- Update from 20190324-3.1 to 20210419-3.1
- Update rootfile
- Changelog - note source tarbal version uses date not the version-info
in the changelog file
2021-04-19 Jess Thrysoee
* version-info: 0:65:0
* all: sync with upstream source
* src/getline.c,src/sys.h: Provide getline.c implementation if not available
Patch by Claes Nästén
* src/makelist: Use Posix locale; mainly to get ASCII character classes in e.g. `tr`
Patch by Claes Nästén
* examples/test_filecompletion.c, examples/wtc1.c: err.h not supported by
Solaris
2021-02-16 Jess Thrysoee
* version-info: 0:64:0
* all: sync with upstream source
2019-12-31 Jess Thrysoee
* version-info: 0:63:0
* configure.ac: Support -ltinfo as split in newer ncurses
The newer versions of ncurses support building terminfo routines as a split -ltinfo library.
Patch by Michał Górny
2019-12-11 Jess Thrysoee
* version-info: 0:62:0
* all: sync with upstream source
2019-10-25 Jess Thrysoee
* version-info: 0:61:0
* all: sync with upstream source
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.2.0 to 1.3.3
- Update rootfile
- Ran find-dependencies - nothing found
- Changelog
Changes between 1.3.2 and 1.3.3:
* Fix regression in dvbpsi_decoder_psi_section_add() set i_last_section_number
Changes between 1.3.1 and 1.3.2:
* Fix bug in dvbpsi_decoder_psi_section_add() set i_last_section_number
* Fix bug in descriptor 0x8a that prevented it from being parsed properly
* Fix bug in descriptor 0x56 generation with multiple teletext page entries
* Fix bug in descriptor 0x41 correct maximum service count
Changes between 1.3.0 and 1.3.1:
* Fix bugs in table: EIT
* Fix test_dr
Changes between 1.2.0 and 1.3.0:
* New descriptor:
- 0x10 Smoothing Buffer
- 0x11 STD descriptor
- 0x12 IBP descriptor
- 0x1b MPEG-4 video descriptor
- 0x1c MPEG-4 audio descriptor
* Fix bugs in descriptor: 0x02, 0x0a, 0x45, 0x48, 0x50, 0x56, 0x7c
* Fix bugs in table: EIT, NIT
* Fix bugs in demux.c
* Build with mingw32
* Generate descriptors: 0x83, 0xa1
* Documentation fixes:
- tables: NIT
- descriptors: 0xa1
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 0.7.9 to 0.8.2
- Update rootfile
- Changelog
0.8.2
- In capng_apply, if we blew up in bounding set, allow setting capabilities
- If PR_CAP_AMBIENT is not available, do not build libdrop_ambient
- Improve last_cap check
0.8.1
- If procfs is not available, leave last_cap as CAP_LAST_CAP
- If bounding and ambient not found in status, try prctl method
- In capng_apply, move ambient caps to the end of the transaction
- In capng_apply, return errors more aggressively.
- In capng_apply, if the action includes the bounding set,resync with the kernel
- Fix signed/unsigned warning in cap-ng.c
- In capng_apply, return a unique error code to diagnose any failure
- In capng_have_capability, return 0 for failure
- Add the libdrop_ambient admin tool
0.8
- Add vararg support to python bindings for capng_updatev
- Add support for ambient capabilities
- Add support for V3 filesystem capabilities
0.7.11
- Really clear bounding set if asked in capng_change_id
- Add CAP_PERFMON, CAP_BPF, & CAP_CHECKPOINT_RESTORE
- Avoid malloc/free in capng_apply (Natanael Copa)
- If procfs is not available, get bounding set via prctl
- Cleanup some compiler warnings
0.7.10
- Update capng_change_id man page
- Add capng_have_permitted_capabilities function
- Update filecap to output which set the capabilities are in
- Fix filecap to not output an error when a file has no capabilities
- Add udplite support to netcap
- Fix usage of pthread_atfork (Joe Orton)
- Mark processes in child user namespaces with * (Danila Kiver)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.4.0 to 3.5.1
- Update rootfile
- Changelog
Libarchive 3.5.1 Released: Dec 26, 2020
Important bugfixes
various compilation fixes
fixed undefined behavior in a function in warc reader
Windows binary uses xz 5.2.5
Libarchive 3.5.0 Released: Dec 1, 2020
New features
mtree digest reader support
completed support for UTF-8 encoding conversion
minor API enhancements
support for system extended attributes
support for decompression of symbolic links in zipx archives
Important bugfixes
fixed extraction of archives with hard links pointing to itself
fixed writing of cpio archives containing hardlinks without file type
fixed rdev field in cpio format for device nodes
fixed uninitialized size in rar5_read_data
fixed memory leaks in error case of archive_write_open() functions
Libarchive 3.4.3 Released: May 20, 2020
