- Update from version 633 to 661
- Update of rootfile not required
- Changelog
661
* Add ^O^N, ^O^P, ^O^L and ^O^O commands and mouse clicks (with --mouse)
to find and open OSC8 hyperlinks (github #251).
* Add --match-shift option.
* Add --lesskey-content option (github #447).
* Add LESSKEY_CONTENT environment variable (github #447).
* Add --no-search-header-lines and --no-search-header-columns options
(github #397).
* Add ctrl-L search modifier (github #367).
* A ctrl-P at the start of a shell command suppresses the "done"
message (github #462).
* Add attribute characters ('*', '~', '_', '&') to --color
parameter (github #471).
* Allow expansion of environment variables in lesskey files.
* Add LESSSECURE_ALLOW environment variable (github #449).
* Add LESS_UNSUPPORT environment variable.
* Add line number parameter to --header option (github #436).
* Mouse right-click jumps to position marked by left-click (github #390).
* Ensure that the target line is not obscured by a header line
set by --header (github #444).
* Change default character set to "utf-8", except remains "dos" on MS-DOS.
* Add message when search with ^W wraps (github #459).
* UCRT builds on Windows 10 and later now support Unicode file names
(github #438).
* Improve behavior of interrupt while reading non-terminated pipe
(github #414).
* Improve parsing of -j, -x and -# options (github #393).
* Support files larger than 4GB on Windows (github #417).
* Support entry of Unicode chars larger than U+FFFF on Windows (github #391).
* Improve colors of bold, underline and standout text on Windows.
* Allow --rscroll to accept non-ASCII characters (github #483).
* Allow the parameter to certain options to be terminated with a
space (--color, --quotes, --rscroll, --search-options
and --intr) (github #495).
* Fix bug where # substitution failed after viewing help (github #420).
* Fix crash if files are deleted while less is viewing them (github #404).
* Workaround unreliable ReadConsoleInputW behavior on Windows
with non-ASCII input.
* Fix -J display when searching for non-ASCII characters (github #422).
* Don't filter header lines via the & command (github #423).
* Fix bug when horizontally shifting long lines (github #425).
* Add -x and -D options to lesstest, to make it easier to diagnose
a failed lesstest run.
* Fix bug searching long lines with --incsearch and -S (github #428).
* Fix bug that made ESC-} fail if top line on screen was empty (github #429).
* Fix bug with --mouse on Windows when used with pipes (github #440).
* Fix bug in --+OPTION command line syntax.
* Fix display bug when using -w with an empty line with a CR/LF
line ending (github #474).
* When substituting '#' or '%' with a filename, quote the filename
if it contains a space (github #480).
* Fix wrong sleep time when system has usleep but not nanosleep (github #489).
* Fix bug when file name contains a newline.
* Fix bug when file name contains nonprintable characters (github #503).
* Fix DJGPP build (github #497).
* Update Unicode tables.
643
* Fix problem when a program piping into less reads from the tty,
like sudo asking for password (github #368).
* Fix search modifier ^E after ^W.
* Fix bug using negated (^N) search (github #374).
* Fix bug setting colors with -D on Windows build (github #386).
* Fix reading special chars like PageDown on Windows (github #378).
* Fix mouse wheel scrolling on Windows (github #379).
* Fix erroneous EOF when terminal window size changes (github #372).
* Fix compile error with some definitions of ECHONL (github #395).
* Fix crash on Windows when writing logfile (github #405).
* Fix regression in exit code when stdin is /dev/null and
output is a file (github #373).
* Add lesstest test suite to production release (github #344).
* Change lesstest output to conform with
automake Simple Test Format (github #399).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 20240502 to 20240701
- Update of rootfile not required
- Changelog is not created. These files are created automatically to collect all iana
changes.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 4.9.0 to 4.10.0
- Update of rootfile not required
- Changelog
4.10.0
** Bug Fixes
Find now defaults to optimization level 1 rather than 2 and the
cost-based optimizer will only run at level 2 and above. This
should prevent changes of operation order which result in
user-visible differences in behaviour. [#58427]
If the -P option to xargs is not used, xargs will not change the way
in which the SIGUSR1 and SIGUSR2 signals are handled. This means
that they will cause the program to terminate if the signals were
not ignored in the process which started xargs. This also means that
xargs does not use parallel execution at all.
If you start xargs with '-P 1', then xargs will not be killed by these
signals, and they instead change the degree of parallelism.
