- Update from 1.9.4 to 1.10.1
- Update of rootfile
- Changelog
Noteworthy changes in version 1.10.1 (2022-03-28) [C24/A4/R1]
* Bug fixes:
- Fix minor memory leaks in FIPS mode.
- Build fixes for MUSL libc. [rCffaef0be61]
* Other:
- More portable integrity check in FIPS mode. [rC9fa4c8946a,T5835]
- Add X9.62 OIDs to sha256 and sha512 modules. [rC52fd2305ba]
Noteworthy changes in version 1.10.0 (2022-02-01) [C24/A4/R0]
* New and extended interfaces:
- New control codes to check for FIPS 140-3 approved algorithms.
- New control code to switch into non-FIPS mode.
- New cipher modes SIV and GCM-SIV as specified by RFC-5297.
- Extended cipher mode AESWRAP with padding as specified by
RFC-5649. [T5752]
- New set of KDF functions.
- New KDF modes Argon2 and Balloon.
- New functions for combining hashing and signing/verification. [T4894]
* Performance:
- Improved support for PowerPC architectures.
- Improved ECC performance on zSeries/s390x by using accelerated
scalar multiplication.
- Many more assembler performance improvements for several
architectures.
* Bug fixes:
- Fix Elgamal encryption for other implementations.
[R5328,CVE-2021-40528]
- Fix alignment problem on macOS. [T5440]
- Check the input length of the point in ECDH. [T5423]
- Fix an abort in gcry_pk_get_param for "Curve25519". [T5490]
* Other features:
- The control code GCRYCTL_SET_ENFORCED_FIPS_FLAG is ignored
because it is useless with the FIPS 140-3 related changes.
- Update of the jitter entropy RNG code. [T5523]
- Simplification of the entropy gatherer when using the getentropy
system call.
* Interface changes relative to the 1.10.0 release:
GCRYCTL_SET_DECRYPTION_TAG NEW control code.
GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER NEW control code.
GCRYCTL_FIPS_SERVICE_INDICATOR_KDF NEW control code.
GCRYCTL_NO_FIPS_MODE = 83 NEW control code.
GCRY_CIPHER_MODE_SIV NEW mode.
GCRY_CIPHER_MODE_GCM_SIV NEW mode.
GCRY_CIPHER_EXTENDED NEW flag.
GCRY_SIV_BLOCK_LEN NEW macro.
gcry_cipher_set_decryption_tag NEW macro.
GCRY_KDF_ARGON2 NEW constant.
GCRY_KDF_BALLOON NEW constant.
GCRY_KDF_ARGON2D NEW constant.
GCRY_KDF_ARGON2I NEW constant.
GCRY_KDF_ARGON2ID NEW constant.
gcry_kdf_hd_t NEW type.
gcry_kdf_job_fn_t NEW type.
gcry_kdf_dispatch_job_fn_t NEW type.
gcry_kdf_wait_all_jobs_fn_t NEW type.
struct gcry_kdf_thread_ops NEW struct.
gcry_kdf_open NEW function.
gcry_kdf_compute NEW function.
gcry_kdf_final NEW function.
gcry_kdf_close NEW function.
gcry_pk_hash_sign NEW function.
gcry_pk_hash_verify NEW function.
gcry_pk_random_override_new NEW function.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- This is an addon whose purpose is defined as :-
Netpbm is a toolkit for manipulation of graphic images, including conversion of images
between a variety of different formats. There are over 300 separate tools in the
package including converters for about 100 graphics formats. Examples of the sort of
image manipulation we're talking about are: Shrinking an image by 10%; Cutting the top
half off of an image; Making a mirror image; Creating a sequence of images that fade
from one image to another.
- None of the above seems to be a purpose related to a Firewall. Additionally it is
available in a huge number of distributions, including Linux, BSD,Windows,
MacOS X/Darwin, Solaris, AIX etc
- This package seems to be better used on a system in the lan protected by IPFire than
used on IPFire itself
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- This is the legacy version of libnl - 1.1.4 and was released in 2013
- libnl-3 is the running stable version - 3.5.0
- Nothing in IPFire has libnl as a dependency. Large number of programs have libnl-3 as
a dependency
- libnl developer indicates that libnl-3 should be used if in any way possible and that
the legacy version is for situations that fail to work with libnl-3
- As everything in IPFire looks to already be using libnl-3 this patch is to remove the
legacy version
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 3.0.6 to 3.0.7
- Update of rootfile
- Changelog
Version 3.0.7 -
- Fixed bug #345, in which delimitedList changed expressions in place
using expr.streamline(). Reported by Kim Gräsman, thanks!
- Fixed bug #346, when a string of word characters was passed to WordStart
or WordEnd instead of just taking the default value. Originally posted
as a question by Parag on StackOverflow, good catch!
- Fixed bug #350, in which White expressions could fail to match due to
unintended whitespace-skipping. Reported by Fu Hanxi, thank you!
