The mq_notify function has a potential use-after-free issue when using a
notification type of SIGEV_THREAD and a thread attribute with a non-default
affinity mask.
The fix for this introduced a NULL pointer dereference.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Patch created to convert all python modules to python3 compatibility that need it.
2to3 converter used for this.
- Start initscript changed to use python3
- No change required in rootfile
- Execution of patch added to lfs file
- Tested in vm machine. WUI page showed the same as with the python version.
scan of directory for mp3 (.flac) files was successful. Could not test actual audio
playing capability as my vm testbed does not have any audio setup at this time.
I believe that the purpose of client175 is to provide the WUI page and for that my
testing seemed to show everything working as expected.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 7.80 to 7.91
- Update of rootfile
- Changelog is too long to include here
Full details can be found in the CHANGELOG file in the source tarball
- Added patch to fix segfault - https://github.com/nmap/nmap/issues/2154
- Ran with unpatched 7.91 version
$ touch /tmp/foo
$ nc -U /tmp/foo
Segmentation fault - flagged problem in #12647
- Ran with patched 7.91 version
$ touch /tmp/foo
$ nc -U /tmp/foo
Ncat: Connection refused. - Expected behaviour
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 6.0.2 (2005) to 12.5.4 (2021)
- sysstat-6.0.2-sysconf.patch no longer required. Built into source as standard now.
- Update rootfile
rootfile made the same as previous version. New options are available, such as
pidstat and tapestat but they have been commented out in the rootfile. If required
in the future they can be uncommented.
- iso that was built with this sysstat was installed into vm testbed and confirmed
that all graphs working, especially those related to disk stats.
- Changelog is too large to show here. Full details for all previous versions can be
found in the CHANGES file in the source tarball.
- At least 25 bugs fixed between the two versions.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This is a major update to the latest available version of ddns.
Remove patches which are part of the upstream release.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 2.0.18 (2011) to 2.1.0 (2016 - latest version)
- Update of rootfile not required
- Changelog
2016-03-08 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.1.0
* Improve the main loop for better interactivity.
Instead of waiting silently for maximum expiration time of probes
in progress, use timeout of the first probe (which will be printed
first from now) only.
* Speedup wait mechanism.
Traditional traceroute implementation always waited the whole timeout
for any probe. But if we already have some replies from the same hop,
or even from some next hop, we can use the round trip time
of such a reply as a hint to determine the actual reasonable
amount of time to wait.
Now the `-w' option has a form of three (in general) float values
separated by a comma (or a slash): `-w MAX_SECS,HERE,NEAR' .
(last two are optional). MAX_SECS specifies the maximum time
(in seconds) to wait, in any case.
The optional HERE specifies a factor to multiply the round trip time
of an already received response from the same hop.
The resulting value is used as a timeout for the probe, instead of
(but no more than) MAX_SECS. The optional NEAR specifies a similar
factor for a response from some next hop.
The time of the first found result is used in both cases.
First, we look for the same hop (of the probe which will be printed
first from now). If nothing found, then look for some next hop.
If nothing found, use MAX_SECS. If HERE and/or NEAR have zero values,
the corresponding computation is skipped.
HERE and NEAR are always set to zero if only MAX_SECS is specified
(which provides compatibility with previous versions). Thus, if your
scripts use `-w SECS', then nothing changed for you, since
the lonely SECS implies `-w SECS,0,0' .
Defaults are 5.0 seconds for MAX_SECS, 3.0 times for HERE and
10.0 times for NEAR.
Certainly, the new algorithm can lead to premature expiry
(especially when response times differ at times) and printing "*"
instead of a time. Anyway, you can always switch this algorithm off,
just by specifying `-w' with the desired timeout only (fe. `-w 5').
We continue to wait whole MAX_SECS when one probe per time
must be sent (`--sport', `-P proto'), because it seems more harmful
rather than helpful to try to wait less in such cases.
To provide compatibility with 2.0.x versions, use:
traceroute -w 5
(or any other desired `-w' value).
* Hint people to use the system traceroute(8) instead of
tcptraceroute wrapper (by providing a stderr header).
The using of this wrapper is a little bit harmful, since it has
less possibilities and a little different set of options.
For those who are used to use tcptraceroute in cmdline,
just create a link with that name to the system traceroute.
When invoked as "tcp*", it then behaves as `traceroute -T'.
(The simple manual page added for this case in the wrapper subdir).
The original tcptraceroute had some options differ ("lpNSAE"),
but they was rare used. Most common "dnFifmqwst" was just the same.
Therefore it should be painless to use the system binary directly,
instead of the limited wrapper (which is still provided indeed).
2016-02-15 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.22
* Some portability fixing and improvements (Felix Janda)
* Require clear numbers for options and arguments (Sergey Salnikov)
* Drop compilation date from the version string (Debian #774365)
* New tcp module option `reuse', which utilize SO_REUSEADDR
to reuse local port numbers for the huge workloads (Richard Sheehan)
* Avoid poll(2) call with spurious zero timeout in some rare cases
by rounding the value properly using ceil(3)
2014-11-12 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.21
* Fix `--mtu' and `-F' working on kernels >= 3.13
* Some manual page improving (Christopher Mann)
2014-06-14 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.20
* Describe all complementary long options in the man page (Jan Synacek)
* Use correct service name for AS lookups (Frederic Mangano)
* Avoid some rare case null dereference (geogriffin@jsgriff.com)
* Improve expiration check for simultaneous probes
2012-11-19 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.19
* DCCP protocol support (rfc4340), by Samuel Jero
Use "-D" option for it (the protocol-specific options
are available too).
