- Update from version 0.189 to 0.190
- Update of rootfile
- Changelog
0.190
CONTRIBUTING: Switch from real name policy to known identity policy.
Updated ChangeLog policy (no more separate ChangeLog files).
There is a SECURITY bug policy now.
The default branch is now 'main'.
libelf: Add RELR support.
libdw: Recognize .debug_[ct]u_index sections
readelf: Support readelf -Ds, --use-dynamic --symbol.
Support .gdb_index version 9
scrlines: New tool that compiles a list of source files associated
with a specified dwarf/elf file.
debuginfod: Schema change (reindexing required, sorry!) for a 60%
compression in filename representation, which was a large
part of the sqlite index; also, more deliberate sqlite
-wal management during scanning using the
--scan-checkpoint option.
backends: Various LoongArch updates.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 3.8.2 to 3.8.3
- Update of rootfile not required
- Changelog
3.8.3
Bugfix (defect introduced Postfix 2.5, date 20080104): the Postfix SMTP server
was waiting for a client command instead of replying immediately, after a
client certificate verification error in TLS wrappermode. Reported by
Andreas Kinzler.
Usability: the Postfix SMTP server (finally) attempts to log the SASL username
after authentication failure. In Postfix logging, this appends
", sasl_username=xxx" after the reason for SASL authentication failure. The
logging replaces an unavailable reason with "(reason unavailable)", and
replaces an unavailable sasl_username with "(unavailable)". Based on code by
Jozsef Kadlecsik.
Compatibility bugfix (defect introduced: Postfix 2.11, date 20130405): in
forward_path, the expression ${recipient_delimiter} would expand to an empty
string when a recipient address had no recipient delimiter. The compatibility
fix is to use a configured recipient delimiter value instead. Reported by
Tod A. Sandman.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 8.1.1 to 8.2.2
- Update of rootfile
- Changelog
8.2.2
- Fix regression from 8.1.0 in shaping fonts with duplicate feature tags.
- Fix regression from 8.2.0 in parsing CSS-style feature strings.
- Variable fonts instanciation now handles more tables.
- Various CMake build improvements.
- various fixes to build without errors with gcc 4.9.2.
8.2.1
- Unicode 15.1 support.
8.2.0
- Various build and fuzzing fixes
- Improvements to COLRv1 painting.
- New API:
+hb_paint_color_glyph_func_t
+hb_paint_funcs_set_color_glyph_func
+hb_paint_color_glyph
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 2.42.0 to 2.42.1
- Update of rootfile not required
- Changelog
* Tests that are known to pass with LSan are now marked as such.
* Flaky "git p4" tests, as well as "git svn" tests, are now skipped
in the (rather expensive) sanitizer CI job.
* Tests with LSan from time to time seem to emit harmless message
that makes our tests unnecessarily flaky; we work it around by
filtering the uninteresting output.
* GitHub CI workflow has learned to trigger Coverity check.
* Overly long label names used in the sequencer machinery are now
chopped to fit under filesystem limitation.
* Scalar updates.
* Tweak GitHub Actions CI so that pushing the same commit to multiple
branch tips at the same time will not waste building and testing
the same thing twice.
* The commit-graph verification code that detects mixture of zero and
non-zero generation numbers has been updated.
* "git diff -w --exit-code" with various options did not work
correctly, which is being addressed.
* transfer.unpackLimit ought to be used as a fallback, but overrode
fetch.unpackLimit and receive.unpackLimit instead.
* The use of API between two calls to require_clean_work_tree() from
the sequencer code has been cleaned up for consistency.
* "git diff --no-such-option" and other corner cases around the exit
status of the "diff" command has been corrected.
* "git for-each-ref --sort='contents:size'" sorts the refs according
to size numerically, giving a ref that points at a blob twelve-byte
(12) long before showing a blob hundred-byte (100) long.
* Various fixes to the behavior of "rebase -i" when the command got
interrupted by conflicting changes.
* References from description of the `--patch` option in various
manual pages have been simplified and improved.
