bendegúz for reports.
2.6.10
** Building from git uses a ./bootstrap script instead of 'make bootstrap'.
** Build fixes for Windows.
In particular, don't use filenames "aux.h" and "aux.c" which interact
badly with the AUX special filename.
** Build fixes for Arch Linux.
** Various build fixes including updated gnulib files.
One remaining gnulib self-test disabled.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 3.45.3 to 3.46.0
- Update of rootfile not required
- Changelog
3.46.0
Enhance PRAGMA optimize in multiple ways, to make it simpler to use:
PRAGMA optimize automatically implements a temporary analysis limit to prevent
excess runtime on large databases.
Added the new 0x10000 bitmask option to check for updates on all tables.
Automatically re-analyze tables that do not have sqlite_stat1 entries.
Enhancements to the date and time functions:
The strftime() SQL function now supports %G, %g, %U, and %V.
New modifiers 'ceiling' and 'floor' control the algorithm used to resolve
ambiguous dates when shifting a date by an integer number of months and/or
years.
The 'utc' and 'localtime' modifiers are now no-ops if SQLite knows that the
time is already in UTC or in the localtime, respectively.
Add support for underscore ("_") characters between digits in numeric literals.
Add the json_pretty() SQL function.
Query planner improvements:
The "VALUES-as-coroutine" optimization enables INSERT statements with
thousands of rows in the VALUES clause to parse and run in about half the
time and using about half as much memory.
Allow the use of an index for queries like
"SELECT count(DISTINCT col) FROM ...", even if the index records are not
smaller than the table records.
Improved recognition of cases where the value of an SQL function is constant
because all its arguments are constant.
Enhance the WHERE-clause push-down optimization so that it is able to push
down WHERE clause terms containing uncorrelated subqueries.
Allocate additional memory from the heap for the SQL parser stack if that stack
overflows, rather than reporting a "parser stack overflow" error.
JSON changes:
Allow ASCII control characters within JSON5 string literals.
Fix the -> and ->> operators so that when the right-hand side operand is a
string that looks like an integer it is still treated as a string, because
that is what PostgreSQL does.
Allow large hexadecimal literals to be used as the DEFAULT value to a table column.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 10.0.6 to 10.0.8
- Update of rootfile not required
- Changelog
10.0.8
Fixed compile without ARP
Fixed closefrom test for glibc
Fixed spelling of ADVERTISEMENT
10.0.7
DHCP: use request_time, fallback_time and ipv4ll_time rather than reboot
timeout
DHCP6: Wait for IRT to elapse before requesting advertisments
DHCPv6: Don't re-INFORM if the RA changes
privsep: Reduce fd use
dhcpcd: Add support for arp persist defence by @pradeep-brightsign in #273
Move dhcp(v4) packet size check earlier by @pemensik in #295
Define the Azure Endpoint and other site-specific options by @lparkes in #299
add RFC4191 support by @goertzenator in #297
dhcpcd: Respect IPV6_PREFERRED_ONLY flag regardless of state by @taoyl-g
in #307
Fix time_offset to be int to match RFC-2132 by @ColinMcInnes in #319
hooks/30-hostname: Exit with 0 if setting hostname is not needed by @bdrung
in #320
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 5.5.21 to 5.5.23
- Update of rootfile not required
- Changelog
5.5.23
* Updated the .sc, .新加坡 (.xn--yfro4i67o, Singapore) and .சிங்கப்பூர்
(.xn--clchc0ea0b2g2a9gcd, Singapore) TLD servers.
5.5.22
* Fixed a segmentation fault with --no-recursion.
* Updated the .bm and .vi TLD servers.
* Removed 4 new gTLDs which are no longer active.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 4.15.0 to 4.15.1
- Update of rootfile not required
- Changelog
4.15.1
The main point of this release is to fix a bug that caused spurious error
messages about unknown login.defs configuration options
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 23.6 to 23.7
- Update of roiotfile not required
- Changelog
23.7
* build-sys: Make disable-statx work
* fuser: Fallback to stat() if no statx() Debian 1030747 #48
* fuser: silently ignore EACCES when scanning proc directories
* killall: small formatting fixes Debian #1037231
* pstree: Do not assume root PID #49
* pslog: include config.h #51!36
* misc: Update gettext to 0.21
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 10.42 to 10.43
- Update of rootfile
- Changelog
10.43
There are quite a lot of changes in this release (see ChangeLog and git log for
a list). Those that are not bugfixes or code tidies are:
* The JIT code no longer supports ARMv5 architecture.
* A new function pcre2_get_match_data_heapframes_size() for finer heap control.
