Historically, the MD5 checksums in our LFS files serve as a protection
against broken downloads, or accidentally corrupted source files.
While the sources are nowadays downloaded via HTTPS, it make sense to
beef up integrity protection for them, since transparently intercepting
TLS is believed to be feasible for more powerful actors, and the state
of the public PKI ecosystem is clearly not helping.
Therefore, this patch switches from MD5 to BLAKE2, updating all LFS
files as well as make.sh to deal with this checksum algorithm. BLAKE2 is
notably faster (and more secure) than SHA2, so the performance penalty
introduced by this patch is negligible, if noticeable at all.
In preparation of this patch, the toolchain files currently used have
been supplied with BLAKE2 checksums as well on
https://source.ipfire.org/.
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremeripfire.org>
- Update from 1.36 to 1.38
- Update of rootfile
- Changelog
version 1.38
build: Fix --disable-tld builds.
Simplify building of gdoc-generated man/texi outputs.
Rebuild GTK-DOC HTML/PDF outputs on version number changes.
doc: Rebuild idn.1 when version number changes.
build: Fix --disable-tld builds.
cicd: Add pages.
doc: Improve GTK-DOC manual.
cicd: Fix Ubuntu 12.04 builds.
Improve GTK-DOC manual.
Fix build errors related to doc/idn--help.texi.
doc: Fix release process.
doc: Improve HACKING instructions.
Bootstrap cache.
version 1.37
Use gnulib's bootstrap.
Drop old unused WERROR_CFLAGS usage.
Improve URLs.
Fix links for git and valgrind.
Fix self check for --disable-tld.
Sync with TP.
Doc fixes.
Don't dist ps/html/pdf. Drop custom css.
Improve ./configure summary output.
Use gnulib langinfo module.
More ./configure summary output.
Use AM_GNU_GETTEXT_VERSION to get intl.m4 too.
Disable some complex gnulib self-tests that add lots of dependencies and fail on mingw.
Drop second gnulib tests directory since only one is supported.
Require more recent automake and gtk-doc.
Fix .gitignore.
doc: Fix JDK dependency for Fedora.
Drop warning stuff covered by manywarnings.m4 now.
Disable VLA from gettext.
Remove autopoint-generated files that are in gnulib too.
Update autoconf archive macros.
Prefer gnulib's M4 files over autopoint.
Modernize autoconf usage.
Use AM_GNU_GETTEXT_REQUIRE_VERSION.
Update gnulib files.
Modernize configure.ac.
Require autoconf 2.64 for newer gnulib.
Avoid including copyright info in idn example.
Fix manual copyright years.
Fix syntax-check.
Update copyright years.
Improve HACKING.
Drop obsolete PGP key from AUTHORS.
Revert last patch, clearly src/ was being built before doc/.
Build doc/ after src/ so that src/idn exists for help2man of doc/idn.1.
Fix recommended package installs.
Drop .gitlab-ci.yml.
Doc fix.
Sync with TP.
Fix typos, inspired by codespell.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
For details see:
https://lists.gnu.org/archive/html/info-gnu/2018-04/msg00001.html
"* Version 1.34 (2018-03-31)
** libidn: Fix integer overflow in combine_hangul()
Found by fuzzing.
** libidn: Fix integer overflow in punycode decoder
Found by fuzzing, fix for the fix reported by Christian Weisgerber
** libidn: Fix performance issue in idna_to_unicode_internal()
Found by fuzzing.
** libidn: Fix performance issue in stringprep functions.
Found by fuzzing.
** libidn: Fix NULL pointer dereference in g_utf8_normalize()
Found by fuzzing.
** libidn: Fix NULL pointer dereference in stringprep_ucs4_nfkc_normalize()
Found by fuzzing.
** libidn: Increase performance of stringprep functions
Found by fuzzing.
** testing: Add OSS-fuzz integration and regression testing
** build: Update gnulib files
** build: Modernize GTK-Doc build
** build: Fix parallel builds
** build: Add configure flag --disable-doc
** build: Add configure flag --enable-ubsan (enable UB Sanitizer)
** build: Add configure flag --enable-asan (enable Address Sanitizer)
** build: Fix compiler warnings
** build: Fix build for gcc-7
** i18n: Added Swedish translation.
Thanks to Josef Andersson.
** API and ABI is backwards compatible with the previous version."
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
