- Update from 2.4.2 to 2.4.4
- Update of rootfile
- Changelog
Release 2.4.4 Sun January 30 2022
Security fixes:
#550 CVE-2022-23852 -- Fix signed integer overflow
(undefined behavior) in function XML_GetBuffer
(that is also called by function XML_Parse internally)
for when XML_CONTEXT_BYTES is defined to >0 (which is both
common and default).
Impact is denial of service or more.
#551 CVE-2022-23990 -- Fix unsigned integer overflow in function
doProlog triggered by large content in element type
declarations when there is an element declaration handler
present (from a prior call to XML_SetElementDeclHandler).
Impact is denial of service or more.
Bug fixes:
#544#545 xmlwf: Fix a memory leak on output file opening error
Other changes:
#546 Autotools: Fix broken CMake support under Cygwin
#554 Windows: Add missing files to the installer to fix
compilation with CMake from installed sources
#552#554 Version info bumped from 9:3:8 to 9:4:8;
see https://verbump.de/ for what these numbers do
Release 2.4.3 Sun January 16 2022
Security fixes:
#531#534 CVE-2021-45960 -- Fix issues with left shifts by >=29 places
resulting in
a) realloc acting as free
b) realloc allocating too few bytes
c) undefined behavior
depending on architecture and precise value
for XML documents with >=2^27+1 prefixed attributes
on a single XML tag a la
"<r xmlns:a='[..]' a:a123='[..]' [..] />"
where XML_ParserCreateNS is used to create the parser
(which needs argument "-n" when running xmlwf).
Impact is denial of service, or more.
#532#538 CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow
on variable m_groupSize in function doProlog leading
to realloc acting as free.
Impact is denial of service or more.
#539 CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows
near memory allocation at multiple places. Mitre assigned
a dedicated CVE for each involved internal C function:
- CVE-2022-22822 for function addBinding
- CVE-2022-22823 for function build_model
- CVE-2022-22824 for function defineAttribute
- CVE-2022-22825 for function lookup
- CVE-2022-22826 for function nextScaffoldPart
- CVE-2022-22827 for function storeAtts
Impact is denial of service or more.
Other changes:
#535 CMake: Make call to file(GENERATE [..]) work for CMake <3.19
#541 Autotools|CMake: MinGW: Make run.sh(.in) work for Cygwin
and MSYS2 by not going through Wine on these platforms
#527#528 Address compiler warnings
#533#543 Version info bumped from 9:2:8 to 9:3:8;
see https://verbump.de/ for what these numbers do
Infrastructure:
#536 CI: Check for realistic minimum CMake version
#529#539 CI: Cover compilation with -m32
#529 CI: Store coverage reports as artifacts for download
#528 CI: Upgrade Clang from 11 to 13
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 7.80.0 to 7.81.0
- Update of rootfile
- Changelog
7.81.0
This release includes the following changes:
o mime: use percent-escaping for multipart form field and file names [1]
This release includes the following bugfixes:
o asyn-ares: ares_getaddrinfo needs no happy eyeballs timer [73]
o azure: make the "w/o HTTP/SMTP/IMAP" build disable SSL proper [12]
o BINDINGS: add cURL client for PostgreSQL [68]
o BINDINGS: add one from Everything curl and update a link
o checksrc: detect more kinds of NULL comparisons we avoid [105]
o CI: build examples for additional code verification [75]
o CI: bump job to use mbedtls 3.1.0 [90]
o cmake: don't set _USRDLL on a static Windows build [22]
o cmake: prevent dev warning due to mismatched arg [94]
o cmake: private identifiers use CURL_ instead of CMAKE_ prefix [40]
o config.d: update documentation to match the path search
o configure: add -lm to configure for rustls build. [13]
o configure: better diagnostics if hyper is built wrong [6]
o configure: don't enable TLS when --without-* flags are used [17]
o configure: fix runtime-lib detection on macOS [21]
o curl.1: require "see also" for every documented option [27]
o curl: improve error message for --head with -J [42]
o curl_easy_cleanup.3: remove from multi handle first [3]
o curl_easy_escape.3: call curl_easy_cleanup in example [58]
o curl_easy_unescape.3: call curl_easy_cleanup in example [57]
o curl_multi_init.3: fix EXAMPLE formatting
o curl_multi_perform/socket_action.3: clarify what errors mean [70]
o curl_share_setopt.3: split out options into their own manpages [14]
o CURLOPT_STDERR.3: does not work with libcurl as a win32 DLL [51]
o digest: compute user:realm:pass digest w/o userhash [45]
o docs/checksrc: Add documentation for STRERROR [18]
o docs/cmdline-opts: do not say "protocols: all" [26]
o docs/examples: workaround broken -Wno-pedantic-ms-format
o docs/HTTP3: describe how to setup a h3 reverse-proxy for testing [88]
o docs/INSTALL.md: typo fix : added missing "get" verb [31]
o docs/URL-SYNTAX.md: space is not fine in a given URL
o docs: add known bugs list to HTTP3.md [83]
o docs: address proselint nits [16]
o docs: consistent manpage SYNOPSIS [47]
o docs: fix dead links, remove ECH.md
o docs: fix typo in OpenSSL 3 build instructions [80]
o docs: Update the Reducing Size section
o example/progressfunc: remove code for old libcurls [78]
o examples/multi-single.c: remove WAITMS() [98]
o FAQ: typo fix : "yout" ➤ "your" [30]
o ftp: disable warning 4706 in MSVC [85]
o gen.pl: improve example output format [29]
o github workflow: add wolfssl (removed from zuul) [103]
o github/workflows: add mbedtls and mbedtls-clang (removed from zuul) [92]
o gtls: check return code for gnutls_alpn_set_protocols [86]
o hash: lazy-alloc the table in Curl_hash_add() [54]
o http2:set_transfer_url() return early on OOM [53]
o HTTP3: update quiche build instructions [37]
o http: enable haproxy support for hyper backend [20]
o http: Fix CURLOPT_HTTP200ALIASES [89]