* New option flags to restrict the interaction between ASCII and non-ASCII
characters for caseless matching and \d and friends. There are also new
pattern constructs to control these flags from within a pattern.
* Upgrade to Unicode 15.0.0.
* Treat a NULL pattern with zero length as an empty string.
* Added support for limited-length variable-length lookbehind assertions, with
a default maximum length of 255 characters (same as Perl) but with a function
to adjust the limit.
* Support for LoongArch in JIT.
* Perl changed the meaning of (for example) {,3} which did not used to be
recognized as a quantifier. Now it means {0,3} and PCRE2 has also changed.
Note that {,} is still not a quantifier.
* Following Perl, allow spaces and tabs after { and before } in all Perl-
compatible items that use braces, and also around commas in quantifiers. The
one exception in PCRE2 is \u{...}, which is from ECMAScript, not Perl, and
PCRE2 follows ECMAScript usage.
* Changed the meaning of \w and its synonyms and derivatives (\b and \B) in UCP
mode to follow Perl. It now matches characters whose general categories are L
or N or whose particular categories are Mn (non-spacing mark) or Pc
(combining punctuation).
* Changed the default meaning of [:xdigit:] in UCP mode to follow Perl. It now
matches the "fullwidth" versions of hex digits. PCRE2_EXTRA_ASCII_DIGIT can
be used to keep it ASCII only.
* Make PCRE2_UCP the default in UTF mode in pcre2grep and add -no_ucp,
--case-restrict and --posix-digit.
* Add --group-separator and --no-group-separator to pcre2grep.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 5.13 to 6.8
- Update of rootfile
- make on its own no longer needed. It goes straight to make install
- Changelog can be seen by reviewing the Changes file in each source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 1.24 to 1.24.1
- Update of rootfile not required
- Changelog
1.24.1
main.cc: Fix compilation failure on MinGW because of mkdir.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 4.9.0 to 4.9.1
- Update of rootfile
- Changelog
4.9.1
* Support stop/parity bits on serial port (#23952)
* Add needed system headers in checks and return values
for implicit function declarations
* Fixes:
- Avoid zombies after shell exit (#25089)
- Missed signal sending permission check on failed
query messages (CVE-2023-24626)
- manpage fixes
- source code fixes during cleanup
- UTF-8 encoding can emit invalid UTF-8 sequences
for out of range unicode values (#62097)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 1.6.0 to 1.6.1
- Update of rootfile
- Removal of patch for as changes now incorporated in source tarball.
- Changelog
1.6.1
build: fail if specified configure options cannot be satisfied.
pam_env: fixed --disable-econf --enable-vendordir support.
pam_unix: do not warn if password aging is disabled.
pam_unix: try to set uid to 0 before unix_chkpwd invocation.
pam_unix: allow empty passwords with non-empty hashes.
Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 2.5.1 to 2.6.4
- Update of rootfile
- Changelog
2.6.4
Use AX_ADD_FORTIFY_SOURCE to avoid redefining _FORTIFY_SOURCE by
@thesamesam in #103
Do not look up include files in the current working directory by
@DaanDeMeyer in #105
2.6.3
libkfont:
Don't look for fonts in the current directory.
showkey:
Add parameter to allow to change timeout.
po:
Update po files.
2.6.2
loadkeys:
Don't look for keymap in the current directory.
keymaps:
Add colemak mod-dh keymaps.
2.6.1
libkfont:
Fix font saving from linux kernel if KD_FONT_OP_GET_TALL is available.
Respect font height when writing psf2 header.
keymaps:
Create new 'mac-fr' layout for contemporary French Macs.
2.6.0
libkfont:
Leverage KD_FONT_OP_GET/SET_TALL font operations. The new
KD_FONT_OP_GET/SET_TALL font operations allow to load fonts taller
than 32 pixels by dropping the VGA-specific vertical pitch limitation
(requires kernel 6.2 or later).
Use threadsafe strtok_r.
Increase soname version.
setvtrgb:
Fix read from pipe. The pipe is not rewindable, but we don't really
need to rewind() but we need to unread one character.
keymaps:
i386/dvorak/dvorak-de.map: Add dvorak-de.map from console-data.
i386/qwerty/is-latin1.map: the circumflex should also be available in
its original level-3 position.
i386/qwerty/la-latin1.map: Convert the characters expressed in Latin-1
to the named constants, to ease up transition to Unicode.
pine/en.map: New version of pinephone keyboard map file.
unimaps:
Add mapping for U+25CF. The unicode maps in font files like
eurlatgr.psfu and cp850-8x16.psfu have an entry for U+25CF, but the
plaintext unimap files do not.
tests:
Use strace to track syscalls. Now strace is powerful enough to show
ioctls specific to console configuration.
po:
Update translations (from translationproject.org).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 1.7 to 1.7.1
- Update of rootfile not required
- Changelog
1.7.1
## Security
- CVE-2023-50246: Fix heap buffer overflow in jvp\_literal\_number\_literal
- CVE-2023-50268: fix stack-buffer-overflow if comparing nan with payload
## CLI changes
- Make the default background color more suitable for bright backgrounds.
