Historically, the MD5 checksums in our LFS files serve as a protection
against broken downloads, or accidentally corrupted source files.
While the sources are nowadays downloaded via HTTPS, it make sense to
beef up integrity protection for them, since transparently intercepting
TLS is believed to be feasible for more powerful actors, and the state
of the public PKI ecosystem is clearly not helping.
Therefore, this patch switches from MD5 to BLAKE2, updating all LFS
files as well as make.sh to deal with this checksum algorithm. BLAKE2 is
notably faster (and more secure) than SHA2, so the performance penalty
introduced by this patch is negligible, if noticeable at all.
In preparation of this patch, the toolchain files currently used have
been supplied with BLAKE2 checksums as well on
https://source.ipfire.org/.
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremeripfire.org>
- Update from 8.44 to 8.45
- Updated rootfile
- Checked the dependencies of the old lib versions using find-dependencies
nothing flagged
- Changelog
Version 8.45 15-June-2021
This is the final release of PCRE1. A few minor tidies are included.
1. CMakeLists.txt has two user-supplied patches applied, one to allow for the
setting of MODULE_PATH, and the other to support the generation of pcre-config
file and libpcre*.pc files.
2. There was a memory leak if a compile error occurred when there were more
than 20 named groups (Bugzilla #2613).
3. Fixed some typos in code and documentation.
4. Fixed a small (*MARK) bug in the interpreter (Bugzilla #2771).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Update apache dependencies:
APR: update to version 1.7.0
PCRE: update to version 8.44
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
* Fix auto-callout (?# comment bug.
* Fix negated POSIX class within negated overall class UCP bug.
* Fix bug for isolated \E between an item and its qualifier
when auto callout is set.
* Give error for regexec with pmatch=NULL and REG_STARTEND set.
* Allow for up to 32-bit numbers in the ordin() function in pcregrep.
* Fix \Q\E before qualifier bug when auto callouts are enabled.
* Fix /x bug when pattern starts with white space and (?-x).
* Fix copy named substring bug.
* Fix (by hacking) another length computation issue.
* Fix get_substring_list() bug when \K is used in an assertion.
* Fix pcretest bad behaviour for callout in lookbehind.
* Fix workspace overflow for (*ACCEPT) with deeply nested parentheses.
* Yet another duplicate name bugfix by overestimating the
memory needed (i.e. another hack - PCRE2 has this "properly" fixed).
* Fix pcretest loop for global matching with an ovector size less than 2.
* Fix non-diagnosis of missing assertion after (?(?C).
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reason:
The latest version of pcre comes with a JIT compiler for regular
expressions. The implementation of that requires that memory is writable
and executable at the same time which is not allowed by grsecurity.
