- Update from 1.28.8 to 1.28.9
- Update of rootfile not required
- Changelog
CHANGES IN V1.28.9
- libcupsfilters: Silenced compiler warnings
- libcupsfilters: Removed duplicate code in the
apply_filters() function.
- driverless: If there are no driverless IPP printers
available let "driverless" terminate with exit code 0 and
not 1, to follow CUPS' standard of backends in discovery
mode terminating with 0 if there are no appropriate printers
found (Issue #375).
- gstoraster, foomatic-rip: Fixed Ghostscript command line for
counting pages as it took too long on PDFs from evince when
printing DjVu files (Issue #354, Pull request #371, Ubuntu
bug #1920730).
- cups-browsed: Renamed ldap_connect() due to conflict in
new openldap (Issue #367, Pull request #370).
- pdftoraster: Free color data after processing of each page
(Pull request #363).
- cups-browsed: Always save "...-default" option entries
from printers.conf, regardless of presence or absense
of PPD file (Pull request #359).
- cups-browsed: Start after network-online.target (Pull
request #360).
- texttopdf: Set default margins when no PPD file is used
(Pull request #356).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
While maintaining privacy when accessing web sites probably has never
been more important than it is today, faking Referer and User-Agent
headers is both obsolete and counterproductive:
(a) Most web sites require HTTPS, thwarting manipulation attempts to
HTTP headers in transit. Given todays' internet landscape, faking
these headers is unlikely to work for the vast majority of web
sites.
(b) It is trivial to detect faked HTTP User-Agent headers by obtaining
corresponding browser information via JavaScript. Any difference
most likely indicates (trivial) header manipulation attempts, hence
rendering this feature useless if browsers do not behave in the same
manner, which we cannot control on IPFire.
(c) Especially static Referer headers make users stick out like a sore
thumb, as nobody else in the world is likely to have the same
Referer set _all the time_.
Modern browsers attempt to strip sensitive information from Referer
headers, or ditch them completely, particularly to 3rd party sites.
Given the state of the web ecosystem as we know it today, enforcing
privacy in a centralised manner does not even come close to being
sufficient. Without gaining control over users' browsers, their
settings, and their infrastructure (such as setting up terminal
environments for accessing the web, preventing hardware
fingerprinting), a centralised attempt will at best fail, if not making
things worse, as highlighted in (c).
Therefore, removing these features from the Squid GUI is the least worse
option we have. We should not give our users a false sense of privacy.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Release announcement of this version as per
https://www.smartmontools.org/browser/tags/RELEASE_7_2/smartmontools/NEWS:
Date 2020-12-30
Summary: smartmontools release 7.2
-----------------------------------------------------------
- smartctl: New option '--json=y[c]' selects YAML output.
- smartctl '-i': Prints ATA TRIM and Zoned Device capabilities.
- smartctl '-j': Fixed 'scsi_grown_defect_list' value.
- smartctl '-a': Prints SCSI 'Accumulated power on time'.
- smartctl '-n POWERMODE': SCSI support.
- smartctl '-s standby,now' and '-s standby,off': SCSI support.
- smartctl '-c': NVMe 1.4 additions.
- smartd: Support for staggered self-tests.
- smartd: No longer writes attribute log if no attributes were read
due to standby mode or other error.
- smartd: Now resolves symlinks before device names are checked for
duplicates.
- smartd: Fixed SMARTD_DEVICETYPE environment variable if DEVICESCAN is
used without '-d TYPE'.
- ATA: Device type '-d jmb39x-q,N' for JMB39x protocol variant used by
some QNAP NAS devices.
- ATA: Device type '-d jms56x,N' for JMS562 USB to SATA RAID bridges.
- SCSI: Improved heuristics for log subpages of new and very old disks.
- NVMe: Log transfer size limited to avoid device or kernel crashes.
- NVMe/USB: Device type '-d sntrealtek' for Realtek RTL9210 USB to
NVMe bridges.
