- lfs and rootfile created
- python3-cryptography build requires older version than was already installed.
Therefore named version 0.1.18 created, leaving original rust-paste in place
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- lfs and rootfile created
- python3-cryptography build requires older version than was already installed.
Therefore named version 0.3.6 created, leaving original rust-indoc in place
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- lfs and rootfile created
- Patch created to remove requirement for winapi and related windows dependencies
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 0.13.1 to 0.15.1
Required to be at same version as rust-pyo3
- Update of rootfile
- Changelog not available
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 0.13.1 to 0.15.1
Required to be at same version as rust-pyo3
- Update of rootfile
- Changelog not available
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 0.13.1 to 0.15.1
- Update of rootfile
- Changelog is too long to include here. For details see CHANGELOG.md file in source
tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 1.9.10 to 1.9.11p3
- Update of rootfile required
- Changelog
What's new in Sudo 1.9.11p3
* Fixed "connection reset" errors on AIX when running shell scripts
with the "intercept" or "log_subcmds" sudoers options enabled.
Bug #1034.
* Fixed very slow execution of shell scripts when the "intercept"
or "log_subcmds" sudoers options are set on systems that enable
Nagle's algorithm on the loopback device, such as AIX.
Bug #1034.
What's new in Sudo 1.9.11p2
* Fixed a compilation error on Linux/x86_64 with the x32 ABI.
* Fixed a regression introduced in 1.9.11p1 that caused a warning
when logging to sudo_logsrvd if the command returned no output.
What's new in Sudo 1.9.11p1
* Correctly handle EAGAIN in the I/O read/right events. This fixes
a hang seen on some systems when piping a large amount of data
through sudo, such as via rsync. Bug #963.
* Changes to avoid implementation or unspecified behavior when
bit shifting signed values in the protobuf library.
* Fixed a compilation error on Linux/aarch64.
* Fixed the configure check for seccomp(2) support on Linux.
* Corrected the EBNF specification for tags in the sudoers manual
page. GitHub issue #153.
What's new in Sudo 1.9.11
* Fixed a crash in the Python module with Python 3.9.10 on some
systems. Additionally, "make check" now passes for Python 3.9.10.
* Error messages sent via email now include more details, including
the file name and the line number and column of the error.
Multiple errors are sent in a single message. Previously, only
the first error was included.
* Fixed logging of parse errors in JSON format. Previously,
the JSON logger would not write entries unless the command and
runuser were set. These may not be known at the time a parse
error is encountered.
* Fixed a potential crash parsing sudoers lines larger than twice
the value of LINE_MAX on systems that lack the getdelim() function.
* The tests run by "make check" now unset the LANGUAGE environment
variable. Otherwise, localization strings will not match if
LANGUAGE is set to a non-English locale. Bug #1025.
* The "starttime" test now passed when run under Debian faketime.
Bug #1026.
* The Kerberos authentication module now honors the custom password
prompt if one has been specified.
* The embedded copy of zlib has been updated to version 1.2.12.
* Updated the version of libtool used by sudo to version 2.4.7.
* Sudo now defines _TIME_BITS to 64 on systems that define __TIMESIZE
in the header files (currently only GNU libc). This is required
to allow the use of 64-bit time values on some 32-bit systems.
* Sudo's "intercept" and "log_subcmds" options no longer force the
command to run in its own pseudo-terminal. It is now also
possible to intercept the system(3) function.
* Fixed a bug in sudo_logsrvd when run in store-first relay mode
where the commit point messages sent by the server were incorrect
if the command was suspended or received a window size change
event.
* Fixed a potential crash in sudo_logsrvd when the "tls_dhparams"
configuration setting was used.
* The "intercept" and "log_subcmds" functionality can now use
ptrace(2) on Linux systems that support seccomp(2) filtering.
This has the advantage of working for both static and dynamic
binaries and can work with sudo's SELinux RBAC mode. The following
architectures are currently supported: i386, x86_64, aarch64,
arm, mips (log_subcmds only), powerpc, riscv, and s390x. The
default is to use ptrace(2) where possible; the new "intercept_type"
sudoers setting can be used to explicitly set the type.
* New Georgian translation from translationproject.org.
* Fixed creating packages on CentOS Stream.
* Fixed a bug in the intercept and log_subcmds support where
the execve(2) wrapper was using the current environment instead
of the passed environment pointer. Bug #1030.
* Added AppArmor integration for Linux. A sudoers rule can now
specify an APPARMOR_PROFILE option to run a command confined by
the named AppArmor profile.
* Fixed parsing of the "server_log" setting in sudo_logsrvd.conf.