- Fixed bug #355, when a QuotedString is defined with characters in its
quoteChar string containing regex-significant characters such as ., *,
?, [, ], etc.
- Fixed bug in ParserElement.run_tests where comments would be displayed
using with_line_numbers.
- Added optional "min" and "max" arguments to `delimited_list`. PR
submitted by Marius, thanks!
- Added new API change note in `whats_new_in_pyparsing_3_0_0`, regarding
a bug fix in the `bool()` behavior of `ParseResults`.
Prior to pyparsing 3.0.x, the `ParseResults` class implementation of
`__bool__` would return `False` if the `ParseResults` item list was empty,
even if it contained named results. In 3.0.0 and later, `ParseResults` will
return `True` if either the item list is not empty *or* if the named
results dict is not empty.
# generate an empty ParseResults by parsing a blank string with
# a ZeroOrMore
result = Word(alphas)[...].parse_string("")
print(result.as_list())
print(result.as_dict())
print(bool(result))
Prints:
[]
{}
False
# add a results name to the result
result["name"] = "empty result"
print(result.as_list())
print(result.as_dict())
print(bool(result))
Prints:
[]
{'name': 'empty result'}
True
In previous versions, the second call to `bool()` would return `False`.
- Minor enhancement to Word generation of internal regular expression, to
emit consecutive characters in range, such as "ab", as "ab", not "a-b".
- Fixed character ranges for search terms using non-Western characters
in booleansearchparser, PR submitted by tc-yu, nice work!
- Additional type annotations on public methods.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Build worked without libevent without problems
- Nothing shows up as dependent on the libevent (legacy) libraries
- Lots of dependencies on the the libevent2 libraries
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 9.55.0 to 9.56.1
- Update of rootfile
- Changelog
Version 9.56.0 (2022-02-22)
Highlights in this release include:
New PDF Interpreter: This is an entirely new implementation written in C
(rather than PostScript, as before). For a full discussion of this change
and reasons for it see: Changes Coming to the PDF Interpreter.
In this (9.56.0) release, the new PDF interpreter is now ENABLED by default
in Ghostscript, but the old PDF interpreter can be used as a fallback by
specifying -dNEWPDF=false. We've provided this so users that encounter
issues with the new interpreter can keep working while we iron out those
issues, the option will not be available in the long term.
This also allows us to offer a new executable (gpdf, or gpdfwin??.exe on
Windows) which is purely for PDF input. For this release, those new binaries
are not included in the "install" make targets, nor in the Windows installers.
Calling Ghostscript via the GS API is now thread safe. The one limitation is
that the X11 devices for Unix-like systems (x11, x11alpha, x11cmyk, x11cmyk2,
x11cmyk4, x11cmyk8, x11gray2, x11gray4 and x11mono) cannot be made thread
safe, due to their interaction with the X11 server, those devices have been
modified to only allow one instance in an executable.
The PSD output device now writes ICC profiles to their output files, for
improved color fidelity.
Our efforts in code hygiene and maintainability continue.
The usual round of bug fixes, compatibility changes, and incremental
improvements.
Included below are incompatible changes from recent releases (the specific release
in question is listed in parentheses). We include these, for now, as we are aware
that not everyone upgrades with every release.
(9.55.0) Changes to the device API. This will affect developers and
maintainers of Ghostscript devices. Firstly, and most importantly,
the way device-specific "procs" are specified has been rewritten
to make it (we think!) clearer and less confusing. See The
Interface between Ghostscript and Device Drivers and The Great
Device Rework Of 2021 for more details.
(9.55.0) The command line options -sGraphicsICCProfile=___,
-dGraphicsIntent=#, -dGraphicsBlackPt=#, -dGraphicsKPreserve=# have
been changed to -sVectorICCProfile=___, -dVectorIntent=#,
-dVectorBlackPt=#, -dVectorKPreserve=#.
(9.53.0) As of 9.53.0, we have (re-)introduced the patch level to the
version number, this helps facilitate a revised policy on handling
security-related issues.
Note for GSView Users: The patch level addition breaks GSView 5 (it is
hardcoded to check for versions 704-999. It is possible, but not guaranteed
that a GSView update might be forthcoming to resolve this.
(9.52) -dALLOWPSTRANSPARENCY: The transparency compositor (and related
features), whilst we are improving it, remains sensitive to being
driven correctly, and incorrect use can have unexpected/undefined
results. Hence, as part of improving security, we limited access to
these operators, originally using the -dSAFER feature. As we made
"SAFER" the default mode, that became unacceptable, hence the new
option -dALLOWPSTRANSPARENCY which enables access to the operators.
(9.50) There are a couple of subtle incompatibilities between the old and
new SAFER implementations. Firstly, as mentioned in the 9.50 release
notes, SAFER now leaves standard PostScript functionality unchanged
(except for the file access limitations). Secondly, the interaction
with save/restore operations has changed. See SAFER.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