This change improves xargs' POSIX compliance.
'xargs -P' now waits for all its child processes to complete before
exiting, even if one of them exits with status 255. [#64451]
If the -P option of xargs is in use, reads on standard input which are
interrupted by a signal are re-started. [#64442]
'find -name /' no longer outputs a warning, because that is a valid pattern
to match the root directory "/". Previously, a diagnostic falsely claimed
that this pattern would not match anything. [#62227]
'find -gid' (without the mandatory argument) now outputs a correct error
diagnostic. Previously it output: "find: invalid argument `-gid' to `-gid'".
The error diagnostic for non-numeric arguments has been improved as well.
Likewise for -inum, -links and -uid.
'find -user' and 'find -group' now allow to specify larger UIDs/GIDs.
Previously, that was limited to INT_MAX, although the types uid_t and gid_t
are larger on many systems, including x86_64 GNU/Linux. [#64900]
'find -xtype l' no longer fails on symbolic links that point to
themselves. These are treated similarly to broken links. [#51926]
** Improvements
The find predicates -used, -amin, -cmin, -mmin, -atime, -ctime, and -mtime
now properly diagnose a not-a-number argument. Previously, find dumped
core via an assertion. [#64717]
** Changes to the build process
findutils now builds again on systems with musl-libc.
This requires gettext-0.19.8.
findutils programs no longer fail for timestamps past the year 2038
on obsolete configurations with 32-bit signed time_t, because the
build procedure now rejects these configurations.
On systems without any year2038 support configure with --disable-year2038.
** Documentation Changes
When generating the Texinfo manual, `makeinfo` is invoked with the --no-split
option for all output formats now; this avoids files like find.info-[12].
The xargs documentation now describes the double dash "--" option delimiter.
The xargs examples in the Texinfo manual now use the -L and --replace options
instead of the deprecated -l and -i options. [#64480]
The TexInfo manual now uses upper-case 'B' as birthtime for the -newerXY
comparison consistently. [#65378]
** Translations
Updated the following translations: Belarusian, Brazilian Portuguese,
Bulgarian, Catalan, Chinese (simplified), Chinese (traditional),
Croatian, Czech, Danish, Dutch, Esperanto, Estonian, Finnish, French,
Galician, Georgian, German, Greek, Hungarian, Indonesian, Irish,
Italian, Japanese, Korean, Lithuanian, Luganda, Malay, Norwegian
Bokmaal, Polish, Portuguese, Romanian, Russian, Serbian, Slovak,
Slovenian, Spanish, Swedish, Turkish, Ukrainian, Vietnamese.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 6.7.1 to 6.9.2
- Update of rootfile
- Update of e2fsprogs to 1.47.1 changed a variable from inode_includes to
ext2fs_inode_includes. btrfs-progs version 6.7.1 failed to build as it was still looking
for the old variable name. The fix for e2fsprogs 1.47.1 was implemented in btrfs-progs
version 6.9
- Changelog
6.9.2
subvol list: fix accidental trimming of subvolume name
check: revert checking file extent item 'ram_bytes'
libbtrfsutil:
patchlevel version update 1.3.2
fix accidentally closing fd passed to subvolume iterator
6.9.1 (Not to be used)
fix detection of intermediate super block flags (e.g. csum change and other conversions)
raid-stripe-tree support (still experimental):
moved under experimental build flags (mkfs, convert)
format change, removed encoding type; backward incompatible
receive dump: escape special chars in xattr names and values, and clone source path
tune change csum: fix reservation size when starting a transaction
other:
new and updated tests
updated CI images, new reference build targets
cleanups and refactoring
6.9
mkfs:
if --force used, don't continue if the mount status cannot be determined (e.g. due to permissions)
fix minimum size calculation on zoned devices, make it work with option -b
check:
option --clear-ino-cache removed (functionality still provided in 'rescue' command group)
detect and repair wrong file extent item ram_bytes value
qgroup clear-stale:
sync the filesystem before search to read the up to date state
handle cases where qgroup cannot be deleted due to uncleaned subvolume or when squota is enabled
qgroup show: display status of qgroup regarding the cleaning of the subvolume or if it's squota
receive: fix stream parsing on strict alignment hosts (e.g. ARM v5 or v6)
tune change-csum: fix check of dev-replace status item, continue if no dev-replace in progress
dump-tree: print contents of dev-replace status item
convert: fix extent iteration to handle prealloc/unwritten extents
libbtrfsutil:
patchlevel version update 1.3.1
fix potentially unaligned access to send stream
create library links to all version levels
libbtrfs:
patchlevel version update 0.1.3
fix potentially unaligned access to send stream