Non-paths were being treated as paths and an actual path was
treated as an error.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
pango and the PDF tools as core parts are linked against
libtiff, therefore this library has to become a part of the
core distribution too.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
On one hand, the key.dns_resolver binary is linked against libkrb5, so this
library at least is required by the base system.
On the other hand this easily allows different services on the firewall
to use kerberos for authentication (ssh etc).
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This script runs aside of OpenVPN and connects to the management socket.
On the socket, OpenVPN will post any new clients trying to authenticate
which will be handled by the authenticator.
If a client has 2FA enabled, it will be challanged for the current token
which will then be checked in a second pass.
Clients which do not have 2FA enabled will just be authenticated no
matter what and tls-verify will have handled the rest.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://downloads.isc.org/isc/bind9/9.16.30/doc/arm/html/notes.html#notes-for-bind-9-16-30
"Bug Fixes
The fetches-per-server quota is designed to adjust itself downward
automatically when an authoritative server times out too frequently.
Due to a coding error, that adjustment was applied incorrectly,
so that the quota for a congested server was always set to 1. This
has been fixed. [GL #3327]
DNSSEC-signed catalog zones were not being processed correctly. This
has been fixed. [GL #3380]
Key files were updated every time the dnssec-policy key manager ran,
whether the metadata had changed or not. named now checks whether
changes were applied before writing out the key files. [GL #3302]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 1.1.34 to 1.1.35
- Update of rootfile
- Changelog
v1.1.35: Feb 16 2022:
- Security:
[CVE-2021-30560] Fix use-after-free in xsltApplyTemplates
Fix memory leak in xsltDocumentElem (David King)
Fix memory leak in xsltCompileIdKeyPattern (David King)
Fix double-free with stylesheets containing entity nodes
- Fixed regressions:
Fix performance regression with predicates in patterns
Fix regression in xsltComputeSortResult
- Bug fixes:
Fix conflict resolution for templates with same priority
Fix xsl:number generating invalid UTF-8
Support attribute value templates in xsl:sort lang attributes
Don't pass first <xsl:sort> in <xsl:apply-templates> twice
Fix quadratic runtime with text and <xsl:message>
Don't allow empty EXSLT durations
- Improvements:
Add xsltproc --huge Argument via libxml XML_PARSE_HUGE (William N. Braswell, Jr.)
- Tests, code quality, fuzzing:
Remove .travis.yml
Fix some misleading indentation (David King)
Use actual types for templates in struct _xsltStylesheet
Add CI for CMake on MSVC (Markus Rickert)
Check for null pointer before calling freelocale
Add CI test for Python 3
Don't set maxDepth in XPath contexts
Transfer XPath limits to XPtr context
Stop using maxParserDepth XPath limit
Make long-to-double cast explicit in date.c
Disable LeakSanitizer
Run clang CI tests with -Wimplicit-int-conversion
Fix implicit-int-conversion warning in exslt/crypto.c
Fix clang -Wimplicit-int-conversion warning (David Kilzer)
Fix clang -Wconditional-uninitialized warning in libxslt/numbers.c (David Kilzer)
Fix -Wshadow warnings in libexslt/dynamic.c (David Kilzer)
Also search parent dir for source XML when fuzzing
- Build system, portability:
Add CMake build files (Markus Rickert)
Initial support for Python 3 (Suleyman Poyraz)
Call ANSI versions of WinAPI functions explicitly
Remove redundant flags from pkg-config files
Suppress automake warning in tests/XSLTMark
Fix linking libexslt dynamic library when using MinGW (Vadim Zeitlin)
Added platform specific path separators (Dmitriy Korovkin)
win32: allow passing *FLAGS on command line
Fix export of xsltExtMarker on Windows (David Kilzer)
Fix redundant includes already in libexslt.h (David Kilzer)
Minor fixes to configure.js
Fix variable syntax in Python configuration
Add new EXSLT string tests to EXTRA_DIST
Fix xml2-config check in configure script
win32: Add configuration for profiler (Chun-wei Fan)
Check whether 'xml2-config --dynamic' is supported
- Documentation:
Add Makefile rule to regenerate xsltproc.html
Update links
Remove MAINTAINERS
Upload documentation to GitLab Pages
Add documentation in devhelp format
Add --enable-rebuild-docs configure option
Fix libexslt header summaries
Fix validity of tutorial XML (David King)
Use DocBook URL for tutorial DTD (David King)
