- Update from 5.14.2 to 5.16.0
- Update of rootfile
- Changelog
5.16.0
This release is almost 100% a libxfs sync. I'm trying to catch up, and the
next release will be 5.18.0-rc0, with both 5.17 and 5.18 libxfs changes synced.
(there are very few).
At that point I'll finally start pulling in more functional changes.
xfsprogs-5.16.0 (04 May 2022)
- libxfs: remove kernel stubs from xfs_shared.h (Eric Sandeen)
- debian: Generate .gitcensus instead of .census (Bastian Germann))
xfsprogs-5.16.0-rc0 (28 Apr 2022)
- libxfs changes merged from kernel 5.16
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 1.22 to 1.23
- Update of rootfile not required
- Changelog
Version 1.23 released.
* Decompression time has been reduced by 5-12% depending on the file.
* main.cc (getnum): Show option name and valid range if error.
* Improve several descriptions in manual, '--help', and man page.
* lzip.texi: Change GNU Texinfo category to 'Compression'.
(Reported by Alfred M. Szmidt).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 1.0.0 to 1.0.1
- Update of rootfile not required
- Changelog
1.0.1
* Allow build on uclinux
* Use after free in nfct_helper_free()
* Double free in nfct-helper-add example
* Invalid argument error in nftc-helper-add
* Incorrect netlink message building with multiple nfct helper policies
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 1.0.0 to 1.0.1
- Update of rootfile not required
- Changelog
1.0.1
* Warnings with automake-1.12
* Allow building on uclinux
* Fix building with clang
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 2.36.0 to 2.36.1
- Update of rootfile not required
- Changelog
Git v2.36.1 Release Notes
Fixes since v2.36
* "git submodule update" without pathspec should silently skip an
uninitialized submodule, but it started to become noisy by mistake.
* "diff-tree --stdin" has been broken for about a year, but 2.36
release broke it even worse by breaking running the command with
<pathspec>, which in turn broke "gitk" and got noticed. This has
been corrected by aligning its behaviour to that of "log".
* Regression fix for 2.36 where "git name-rev" started to sometimes
reference strings after they are freed.
* "git show <commit1> <commit2>... -- <pathspec>" lost the pathspec
when showing the second and subsequent commits, which has been
corrected.
* "git fast-export -- <pathspec>" lost the pathspec when showing the
second and subsequent commits, which has been corrected.
* "git format-patch <args> -- <pathspec>" lost the pathspec when
showing the second and subsequent commits, which has been
corrected.
* Get rid of a bogus and over-eager coccinelle rule.
* Correct choices of C compilers used in various CI jobs.
Also contains minor documentation updates and code clean-ups.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
For details since v3.18.0 see:
https://github.com/logrotate/logrotate/releases/tag/3.20.1https://github.com/logrotate/logrotate/releases/tag/3.20.0https://github.com/logrotate/logrotate/releases/tag/3.19.0
logrotate-3.20.1
drop world-readable permission on state file even when ACLs are enabled (#446)
logrotate-3.20.0
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
fix a misleading debug message with copytruncate and rotate 0 (#443)
add support for unsigned time_t (#438)
do not lock state file /dev/null (#433)
logrotate-3.19.0
continue on EINTR in compressLogFile() (#430)
enforce stricter parsing of configuration files (#427, #431)
avoid confusing error message in debug mode (#426)
fix full_write() on incomplete write (#415)
do not use alloca() any more (#412)
do not rotate hard links unless allowhardlink is used (#407)
change directory after dropping privileges (#397)
add defence in depth when dropping privileges (#400)
remove invalid configuration on error (#408)
do not open symbolic link log files by accident (#399)
do not write state if state file is /dev/null (#395)
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 1.8.7 to 1.8.8
- Update of rootfile
- Changelog
Version 1.8.8
extensions: libxt_conntrack: use bitops for state negation
extensions: libxt_conntrack: use bitops for status negation
xtables: Call init_extensions6() for static builds
xtables: Call init_extensions{,a,b}() for static builds
iptables-nft: fix -Z option
libxtables: exit if called by setuid executeable
iptables-nft: allow removal of empty builtin chains
extensions: tcpmss: add iptables-translate support
nft-shared: set correct register value
nft-shared: support native tcp port delinearize
nft-shared: support native tcp port range delinearize
nft-shared: support native udp port delinearize
nft: prefer native expressions instead of udp match
nft: prefer native expressions instead of tcp match
nft-shared: add tcp flag dissection
nft: add support for native tcp flag matching
tests: shell: fix bashism
nft: fix indentation error.