o http_proxy: don't close the socket (too early) [100]
o insecure.d: detail its use for SFTP and SCP as well [32]
o insecure.d: expand and clarify [28]
o libcurl-multi.3: "SOCKS proxy handshakes" are not blocking
o libcurl-security.3: mention address and URL mitigations
o libssh2: fix error message for sha256 mismatch
o libtest: avoid "assignment within conditional expression" [84]
o lift: ignore is a deprecated config option, use ignoreRules [35]
o linkcheck.yml: add CI job that checks markdown links [82]
o m4/curl-compilers: tell clang -Wno-pointer-bool-conversion [99]
o Makefile.m32: rename -winssl option to -schannel and tidy up [33]
o mbedTLS: add support for CURLOPT_CAINFO_BLOB [44]
o mbedtls: fix CURLOPT_SSLCERT_BLOB [72]
o mbedtls: fix private member designations for v3.1.0 [93]
o misc: remove unused doh flags when CURL_DISABLE_DOH is defined [71]
o misc: s/e-mail/email [74]
o multi: cleanup the socket hash when destroying it [55]
o multi: handle errors returned from socket/timer callbacks [52]
o multi: shut down CONNECT in Curl_detach_connnection [2]
o netrc.d: edit the .netrc example to look nicer [24]
o ngtcp2: verify the server cert on connect (quictls) [102]
o ngtcp2: verify the server certificate for the gnutls case [101]
o nss:set_cipher don't clobber the cipher list [38]
o openldap: implement STARTTLS [56]
o openldap: process search query response messages one by one [50]
o openldap: several minor improvements [69]
o openldap: simplify ldif generation code [77]
o openssl: check the return value of BIO_new() [43]
o openssl: define HAVE_OPENSSL_VERSION for OpenSSL 1.1.0+
o openssl: remove `RSA_METHOD_FLAG_NO_CHECK` handling if unavailable
o openssl: remove usage of deprecated `SSL_get_peer_certificate`
o openssl: use non-deprecated API to read key parameters
o page-footer: add a mention of how to report bugs to the man page
o page-footer: document more environment variables [23]
o request.d: refer to 'method' rather than 'command' [59]
o retry-all-errors.d: make the example complete
o runtests: make the SSH library a testable feature
o rustls: read of zero bytes might be okay [9]
o rustls: remove comment about checking handshaking [15]
o rustls: remove incorrect EOF check [10]
o sha256/md5: return errors when init fails [79]
o socks5: use appropriate ATYP for numerical IP address host names [91]
o test1156: enable for hyper [65]
o test1156: fixup the stdout check for Windows [60]
o test1525: tweaked for hyper [64]
o test1526: enable for hyper [63]
o test1527: enable for hyper [62]
o test1528: enable for hyper [61]
o test1554: adjust for hyper [49]
o test1556: adjust for hyper [48]
o test302[12]: run only with the libssh2 backend [8]
o test661: enable for hyper [66]
o tests/CI.md: add more information on CI environments [39]
o tests/data/test302[12]: fix MSYS2 path conversion of hostpubsha256 [76]
o tftp: mark protocol as not possible to do over CONNECT [25]
o tool_findfile: updated search for a file in the homedir [46]
o tool_operate: only set SSH related libcurl options for SSH URLs [11]
o tool_operate: warn if too many output arguments were found [87]
o url.c: fix the SIGPIPE comment for Curl_close [4]
o url: check ssl_config when re-use proxy connection [81]
o url: reduce ssl backend count for CURL_DISABLE_PROXY builds [96]
o urlapi: accept port number zero [34]
o urlapi: if possible, shorten given numerical IPv6 addresses [95]
o urlapi: provide more detailed return codes [36]
o urlapi: reject short file URLs [41]
o version_win32: Check build number and platform id
o vtls/rustls: adapt to the updated rustls_version proto [19]
o writeout: fix %{http_version} for HTTP/3 [7]
o x509asn1: return early on errors [67]
o zuul.d: update rustls-ffi to version 0.8.2 [5]
o zuul: fix quiche build pointing to wrong Cargo [104]
This release includes the following known bugs:
o see docs/KNOWN_BUGS (https://curl.se/docs/knownbugs.html)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 2.3.3op2 to 2.4.1
- Update of rootfile
- Changelog
Changes in CUPS v2.4.1 (27th January 2020)
- The default color mode now is now configurable and defaults to the printer's
reported default mode (Issue #277)
- Configuration script now checks linking for -Wl,-pie flags (Issue #303)
- Fixed memory leaks - in testi18n (Issue #313), in `cups_enum_dests()`
(Issue #317), in `_cupsEncodeOption()` and `http_tls_upgrade()` (Issue #322)
- Fixed missing bracket in de/index.html (Issue #299)
- Fixed typos in configuration scripts (Issues #304, #316)
- Removed remaining legacy code for `RIP_MAX_CACHE` environment variable
(Issue #323)
- Removed deprecated directives from cupsctl and cups-files.conf (Issue #300)
- Removed `purge-jobs` legacy code from CGI scripts and templates (Issue #325)
Changes in CUPS v2.4.0 (29th November 2021)
- Added configure option --with-idle-exit-timeout (Issue #294)
- Added --with-systemd-timeoutstartsec configure option (Issue #298)
- DigestOptions now are applied for MD5 Digest authentication defined
by RFC 2069 as well (Issue #287)
- Fixed compilation on Solaris (Issue #293)
- Fixed and improved German translations (Issue #296, Issue #297)
Changes in CUPS v2.4rc1 (12th November 2021)
- Added warning and debug messages when loading printers
if the queue is raw or with driver (Issue #286)
- Compilation now uses -fstack-protector-strong if available (Issue #285)
Changes in CUPS v2.4b1 (27th October 2021)
- Added support for CUPS running in a Snapcraft snap.
- Added basic OAuth 2.0 client support (Issue #100)
- Added support for AirPrint and Mopria clients (Issue #105)
- Added configure support for specifying systemd dependencies in the CUPS
service file (Issue #144)
- Added several features and improvements to `ipptool` (Issue #153)
- Added a JSON output mode for `ipptool`.
