we have removed the -multi after the kernel name but
in the update script delete *-multi-* which leftover
the arm specific dtb folder and uImages.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Add ms-classless-static-routes and rfc3442-classless-static-routes as options for dhcp
These are apparently required for deployiong classless IP routes
- Original static-routes option is not intended for classless IP routing but is being
left in place for backward compatibility
- The option "rfc3442-classless-static-routes" is for normal clients
- The option "ms-classless-static-routes" is for Microsoft clients
Fixes: bug 12291
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
For details see:
https://dlcdn.apache.org//httpd/CHANGES_2.4.52
Excerpt from changelog:
""Changes with Apache 2.4.52
*) SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
multipart content in mod_lua of Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A carefully crafted request body can cause a buffer overflow in
the mod_lua multipart parser (r:parsebody() called from Lua
scripts).
The Apache httpd team is not aware of an exploit for the
vulnerabilty though it might be possible to craft one.
This issue affects Apache HTTP Server 2.4.51 and earlier.
Credits: Chamal
*) SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
forward proxy configurations in Apache HTTP Server 2.4.51 and
earlier (cve.mitre.org)
A crafted URI sent to httpd configured as a forward proxy
(ProxyRequests on) can cause a crash (NULL pointer dereference)
or, for configurations mixing forward and reverse proxy
declarations, can allow for requests to be directed to a
declared Unix Domain Socket endpoint (Server Side Request
Forgery).
This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
(included).
Credits: 漂亮é¼
TengMA(@Te3t123)
..."
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update en.pl, it.pl and ru.pl to replace "an core-update" with "a core-update"
Fixes: Bug#12747
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Some paths might not exist on some systems which caused the installer to
abort the installation. This patch makes the installer ignore this
condition.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Full changelog as per https://gitweb.torproject.org/tor.git/plain/ChangeLog:
Changes in version 0.4.6.9 - 2021-12-15
This version fixes several bugs from earlier versions of Tor. One important
piece is the removal of DNS timeout metric from the overload general signal.
See below for more details.
o Major bugfixes (relay, overload):
- Don't make Tor DNS timeout trigger an overload general state.
These timeouts are different from DNS server timeout. They have to
be seen as timeout related to UX and not because of a network
problem. Fixes bug 40527; bugfix on 0.4.6.1-alpha.
o Minor feature (reproducible build):
- The repository can now build reproducible tarballs which adds the
build command "make dist-reprod" for that purpose. Closes
ticket 26299.
o Minor features (compilation):
- Give an error message if trying to build with a version of
LibreSSL known not to work with Tor. (There's an incompatibility
with LibreSSL versions 3.2.1 through 3.4.0 inclusive because of
their incompatibility with OpenSSL 1.1.1's TLSv1.3 APIs.) Closes
ticket 40511.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on December 15, 2021.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2021/12/15.
o Minor bugfixes (compilation):
- Fix our configuration logic to detect whether we had OpenSSL 3:
previously, our logic was reversed. This has no other effect than
to change whether we suppress deprecated API warnings. Fixes bug
40429; bugfix on 0.3.5.13.
o Minor bugfixes (relay):
- Reject IPv6-only DirPorts. Our reachability self-test forces
DirPorts to be IPv4, but our configuration parser allowed them to
be IPv6-only, which led to an assertion failure. Fixes bug 40494;
bugfix on 0.4.5.1-alpha.
o Documentation (man, relay):
- Missing "OverloadStatistics" in tor.1 manpage. Fixes bug 40504;
bugfix on 0.4.6.1-alpha.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
The parsers for those are disabled in the suricata config so
the rules are not needed, on the contrary they massively will spam
warnings when launching suricate because of the disabled parsers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
In order to be able to run the ISO command on command line it is helpful
that the script does not go into background halfway through the process.
We should rather start it as a background job straight from the CGI
script.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch is changing the behaviour of the backup script so that it
creates one tarball and compresses it in one go.
This will save storing the original tarball on disk before compressing
it which on my test system requires significant disk space.