create library links to all version levels
build:
fix compatibility with e2fsprogs 1.47.1
fix header file dependency tracking
-O2 by default
other:
new and updated tests
ASAN and UBSAN test coverage in CI
documentation updates
6.8.1
mkfs: fix writing on zoned device when block-group-tree is selected
tune: fix writing on zoned device with option --convert-to-block-group-tree
check:
more progress and error messages
unify handling of unknown command line options with other commands
subvolume delete: remove options --delete-qgroup and --no-delete-qgroup (added in 6.6.3), qgroup deletion does not always work due to delayed background processing of subvolume or set value in sysfs:ggroup/drop_subtree_threshold
other:
misc refactoring
error handling fixes reported by gcc -fanalyzer
documentation updates
new and updated tests
6.8
fix --enqueue option timeout handling
subvolume: remove support for undocumented options -c and -x, functionality disabled in kernel
libbtrfsutil:
version 0.1.3, backward compabile
add aliases for all existing functions with unified naming scheme
updated header defintions for recently added kernel features
send: v3 supported in experimental mode
other:
docs: manual page references, graphs, enhancements, clarifications
error handling fixes
cleanups and refactoring
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 1.47.0 to 1.47.1
- Update of rootfile not required
- Changelog
1.47.1
UI and Features
Add post-2038 handling when e2fsprogs is compiled on a system with a
64-bit time_t.
Mke2fs -d can now support an input tar file if the libarchive library is
available.
Add a udev rule which inhibits ext4 file systems from being automounted
by udisks. This avoid security issues from exposing potentially
maliciously fuzzed file systems from being mounted without being
inspected using fsck first. Distributions can of course override this
feature inhibition, but then they get to own the security vulnerability
liability. Upstream ext4 file system developers are putting
distributions on notice that blindly automounting file systems from
(potentially) USB thumb drives which clueless users may have picked up
in a parking lot is a ***bad*** idea, no matter what clueless enterprise
Linux product managers might think.
The debugfs 'hash' command will use the hash seed and algorithm from the
superblock if debugfs has a file system open, instead of requiring the
user to specify those parameters explicitly as options to the hash
command. Also add a hash -v option which prints the hash parameters so
the user knows what parameters were used when calculating the hash for
the filename.
Teach mke2fs a new extended options, root_perms, which overrides the
permissions for the root directory for the new file system.
Fixes
When various e2fsprogs are replaying the journal (tune2fs, fuse2fs,
e2fsck, etc.) save any error indicator in the superblock, so it can be
restored afterwards. Most of the time (at least with modern kernels) if
file system corruptions are discovered, the superblock update is
journalled. However, if the journal is aborted or the journal commit
fails, the error code might only be written in the superblock, so we
need to save it so that a subsequent fsck can repair the file system
after the journal replay.
When mke2fs was creating a file system with the orphan file inode, it
tries to read and truncate the orphan inode before it has been
initialized. If there is an inode from a previous file system located
there (as opposed to a all zeroes inode table block caused by a discard
of the flash device or a newly created cloud block device or fille
image), it can fail with bad checksum error, aborting the mke2fs
operation. Fix this in ext2fs_create_orphan_file() not trying to
truncate the orphan file if it is newly allocated (which will always be
the case when mke2fs calls this library function).
In the case where e2fsck comes across an orphan file which is empty but
the orphan_present feature is set, in preen mode, e2fsck will now clear
the orphan_present feature flag silently.
E2fsck will now perform more consistency checks on EA (extended
attribute value) inodes.
Fix a big where e2fsck could potentially leak an acl block when
releasing an orphan inode.
Avoid a divide by zero crash in libext2fs if the container
infrastructure, such as lxcfs, reports that the system has zero CPU's
via sysconf(_SC_NPROCESSORS_CONF).
When resize2fs is performing an online resize, it's possible for reading
the superblock can race with a kernel modifying the superblock with the
checksum being invalid and causing the resize to fail with an bad
superblock checksum in the buffer cache. Have resize2fs open the file
system using O_DIRECT to avoid the superblock with an invalid checksum.
Fix a bug where a checksum failure in an htree directory can cause
e2fsck's preen mode to abort unnecessarily.