- The `ipptool` command now correctly reports an error when a test file cannot
be found.
- CUPS library now uses thread safe `getpwnam_r` and `getpwuid_r` functions
(Issue #274)
- Fixed Kerberos authentication for the web interface (Issue #19)
- The ZPL sample driver now supports more "standard" label sizes (Issue #70)
- Fixed reporting of printer instances when enumerating and when no options are
set for the main instance (Issue #71)
- Reverted USB read limit enforcement change from CUPS 2.2.12 (Issue #72)
- The IPP backend did not return the correct status code when a job was canceled
at the printer/server (Issue #74)
- The `testlang` unit test program now loops over all of the available locales
by default (Issue #85)
- The `cupsfilter` command now shows error messages when options are used
incorrectly (Issue #88)
- The PPD functions now treat boolean values as case-insensitive (Issue #106)
- Temporary queue names no longer end with an underscore (Issue #110)
- The USB backend now runs as root (Issue #121)
- Added pkg-config file for libcups (Issue #122)
- Fixed a PPD memory leak caused by emulator definitions (Issue #124)
- Fixed a `DISPLAY` bug in `ipptool` (Issue #139)
- The scheduler now includes the `[Job N]` prefix for job log messages, even
when using syslog logging (Issue #154)
- Added support for locales using the GB18030 character set (Issue #159)
- `httpReconnect2` did not reset the socket file descriptor when the TLS
negotiation failed (Apple #5907)
- `httpUpdate` did not reset the socket file descriptor when the TLS
negotiation failed (Apple #5915)
- The IPP backend now retries Validate-Job requests (Issue #132)
- Now show better error messages when a driver interface program fails to
provide a PPD file (Issue #148)
- Added dark mode support to the CUPS web interface (Issue #152)
- Added a workaround for Solaris in `httpAddrConnect2` (Issue #156)
- Fixed an interaction between `--remote-admin` and `--remote-any` for the
`cupsctl` command (Issue #158)
- Now use a 60 second timeout for reading USB backchannel data (Issue #160)
- The USB backend now tries harder to find a serial number (Issue #170)
- Fixed `@IF(name)` handling in `cupsd.conf` (Apple #5918)
- Fixed documentation and added examples for CUPS' limited CGI support
(Apple #5940)
- Fixed the `lpc` command prompt (Apple #5946)
- Now always pass "localhost" in the `Host:` header when talking over a domain
socket or the loopback interface (Issue #185)
- Fixed a job history update issue in the scheduler (Issue #187)
- Fixed `job-pages-per-set` value for duplex print jobs.
- Fixed an edge case in `ippReadIO` to make sure that only complete attributes
and values are retained on an error (Issue #195)
- Hardened `ippReadIO` to prevent invalid IPP messages from being propagated
(Issue #195, Issue #196)
- The scheduler now supports the "everywhere" model directly (Issue #201)
- Fixed some IPP Everywhere option mapping problems (Issue #238)
- Fixed support for "job-hold-until" with the Restart-Job operation (Issue #250)
- Fixed the default color/grayscale presets for IPP Everywhere PPDs (Issue #262)
- Fixed support for the 'offline-report' state for all USB backends (Issue #264)
- Documentation fixes (Issue #92, Issue #163, Issue #177, Issue #184)
- Localization updates (Issue #123, Issue #129, Issue #134, Issue #146,
Issue #164)
- USB quirk updates (Issue #192, Issue #270, Apple #5766, Apple #5838,
Apple #5843, Apple #5867)
- Web interface updates (Issue #142, Issue #218)
- The `ippeveprinter` tool now automatically uses an available port.
- Fixed several Windows TLS and hashing issues.
- Deprecated cups-config (Issue #97)
- Deprecated Kerberos (`AuthType Negotiate`) authentication (Issue #98)
- Removed support for the (long deprecated and unused) `FontPath`,
`ListenBackLog`, `LPDConfigFile`, `KeepAliveTimeout`, `RIPCache`, and
`SMBConfigFile` directives in `cupsd.conf` and `cups-files.conf`.
- Stubbed out deprecated `httpMD5` functions.
- Add test for undefined page ranges during printing.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 1.9.8p2 to 1.9.9
- Update of rootfile
- Changelog
What's new in Sudo 1.9.9
* Sudo can now be built with OpenSSL 3.0 without generating warnings
about deprecated OpenSSL APIs.
* A digest can now be specified along with the "ALL" command in
the LDAP and SSSD back-ends. Sudo 1.9.0 introduced support for
this in the sudoers file but did not include corresponding changes
for the other back-ends.
* visudo now only warns about an undefined alias or a cycle in an
alias once for each alias.
* The sudoRole cn was truncated by a single character in warning messages.
GitHub issue #115.
* The cvtsudoers utility has new --group-file and --passwd-file options
to use a custom passwd or group file when the --match-local option is
also used.
* The cvtsudoers utility can now filter or match based on a command.
* The cvtsudoers utility can now produce output in csv (comma-separated
value) format. This can be used to help generate entitlement reports.
* Fixed a bug in sudo_logsrvd that could result in the connection being
dropped for very long command lines.
* Fixed a bug where sudo_logsrvd would not accept a restore point
of zero.
* Fixed a bug in visudo where the value of the "editor" setting was not
used if it did not match the user's EDITOR environment variable.
This was only a problem if the "env_editor" setting was not enabled.
Bug #1000.
* Sudo now builds with the -fcf-protection compiler option and the
"-z now" linker option if supported.
* The output of "sudoreplay -l" now more closely matches the
traditional sudo log format.
* The sudo_sendlog utility will now use the full contents of the log.json
file, if present. This makes it possible to send sudo-format I/O logs
that use the newer log.json format to sudo_logsrvd without losing any
information.
* Fixed compilation of the arc4random_buf() replacement on systems with
arc4random() but no arc4random_buf(). Bug #1008.