This patch also solves a bug where the backup file included with the ISO
image could not be extracted because it was not gzip-compressed when it
was expected to be.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 4.14.0.4 to 4.15.0.1
- Update of rootfile
- Changelog
v4.15.0.1
rebased with official coreboot repository commit 6973a3e7
v4.14.0.6
rebased with official coreboot repository commit d06c0917
Re-added GPIO bindings to fix LED and button functionality
v4.14.0.5
rebased with official coreboot repository commit d4c55353
Updated CPU declarations in ACPI to comply with newer ACPI standard
Removed GPIO bindings to fix conflict with OS drivers
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- v3 version uses newer version of fribidi
- lfs file created
- rootfile created
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- v3 version has updated pango version
- Update from 1.30.1 (2012) to 1.50.0 (2021)
- Update of rootfile - Pango modules, engines, and config have been removed (#733882) in
version 1.37.0 in 2014.
- pango now has dependencies of harfbuzz and fribidi so patches for these two are
included in the following two patches for this series.
- make.sh modified to include
build of these two packages before pango is built
- Build is done via meson/ninja now
- Changelog is too large to show here but the details can be found in the NEWS file in
the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 4.14.0.4 to 4.15.0.1
- Update of rootfile
- Changelog
v4.15.0.1
rebased with official coreboot repository commit 6973a3e7
v4.14.0.6
rebased with official coreboot repository commit d06c0917
Re-added GPIO bindings to fix LED and button functionality
v4.14.0.5
rebased with official coreboot repository commit d4c55353
Updated CPU declarations in ACPI to comply with newer ACPI standard
Removed GPIO bindings to fix conflict with OS drivers
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update main file from 5.1 to 5.1.8 (includes patches 1 to 8)
- Remove patches 1 to 4
- Changelog - Patches 1 to 4 from the previous IPFire version together with patches 5 to
8 are now included into bash-5.1.8 followed by application of patches 9 to 12
Patch 12
There is a possible race condition that arises when a child process receives
a signal trapped by the parent before it can reset the signal dispositions.
The child process is not supposed to trap the signal in this circumstance.
Patch 11
When reading a compound assignment, and running it through the parser to
split it into words, we need to save and restore any alias we're currently
expanding.
Patch 10
If `wait -n' is interrupted by a trapped signal other than SIGINT, it does
not completely clean up state, and that can prevent subsequent calls to
`wait -n' from working correctly.
Patch 9
The bash malloc implementation of malloc_usable_size() does not follow the
specification. This can cause library functions that use it to overwrite
memory bounds checking.
Patch 8
Process substitution FIFOs opened by child processes as targets of redirections
were not removed appropriately, leaving remnants in the file system.
Patch 7
The code to check readline versions in an inputrc file had the sense of the
comparisons reversed.
Patch 6
Make sure child processes forked to run command substitutions are in the
proper process group.
Patch 5
Fix two memory leaks when assigning arrays using compound assignment syntax.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 2.99 to 3.00
- Update of rootfile not required
- Changelog
sysvinit (3.00) released; urgency=low
* Applied patch from Matthias Schiffer which allows bootlogd to read from
a wider range of consoles. The console name is already passed in from the
kernel command line using "console=". We no longer filter out names as strictly
but do now check to confirm the "console=" device points to a valid TTY.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.1.1 to 3.1.2
- Update of rootfile not required
- Changelog
version 3.1.2
* Bugfix for crash when storing modified settings at exit
* Generate xz-compressed source tarball (with configure) using github actions
* Allow -u UID with numerical value as argument
* Added documentation for obsolete/state libraries/program files highlighting
* Some obsolete/stale library highlighting refinements
* Column width issues resolved
* Dynamic UID column sizing improved
* Discard stale information from Disk and Network I/O meters
* Refined Linux kernel thread detection
* Reworked process state handling
* New CCGROUP column showing abbreviated cgroup name
* New OFFSET column in the list of open files screen
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.33.1 to 2.34.1
- Update of rootfile - The "--preserve-merges" option of "git rebase" has been removed.
- Changelog is too large to include here.
The changes for version 2.34.0 can be found in the source tarball in
Documentation/RelNotes/2.34.0.txt and for version 2.34.1 in
Documentation/RelNotes/2.34.1.txt
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 6.85 to 6.86
- Update of rootfile
- Changelog
6.86 2021-11-15
-Change warn to carp
All warnings are now issued with the carp command rather than warn.
Requested in GitHup pull request #18, but that request was not used
because it only changed the uses in the Date::Manip::Date module.
-Bug fixes
Fixed a bug where the next/prev Date::Manip::Recur methods gave
incorrect results when there are no dates that match the criteria.