@mjarosie @taoky @nicowilliams @itchyny #2904
- Allow passing the inline jq script after `--`. @emanuele6 #2919
- Restrict systems operations on OpenBSD and remove unused `mkstemp`.
@klemensn #2934
- Fix possible uninitialised value dereference if `jq_init()` fails.
@emanuele6 @nicowilliams #2935
## Language changes
- Simplify `paths/0` and `paths/1`. @asheiduk @emanuele6 #2946
- Reject `U+001F` in string literals. @torsten-schenk @itchyny @wader #2911
- Remove unused nref accumulator in `block_bind_library`. @emanuele6 #2914
- Remove a bunch of unused variables, and useless assignments.
@emanuele6 #2914
- main.c: Remove unused EXIT\_STATUS\_EXACT option. @emanuele6 #2915
- Actually use the number correctly casted from double to int as index.
@emanuele6 #2916
- src/builtin.c: remove unnecessary jv\_copy-s in
type\_error/type\_error2. @emanuele6 #2937
- Remove undefined behavior caught by LLVM 10 UBSAN. @Gaelan @emanuele6
#2926
- Convert decnum to binary64 (double) instead of decimal64. This makes
jq behave like the JSON specification suggests and more similar to
other languages. @wader @leonid-s-usov #2949
- Fix memory leaks on invalid input for `ltrimstr/1` and `rtrimstr/1`.
@emanuele6 #2977
- Fix memory leak on failed get for `setpath/2`. @emanuele6 #2970
- Fix nan from json parsing also for nans with payload that start with
'n'. @emanuele6 #2985
- Allow carriage return characters in comments. @emanuele6 #2942#2984
## Documentation changes
- Generate links in the man page. @emanuele6 #2931
- Standardize arch types to AMD64 & ARM64 from index page download
dropdown. @owenthereal #2884
## libjq
- Add extern C for C++. @rockwotj #2953
## Build and test changes
- Fix incorrect syntax for checksum file. @kamontat @wader #2899
- Remove `-dirty` version suffix for windows release build. @itchyny #2888
- Make use of `od` in tests more compatible. @nabijaczleweli @emanuele6
@nicowilliams #2922
- Add dependabot. @yeikel #2889
- Extend fuzzing setup to fuzz parser and and JSON serializer.
@DavidKorczynski @emanuele6 #2952
- Keep releasing executables with legacy names. @itchyny #2951
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 20240125 to 20240502
- Update of rootfile not required
- Changelog - update of iana-etc files
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 1.20 to 1.20.2
- Update of root filr not required
- Changelog
1.20.2
A bug has been fixed that made global commands like 'g/x/s/x/x', with the last
delimiter omitted, print every substituted line twice.
(Bug introduced in 1.18. Reported by Douglas McIlroy).
1.20.1
New command-line options '+line', '+/RE', and '+?RE' have been implemented to
set the current line to the line number specified or to the first or last line
matching the regular expression 'RE'.
(Suggested by Matthew Polk and John Cowan).
File names containing control characters 1 to 31 are now rejected unless they
are allowed with the command-line option '--unsafe-names'.
File names containing control characters 1 to 31 are now printed using octal
escape sequences.
Ed now rejects file names ending with a slash.
Intervening commands that don't set the modified flag no longer make a second
'e' or 'q' command fail with a 'buffer modified' warning.
Tilde expansion is now performed on file names supplied to commands; if a file
name starts with '~/', the tilde (~) is expanded to the contents of the
variable HOME. (Suggested by John Cowan).
Ed now warns the first time that a command modifies a buffer loaded from a
read-only file. (Suggested by Dan Jacobson).
It has been documented that 'e' creates an empty buffer if file does not exist.
It has been documented that 'f' sets the default filename, whether or not its
argument names an existing file.
The description of the exit status has been improved in '--help' and in the
manual.
The variable MAKEINFO has been added to configure and Makefile.in.
It has been documented in INSTALL that when choosing a C standard, the POSIX
features need to be enabled explicitly:
./configure CFLAGS+='--std=c99 -D_POSIX_C_SOURCE=2'
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Updatre from version 2.14 to 2.15
- Update of rootfile
- Changelog
2.15
* Fix operation of --no-absolute-filenames --make-directories
* Restore access and modification times of symlinks in copy-in
and copy-pass modes.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