* "git grep -e A --no-or -e B" is accepted, even though the negation
of "or" did not mean anything, which has been tightened.
* The completion script (in contrib/) has been taught to treat the
"-t" option to "git checkout" and "git switch" just like the
"--track" option, to complete remote-tracking branches.
* "git diff --no-index -R <(one) <(two)" did not work correctly,
which has been corrected.
* Update "git maintenance" timers' implementation based on systemd
timers to work with WSL.
* "git diff --cached" codepath did not fill the necessary stat
information for a file when fsmonitor knows it is clean and ended
up behaving as if it is not clean, which has been corrected.
* Clarify how "alias.foo = : git cmd ; aliased-command-string" should
be spelled with necessary whitespaces around punctuation marks to
work.
* HTTP Header redaction code has been adjusted for a newer version of
cURL library that shows its traces differently from earlier
versions.
* An error message given by "git send-email" when given a malformed
address did not give correct information, which has been corrected.
* UBSan options were not propagated through the test framework to git
run via the httpd, unlike ASan options, which has been corrected.
Also contains various documentation updates, code clean-ups and minor fixups.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 10.01.2 to 10.02.1
- Update of rootfile
- Changelog - these are highlights. For more details the git commits have to be used.
10.02.1
release fixes CVE-2023-43115.
CVE-2023-43115 affects all Ghostscript/GhostPDL versions prior to 10.02.0.
CVE-2023-43115 is a remote code execution risk, so we recommend upgrading to
version 10.02.0 as a matter of urgency
10.02.0
release fixes CVE-2023-43115.
CVE-2023-43115 affects all Ghostscript/GhostPDL versions prior to 10.02.0.
CVE-2023-43115 is a remote code execution risk, so we recommend upgrading to
version 10.02.0 as a matter of urgency
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 5.2.2 to 5.3.0
- Update of rootfile
- Changelog
5.3.0
1. Infrastructure changes: Removed the use of libsigsegv. The
value-add was never very much and it caused problems in some
environments.
2. In keeping with new features in BWK awk, gawk now has built-in
CSV file parsing. The behavior is intended to be identical to
that of the "One True AWK" when --csv is applied. See the
manual for details.
3. Also in keeping with BWK awk, gawk now supports a new \u escape
sequence. This should be followed by 1-8 hexadecimal digits. The
given code point is converted to its corresponding multibyte encoding
for storage inside gawk. See the manual.
4. If PROCINFO["BUFFERPIPE"] exists, then pipe output is buffered.
You can also use PROCINFO["command", "BUFFERPIPE"]. See the manual
for details.
5. Because of the additional `do_csv' variable in the API, which breaks
binary compatibility, the API major version was updated to 4 and
the minor version was reset to zero. The API remains source code
compatible; that is, existing extensions should only require recompilation.
6. The manual now requires Texinfo 7.1 and its texinfo.tex for formatting.
As a result, we no longer need to pre-process it, removing the need
for gawktexi.in and leaving just gawk.texi.
7. And of course, there have been several minor code cleanups and bug fixes.
See the ChangeLog for details.
5.2.x
1. The readdir extension has been updated with additonal code and
features, see the manual or its man page. As a result, the
readdir_test.c extension has been removed.