(GitHub #36)
-Time zone fixes
There were no new timezone fixes on 2021-06-01 or 2021-09-01, so no
releases made then.
Newest zoneinfo data (tzdata 2021e). (GitHub #37)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.0.16 to 2.0.18
- Update of rootfile
- Changelog
2.0.18
General:
* The SDL wiki documentation and development headers are automatically kept in sync
* Each function has information about in which version of SDL it was introduced
* Added the hint SDL_HINT_APP_NAME to let SDL know the name of your application for
various places it might show up in system information
* Added SDL_RenderGeometry() and SDL_RenderGeometryRaw() to allow rendering of
arbitrary shapes using the SDL 2D render API
* Added SDL_SetTextureUserData() and SDL_GetTextureUserData() to associate
application data with an SDL texture
* Added SDL_RenderWindowToLogical() and SDL_RenderLogicalToWindow() to convert
between window coordinates and logical render coordinates
* Added SDL_RenderSetVSync() to change whether a renderer present is synchronized
with vblank at runtime
* Added SDL_PremultiplyAlpha() to premultiply alpha on a block of
SDL_PIXELFORMAT_ARGB8888 pixels
* Added a window event SDL_WINDOWEVENT_DISPLAY_CHANGED which is sent when a window
changes what display it's centered on
* Added SDL_GetWindowICCProfile() to query a window's ICC profile, and a window
event SDL_WINDOWEVENT_ICCPROF_CHANGED that is sent when it changes
* Added the hint SDL_HINT_VIDEO_EGL_ALLOW_TRANSPARENCY to allow EGL windows to be
transparent instead of opaque
* SDL_WaitEvent() has been redesigned to use less CPU in most cases
* Added SDL_SetWindowMouseRect() and SDL_GetWindowMouseRect() to confine the mouse
cursor to an area of a window
* You can now read precise mouse wheel motion using 'preciseX' and 'preciseY' event
fields
* Added SDL_GameControllerHasRumble() and SDL_GameControllerHasRumbleTriggers() to
query whether a game controller supports rumble
* Added SDL_JoystickHasRumble() and SDL_JoystickHasRumbleTriggers() to query whether
a joystick supports rumble
* SDL's hidapi implementation is now available as a public API in SDL_hidapi.h
Windows:
* Improved relative mouse motion over Windows Remote Desktop
* Added the hint SDL_HINT_IME_SHOW_UI to show native UI components instead of hiding
them (defaults off)
Windows/UWP:
* WGI is used instead of XInput for better controller support in UWP apps
Linux:
* Added the hint SDL_HINT_SCREENSAVER_INHIBIT_ACTIVITY_NAME to set the activity
that's displayed by the system when the screensaver is disabled
* Added the hint SDL_HINT_LINUX_JOYSTICK_CLASSIC to control whether /dev/input/js*
or /dev/input/event* are used as joystick devices
* Added the hint SDL_HINT_JOYSTICK_DEVICE to allow the user to specify devices that
will be opened in addition to the normal joystick detection
* Added SDL_LinuxSetThreadPriorityAndPolicy() for more control over a thread
priority on Linux
Android:
* Added support for audio output and capture using AAudio on Android 8.1 and newer
* Steam Controller support is disabled by default, and can be enabled by setting the
hint SDL_HINT_JOYSTICK_HIDAPI_STEAM to "1" before calling SDL_Init()
Apple Arcade:
* Added SDL_GameControllerGetAppleSFSymbolsNameForButton() and
SDL_GameControllerGetAppleSFSymbolsNameForAxis() to support Apple Arcade titles
iOS:
* Added documentation that the UIApplicationSupportsIndirectInputEvents key must be
set to true in your application's Info.plist in order to get real Bluetooth mouse
events.
* Steam Controller support is disabled by default, and can be enabled by setting the
hint SDL_HINT_JOYSTICK_HIDAPI_STEAM to "1" before calling SDL_Init()
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
network for download the sources has not worked with some nic's
like realtek 8169 because the phy driver was missing.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This patch removes support for i586 according to the decision being
taken over a year ago.
It removes the architecture from the build system and removes all
required hacks and other quirks that have been necessary before.
There is no need to ship any changed files to the remaining
architectures as the removed code branches have not been used.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