* Sudo now uses its own getentropy() by default on Linux. The GNU libc
version of getentropy() will fail on older kernels that don't support
the getrandom() system call.
* It is now possible to build sudo with WolfSSL's OpenSSL compatibility
layer by using the --enable-wolfssl configure option.
* Fixed a bug related to Daylight Saving Time when parsing timestamps
in Generalized Time format. This affected the NOTBEFORE and
NOTAFTER options in sudoers. Bug #1006
* Added the -O and -P options to visudo, which can be used to check
or set the owner and permissions. This can be used in conjunction
with the -c option to check that the sudoers file ownership and
permissions are correct. Bug #1007.
* It is now possible to set resource limits in the sudoers file itself.
The special values "default" and "user" refer to the default system
limit and invoking user limit respectively. The core dump size limit
is now set to 0 by default unless overridden by the sudoers file.
* The cvtsudoers utility can now merge multiple sudoers sources into
a single, combined sudoers file. If there are conflicting entries,
cvtsudoers will attempt to resolve them but manual intervention
may be required. The merging of sudoers rules is currently fairly
simplistic but will be improved in a future release.
* Sudo was parsing but not applying the "deref" and "tls_reqcert"
ldap.conf settings. This meant the options were effectively
ignored which broke dereferencing of aliases in LDAP. Bug #1013.
* Clarified in the sudo man page that the security policy may
override the user's PATH environment variable. Bug #1014.
* When sudo is run in non-interactive mode (with the -n option), it
will now attempt PAM authentication and only exit with an error
if user interaction is required. This allows PAM modules that
don't interact with the user to succeed. Previously, sudo
would not attempt authentication if the -n option was specified.
Bug #956 and GitHub issue #83.
* Fixed a regression introduced in version 1.9.1 when sudo is
built with the --with-fqdn configure option. The local host
name was being resolved before the sudoers file was processed,
making it impossible to disable DNS lookups by negating the
"fqdn" sudoers option. Bug #1016.
* Added support for negated sudoUser attributes in the LDAP and
SSSD sudoers back ends. A matching sudoUser that is negated
will cause the sudoRole containing it to be ignored.
* Fixed a bug where the stack resource limit could be set to a
value smaller than that of the invoking user and not be reset
before the command was run. Bug #1017.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 5.15.0 to 5.16.0
- Update of rootfile
routef has been removed
Commit message - This script is old and limited to IPv4. Using ip route command
directly is better option.
rtpr has been removed
Commit message - This script was a one off hack for a special case. Now that ip
commands have better formatting, there is no real reason for it
ifcfg has been removed
Commit message - This script was from olden days of ifcfg. I don't see any
distribution using it and it is time to put it out to pasture.
- Changelog - There is no changelog. For details of changes you have to review the
commits in the git repository
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/log/
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 2.70.1 to 2.71.1
- Update of rootfile
- Changelog
Overview of changes in GLib 2.71.1
* Basic support for static builds on Windows (work by Loïc Le Page,
Marc-André Lureau, with contributions from Xavier Claessens, Nirbheek Chauhan,
Charlie Barto, Luca Bacci, Amos Wenger) (#692, #2585, !2442)
* Add `GDebugController` and a D-Bus implementation which exposes whether
debug output is enabled in a process using the `org.gtk.Debugging` D-Bus
interface (work by Philip Withnall) (#1190)
* Support for `AF_UNIX` sockets on Windows 10 (and later) (work by Marc-André Lureau) (#2487)
* Several important fixes to GDBus message and GVariant parsing of invalid data (work by Sebastian Wilhelmi) (#2557, #2572)
* Fix potential data loss due to missing fsync when saving files on btrfs (work by Sebastian Keller) (!2425)
* Fix potential buffer overflows in `garray.c` for very large `GArray`s and `GPtrArray`s (work by Tobias Stoeckmann) (#2578)
* Fix FDs in gspawn not being closed and causing process hangs if `close_range()` fails unexpectedly (work by Dan Nicholson) (#2580)
* Fix `g_find_program_in_path()` not returning an absolute path if `$PATH` is relative (work by Christoph Niethammer) (#2586)
* Add support for loading PKCS#12 encrypted files in `GTlsCertificate` (work by Patrick Griffis) (!2239)
* A number of improvements to unit tests (work by Emmanuel Fleury, Charlie Barto) (!2399, !2400, !2402, !2403, !2428, !2431, !2432, !2434)
* Support `LOCAL_PEERPID` on macOS, giving partial support for PIDs in
`GCredentials` on that platform (work by Ignacio Casal Quinteiro) (!2362)
* Add `g_get_user_state_dir()` to support `XDG_STATE_HOME` (work by Sophie Herold) (!2395)
* Add `g_hash_table_new_similar()` to copy a hash table and its hash/equal functions without its data (work by Jonas Ådahl) (!2405)
* Support D-Bus client authentication with `EXTERNAL` on Windows (work by Marc-André Lureau) (!2429)
* Add a reStructuredText documentation generator to `gdbus-codegen` (work by Emmanuele Bassi) (!2448)
* Add a Windows implementation of `GMemoryMonitor` (work by Marc-André Lureau) (!2452)
* Bugs fixed:
- #692 meta: Fix static build on Windows
- #1190 gapplication: Add an org.gtk.Debugging interface
- #2487 Add support for native unix domain sockets on WIN32 to GLib.Socket and related classes