2. We have a new translation: Ukranian.
3. Several subtle issues related to null regexp matches around
multibyte characters have been fixed.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 10.0.2 to 10.0.4
- Update of rootfile not required
- Two patches removed as the fixes have been included in the source tarball
- Changelog
10.0.4
privsep: allow __NR_mmap2 call by @olegartys in #253
privsep: allow __NR_clock_gettime32 syscall by @olegartys in #254
compat/arc4random.c: use memset instead of explicit_bzero by
@ffontaine in #252
privsep: avoid SIGPIPE errors when scripts write to stderr/stdout after
dhcpcd is daemonised
10.0.3
Do not crash on dhcpcd test run by @pemensik in #231
Add automated CI builds for Ubuntu, OpenBSD, FreeBSD and NetBSD by
@tobhe in #229
dhcpcd: Fix off-by-one overflow when read() writes full BUFSIZ by
@tobhe in #236
privsep: fix strlcpy overflow in psp_ifname by @tobhe in #239
ci: execute tests after successful build by @tobhe in #243
compat: update arc4random() to newer chacha20 based version from OpenBSD by
@tobhe in #227
Support libcrypto for hmac and sha256 by @tobhe in #223
Use a local variable instead of the optind by @gotthardp in #86
Send correct amount of used buffer for prefix exclude option by
@ctomahogh in #250
compat: use OpenSSL RAND_priv_bytes() for entropy by @tobhe in #248
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
For details see:
https://blog.clamav.net/2023/10/clamav-121-113-104-010311-patch.html
Excerpt:
"ClamAV 1.2.1 is a patch release with the following fixes:
Eliminate security warning about unused "atty" dependency.
Upgrade the bundled UnRAR library (libclamunrar) to version 6.2.12.
Build system: Fix link error with Clang/LLVM/LLD version 17. Patch courtesy of Yasuhiro Kimura.
Fix alert-exceeds-max feature for files > 2GB and < max-filesize."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
This will affect new IPFire installations only, implementing a
long-standing BCP for preemptively combating botnet spam. Reject is
chosen over drop to reduce the likelihood for confusion during network
troubleshooting.
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Tested-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 3430000 to 3430100
- Update of rootfile not required
- Changelog
3.34.1
Fix a regression in the way that the sum(), avg(), and total() aggregate functions
handle infinities.
Fix a bug in the json_array_length() function that occurs when the argument comes
directly from json_remove().
Fix the omit-unused-subquery-columns optimization (introduced in in version 3.42.0)
so that it works correctly if the subquery is a compound where one arm is
DISTINCT and the other is not.
Other minor fixes.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 11.5.0 to 11.6.1
- Update of rootfile
- Changelog
11.6.1: release
* Fix a logic error introduced in 11.6.0 in the fix to
copyForeignObject. The bug could result in some pages not being
copied.
11.6.0: release
* ascii85 parser: ignore spaces everywhere including between ~
and >. Fixes#973.
* Bug fix: with --pages, if one of the external files had warnings
but the main file did not, the warning was previously not taken
into consideration when determining the exit status.
* Put quotation marks around the command in completion output to
better handle spaces in paths. It is not a perfect fix (ideally,
full shell-compatible quoting should be used), but it handles more
cases than the old code and should handle all reasonable cases of
qpdf being in a directory with a space in its name, which is
common in Windows. Fixes#1021.
* Move check for random number device to runtime instead of
compile time. Since, by default, the crypto provider provides
random numbers, runtime determination of a random number device is
usually not needed. Fixes#1022.
* Maintain links to foreign pages when copying foreign objects.
This allows hyperlinks in imported files to work. Fixes#1003.
* Bug fix: Return a null object if an attempt is made to to copy a
foreign /Pages object with copyForeignObject. This corrects a
possible crash. Fixes#1010.
* Bug fix: Return a null object if an attempt is made to to copy a
foreign /Pages object with copyForeignObject. Fixes#1003.
* Add /MediaBox to a page if absent. Thanks M. Holger.
* Use std::vector internally for Pl_Buffer to
avoid incompatibility with C++20. Thanks to Zoe Clifford. Fixes#1024.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 1.6 to 1.7
- This project had little happen to it for 5 years but is now going again
https://jqlang.github.io/jq/
- Update of rootfile
- Changelog
1.7
After a five year hiatus we're back with a GitHub organization, with new admins
and new maintainers who have brought a great deal of energy to make a
long-awaited and long-needed new release. We're very grateful for all the new
owners, admins, and maintainers. Special thanks go to Owen Ou (@owenthereal)
for pushing to set up a new GitHub organization for jq, Stephen Dolan (@stedolan)
for transferring the jq repository to the new organization, @itchyny for doing a
great deal of work to get the release done, Mattias Wadman (@wader) and Emanuele
Torre (@emanuele6) for many PRs and code reviews. Many others also contributed
PRs, issues, and code reviews as well, and you can find their contributions in
the Git log and on the [closed issues and PRs page]
(https://github.com/jqlang/jq/issues?q=is%3Aclosed+sort%3Aupdated-desc).