tests: iptables-test: correct misspelt variable
extensions: libxt_NFLOG: fix `--nflog-prefix` Python test-cases
extensions: libxt_NFLOG: remove extra space when saving targets with prefixes
build: replace `AM_PROG_LIBTOOL` and `AC_DISABLE_STATIC` with `LT_INIT`
extensions: libxt_NFLOG: fix typo
tests: iptables-test: rename variable
tests: add `NOMATCH` test result
tests: support explicit variant test result
tests: NFLOG: enable `--nflog-range` tests
xshared: Implement xtables lock timeout using signals
extensions: libxt_NFLOG: use nft built-in logging instead of xt_NFLOG
extensions: libxt_NFLOG: don't truncate log prefix on print/save
extensions: libxt_NFLOG: disable `--nflog-range` Python test-cases
fix build for missing ETH_ALEN definition
libxtables: extend xlate infrastructure
tests: xlate-test: support multiline expectation
extensions: libxt_connlimit: add translation
extensions: libxt_tcp: rework translation to use flags match representation
extensions: libxt_conntrack: simplify translation using negation
extensions: libxt_multiport: add translation for -m multiport --ports
nft-shared: update context register for bitwise expression
nft: pass struct nft_xt_ctx to parse_meta()
nft: native mark matching support
nft: pass handle to helper functions to build netlink payload
nft: prepare for dynamic register allocation
nft: split gen_payload() to allocate register and initialize expression
configure: bump version for 1.8.8 release
ip6tables: masquerade: use fully-random so that nft can understand the rule
ebtables: Exit gracefully on invalid table names
include: Drop libipulog.h
nft: Fix bitwise expression avoidance detection
xtables-translate: Fix translation of odd netmasks
libxtables: Simplify xtables_ipmask_to_cidr() a bit
nft: cache: Sort chains on demand only
nft: Increase BATCH_PAGE_SIZE to support huge rulesets
extensions: sctp: Explain match types in man page
Eliminate inet_aton() and inet_ntoa()
nft-arp: Make use of ipv4_addr_to_string()
extensions: SECMARK: Implement revision 1
xtables: Make invflags 16bit wide
xshared: Eliminate iptables_command_state->invert
xshared: Merge invflags handling code
ebtables-translate: Use shared ebt_get_current_chain() function
Use proto_to_name() from xshared in more places
extensions: sctp: Fix nftables translation
extensions: sctp: Translate --chunk-types option
libxtables: Drop leftover variable in xtables_numeric_to_ip6addr()
extensions: libebt_ip6: Drop unused variables
libxtables: Fix memleak in xtopt_parse_hostmask()
nft: Avoid memleak in error path of nft_cmd_new()
nft: Avoid buffer size warnings copying iface names
iptables-apply: Drop unused variable
extensions: libebt_ip6: Use xtables_ip6parse_any()
libxtables: Introduce xtables_strdup() and use it everywhere
extensions: libxt_string: Avoid buffer size warning for strncpy()
doc: ebtables-nft.8: Adjust for missing atomic-options
ebtables: Dump atomic waste
nft: Fix for non-verbose check command
tests/shell: Assert non-verbose mode is silent
extensions: hashlimit: Fix tests with HZ=100
iptables-test: Make netns spawning more robust
extensions: libxt_mac: Fix for missing space in listing
nft: Use xtables_malloc() in mnl_err_list_node_add()
nft: Use xtables_{m,c}alloc() everywhere
tests: iptables-test: Fix missing chain case
tests: xlate-test: Don't skip any input after the first empty line
tests: xlate-test: Print errors to stderr
tests: iptables-test: Print errors to stderr
tests: xlate-test: Exit non-zero on error
tests: iptables-test: Exit non-zero on error
tests: shell: Return non-zero on error
ebtables: Avoid dropping policy when flushing
tests: iptables-test: Fix conditional colors on stderr
nft: cache: Avoid double free of unrecognized base-chains
nft: Check base-chain compatibility when adding to cache
nft-chain: Introduce base_slot field
nft: Delete builtin chains compatibly
nft: Introduce builtin_tables_lookup()
xshared: Store optstring in xtables_globals
nft-shared: Introduce init_cs family ops callback
xtables: Simplify addr_mask freeing
nft: Add family ops callbacks wrapping different nft_cmd_* functions
xtables-standalone: Drop version number from init errors