- #2550 possible GDateTime issue with localtime on Illumos/Solaris
- #2557 Arrays of zero-element tuples with non-zero length lead to infinite loops in g_dbus_message_new_from_blob
- #2559 2.71.0: compile and link time warnings
- #2560 Link error xdgmime.c: unresolved external symbol S_ISREG when building with VS2022
- #2564 Hangul Jamo Extended-B should be 0-width
- #2565 Build glib-2.71.0 failed in Windows using MSYS2-MINGW64
- #2571 Cross build error "undefined reference to `_g_binary_test1_resource_data'" when building tests for Windows on openSUSE Leap
- #2572 Check for GVariant recursion depth before recursing
- #2578 buffer overflows in garray.c
- #2579 Outdated paths in INSTALL.in
- #2580 gspawn doesn't set CLOEXEC if close_range fails unexpectedly
- #2582 glib 2.71.0 muslc - build error missing sentinel in function call
- #2585 Static link issue on Windows due to resource files being linked in twice
- #2586 g_find_program_in_path not returning an absolute path
- !2239 gtlscertificate: Add ability to load PKCS#12 encrypted files
- !2362 credentials: support the local peerpid on macos
- !2384 meson: Fix linking with static library in Windows
- !2395 utils: Add XDG_STATE_HOME support
- !2399 Move tests/env-test.c into glib/tests/environment.c
- !2400 Prevent gtest tests from popping up dialog boxes
- !2402 Improving glib/tests/environment.c
- !2403 Improve test coverage of glib/tests/asyncqueue.c
- !2405 ghash: Add g_hash_table_new_similar
- !2407 tests: Fix environment test on FreeBSD
- !2411 annotate `g_content_type_guess` parameter as filename
- !2412 paramspec: fix unref annotation
- !2413 Use meson dependency to link against apple framework
- !2414 docs: Improve docs for gdbusutils.c
- !2417 gtestutils: Fix minor typos in the g_test_get_filename() docs
- !2423 Make clear in doc that signals are emitted synchroniously
- !2425 gfileutils: Remove outdated BTRFS fsync optimization from set_contents
- !2426 gdbus-codegen: Fix a typo in a comment
- !2428 Merge tests/gobject/gvalue-test.c with gobject/tests/value.c
- !2429 gdbus: make client work with EXTERNAL on Windows
- !2431 Merge tests/gobject/paramspec-test.c into gobject/tests/param.c
- !2432 Merge test/unicode-caseconv.c into glib/tests/unicode.c
- !2434 Remove a disabled test case that was covered by glib/tests/collate.c
- !2440 Improve g_ascii_formatd docs and preconditions
- !2441 Reduce the amount of compile-time warnings
- !2442 Fix tests with static build on Windows
- !2447 giowin32: use gint64 and _lseeki64
- !2448 Add reStructuredText documentation generator for gdbus-codegen
- !2452 gio/win32: add GMemoryMonitorWin32
- !2453 Add `(array length)` annotation to `g_tls_certificate_new_from_pkcs12()`
- !2454 gdbusmessage, gvariant and garray fixes
- !2456 tests: Pass --internal and -z noexecstack to glib-compile-resources tests
- !2459 gio: add missing zlib dependency in gio-windows-2.0.pc
- !2461 Fix memory leak in gio/gdbusauthmechanismsha1.c
- !2463 Revert "Merge branch 'fix-windows-pc' into 'main'"
* Translation updates:
- Catalan
- Chinese (China)
- Czech
- Galician
- Hebrew
- Indonesian
- Lithuanian
- Polish
- Portuguese
- Portuguese (Brazil)
- Russian
- Spanish
- Ukrainian
Overview of changes in GLib 2.71.0
* Fix network changes not being signalled from NetworkManager (work by
Julian Andres Klode) (#2505)
* Fix build when building with --fatal-meson-warnings (work by Eli Schwartz) (!2304)
* Fix use of the default log writer with journald namespaces (diagnosis by Ilya Basin) (#2530)
* Fix hang in `dbus-daemon` under `GTestDBus` when `G_MESSAGES_DEBUG=all` is set (work by Marco Trevisan) (#2537)
* Speed up `g_canonicalize_filename()` to avoid pathogenic cases with `..` (work by Sebastian Wilhelmi) (#2541)
* Fix URI for pcre subproject as it’s moved upstream (work by Albert Astals Cid) (!2324)
* Fix storing GSettings dictionaries on macOS (work by Maurice) (#2527)
* Speed up ‘remove dot segments’ algorithm in `GUri` to avoid pathogenic cases with `..` (work by Sebastian Wilhelmi) (#2526)
* Fix infinite loops in D-Bus message parsing for truncated inputs (work by Sebastian Wilhelmi) (#2528)
* Improve correctness of version information returned by `g_get_os_info()` for Windows 10/Server 2019+ (work by Chun-wei Fan) (#2443)
* Various fixes to GWeakRef cleanup (#865, #2390) and toggle refs (#2394) (work by Marco Trevisan)
* Add `G_DBUS_PROXY_FLAGS_NO_MATCH_RULE` flag for disabling match rules when creating a `GDBusProxy` (#1109)
* Fix FD remapping in `g_spawn_async_with_pipes_and_fds()` with certain values of target FDs (#2503, #2506) (work by Michael Catanzaro)
* Make `GDBusProxy::g-signal` signal detailed with D-Bus signal names (#2536) (work by Aleksandr Mezin)
* Emit `launched` signal for D-Bus activation of apps with `GDesktopAppInfo` (!2227) (work by Guido Günther)
* Fix IDs of `GDesktopAppInfo`s which are constructed from a `.desktop` file in a subdirectory (!2283) (work by Ivalyo Dimitrov)
* Add `--interactive` option to `gdbus call` (!2329)
* Add `G_SUBPROCESS_FLAGS_SEARCH_PATH_FROM_ENVP` to `GSubprocess` (!2333) (work by Hristo Venev)
* Bugs fixed:
- #475 Add g_alloca0() and g_newa0()
- #847 g_set_prgname() should be thread-safe
- #865 GWeakRefs not cleared by g_object_run_dispose()
- #1109 [PATCH] GDBusProxy: add G_DBUS_PROXY_FLAGS_NO_MATCH_RULE flag
- #1231 gobject declare macros cause alignment warnings on armhf/armhf/mipsel
- #1331 GArray with 10 million items overflows index arithmetic
- #1735 Get back to a -werror build
- #1781 Sort output of gsettings command-line tool
- #2310 contenttype test leaks xdg-mime internal data