Since the last stable release many things have happened:
- jq now lives at <https://github.com/jqlang>
- New maintainers, admins, and owners have been recruited.
- A list of [current maintainers](https://github.com/jqlang/jq/blob/jq-1.7/AUTHORS#L4-L14)
- NEWS file is replaced by NEWS.md with Markdown format. @wader #2599
- CI, scan builds, release, website builds etc now use GitHub actions. @owenthereal @wader @itchyny #2596#2603#2620#2723
- Lots of documentation improvements and fixes.
- Website updated with new section search box, better section ids for linking, dark mode, etc. @itchyny #2628
- Release builds for:
- Linux `amd64`, `arm64`, `armel`, `armhf`, `i386`, `mips`, `mips64`, `mips64el`, `mips64r6`, `mips64r6el`, `mipsel`, `mipsr6`, `mipsr6el`, `powerpc`, `ppc64el`, `riscv64` and `s390x`
- macOS `amd64` and `arm64`
- Windows `i386` and `amd64`
- Docker `linux/386`, `linux/amd64`, `linux/arm64`, `linux/mips64le`, `linux/ppc64le`, `linux/riscv64` and `linux/s390x`
- More details see @owenthereal #2665
- Docker images are now available from `ghcr.io/jqlang/jq` instead of Docker Hub. @itchyny #2652#2686
- OSS-fuzz. @DavidKorczynski #2760#2762
Full commit log can be found at <https://github.com/jqlang/jq/compare/jq-1.6...jq-1.7> but here are some highlights:
CLI changes
- Make object key color configurable using `JQ_COLORS` environment variable. @itchyny @haguenau @ericpruitt #2703
- Change the default color of null to Bright Black. @itchyny #2824
- Respect `NO_COLOR` environment variable to disable color output. See <https://no-color.org> for details. @itchyny #2728
- Improved `--help` output. Now mentions all options and nicer order. @itchyny @wader #2747#2766#2799
- Fix multiple issues of exit code using `--exit-code`/`-e` option. @ryo1kato #1697
- Add `--binary`/`-b` on Windows for binary output. To get `\n` instead of `\r\n` line endings. @nicowilliams 0dab2b1
- Add `--raw-output0` for NUL (zero byte) separated output. @asottile @pabs3 @itchyny #1990#2235#2684
- Fix assert crash and validate JSON for `--jsonarg`. @wader #2658
- Remove deprecated `--argfile` option. @itchyny #2768
- Enable stack protection. @nicowilliams #2801
Language changes
- Use decimal number literals to preserve precision. Comparison operations respects precision but arithmetic operations might truncate. @leonid-s-usov #1752
- Adds new builtin `pick(stream)` to emit a projection of the input object or array. @pkoppstein #2656#2779
- Adds new builtin `debug(msgs)` that works like `debug` but applies a filter on the input before writing to stderr. @pkoppstein #2710
- Adds new builtin `scan($re; $flags)`. Was documented but not implemented. @itchyny #1961
- Adds new builtin `abs` to get absolute value. This potentially allows the literal value of numbers to be preserved as `length` and `fabs` convert to float. @pkoppstein #2767
- Allow `if` without `else`-branch. When skipped the `else`-branch will be `.` (identity). @chancez @wader #1825#2481
- Allow use of `$binding` as key in object literals. @nicowilliams 8ea4a55
- Allow dot between chained indexes when using `.["index"]` @nicowilliams #1168
- Allow dot for chained value iterator `.[]`, `.[]?` @wader #2650
- Fix try/catch catches more than it should. @nicowilliams #2750
- Speed up and refactor some builtins, also remove `scalars_or_empty/0`. @muhmuhten #1845
- Now `halt` and `halt_error` exit immediately instead of continuing to the next input. @emanuele6 #2667
- Fix issue converting string to number after previous convert error. @thalman #2400
- Fix issue representing large numbers on some platforms causing invalid JSON output. @itchyny #2661
- Fix deletion using assigning empty against arrays. @itchyny #2133