- update-smart-drivedb: New option '--branch X.Y'.
- HDD, SSD and USB additions to drive database.
- Dropped support for pre-C99 snprintf().
- configure: Dropped option '--without-working-snprintf'.
- configure: Fixed '-fstack-protector*' detection.
- Linux: Various fixes of smartd.service file.
- Darwin: NVMe log support.
- FreeBSD: Device scan does no longer include T_ENCLOSURE devices.
- NetBSD: Fixed timeout handling.
- NetBSD big endian: Fixed ATA register handling.
- OpenBSD: Fixed timeout handling.
- Windows: Dropped backward compatibility fixes for very old compilers.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.68.2 to 2.68.3
- Update rootfile
- Changelog
Overview of changes in GLib 2.68.3
* Bugs fixed:
- #2311 testfilemonitor test leaks ip_watched_file_t struct
- #2417 GFile: `g_file_replace_contents()` reports `G_IO_ERROR_WRONG_ETAG` when saving from a symlink
- !2133 Backport !2128 “inotify: Fix a memory leak” to glib-2-68
- !2137 Backport !2136 “tlscertificate: Avoid possible invalid read” to glib-2-68
- !2141 Backport !2138 “glocalfileoutputstream: Fix ETag check when replacing through a symlink” to glib-2-68
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.10.3 to 3.10.4
- Update of rootfile
- Changelog
* Building of unit tests is now optional.
* Fixed a test failure when running tests under XFS.
* Fixed memory leaks in examples.
* Minor documentation fixes.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.20.3 to 3.20.4
- Update of rootfile not required.
- Changelog
Changes in 3.20.4 since 3.20.3:
Ben Boeckel (1):
ci: use consistent sccache builds
Brad King (8):
VS: Add special case for '-T version=14.29.16.10' under VS 16.10
VS: Add flag table entries for '/external:W*' flags in VS 16.10
gitlab-ci: Update Windows builds to MSVC 19.29-16.10 toolset
Makefiles: Fix CMAKE_EXPORT_COMPILE_COMMANDS crash with custom compile rule
presets: Fix buildPreset "jobs" field test case
IRSL: Add Intel oneAPI redist location on Windows
fileapi: Fix codemodel-v2 link command fragment relative paths
John Drouhard (1):
FindBoost: Add check for json component header in Boost 1.75+
Marc Chevrier (1):
Help: cmake_path: fix erroneous example for IS_PREFIX
Raul Tambre (2):
MSVC: C++20 final flag, C++23 support
Clang/MSVC: C++20 final flag, C++23 support
Sam Freed (2):
presets: Fix buildPreset "jobs"
presets: Fix buildPreset "targets" not allowing a single string
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.9.7 to 1.9.7p1
- Update of rootfile not required.
- Changelog
Major changes between sudo 1.9.7p1 and 1.9.7
* Fixed an SELinux sudoedit bug when the edited temporary file
could not be opened. The sesh helper would still be run even
when there are no temporary files available to install.
* Fixed a compilation problem on FreeBSD.
* The sudo_noexec.so file is now built as a module on all systems
other than macOS. This makes it possible to use other libtool
implementations such as slibtool. On macOS shared libraries and
modules are not interchangeable and the version of libtool shipped
with sudo must be used.
* Fixed a few bugs in the getgrouplist() emulation on Solaris when
reading from the local group file.
* Fixed a bug in sudo_logsrvd that prevented periodic relay server
connection retries from occurring in "store_first" mode.
* Disabled the nss_search()-based getgrouplist() emulation on HP-UX
due to a crash when the group source is set to "compat" in
/etc/nsswitch.conf. This is probably due to a mismatch between
include/compat/nss_dbdefs.h and what HP-UX uses internally. On
HP-UX we now just cycle through groups the slow way using
getgrent(). Bug #978.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is not necessary and gets in the way if users have SNAT rules or
other things that make the check be in the wrong place.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