- #2390 GWeakRef's aren't cleared again on finalization (and not fully thread-safe)
- #2394 Toggle refs notification may not handle multiple threads correctly
- #2400 Use-after-free in invoke_set_property_in_idle_cb()
- #2401 GDBus runtime warning from remove_interfaces()
- #2404 GTask: clarify that GTask assumes are running mainloop
- #2426 GSettings delayed apply generates runtime warnings
- #2443 Add Windows 11 support to get_windows_version()
- #2468 GSequence pessimizes itself and slows down
- #2471 g_output_stream_write_all_async prints error when count == 0 and content == NULL
- #2488 Unix password unit test fails on FreeBSD 13
- #2489 Add a (diagnostic) warning for finalized objects with floating refs
- #2490 Upgrade to Unicode Character Database 14.0
- #2496 Wrong parameter type for g_simple_proxy_resolver_set_ignore_hosts
- #2498 GIR: Remove non-existing IOModule methods `load`, `unload`
- #2500 Able to export object manager and object on root path, but not other paths
- #2503 gspawn.c may clobber target fds
- #2505 g_network_monitor_nm never updates on connection change (listens for signal on wrong dbus interface)
- #2506 gspawn.c fails to close child_err_report_fd if it is duped to avoid conflation with one of the target_fds
- #2507 Strange behavior of GFileEnumerator with GVfs locations
- #2514 test suite failure in glib/tests/gdatetime.c if German locale de_DE.ISO-8859-1 is available
- #2518 Misleading message when privileged program starts G_BUS_TYPE_SESSION
- #2520 g_date_new_ functions return NULL on invalid input
- #2523 MacOS generates warnings for g_size_checked_mul()
- #2526 fuzz_uri_parse failure
- #2527 Error storing dictionary with string keys as GSettings on macOS
- #2528 g_dbus_message_new_from_blob goes into infinite loop for certain inputs
- #2529 load_user_special_dirs returns NULL in certain cases
- #2530 g_log_writer_is_journald fails if a Journal Namespace is used
- #2536 GDBusProxy: make g-signal detailed
- #2537 GTestDBus dbus daemon causes child process to hang when using verbose output
- #2541 g_canonicalize_filename should work in linear time complexity
- #2553 Consider not depending on strtoull_l and strtoll_l as much
- !1960 Add g_main_context_new_with_flags() and ownerless polling option
- !1968 gspawn: Implement fd remapping for posix_spawn codepath, and fix file descriptor conflation issues
- !1991 Keyfile parsing performance improvements
- !2029 Updating xdgmime
- !2064 gobject: Cleanup GWeakRef locations on object finalization
- !2114 Coerce type cast to void* because it causes compiler warnings
- !2191 docs: Add .editorconfig file
- !2214 Document potential footgun with GTlsCertificateFlags and deprecate certain usages
- !2223 Better detection of the cleanup attribute.
- !2227 gdesktopappinfo: Emit "launched" signal for D-Bus activation too
- !2242 gsettings: Add various missing (nullable) or (not nullable) annotations
- !2244 gutils: Avoid segfault in g_get_user_database_entry
- !2245 gdesktopappinfo: Do not call xterm when it does not exist, inform the caller the launch failed
- !2246 gobject: Document it’s unsafe to call g_object_ref() from GWeakNotify
- !2249 Add version macros for GLib 2.72 and bump version to 2.71.0
- !2251 GString: Bump minimum size
- !2254 Small optimization for g_object_set
- !2255 gobject: Clarify behaviour of adding weak refs during disposal
- !2257 Fix documentation for g_dbus_object_manager_get_object().
- !2260 GWin32AppInfo: Do not assert about successful open'ing of registry keys
- !2261 Provide built DLLs as Gitlab-CI artifacts
- !2266 fix uninitial variable
- !2273 Fix more (Windows) warnings
- !2277 Revert "Don't compile some unused functions in gio/xdgmime/"
- !2283 GDesktopAppInfo: Try to always correctly set id
- !2284 update the proxy-libintl subproject to the latest release
- !2285 fix issues found by svace static code analyzer
- !2286 meson: fix warnings for extract_all_objects function
- !2287 ci: Update CI images to latest stable Debian and Fedora, bump Meson dependency to 0.52
- !2288 Update g_source_remove doc comment: the function doesn't always return TRUE
- !2289 Update g_source_remove documentation for the returned value
- !2290 mkdir path specified by XDG_RUNTIME_DIR
- !2292 Fix cast from pointer to integer of different size warning in gio/gwin32appinfo.c
- !2293 glib-private: Fix MSVC build with AddressSanitizer
- !2294 Fix windows warnings
- !2295 gutf8: Document that out args from g_utf16_to_utf8() are non-negative
- !2303 Fix more windows warnings
- !2305 gio: document GFile API when relative path is absolute
- !2306 gunixmounts: Drop references to pamconsole mount option
- !2308 gthread-win32: Remove an unnecessary volatile qualifier
- !2309 Rename libpcre.wrap to pcre.wrap
- !2310 tests: Fix a typo in a test message in gdatetime.c
- !2311 Fix always true comparison warning in glib/garray.c
- !2319 docs: Fix the GListModel description
- !2323 Fix final warnings in Windows code
- !2324 Fix link to pcre-8.37.tar.bz2
- !2326 Improve some documentation related to GTlsDatabase
- !2328 gutf8: add string length check when ending character offset is -1
- !2329 gdbus: Add --interactive option to `gdbus call`
- !2332 Changed gendered terms to be gender-neutral
- !2333 gsubprocess: Add G_SUBPROCESS_FLAGS_SEARCH_PATH_FROM_ENVP
- !2336 tests: Drop arbitrary and flaky waits from actions tests
- !2339 ci: Bump Meson version to 0.60.1 on macOS
- !2341 tests: Wait for gdbus-testserver to die when killing it
- !2342 tests: Reformat mkenums.py slightly to make run-black.sh happy
- !2345 gutils: Disable some dead code on macOS