- Allow keywords to be used as binding name in more places. @emanuele6 #2681
- Allow using `nan` as NaN in JSON. @emanuele6 #2712
- Expose a module's function names in `modulemeta`. @mrwilson #2837
- Fix `contains/1` to handle strings with NUL. @nicowilliams 61cd6db
- Fix `stderr/0` to output raw text without any decoration. @itchyny #2751
- Fix `nth/2` to emit empty on index out of range. @itchyny #2674
- Fix `implode` to not assert and instead replace invalid unicode codepoints. @wader #2646
- Fix `indices/1` and `rindex/1` in case of overlapping matches in strings. @emanuele6 #2718
- Fix `sub/3` to resolve issues involving global search-and-replace (gsub) operations. @pkoppstein #2641
- Fix `significand/0`, `gamma/0` and `drem/2` to be available on macOS. @itchyny #2756#2775
- Fix empty regular expression matches. @itchyny #2677
- Fix overflow exception of the modulo operator. @itchyny #2629
- Fix string multiplication by 0 (and less than 1) to emit empty string. @itchyny #2142
- Fix segfault when using libjq and threads. @thalman #2546
- Fix constant folding of division and reminder with zero divisor. @itchyny #2797
- Fix `error/0`, `error/1` to throw null error. @emanuele6 #2823
- Simpler and faster `transpose`. @pkoppstein #2758
- Simple and efficient implementation of `walk/1`. @pkoppstein #2795
- Remove deprecated filters `leaf_paths`, `recurse_down`. @itchyny #2666
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 1.14.6 to 1.14.10
- Update of rootfile
- Changelog
dbus 1.14.10 (2023-09-01)
Bug fixes:
• Avoid a dbus-daemon crash if re-creating a connection's policy fails.
If it isn't possible to re-create its policy (for example if it belongs
to a user account that has been deleted or if the Name Service Switch is
broken, on a system not supporting SO_PEERGROUPS), we now log a warning,
continue to use its current policy, and continue to reload other
connections' policies. (dbus#343; Peter Benie, Simon McVittie)
• If getting the groups from a user ID fails, report the error correctly,
instead of logging "(null)" (dbus#343, Simon McVittie)
• Return the primary group ID in GetConnectionCredentials()' UnixGroupIDs
field for processes with a valid-but-empty supplementary group list
(dbus!422, cptpcrd)
dbus 1.14.8 (2023-06-06)
Denial-of-service fixes:
• Fix an assertion failure in dbus-daemon when a privileged Monitoring
connection (dbus-monitor, busctl monitor, gdbus monitor or similar)
is active, and a message from the bus driver cannot be delivered to a
client connection due to <deny> rules or outgoing message quota. This
is a denial of service if triggered maliciously by a local attacker.
(dbus#457; hongjinghao, Simon McVittie)
Other fixes:
• Fix compilation on compilers not supporting __FUNCTION__
(dbus!404, Barnabás Pőcze)
• Fix some memory leaks on out-of-memory conditions
(dbus!403, Barnabás Pőcze)
• Documentation:
· Fix syntax of a code sample in dbus-api-design
(dbus!396; Yen-Chin, Lee)
Tests and CI enhancements:
• Fix CI pipelines after freedesktop/freedesktop#540
(dbus!405, dbus#456; Simon McVittie)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Fixes custom IPFire Zabbix Agent userparameter ipfire.net.gateway.ping
returning 1 (success) when fping failed for other reasons (rc 2,3 or 4)
than host unreachable (rc 0).
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 6.0.21 to 6.0.22
- Update of rootfile not required
Bugs fixed:
- ZBX-23417: Fixed possible memory leak when checking modbus.get[] item
New Features and Improvements:
- ZBXNEXT-6554: Increased remote command execution limits to 16MB
Full changelogs since 6.0.21:
- https://www.zabbix.com/rn/rn6.0.22
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