Fix e2fsck's handling of an invalid symlink in an inline_data directory.
Fix e4crypt from issuing a spurious "success" error message when trying
to set a policy on a non-directory.
Fix a potential infinite loop in debugfs's logdump command in some edge
cases.
Fix e2fsck to correctly update quota usage after optimizing directories
or deleting corrupted inodes.
Fix fuse2fs so that directories are created with the correct permissions
instead of having the other and group write permissions masked off.
Fix a potential e2fsck divide by zero crash caused by a maliciously
fuzzed file system.
Fix dumpe2fs to report free block ranges correctly for bigalloc file
systems.
Fix resize2fs where resizing a bigalloc file system can result in the
free cluster count in the last block group and the total free clusters
count to be incorrect.
Avoid spurious e2scrub failures caused by trying to scrub file syustems
that do not have the journal enabled, and by aborting scrub runs while
upgrading the e2fsprogs package on Debian/Ubuntu.
Teach tune2fs to detect a file system which is mounted but is not
mentioned in the mount namespace where tune2fs is run by treating a
block device which is busy as if it is mounted.
If tune2fs can't find the mountpoint for a file system which is
apparently mounted (perhaps because it's not present in the current
mount namespace) when attempting to set the label or UUID in the
superblock, fall back to the old method of modifying block device and
silence printing any error messages.
If both the primary superblock and first block group's backup superblock
are corrupted, e2fsck will now try additional backup superblocks if they
are available.
Avoid mke2fs from creating an invalid file system with an insufficient
number of inodes when creating a file system which is very small (100k),
a block size of 1k, and an inode size of 256 bytes.
Fix a potential deadlock caused by e2fsck being run in Direct I/O mode
with the threading optimization enabled.
Fix e2scrub when the "systemctl" package is installed instead of
systemd. (Addresses Debian Bug #1070107)
Fixed/improved various Debian packaging issues.
Update and clarify various man pages. (Addresses Debian Bugs #1038286,
#1041115)
Performance, Internal Implementation, Development Support etc.
Add support for SOURCE_DATE_EPOCH environment variable per the
specification https://reproducible-builds.org/specs/source-date-epoch
Improve resize2fs's performance by eliminating extra cache flushes.
Improve mke2fs's performance when zeroing a large number of inode table
blocks (when lazy inode table initialization is not enabled) by batching
calls to ext2fs_zero_blocks.
Use a safe_getenv function for all calls to fetch the environment
variable in libext2fs.
Fix a massive buffer overrun bug in ext2fs_image_super_read(). This
function isn't actually used by e2image, and it's unlikely that there
are any users of this function since the most common way the e2image
file is read is via ext2fs_openfs() with the EXT2_FLAG_IMAGE_FILE, which
doesn't actually use ext2fs_image_super_read().
Add support for building fuse2fs using Fuse V3.
Use FORTIFY_SOURCE=3 when hardening is enabled for more protection.
Add support for continuous integration tests using Github Actions.
Fix Windows-specific portability bugs to allow mke2fs to create a file
system in a file which doesn't yet exist and to support file systems
larger than 2GB.
Fix a FreeBSD 14 build failure caused by changing the function signature
of qsort_r() to be aligned with the POSIX and glibc definition of
qsort_r().
Fix various portability issues for the Linux 32-bit musl C library,
GNU/Hurd and Android. (Addresses Debian Bug: #1056145)
Fix various portability problems in the regression test suite.
Fix various sanitizer, static code analysis, and compiler warnings.
Synchronized changes from Android's AOSP e2fsprogs tree.
Updated config.guess and config.sub with newer versions from the FSF.
Add Romainian translation.
Update Chinese, Czech, French, Malay, Polish, Swedish, and Ukrainian
translations.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 4.15.1 to 4.16.0
- Update rootfile
- sobump in rootfile. Ran find-dependencies but no other linked programs identified.
- nscd is disabled in glibc so it has been disabled in shadow. nscd is enabled by default.
- id and groups (deprecated in shadow) are used from coreutils in IPFire.
- Changelog
4.16.0
The shadow implementations of id(1) and groups(1) are deprecated in favor of the
GNU coreutils and binutils versions. They will be removed in 4.17.0.
Support for rlogind in the login(1) implementation has been removed. That is, the
login(1) -r flag has been removed.
The libsubid major version has been bumped, since it now requires specification of
the module's free() implementation.
4.15.2
Bugfix release.