- !2347 Removing tests/asyncqueue-test.c from tests/
- !2348 gio/tests/codegen.py: bump timeout to 100 seconds
- !2349 Annotate `g_getenv()` and `g_environ_getenv()` return value as `nullable`
- !2352 tests: Fix a flaky wait in converter-stream
- !2353 Address some oddities around GResolver::reload
- !2357 ci: Upgrade to clang-format-11 from clang-format-7
- !2360 meson: specify when commands need to succeed in run_command
- !2364 tests: Allow `objcopy --help` to fail, because it fails on FreeBSD
- !2365 Add vfunc checks in gappinfo.c
- !2368 De-duplicate g_nearest_pow() implementation and add some overflow protections to g_ptr_array_maybe_expand(), g_string_maybe_expand() and g_string_chunk_insert_len()
- !2370 gqsort: Move test to glib/tests/
- !2371 Freeze notification during object destruction
- !2372 docs: Improve GVariant docs
- !2373 glib.supp: Suppress one-time allocation in g_get_home_dir()
- !2376 GSource: move test to glib/tests/
- !2379 Merging tests/bit-test.c into glib/tests/utils.c
- !2381 tests: Test the function forms of g_bit_*() APIs too
- !2382 gfileutils: Correctly reset start value when canonicalising paths
- !2385 gfileutils: Fix transfer annotation and whitespace issues
- !2386 docs: Add API documentation links to the README
- !2387 docs: Update the README a little
- !2390 Merging tests/child-test.c into glib/tests/spawn-multithreaded.c
- !2391 Removing redundant cxx test tests/cxx-test.cpp
- !2392 Move tests/completion-test.c to glib/tests/completion.c
- !2393 Removing unnecessary test on gdatetime.c
- !2396 fuzzing: Add a fuzz test for parsing DNS records
- !2397 Moving tests/dirname-test.c to glib/tests/fileutils.c
- !2398 fix /list/position test
* Translation updates:
- Croatian
- Friulian
- Galician
- Hebrew
- Indonesian
- Italian
- Latvian
- Lithuanian
- Occitan (post 1500)
- Persian
- Polish
- Portuguese
- Portuguese (Brazil)
- Romanian
- Russian
- Serbian
- Slovak
- Spanish
- Swedish
- Ukrainian
Overview of changes in GLib 2.70.3
* Several important fixes to FD handling in gspawn (#2503, #2506, #2580)
* Several important fixes to GDBus message and GVariant parsing of invalid data (#2557, #2572)
* Fix potential data loss due to missing fsync when saving files on btrfs (!2437)
* Bugs fixed:
- #2503 gspawn.c may clobber target fds
- #2506 gspawn.c fails to close child_err_report_fd if it is duped to avoid conflation with one of the target_fds
- #2557 Arrays of zero-element tuples with non-zero length lead to infinite loops in g_dbus_message_new_from_blob
- #2572 Check for GVariant recursion depth before recursing
- #2580 gspawn doesn't set CLOEXEC if close_range fails unexpectedly
- !2394 Backport !1968 “gspawn: Fix file descriptor conflation issues” to glib-2-70
- !2415 Backport !2412 “paramspec: fix unref annotation” to glib-2-70
- !2437 Backport !2425 “gfileutils: Remove outdated BTRFS fsync optimization from set_contents” to glib-2-70
- !2444 Backport !2435 “gspawn: Report errors with closing file descriptors between fork/exec” to glib-2-70
- !2455 Backport !2454 gdbusmessage and gvariant fixes to glib-2-70
* Translation updates:
- Czech
- Indonesian
- Italian
- Lithuanian
- Polish
- Portuguese
- Romanian
- Serbian
- Slovenian
- Spanish
- Swedish
- Turkish
- Ukrainian
Overview of changes in GLib 2.70.2
* Fix use of the default log writer with journald namespaces (diagnosis by Ilya Basin) (#2530)
* Fix hang in `dbus-daemon` under `GTestDBus` when `G_MESSAGES_DEBUG=all` is set (work by Marco Trevisan) (#2537)
* Speed up `g_canonicalize_filename()` to avoid pathogenic cases with `..` (work by Sebastian Wilhelmi) (#2541)
* Fix URI for pcre subproject as it’s moved upstream (work by Albert Astals Cid) (!2324)
* Fix storing GSettings dictionaries on macOS (work by Maurice) (#2527)
* Speed up ‘remove dot segments’ algorithm in `GUri` to avoid pathogenic cases with `..` (work by Sebastian Wilhelmi) (#2526)
* Fix infinite loops in D-Bus message parsing for truncated inputs (work by Sebastian Wilhelmi) (#2528)
* Improve correctness of version information returned by `g_get_os_info()` for Windows 10/Server 2019+ (work by Chun-wei Fan) (#2443)
* Bugs fixed:
- #2400 Use-after-free in invoke_set_property_in_idle_cb()
- #2426 GSettings delayed apply generates runtime warnings
- #2528 g_dbus_message_new_from_blob goes into infinite loop for certain inputs
- #2530 g_log_writer_is_journald fails if a Journal Namespace is used
- #2537 GTestDBus dbus daemon causes child process to hang when using verbose output
- #2541 g_canonicalize_filename should work in linear time complexity
- !2312 Backport !2265 “gdbusconnection: Fix race between method calls and object unregistration” to glib-2-70
- !2313 Backport !2260 “GWin32AppInfo: Remove assertion on the opened registry key” to glib-2-70
- !2314 Backport !2308 “gthread-win32: Remove an unnecessary volatile qualifier” to glib-2-70
- !2316 Backport !2309 “Rename libpcre.wrap to pcre.wrap” to glib-2-70
- !2320 Backport !2161 “gdelayedsettingsbackend: Fix applying after calling g_settings_reset()” to glib-2-70
- !2335 Backport !2324 “Fix link to pcre-8.37.tar.bz2” to glib-2-70
- !2337 Backport !2325 “Fix GSettings dict error macOS” to glib-2-70
- !2340 Backport !2338 “gmessages: Support namespaced journals” to glib-2-70
- !2344 Backport !2327 “guri: Improve performance of remove_dot_segments() algorithm” to glib-2-70
- !2356 Backport !2355 “gdbusmessage: Add more bounds checking when parsing D-Bus messages” to glib-2-70
- !2359 gutils.c: Improve g_get_os_info() for Windows 10/Server 2019+
- !2361 Backport !2354 “gtestdbus: Print the dbus address on a specific FD intead of stdout” to glib-2-70