libxtables: Introduce xtables_globals print_help callback
arptables: Use standard data structures when parsing
nft-arp: Introduce post_parse callback
nft-shared: Make nft_check_xt_legacy() family agnostic
xtables: Derive xtables_globals from family
xtables: arptables accepts empty interface names
nft: Merge xtables-arp-standalone.c into xtables-standalone.c
Unbreak xtables-translate
xlate-test: Print full path if testing all files
extensions: hashlimit: Fix tests with HZ=1000
xshared: Merge and share parse_chain()
nft: Change whitespace printing in save_rule callback
xshared: Share print_iface() function
xshared: Share save_rule_details() with legacy
xshared: Share save_ipv{4,6}_addr() with legacy
xshared: Share print_rule_details() with legacy
xshared: Share print_fragment() with legacy
xshared: Share print_header() with legacy iptables
nft-shared: Drop unused function print_proto()
xshared: Make load_proto() static
xshared: Share print_match_save() between legacy ip*tables
xshared: Share a common printhelp function
xshared: Share exit_tryhelp()
xtables_globals: Embed variant name in .program_version
libxtables: Extend basic_exit_err()
iptables-*-restore: Drop pointless line reference
xtables: Drop xtables' family on demand feature
xtables: Pull table validity check out of do_parse()
xtables: Move struct nft_xt_cmd_parse to xshared.h
xtables: Pass xtables_args to check_empty_interface()
xtables: Pass xtables_args to check_inverse()
xtables: Do not pass nft_handle to do_parse()
xshared: Move do_parse to shared space
xshared: Store parsed wait and wait_interval in xtables_args
nft: Move proto_parse and post_parse callbacks to xshared
iptables: Use xtables' do_parse() function
ip6tables: Use the shared do_parse, too
extensions: *NAT: Kill multiple IPv4 range support
xshared: Fix response to unprivileged users
nft: Use verbose flag to toggle debug output
iptables-restore: Support for extra debug output
nft: Set NFTNL_CHAIN_FAMILY in new chains
ebtables: Support verbose mode
nft: Add debug output to table creation
nft: cache: Dump rules if debugging
tests: iptables-test: Support variant deviation
iptables.8: Describe the effect of multiple -v flags
libxtables: Register only the highest revision extension
Improve error messages for unsupported extensions
nft: Simplify immediate parsing
nft: Speed up immediate parsing
xshared: Prefer xtables_chain_protos lookup over getprotoent
nft: Don't pass command state opaque to family ops callbacks
libxtables: Fix for warning in xtables_ipmask_to_numeric
Simplify static build extension loading
nft: Review static extension loading
tests: shell: Fix 0004-return-codes_0 for static builds
nft: Reject standard targets as chain names when restoring
libxtables: Implement notargets hash table
libxtables: Boost rule target checks by announcing chain names
xlate-test: Fix for empty source line on failure
man: DNAT: Describe shifted port range feature
Revert "libipt_[SD]NAT: avoid false error about multiple destinations specified"
extensions: ipt_DNAT: Merge v1 and v2 parsers
extensions: ipt_DNAT: Merge v1/v2 print/save code
extensions: ipt_DNAT: Combine xlate functions also
extensions: DNAT: Rename from libipt to libxt
extensions: Merge IPv4 and IPv6 DNAT targets
extensions: Merge REDIRECT into DNAT
extensions: man: Document service name support in DNAT and REDIRECT
extensions: MARK: Drop extra newline at end of help
xshared: Move arp_opcodes into shared space
xshared: Extend xtables_printhelp() for arptables
libxtables: Drop xtables_globals 'optstring' field
libxtables: Revert change to struct xtables_pprot
extensions: DNAT: Merge core printing functions
man: *NAT: Review --random* option descriptions
extensions: LOG: Document --log-macdecode in man page
nft: Fix EPERM handling for extensions without rev 0
xtables-translate: add missing argument and option to usage
Fix a few doc typos
iptables-test.py: print with color escapes only when stdout isatty
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 3.10.4 to 3.11.0
- Update of rootfile
- Changelog
fuse 3.11.0 (2022-05-02)
* Add support for flag FOPEN_NOFLUSH for avoiding flush on close.