Update libxslt.doap
Add missing options to xsltproc man page
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 2.9.12 to 2.9.14
- Update of rootfile
- Changelog
v2.9.14: May 02 2022:
- Security:
[CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
Fix potential double-free in xmlXPtrStringRangeFunction
Fix memory leak in xmlFindCharEncodingHandler
Normalize XPath strings in-place
Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars()
(David Kilzer)
Fix leak of xmlElementContent (David Kilzer)
- Bug fixes:
Fix parsing of subtracted regex character classes
Fix recursion check in xinclude.c
Reset last error in xmlCleanupGlobals
Fix certain combinations of regex range quantifiers
Fix range quantifier on subregex
- Improvements:
Fix recovery from invalid HTML start tags
- Build system, portability:
Define LFS macros before including system headers
Initialize XPath floating-point globals
configure: check for icu DEFS (James Hilliard)
configure.ac: produce tar.xz only (GNOME policy) (David Seifert)
CMakeLists.txt: Fix LIBXML_VERSION_NUMBER
Fix build with older Python versions
Fix --without-valid build
v2.9.13: Feb 19 2022:
- Security:
[CVE-2022-23308] Use-after-free of ID and IDREF attributes
(Thanks to Shinji Sato for the report)
Use-after-free in xmlXIncludeCopyRange (David Kilzer)
Fix Null-deref-in-xmlSchemaGetComponentTargetNs (huangduirong)
Fix memory leak in xmlXPathCompNodeTest
Fix null pointer deref in xmlStringGetNodeList
Fix several memory leaks found by Coverity (David King)
- Fixed regressions:
Fix regression in RelaxNG pattern matching
Properly handle nested documents in xmlFreeNode
Fix regression with PEs in external DTD
Fix random dropping of characters on dumping ASCII encoded XML (Mohammad Razavi)
Revert "Make schema validation fail with multiple top-level elements"
Fix regression when parsing invalid HTML tags in push mode
Fix regression parsing public IDs literals in HTML
Fix buffering in xmlOutputBufferWrite
Fix whitespace when serializing empty HTML documents
Fix XPath recursion limit
Fix regression in xmlNodeDumpOutputInternal
Work around lxml API abuse
- Bug fixes:
Fix xmlSetTreeDoc with entity references
Fix double counting of CRLF in comments
Make sure to grow input buffer in xmlParseMisc
Don't ignore xmllint options after "-"
Don't normalize namespace URIs in XPointer xmlns() scheme
Fix handling of XSD with empty namespace
Also register HTML document nodes
Make xmllint return an error if arguments are missing
Fix handling of ctxt->base in xmlXPtrEvalXPtrPart
Fix xmllint --maxmem
Fix htmlReadFd, which was using a mix of xml and html context functions (Finn Barber)
Move current position before possible calling of ctxt->sax->characters (Yulin Li)
Fix parse failure when 4-byte character in UTF-16 BE is split across a chunk (David Kilzer)
Patch to forbid epsilon-reduction of final states (Arne Becker)
Avoid segfault at exit when using custom memory functions (Mike Dalessio)
- Tests, code quality, fuzzing:
Remove .travis.yml
Make xmlFuzzReadString return a zero size in error case
Fix unused function warning in testapi.c
Update NewsML DTD in test suite
Add more checks for malloc failures in xmllint.c
Avoid potential integer overflow in xmlstring.c
Run CI tests with UBSan implicit-conversion checks
Fix casting of line numbers in SAX2.c
Fix integer conversion warnings in hash.c
Add explicit casts in runtest.c
Fix integer conversion warning in xmlIconvWrapper
Add suffix to unsigned constant in xmlmemory.c
Add explicit casts in testchar.c
Fix integer conversion warnings in xmlstring.c
Add explicit cast in xmlURIUnescapeString
Remove unused variable in xmlCharEncOutFunc (David King)
- Build system, portability:
Remove xmlwin32version.h
Fix fuzzer test with VPATH build
Support custom prefix when installing Python module
Remove Makefile.win
Remove CVS and SVN-related code
Port python 3.x module to Windows and improve distutils (Chun-wei Fan)
Correctly install the HTML examples into their subdirectory (Mattia Rizzolo)
Refactor the settings of $docdir (Mattia Rizzolo)
Remove unused configure checks (Ben Boeckel)
python/Makefile.am: use *_LIBADD, not *_LDFLAGS for LIBS (Sam James)
Fix check for libtool in autogen.sh
Use version in configure.ac for CMake (Timothy Lyanguzov)
Add CMake alias targets for embedded projects (Markus Rickert)
- Documentation:
Remove SVN keyword anchors
Rework README
Remove README.cvs-commits
Remove old ChangeLog
Update hyperlinks
Remove README.docs
Remove MAINTAINERS
Remove xmltutorial.pdf
Upload documentation to GitLab pages
Document how to escape XML_CATALOG_FILES