- !2363 Backport !2360 “meson: specify when commands need to succeed in run_command” to glib-2-70
- !2366 Backport !2364 “tests: Allow `objcopy --help` to fail, because it fails on FreeBSD” to glib-2-70
- !2375 Backport !2374 “gfileutils: Improve performance of g_canonicalize_filename()” to glib-2-70
- !2383 Backport !2382 “gfileutils: Correctly reset start value when canonicalising paths” to glib-2-70
* Translation updates:
- Croatian
- Italian
- Occitan (post 1500)
- Polish
- Portuguese
- Portuguese (Brazil)
- Russian
- Swedish
- Ukrainian
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 1.43 to 1.44
- Update of rootfile
- Changelog
Noteworthy changes in version 1.44 (More details can be found in the ChangeLog file in
the source tarball which lists each commit)
* Fix dependency to gpg-error-config-test.sh. [T5696]
* Run the posix locking test only on supported platforms. [T5699]
* Detect Linux systems using musl. [T5762]
* Fix gpg-error-config-test for PKG_CONFIG_LIBDIR. [T5740]
* Fix returning of option attributes for options with args. [T5799]
* Add Turkish translations.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 2.61 to 2.63
- Update of rootfile
- Changelog
Release notes for 2.63
Restore errno to zero by the time main() is executed
Bug reported by Yang Xu
Consistent psx handling (a panic) for syscalls that return thread dependent status
Inconsistend behavior noticed by Lorenz Bauer (Bug: 215283)
Add a test case for a deadlock under investigation in golang #50113
Bug reported by Weixiao Huang
Trim some of the #include file use to make the tree compile more efficiently
Release notes for 2.62
Bug fix for Go package "cap" and launching:
There was a race condition, reported by Lorenz Bauer (Bug: 215283)
Build cleanups:
David Seifert cleaned up warnings for 32-bit builds
No longer use Perl in the libcap build process (Gentoo had a compelling reason to
avoid this dependency)
Documentation updates: cap_max_bits has a man page entry; Go module cap updates for
Launch detail.
Recognize default securebits as a libcap mode: HYBRID.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 21.11.0 to 22.02.0
- Update of rootfile
- Changelog
Release 22.02.0:
core:
* Signature: Add a way to detect unsigned FormFieldSignature
* Signature: Suport background image when using left and right text
* Signature: Fix path where to search for Firefox NSS in Windows
* Signature: Fix NSS code to work correctly in Windows/Android
* Count only signature fields in PDFDoc::getNumSignatureFields
* Minor code improvements
qt:
* Allow signing unsigned signature fields
* Allow passing a background image for the signature when signing
* Allow passing the document password when signing
* Fix leftFontSize being ignored when signing
glib:
* try with utf8 password if latin1 fails
* New method for getting all signature fields of a document
* Fix compile with MSVC
utils:
* pdfsig: Fix compile with MSVC
build system:
* Fix NSS cmake check for MSVC
Release 22.01.0:
core:
* Allow local (relative to dll) fonts dir on Windows
* TextOutputDev: require more spacing between columns. Issue #1093
* Fix crash in Splash::gouraudTriangleShadedFill. Issue #1183
* Fix crash when calling Form::reset()
* GfxSeparationColorSpace: Check validity of colorspace and function. Issue #1184
* Minor code improvements
glib:
* Include glib.h before using defines from it
* Close file descriptors on error
* Plug some memory leaks
* Replace use of deprecated g_memdup/g_time_zone_new
* Remove FD-taking functions on windows
utils:
* pdfsig: Add support for documents with passwords
* pdfsig: Fix signing with -sign if nss password is needed
Release 21.12.0:
core:
* Add API to add images
* CairoOutputDev: Fix de-duping of Flate images
* Fix crash on broken files when using non-default ENABLE_ZLIB_UNCOMPRESS. Issue #393
* Minor code improvements
glib:
* Add API for validation of signatures
* Add API to read/save to file descriptor
utils:
* pdftohtml: Reduce sensitivity of duplicate detection. Issue #1117
build system:
* Increase C++ standard to 17
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 2.0.18 to 2.0.20
- Update of rootfile
- Changelog
2.0.20:
General:
* SDL_RenderGeometryRaw() takes a pointer to SDL_Color, not int. You can cast color
data in SDL_PIXELFORMAT_RGBA32 format (SDL_PIXELFORMAT_ABGR8888 on little endian
systems) for this parameter.
* Improved accuracy of horizontal and vertical line drawing when using OpenGL or
OpenGLES
* Added the hint SDL_HINT_RENDER_LINE_METHOD to control the method of line drawing
used, to select speed, correctness, and compatibility.
Windows:
* Fixed size of custom cursors
Linux:
* Fixed hotplug controller detection, broken in 2.0.18
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 1.5.1 to 1.5.2
- Update of rootfile
- Changelog
v1.5.2 (Jan, 2022)
perf: Regain Minimal memset()-ing During Reuse of Compression Contexts (@Cyan4973, #2969)
build: Build Zstd with `noexecstack` on All Architectures (@felixhandte, #2964)
doc: Clarify Licensing (@terrelln, #2981)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Full changelog as per https://www.openssl.org/news/cl111.txt :
Changes between 1.1.1l and 1.1.1m [14 Dec 2021]
*) Avoid loading of a dynamic engine twice.
[Bernd Edlinger]
*) Fixed building on Debian with kfreebsd kernels
[Mattias Ellert]
*) Prioritise DANE TLSA issuer certs over peer certs
[Viktor Dukhovni]
*) Fixed random API for MacOS prior to 10.12
These MacOS versions don't support the CommonCrypto APIs
[Lenny Primak]
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