* Update COPYING and COPYING.LIB license files to the latest
published ones (due to FSF address changes etc.) (Jan Synacek)
* Add mention of "-l" option to manual (Filip Holec)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 9.53.3 to 9.54.0
- Update rootfile
- delete patch related to FT_CALLBACK_DEF as fix has been implemented in the source
tarball
- Changelog highlights
Version 9.54.0 (2021-03-30)
The 9.54.0 release is a maintenance release, and also adds new functionality.
Highlights in this release include:
Overprint simulation is now available to all output devices, allowing quality previewing/proofing of PostScript and PDF jobs that rely on overprint. See the -dOverprint option documentation in: Overprint
The "docxwrite" device adds the ability to output to Microsoft Word "docx" format. See: docxwrite
The pdfwrite device is now capable of using the Tesseract OCR engine when it is built into Ghostscript to improve searchability and copy and paste functionality when the input lacks the metadata for that purpose. See: UseOCR
Ghostscript/GhostPDL now includes a "map text to black" function, where text drawn by an input job (except when drawn using a Type 3 font) can be forced to draw in solid black. See: BlackText
Ghostscript/GhostPDL now supports simple N-up imposition "internally". See: NupControl
Our efforts in code hygiene and maintainability continue.
The usual round of bug fixes, compatibility changes, and incremental improvements.
Full details of above highlights can be found at https://www.ghostscript.com/doc/9.54.0/History9.htm
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 0.3.4 to 0.3.5
- Created libcdada-0.3.5-Werror.patch based on the gentoo 0.3.5 patch to remove -Werror
flags from the configure. This was flagging up warnings as errors and stopping
the build
- Removed the SUP_ARCH line to allow it to build again
- Added --without-tests and --without-checks to the ./configure statement. This prevents
the test and checks being built
- Removed libcdada-0.3.4-use-shared-library-for-tests-and-examples-build.patch as no
longer needed with the tests and checks no longer being built
- No update required for rootfile
- Changelog
v0.3.5 (20th April 2021)
New
- Improved public API documentation
- build: add --without-tests --without-examples build options
Bug fix
- Fix `E_EMPTY` return codes set/map/list/stack/queue
- Fix `make check` when valgrind is not installed
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Created pmacct-1.7.6-Werror.patch to remove -Werror flags from the configure
This was flagging up warnings as errors and stopping the build
- Removed the SUP_ARCH line to allow it to build again
- No update required to the rootfile
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This reverts commit 86beff5f75.
This patch breaks reading statistics on systems running a 4.14 kernel.
It seems like it is not dependant on the kernel, though.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This also moves existing patches into their applications' directory
within ~/src/patches/, if already existant.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
This patch represents the first batch of various patches we do not use
anymore, hence there is no sense in keeping them, polluting ~/src/patches/.
Two coreutils patches have been moved into the already existing
coreutils folder, while one libloc patch has been a duplicate to that
one already existing in ~/src/patches/libloc/.
Cleaning up this dump remains a non-exhaustive attempt, though. There
are several other patches I could not locate in LFS files in the first
place, which means that the amount of files we can drop from this
directory is likely to be greater than this patch currently covers.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 2.49 to 2.50
- Update rootfile
- Version 2.50 failed to install capsh - bug raised for this
https://bugzilla.kernel.org/show_bug.cgi?id=213261
patch to fix this bug created and used in this build
- Changelog
Release notes for 2.50
2021-05-24 12:05:16 -0700
Some new capsh features:
--explain=cap_foo: describe what cap_foo does (Bug 212451)
--suggest=phrase: search all the cap descriptions and describe those that match the phrase
Add "keepcaps" module argument support to pam_cap.so (reported by Zoltan Fridrich. Bug 212945)
extend libcap to include cap_prctl() and cap_prctlw() functions to regain feature parity with Go "cap" package. These are only needed when linking against -lpsx for keepcaps POSIX semantics.
this likely requires substantial application changes to make Ambient capability support usable in general, but doing our part for the admin.
Add a test case for recent kernel fix (Bug 212737)
Go pragma fix for convenience functions in "cap" module (reported by Lorenz Bauer. Bug 212321)
Minor man documentation updates
Minor build tree improvements (mostly for maintainer)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch represents the first batch of various patches we do not use
anymore, hence there is no sense in keeping them, polluting ~/src/patches/.
Two coreutils patches have been moved into the already existing
coreutils folder, while one libloc patch has been a duplicate to that
one already existing in ~/src/patches/libloc/.