* Fixed returning an error condition to ioctl(2)
fuse 3.10.5 (2021-09-06)
* Various improvements to make unit tests more robust.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 7.83.0 to 7.83.1
- Update of rootfile not required
- Changelog
version 7.83.1
This release includes the following bugfixes:
o altsvc: fix host name matching for trailing dots [31]
o cirrus: Update to FreeBSD 12.3 [24]
o cirrus: Use pip for Python packages on FreeBSD [23]
o conn: fix typo 'connnection' -> 'connection' in two function names [1]
o cookies: make bad_domain() not consider a trailing dot fine [26]
o curl: free resource in error path [3]
o curl: guard against size_t wraparound in no-clobber code [4]
o CURLOPT_DOH_URL.3: mention the known bug [19]
o CURLOPT_HSTS*FUNCTION.3: document the involved structs as well [20]
o CURLOPT_SSH_AUTH_TYPES.3: fix the default [18]
o data/test376: set a proper name
o GHA/mbedtls: enabled nghttp2 in the build [11]
o gha: build msh3 [5]
o gskit: fixed bogus setsockopt calls [17]
o gskit: remove unused function set_callback [2]
o hsts: ignore trailing dots when comparing hosts names [28]
o HTTP-COOKIES: add missing CURLOPT_COOKIESESSION [40]
o http: move Curl_allow_auth_to_host() [9]
o http_proxy/hyper: handle closed connections [34]
o hyper: fix test 357 [32]
o Makefile: fix "make ca-firefox" [37]
o mbedtls: bail out if rng init fails [14]
o mbedtls: fix compile when h2-enabled [12]
o mbedtls: fix some error messages
o misc: use "autoreconf -fi" instead buildconf [22]
o msh3: get msh3 version from MsH3Version [6]
o msh3: print boolean value as text representation [10]
o msh3: psss remote_port to MsH3ConnectionOpen [7]
o ngtcp2: add ca-fallback support for OpenSSL backend [35]
o nss: return error if seemingly stuck in a cert loop [30]
o openssl: define HAVE_SSL_CTX_SET_EC_CURVES for libressl [8]
o post_per_transfer: remove the updated file name [27]
o sectransp: bail out if SSLSetPeerDomainName fails [33]
o tests/server: declare variable 'reqlogfile' static [39]
o tests: fix markdown formatting in README [38]
o test{898,974,976}: add 'HTTP proxy' keywords [16]
o tls: check more TLS details for connection reuse [25]
o url: check SSH config match on connection reuse [21]
o urlapi: address (harmless) UndefinedBehavior sanitizer warning [15]
o urlapi: reject percent-decoding host name into separator bytes [29]
o x509asn1: make do_pubkey handle EC public keys [13]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
This has changed in dracut 24 and we have used various hacks to enable
this behaviour again when it would have been so easy to just enable this
parameter.
Fixes: #12862 - Upgrade from Core 166 to 167 does not use RAID anymore
Reported-by: Dirk Sihling <dsihling@web.de>
Reported-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
libpoppler.so.120.0.0 contains all the functions and symbols which
are required by the tools linked against it.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Some tools of the xfsprogs are linked against libinih and therefore
we need to ship those libs.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
At least the xfsprogs is linked agains the urcu libraries and therefore
requires them to run and deal with xfs filesystems.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Only try to read-in the providers settings file, in case it exists.
Otherwise the script produces an error message, about the missing file,
each time it gets executed.
Because of the fcron job this would be twice a day in most cases.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
The main libraries libpangocairo and libpangosoft2 accidently have been
marked to be not shipped or part of the system.
They are required by collecty and various other libraries or binaries.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
The libexpat.so.1 file is just a symlink to libexpat.so.1.8.8 which
contains all the functions and symbols required by the binaries, linked
against it. Therefore this file needs to be present on the systems.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Refreshing the Pakfire page may cause a command to be
executed multiple times and induce odd errors.
This patch implements a HTTP 303 redirect after form processing,
which causes the browser to discard the POST form data.
Navigating backward or reloading the page now does not trigger
multiple executions anymore.
Fixes: #12781
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de>
Acked-by: Peter Müller <peter.muelle@ipfire.org>
The main page cannot be used while an installation is running.
Therefore it makes more sense to generate the log output first.
Signed-off-by: Leo-Andres Hofmann <hofmann@leo-andres.de>
Acked-by: Peter Müller <peter.muelle@ipfire.org>