New features
support for pzstd compressed files
support for RHT.security.selinux tar extended attribute
Important bugfixes
various zstd fixes and improvements child process
handling fixes
Libarchive 3.4.2 Released: Feb 11, 2020
New features
Atomic file extraction support (bsdtar -x --safe-writes)
mbed TLS (PolarSSL) support
Important bugfixes
security fixes in RAR5 reader
compression buffer fix in XAR writer
fix for uname and gname longer than 32 characters in PAX writer
fix segfault when archiving hard links in ISO9660 and XAR writers
fix support for extracting 7z archive entries with Delta filter
Libarchive 3.4.1 Released: Dec 30, 2019
New features
Unicode filename support for reading lha/lzh archives
New pax write option "xattrhdr"
Important bugfixes
security fixes in wide string processing
security fixes in RAR5 reader
security fixes and optimizations to write filter logic
security fix related to use of readlink(2)
sparse file handling fixes
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- lua library update had a sobump and therefore linked packages require
to have that updated
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- lua library update had a sobump and therefore linked packages require
to have that updated
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- v2 patch version has required libraries not commented
- v2 patch version has lua.pc file commented out in the rootfile
pkgconfig file is only required for build or development and not
for normal running of IPFire
- v2 patch version has make linux changed to make all
INSTALL_TOP is required - default is /usr/local
INSTALL_DATA is required - default results in an empty rootfile
TO_LIB is required - default results in only lua.a in rootfile
- v2 patch version includes PAK_VER updates for dnsdist and haproxy due to
sobump. These packages showed up as dependencies to the old lua library
ncat was also linked but already had a PAK_VER change due to a package
upgrade and so no longer showed up in the find-dependencies scan
- Update from 5.3.5 to 5.4.3
- Autotoolize patch not update since 5.3 series
Based on input from Michael Tremer implemented build approach
from BLFS. This approach also used by Arch Linux. Updated lfs in
line with approach. Added pkgconfig file lua.pc as used in BLFS.
- Update of shared_library patch obtained from BLFS
- Update of rootfile
- Removal of old lua-5.3.5 patches
- Changelog
Main changes
new generational mode for garbage collection
to-be-closed variables
const variables
userdata can have multiple user values
new implementation for math.random
warning system
debug information about function arguments and returns
new semantics for the integer 'for' loop
optional 'init' argument to 'string.gmatch'
new functions 'lua_resetthread' and 'coroutine.close'
string-to-number coercions moved to the string library
allocation function allowed to fail when shrinking a memory block
new format '%p' in 'string.format'
utf8 library accepts codepoints up to 2^31
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.14.5 to 1.14.6
- Update of rootfile
- Changelog
2021-04-19 Marcelo Roberto Jimenez <mroberto(at)users.sourceforge.net>
Fix for a DNS Rebind exploit. A special thanks for the collaboration
of the following people:
- Alaric Senat
- Fabrice Fontaine
- Gabriel Corona
- Ian Whyman
- Jean-Francois Dockes
- Marvin Scholz
- Werner Mahr
2021-04-06 Marcelo Roberto Jimenez <mroberto(at)users.sourceforge.net>
Fix for Github #250:
When upnp uses ixml to parse SOAP messages which contains too many
node, services are unavailable.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 4.1.0 to 4.3.0
- Update of rootfile
- Changelog is too large to include here
Full details can be found in ChangeLog file in source tarball
49 bug fixes implemented between 4.1.0 and 4.3.0
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.0.4 to 2.1.0
- Update rootfile
- Changelog is too large to include here
Full details can be found in ChangeLog.md file in source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- In previous patch libid3tag.pc file was left uncommented in the rootfile
The pkg-config files are only required during the build or for
development not for the normal operation of IPFire
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.35.4 to 3.35.5
- Update of rootfile not required
- Changelog
Fix defects in the new ALTER TABLE DROP COLUMN feature that could
corrupt the database file.