Cleaning up this dump remains a non-exhaustive attempt, though. There
are several other patches I could not locate in LFS files in the first
place, which means that the amount of files we can drop from this
directory is likely to be greater than this patch currently covers.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This package seems to be unmaintained for at least five years. It's
(former?) upstream traces back to https://section5.ch/index.php/2011/01/13/dpf-hacking/,
but download links to both dpfhack and a patched version of lcd4linux
point to http://localhost/.
http://tech.section5.ch/files/dpfhack-0.1alpha.tgz still serves
something apparently related to dpfhack, but it is unclear whether that
is a previous version than the "0.12devel" we know about, or a
successor. https://tech.section5.ch/files/dpfhack-0.1alpha.tgz, just to
have it noticed, comes with a X.509 certificate not issued for this
FQDN.
dpfhack is solely needed as a dependancy for lcd4linux, which appears to
be unmaintained as well, hence being dropped in a dedicated patch.
Given the status quo, bugs in dpfhack cannot be reported properly,
security issues won't be addressed (by anybody else then ourselves), and
technical questions cannot be clarified aside a reverse engineering
approach.
We should not allow such an add-on to be installed on a firewall system.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Notable changes as per https://git.savannah.gnu.org/cgit/dmidecode.git/plain/NEWS:
Version 3.3 (Wed Oct 14 2020)
- [BUILD] Allow overriding build settings from the environment.
- [COMPATIBILITY] Document how the UUID fields are interpreted.
- [PORTABILITY] Don't use memcpy on /dev/mem on arm64.
- [PORTABILITY] Only scan /dev/mem for entry point on x86.
- Support for SMBIOS 3.3.0. This includes new processor names, new port
connector types, and new memory device form factors, types and
technologies.
- Add bios-revision, firmware-revision and system-sku-number to -s option.
- Use the most appropriate unit for cache size.
- Decode system slot base bus width and peers.
- Important bug fixes:
Fix Redfish Hostname print length
Fix formatting of TPM table output
Fix System Slot Information for PCIe SSD
Don't choke on invalid processor voltage
- Use the most appropriate unit for cache size.
Version 3.2 (Wed Sep 14 2018)
- [COMPATIBILITY] The UUID is now displayed using lowercase letters, per
RFC 4122 (#53569). You must ensure that any code parsing it is
case-insensitive.
- Support for SMBIOS 3.2.0. This includes new processor names, new socket
and port connector types, new system slot state and property, and support
for non-volatile memory (NVDIMM).
- Support for Redfish management controllers.
- A new command line option to query a specific structure by its handle.
- A new command line option to query the system family string.
- Support for 3 ThinkPad-specific structures (patch #9642).
- Support for HPE's new company name.
- Support UEFI on FreeBSD.
- Important bug fixes:
Fix firmware version of TPM device
Fix the HPE UEFI feature flag check
- (biosdecode) A new command line option to fully decode PIR information
(support request #109339).
This patch also features two new patches recommended by upstream, whose
online version can be retrieved at
https://git.savannah.gnu.org/cgit/dmidecode.git/commit/?id=1117390ccd9cea139638db6f460bb6de70e28f94https://git.savannah.gnu.org/cgit/dmidecode.git/commit/?id=11e134e54d15e67a64c39a623f492a28df922517.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Relevant excerpt from Changelog as per
https://savannah.gnu.org/forum/forum.php?forum_id=9339:
NEWS
* Noteworthy changes in release 1.10 (2018-12-29) [stable]
** Changes in behavior
Compressed gzip output no longer contains the current time as a
timestamp when the input is not a regular file. Instead, the output
contains a null (zero) timestamp. This makes gzip's behavior more
reproducible when used as part of a pipeline. (As a reminder, even
regular files will use null timestamps after the year 2106, due to a
limitation in the gzip format.)
** Bug fixes
A use of uninitialized memory on some malformed inputs has been fixed.
[bug present since the beginning]
A few theoretical race conditions in signal handers have been fixed.
These bugs most likely do not happen on practical platforms.
[bugs present since the beginning]
In addition, gzip 1.10 comes with the GNU library patch applied, so
there is no need to carry this file around any more.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Since I only ran "find . -type f -name ...", I missed mostly directories
containing configuration and initscripts of recently dropped add-ons and
packages.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.3.11 to 2.4.0
- Update of rootfile not required
- Update of patches as the source code is different enough that the
patches failed to work.
- Changelog has information on changes for version 2.4.0. Prior version
information is for 2.3.3 from 2012. All intervening versions have no
changelog information available.
Version 2.4.0
- Update translations.
- Useragent report is produced if information is available.
- Don't abort if DNS resolution is failing to resolve a host IP address.
- xz compressed log files are supported.
- Compressed redirector logs are now supported.
- Filter converted and split logs using -t command line option.
- Add many new buffer overflow checks.
- Use random temporary directory name by default.
- Many bug fixed.
- Many new features added.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- v2 version has updated rootfile. One line was accidentally missed out of
original patch submission.
- Change from building with python2 to python3
- iotop setup.py used "itervalues" which is no longer used by python3
In python3 this has been changed to "values". Patch created to update
this in the source tarball setup.py
- Update lfs file with patch application and use of python3
- Update of rootfile
- Installed updated version into vm testbed and iotop confirmed working
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