This release includes a large amount of fixes, including memory leaks,
leaks of other resources such as file descriptors, added missing error
handling, and more.
4.15.3
Bugfix release.
This release includes changes to the build system, packaging, and tests;
most of which, were reported by Debian packagers. There's also a fix
for check_subid_range.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
I am not sure if this would actually create any problems, but it looks
ugly and is inconsistent with the older code.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
We don't use these any more and even if we did, we cannot import any
variables into a make script just like that.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This will massively improve the build process because we will only strip
the files that we need. The build system will remain as is.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The compression code is very messy because it has changed so many times.
This cleans this up and creates common functions that can be used for
the ISO images as well as packages.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
I am not sure whether automount is being used at all any more, but since
we are now running in our own namespace, it certainly has no business
here.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The build failed with the new minimal /dev it is looking for some TTY
devices which are no longer present. This patch fixes the build.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://dlcdn.apache.org/httpd/CHANGES_2.4.61
"Changes with Apache 2.4.61
*) SECURITY: CVE-2024-39884: Apache HTTP Server: source code
disclosure with handlers configured via AddType (cve.mitre.org)
A regression in the core of Apache HTTP Server 2.4.60 ignores
some use of the legacy content-type based configuration of
handlers. "AddType" and similar configuration, under some
circumstances where files are requested indirectly, result in
source code disclosure of local content. For example, PHP
scripts may be served instead of interpreted.
Users are recommended to upgrade to version 2.4.61, which fixes
this issue."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 4.20.1 to 4.20.2
- Update of rootfile for both x86_64 and aarch64
- After doing a grep into the config directories I realised that the xxxMACHINExxx phrase
is only added into rootfiles in the main common or package directories and not in the
x86_64 and aarch64
- In the past I have submitted the samba rootfile with x86_64 replaced by xxxMACHINExxx.
It seems to have worked, so the replacement probably occurs even in the architecture
specific directories but it doesn't need to be used there as the directory is clearly
only for that one architecture.
- Changelog
4.20.2
* BUG 15662: vfs_widelinks with DFS shares breaks case insensitivity.
* BUG 13213: Samba build is not reproducible.
* BUG 15569: ldb qsort might r/w out of bounds with an intransitive compare
function.
* BUG 15625: Many qsort() comparison functions are non-transitive, which can
lead to out-of-bounds access in some circumstances.
* BUG 15638: Need to change gitlab-ci.yml tags in all branches to avoid CI
bill.
* BUG 15654: We have added new options --vendor-name and --vendor-patch-
revision arguments to ./configure to allow distributions and packagers to
put their name in the Samba version string so that when debugging Samba the
source of the binary is obvious.
* BUG 15665: CTDB RADOS mutex helper misses namespace support.
* BUG 13019: Dynamic DNS updates with the internal DNS are not working.
* BUG 14981: netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with
SysvolReady=0.
* BUG 15412: Anonymous smb3 signing/encryption should be allowed (similar to
Windows Server 2022).
* BUG 15573: Panic in dreplsrv_op_pull_source_apply_changes_trigger.
* BUG 15620: s4:nbt_server: does not provide unexpected handling, so winbindd
can't use nmb requests instead cldap.
* BUG 15642: winbindd, net ads join and other things don't work on an ipv6
only host.
* BUG 15659: Segmentation fault when deleting files in vfs_recycle.
* BUG 15664: Panic in vfs_offload_token_db_fetch_fsp().
* BUG 15666: "client use kerberos" and --use-kerberos is ignored for the
machine account.
* BUG 15435: Regression DFS not working with widelinks = true.
* BUG 15633: samba-gpupdate - Invalid NtVer in netlogon_samlogon_response.
* BUG 15653: idmap_ad creates an incorrect local krb5.conf in case of trusted
domain lookups.
* BUG 15660: The images don't build after the git security release and CentOS
8 Stream is EOL.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The build system defaults to building the library for the host system
and therefore uses instructions that might not be available on the
target system.