Fix an obscure query optimizer problem that might cause an incorrect
query result.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 4.13.7 to 4.14.3
Change to Samba 4.14 release series
4.13 is now in maintenance mode
4.14 is now the current stable release series
- Update of x86_64 rootfile
- Checked library changes with find-dependencies
No linked programs found
- Changelog
o Trever L. Adams <trever.adams@gmail.com>
* BUG 14671: s3:modules:vfs_virusfilter: Recent New_VFS changes break
vfs_virusfilter_openat.
o Andrew Bartlett <abartlet@samba.org>
* BUG 14586: build: Notice if flex is missing at configure time.
o Ralph Boehme <slow@samba.org>
* BUG 14672: Fix smbd panic when two clients open same file.
* BUG 14675: Fix memory leak in the RPC server.
* BUG 14679: s3: smbd: fix deferred renames.
o Samuel Cabrero <scabrero@samba.org>
* BUG 14675: s3-iremotewinspool: Set the per-request memory context.
o Volker Lendecke <vl@samba.org>
* BUG 14675: Fix memory leak in the RPC server.
o Stefan Metzmacher <metze@samba.org>
* BUG 11899: third_party: Update socket_wrapper to version 1.3.2.
* BUG 14640: third_party: Update socket_wrapper to version 1.3.3.
o David Mulder <dmulder@suse.com>
* BUG 14665: samba-gpupdate: Test that sysvol paths download in
case-insensitive way.
o Sachin Prabhu <sprabhu@redhat.com>
* BUG 14662: smbd: Ensure errno is preserved across fsp destructor.
o Christof Schmitt <cs@samba.org>
* BUG 14663: idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid
conflict.
o Martin Schwenke <martin@meltin.net>
* BUG 14288: build: Only add -Wl,--as-needed when supported.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.9.10 (2007) to 4.0.27 (2021)
- Update of rootfile
- Changelog is too large to put here
Full details can be found in the changelog file in the debian
subdirectory of the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.9.2 to 1.9.3
- Update of rootfile
- Changelog is too long to put here.
Full details can be found in the ChangeLog file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 563 to 581
- Update of rootfile not required
- Changelog
Change ESC-u command to toggle, not disable, highlighting per man page.
Add ESC-U command.
Add ctrl-W search modifier for wrapping search.
F command can be interrupted by ^X.
Support OSC 8 hyperlinks when -R is in effect.
g command with no number will ignore -j and put first line at top of screen.
Multiple + or -p command line options are handled better.
Add the --incsearch option.
Add the --line-num-width option.
Add the --status-col-width option.
Add the --use-color and --color options.
Display -w highlight even if highlighted line is empty.
If search result is in a long line, scroll to ensure it is visible.
Editing the same file under different names now creates only one entry in the file list.
Make visual bell more visible on some terminals.
Ring end-of-file bell no more than once per second.
Build can use either Python or Perl for Makefile.aut operations.
Fix crash when using the @ search modifier.
Fix crash in the 's' command due to duplicate free.
Fix realpath crash on Darwin.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 8.5p1 to 8.6p1
- Update of rootfile not needed
- Changelog
Future deprecation notice
It is now possible[1] to perform chosen-prefix attacks against the
SHA-1 algorithm for less than USD$50K.
In the SSH protocol, the "ssh-rsa" signature scheme uses the SHA-1
hash algorithm in conjunction with the RSA public key algorithm.
OpenSSH will disable this signature scheme by default in the near
future.
Note that the deactivation of "ssh-rsa" signatures does not necessarily
require cessation of use for RSA keys. In the SSH protocol, keys may be
capable of signing using multiple algorithms. In particular, "ssh-rsa"
keys are capable of signing using "rsa-sha2-256" (RSA/SHA256),
"rsa-sha2-512" (RSA/SHA512) and "ssh-rsa" (RSA/SHA1). Only the last of
these is being turned off by default.