Fix libxml2.doap
Update URL for libxml++ C++ binding (Kjell Ahlstedt)
Generate devhelp2 index file (Emmanuele Bassi)
Mention XML_CATALOG_FILES is space-separated (Jan Tojnar)
Add documentaiton for xmllint exit code 10 (Rainer Canavan)
Fix some validation errors in the FAQ (David King)
Add instructions on how to use CMake to compile libxml (Markus Rickert)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 2.0.7 to 2.0.194
- Update of rootfile
- Changelog
Version 2.0.194 Latest
major yanglint improvements
minor XPath fixes
nested extension handling fixes
other minor bugfixes
RPM scripts updated
Version 2.0.164
Windows support (thanks to @jktjkt)
Schema Mount support
schema compilation fixes
minor schema printer fixes
user-ordered list diff bugfix
JSON anyxml/anydata format fixed
XML parser CDATA support
module caching improvements
doc improvements
many other various bugfixes
Version 2.0.112
support for XPath variables
minor doxygen improvements
LYB format bugfixes
many other bugfixes
Version 2.0.97
LYB format data length limit of 64kB lifted
YANG error-app-tag and error-message improved support
XPath * evaluation fix
other minor XPath fixes
Version 2.0.88
changed compilation to pedantic and use C11 standard
major JSON parser fixes
LYB format updated and performance improved
LYB big-endian fixes
opaque node fixes
major identity handling fixes
schema compilation refactorization and fixes
data validation fixes
NETCONF RPC filter attribute support
many other minor fixes
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 11.2 to 12.1
- Update of rootfile
- Changelog
GDB 12.1 Released!
This version of GDB includes the following changes and enhancements:
New support for the following native configuration:
GNU/Linux/OpenRISC or1k*-*-linux*
New support for the following targets:
GNU/Linux/LoongArch loongarch*-*-linux*
New GDBserver support on the following configuration:
GNU/Linux/OpenRISC or1k*-*-linux*
Support for the following target has been removed:
S+core score-*-*
Multithreaded symbol loading is now enabled by default
Deprecation Notices:
GDB 12 is the last release of GDB that will support building against Python 2
DBX mode is deprecated, and will be removed in GDB 13
GDB/MI changes:
The '-add-inferior' with no option flags now inherits the connection of the
current inferior, this restores the behaviour of GDB as it was prior to
GDB 10.
The '-add-inferior' command now accepts a '--no-connection' option, which
causes the new inferior to start without a connection.
Python API enhancements:
It is now possible to add GDB/MI commands implemented in Python
New function gdb.Architecture.integer_type()
New gdb.events.gdb_exiting event
New 'gdb.events.connection_removed' event registry
New gdb.TargetConnection object
New gdb.Inferior.connection property
New read-only attribute gdb.InferiorThread.details
New gdb.RemoteTargetConnection.send_packet method
New read-only attributes gdb.Type.is_scalar and gdb.Type.is_signed
The gdb.Value.format_string method now takes a 'styling' argument
Various new function in the "gdb" module
Miscellaneous:
The FreeBSD native target now supports async mode
Improved C++ template support
Support for disabling source highlighting through GNU of the Pygments
library instead.
The "print" command has been changed so as to print floating-point values
with a base-modifying formats such as "/x" to display the underlying bytes
of the value in the desired base.
The "clone-inferior" command now ensures that the TTY, CMD and ARGS settings
are copied from the original inferior to the new one. All modifications to
the environment variables done using the 'set environment' or 'unset
environment' commands are also copied to the new inferior.
Various new commands have been introduced
GDB 11.2 Released!
This is a minor corrective release over GDB 11.1, fixing the following issues:
PR sim/28302 (gdb fails to build with glibc 2.34)
PR build/28318 (std::thread support configure check does not use CXX_DIALECT)
PR gdb/28405 (arm-none-eabi: internal-error: ptid_t
remote_target::select_thread_for_ambiguous_stop_reply(const target_waitstatus*):
Assertion `first_resumed_thread != nullptr' failed)
PR tui/28483 ([gdb/tui] breakpoint creation not displayed)
PR build/28555 (uclibc compile failure since commit
4655f8509fd44e6efabefa373650d9982ff37fd6)
PR rust/28637 (Rust characters will be encoded using DW_ATE_UTF)
PR gdb/28758 (GDB 11 doesn't work correctly on binaries with a SHT_RELR
(.relr.dyn) section)
PR gdb/28785 (Support SHT_RELR (.relr.dyn) section)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