This patch changes that we will build the library so that it will choose
the most optimised functions at runtime.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 9.7p1 to 9.8p1
- Update of rootfile
- Changelog
9.8p1
-There is a fix for CVE-2024-6387
-The number of changes is too large to show all here. As well as the CVE fix and
another security related fix there are a log of bug fixes as well. The details can
seen at https://www.openssh.com/txt/release-9.8
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Excerpt from changelog:
"7.0.6 -- 2024-06-26
Security #7042: defrag: id reuse can lead to invalid reassembly (7.0.x backport)(CVE 2024-37151)
Security #7105: http2: oom from duplicate headers (7.0.x backport)
Security #7033: http/range: segv when http.memcap is reached (7.0.x backport)
Security #6988: modbus: txs without responses are never freed (7.0.x backport)
Bug #7107: packet: app-layer-events incorrectly used on recycled packets (7.0.x backport)
Bug #7064: util/radix-tree: Possible dereference of nullptr in case of unsuccess allocation of memory for node (7.0.x backport)
Bug #7063: smtp/mime: data command rejected by pipelining server does not reset data mode (7.0.x backport)
Bug #7060: smtp: split name logged as 2 names (7.0.x backport)
Bug #7050: af-packet: failure to start up on many threads plus high load (7.0.x backport)
Bug #7043: Crasher in HTTP chunked / StreamingBuffer (7.0.x backport)
Bug #7038: pcap/log: MacOS rotates file well before limit is reached (7.0.x backport)
Bug #7035: time: in offline mode, time can stay behind at pcap start (7.0.x backport)
Bug #7023: unix-socket: iface-bypassed-stat crash (7.0.x backport)
Bug #7021: unix-socket: hostbit commands don't properly release host (7.0.x backport)
Bug #7015: rust: build with rust 1.78 with slice::from_raw_parts now requiring the pointer to be non-null (7.0.x backport)
Bug #6990: tls.random buffers don't work as expected (7.0.x backport)
Bug #6986: iprep: rule with '=,0' can't match (7.0.x backport)
Bug #6975: detect: log relevant frames app-layer metdata (7.0.x backport)
Bug #6950: decode/ppp: decoder.event.ppp.wrong_type on valid packet (7.0.x backport)
Bug #6897: detect/port: upper boundary ports are not correctly handled (7.0.x backport)
Bug #6895: detect/port: port grouping does not happen correctly if gap between a single and range port (7.0.x backport)
Bug #6862: Lightweight rules profiling: crash when profiling ends (7.0.x backport)
Bug #6848: alerts: wrongly using tx id 0 when there is no tx (7.0.x backport)
Bug #6845: coverity: warning in port grouping code (7.0.x backport)
Bug #6844: detect/port: port ranges are incorrect when a port is single as well as a part of range (7.0.x backport)
Bug #6690: Ethernet src should match src ip (7.0.x backport)
Bug #6520: detect-engine/port: recursive DetectPortInsert calls are expensive (7.0.x backport)
Optimization #6830: detect/port: port grouping is quite slow in worst cases (7.0.x backport)
Optimization #6829: detect/port: PortGroupWhitelist fn takes a lot of processing time (7.0.x backport)
Feature #7010: JA4 support for TLS and QUIC (7.0.x backport)
Feature #6557: Capability to have rules profiling on pcap run (7.0.x backport)
Documentation #6910: userguide: document how to verify tar.gz signature (7.0.x backport)
Documentation #6687: docs: port userguide build instruction changes from master-6.0.x (7.0.x backport)
Documentation #6601: docs: update eBPF installation instructions (7.0.x backport)"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://www.nano-editor.org/news.php
"2024 May 1 - GNU nano 8.0 "Grus grus"
By default ^F is bound to starting a forward search, and ^B to
starting a backward search, while M-F and M-B repeat the search
in the corresponding direction. (See the documentation if you
want the old bindings back.)
Command-line option --modernbindings (-/) makes ^Q quit, ^X cut,
^C copy, ^V paste, ^Z undo, ^Y redo, ^O open a file, ^W write a file,
^R replace, ^G find again, ^D find again backwards, ^A set the mark,
^T jump to a line, ^P show the position, and ^E execute.
Above modern bindings are activated also when the name of
nano's executable (or a symlink to it) starts with the letter "e".
To open a file at a certain line number, one can now use also
nano filename:number, besides nano +number filename.
<Alt+Home> and <Alt+End> put the cursor on the first and last
row in the viewport, while retaining the horizontal position.
When the three digits in an #RGB color code are all the same,
the code is mapped to the xterm grey scale, giving access to
fourteen levels of grey instead of just four.
For easier access, M-" is bound to placing/removing an anchor,
and M-' to jumping to the next anchor.
Whenever an error occurs, the keystroke buffer is cleared, thus
stopping the execution of a macro or a string bind.
The mousewheel scrolls the viewport instead of moving the cursor."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