This algorithm is unfortunately still used widely despite the
existence of better alternatives, being the only remaining public key
signature algorithm specified by the original SSH RFCs that is still
enabled by default.
The better alternatives include:
* The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These
algorithms have the advantage of using the same key type as
"ssh-rsa" but use the safe SHA-2 hash algorithms. These have been
supported since OpenSSH 7.2 and are already used by default if the
client and server support them.
* The RFC8709 ssh-ed25519 signature algorithm. It has been supported
in OpenSSH since release 6.5.
* The RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521. These
have been supported by OpenSSH since release 5.7.
To check whether a server is using the weak ssh-rsa public key
algorithm, for host authentication, try to connect to it after
removing the ssh-rsa algorithm from ssh(1)'s allowed list:
ssh -oHostKeyAlgorithms=-ssh-rsa user@host
If the host key verification fails and no other supported host key
types are available, the server software on that host should be
upgraded.
OpenSSH recently enabled the UpdateHostKeys option by default to assist
the client by automatically migrating to better algorithms.
[1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and
Application to the PGP Web of Trust" Leurent, G and Peyrin, T
(2020) https://eprint.iacr.org/2020/014.pdf
Security
* sshd(8): OpenSSH 8.5 introduced the LogVerbose keyword. When this
option was enabled with a set of patterns that activated logging
in code that runs in the low-privilege sandboxed sshd process, the
log messages were constructed in such a way that printf(3) format
strings could effectively be specified the low-privilege code.
An attacker who had sucessfully exploited the low-privilege
process could use this to escape OpenSSH's sandboxing and attack
the high-privilege process. Exploitation of this weakness is
highly unlikely in practice as the LogVerbose option is not
enabled by default and is typically only used for debugging. No
vulnerabilities in the low-privilege process are currently known
to exist.
Thanks to Ilja Van Sprundel for reporting this bug.
Changes since OpenSSH 8.5
This release contains mostly bug fixes.
New features
* sftp-server(8): add a new limits@openssh.com protocol extension
that allows a client to discover various server limits, including
maximum packet size and maximum read/write length.
* sftp(1): use the new limits@openssh.com extension (when available)
to select better transfer lengths in the client.
* sshd(8): Add ModuliFile keyword to sshd_config to specify the
location of the "moduli" file containing the groups for DH-GEX.
* unit tests: Add a TEST_SSH_ELAPSED_TIMES environment variable to
enable printing of the elapsed time in seconds of each test.
Bugfixes
* ssh_config(5), sshd_config(5): sync CASignatureAlgorithms lists in
manual pages with the current default. GHPR174
* ssh(1): ensure that pkcs11_del_provider() is called before exit.
GHPR234
* ssh(1), sshd(8): fix problems in string->argv conversion. Multiple
backslashes were not being dequoted correctly and quoted space in
the middle of a string was being incorrectly split. GHPR223
* ssh(1): return non-zero exit status when killed by signal; bz#3281
* sftp-server(8): increase maximum SSH2_FXP_READ to match the maximum
packet size. Also handle zero-length reads that are not explicitly
banned by the spec.
Portability
* sshd(8): don't mistakenly exit on transient read errors on the
network socket (e.g. EINTR, EAGAIN); bz3297
* Create a dedicated contrib/gnome-ssk-askpass3.c source instead of
building it from the same file as used for GNOME2. Use the GNOME3
gdk_seat_grab() to manage keyboard/mouse/server grabs for better
compatibility with Wayland.
* Fix portability build errors bz3293 bz3292 bz3291 bz3278
* sshd(8): soft-disallow the fstatat64 syscall in the Linux
seccomp-bpf sandbox. bz3276
* unit tests: enable autoopt and misc unit tests that were
previously skipped
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 7.80 to 7.91
- Update of rootfile
- Changelog is too long to include here
Full details can be found in the CHANGELOG file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 7.80 to 7.91
- Update of rootfile
- Changelog is too long to include here
Full details can be found in the CHANGELOG file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.10.1 to 3.10.3
- Update of rootfile
- Changelog
libfuse 3.10.3 (2021-04-12)
* Fix returning d_ino and d_type from readdir(3) in non-plus mode
libfuse 3.10.2 (2021-02-05)
* Allow "nonempty" as a mount option, for backwards compatibility with fusermount 2. The
option has no effect since mounting over non-empty directories is allowed by default.
* Fix returning inode numbers from readdir() in offset==0 mode.
* FUSE filesystems can now be mounted underneath EXFAT mountpoints.
* Various minor bugfixes.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.08 to 1.19
- Update of rootfile
- Changelog
1.19 Tue 2020-10-13
- Merge blead change: Remove . from @INC when loading optional modules.
1.18 Tue 2020-10-13
- Correct documentation for add_bits
- Explain $args,... in constructor prototypes
- Add base64_padded_digest method
- Add support for the SHA3 digests
- Update .gitignore and get make manifest working
- Github CI
- Move Digest to a more modern directory tree layout
- Enable strict/warnings for code and tests
- Drop use vars
- Provide a consistent tidy to the code base
- Get rid of the use of bareword file handles
- Modernize the changelog
- Use File::Temp for temporary test files
1.17 Sun 2011-10-02
- Less noisy 'git status' output - Gisle Aas
- Merge pull request #1 from schwern/bug/require_eval - Gisle Aas
- Don't clobber $@ in Digest->new [RT#50663] - Gisle Aas
- More meta info added to Makefile.PL - Gisle Aas
- Fix typo in RIPEMD160 [RT#50629] - Gisle Aas
- Add schwern's test files - Gisle Aas
- Turn on strict. - Michael G. Schwern
- Convert tests to use Test::More - Michael G. Schwern
- Untabify - Michael G. Schwern
- Turn Digest::Dummy into a real file which exercises the Digest->new() require logic. - Michael G. Schwern
- Close the eval "require $module" security hole in Digest->new($algorithm) - Michael G. Schwern
1.16 Tue 2009-06-09
- For SHA-1 try Digest::SHA before tryign Digest::SHA1 as suggested by Adam Trickett - Gisle Aas
- Support Digest->new("RIPEMD-160") as suggested by Zefram - Gisle Aas
- Use 3-arg open for fewer surprises - Gisle Aas
- Sync up with EBCDIC changes from core perl - Jarkko Hietaniemi
1.15 Mon 2006-03-20
- Improved documentation.
1.14 Sat 2005-11-26
- Documentation tweaks.
1.13 Tue 2005-10-18
- Fixed documentation typo.
1.12 Thu 2005-09-29
- Fix documentation typo. Patch by <steve@fisharerojo.org>.
1.11 Sun 2005-09-11
- Make Digest->new("SHA-224") work. Patch by Mark Shelor <shelor@cpan.org>.
1.10 Mon 2004-11-08
- Added Digest::file module which provide convenience functions that calculate digests of files.
1.09 Fri 2004-11-05
- Fix trivial documentation typo.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 7.75.0 to 7.76.1
- Update of rootfile
- Changelog is too large to include here.
Full details can be found in the CHANGES file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.3 to 1.41
- Update of rootfile not needed
- Changelog
1.41 2021-02-01T15:56:00
- Adopt new repo structure. See
http://savage.net.au/Ron/html/My.Workflow.for.Building.Distros.html.
- Reformat Makefile.PL.
- Add t/00.*.
- Update POD to change RT to github.
1.40 2013-09-30T15:32:00
- No code changes.
- Maintenance by Ron Savage <rsavage@cpan.org>.
- Fabricate some version #s for this file.
- Made Passwd.pm utf-8 so we can use Luis' proper name.
- Clean up code formatting.
- Clean up Makefile.PL.
- Use fake (ASCII) ñ in Makefile.PL to keep Solaris happy. See RT#68478.
- Clean up README.
- Add Build.PL.
- Add Changes and Changelog.ini.
- Add META.*.
- Adopt Test::More in t/basic.t.
- Adopt 'use strict' and 'use warnings' to PasswdMD5.pm and t/basic.t.
- Accept patch for new function random_md5_salt(), and tests, from kbrint@rufus.net.
With thanx. See RT#37036.
- Add xt/author/pod.t.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Install Canary-Stability-2013
Required to build Convert-UUlib since version 1.5 (2015)
- Create rootfile
- Canary::Stability - canary to check perl compatibility for schmorp's
modules
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
