- Updatre from version 2.14 to 2.15
- Update of rootfile
- Changelog
2.15
* Fix operation of --no-absolute-filenames --make-directories
* Restore access and modification times of symlinks in copy-in
and copy-pass modes.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
We should not have any configuration files that we share in this place,
therefore this patch is moving it into /usr/share/openvpn where we
should be able to update it without any issues.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This architecture does not seem to be support and since we don't support
this as a primary architecture just yet, we will build without this
package.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- hyperscan will move from BSD licence to a proprietary paid for licence from version 5.5
onwards.
- hyperscan will be replaced by vectorscan, a fork of hyperscan.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- It has been announced that from hyperscan-5.5 onwards the licence for this package
will change from BSD tp proprietarty paid for version
- This patch submission installs vectorscan whihc was created as a fork from hyperscan
andf that is being maintained and has indicated it will suay Open Source
- Created new lfs file
- Created nbew rootfile. This looks to match the hyperscan rootfile closely
- Added vector scan to the make.sh file and removed hyperscan from it.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Changelog according to the tarball's NEWS file:
- Improvements
- Use any hash algo known by kernel/openssl instead of keep needing
to update the mapping
- Teach kmod to load modprobe.d/depmod.d configuration from ${prefix}/lib
and allow it to be overriden during build with --with-distconfdir=DIR
- Make kernel modules directory configurable. This allows distro to
make kmod use only files from /usr regardless of having a compat
symlink in place.
- Install kmod.pc containing the features selected at build time.
- Install all tools and symlinks by default. Previously kmod relied on
distro packaging to set up the symlinks in place like modprobe,
depmod, lsmod, etc. Now those symlinks are created by kmod itself
and they are always placed in $bindir.
- Bug Fixes
- Fix warnings due to -Walloc-size
- Others
- Drop python bindings. Those were not update in ages and not compatible
with latest python releases.
- Cleanup test infra, dropping what was not used anymore
- Drop experimental tools `kmod insert` / `kmod remove`. Building those
was protected by a configure option never set by distros. They also
didn't gain enough traction to replace the older interfaces via
modprobe/insmod/rmmod.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- sslh is listed in the initscripts lfs and rootfiles.
- Removal of these references with the bremoval of sslh
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
For details see:
https://downloads.isc.org/isc/bind9/9.16.49/doc/arm/html/notes.html#notes-for-bind-9-16-49
"Bug Fixes
A regression in cache-cleaning code enabled memory use to grow
significantly more quickly than before, until the configured
max-cache-size limit was reached. This has been fixed. [GL #4596]
Using rndc flush inadvertently caused cache cleaning to become
less effective. This could ultimately lead to the configured
max-cache-size limit being exceeded and has now been fixed. [GL #4621]
The logic for cleaning up expired cached DNS records was tweaked to be
more aggressive. This change helps with enforcing max-cache-ttl and
max-ncache-ttl in a timely manner. [GL #4591]
It was possible to trigger a use-after-free assertion when the overmem
cache cleaning was initiated. This has been fixed. [GL #4595]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
grub-btrfs try to reconfigure grub in the buildsystem and print always the bugtracker url on every error even when its not a bug
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
As very simple XS based perl binding for libarchive
to get header data and extract files.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is only a build dependency for perl-Arhive-Peek-Libarchive and
will not be installed on a system
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is only a build dependency for perl-Config-AutoConf and
will not be installed on a system
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- xz version 5.6.0 and 5.6.1 discovered to have been backdoored by what looks to have
been one of the xz devs.
- IPFire looks not to be affected by the problem as we don't patch openssh to be linked
with liblzma
- However due to question marks about what else might be in these 5.6.x versions it is
better to revert back to a version that did not have the build-to-host.m4 file with the
code that modifies the build if it meets certain criteria.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
this file should created by grub-install at installation.
Also it is not present on aarch64 builds of grub.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This kind of grub addon will extend the grub boot menu by a additional
submenu where a BTRFS snapshot can be selected to directly use as root
volume and boot into it.
The grub-btrfsd daemon is using inotify(tools) to watch the snapshot directory for
new or deleted snapshots and calls grub-mkconfig to adjust the snapshot grub submenu
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from version 2.5.0 to commit e1266c7
- Update of rootfile
- When ppp-2.5.0 was released it had a bug bin it that the lock and run directories
had non standard defaults but also that if the directory did not exist ppp just
ignored it and continued to start but would then have error messages in the logs about
not being able to cretae the lock file
- This issue was raised in the ppp github issues and a set of patches merged into ppp.
- The plan was written in Nov 2023 that this would be released as 2.5.1, however nearly
three months later there is no sight of 2.5.1 being released and people continue to
flag up the lock directory issues and have to apply a workaround to create the directory
in local.rc
- This patch has taken the zip source tarball of master at the commit e1266c7. The zip
tarball was then extracted and then tar'd back up as a tar.gz file with the version set
at e1266c7 rather than master. I could not find any other way to get a source tarball\
created at a certain commit stage.
- The patch ppp-2.5.0-2-everywhere-O_CLOEXEC-harder.patch had to be updated due to some
changes in the source files.
- The patch ppp-2.5.0-7-add-configure-check-to-see-if-we-have-struct-sockaddr_ll.patch
was removed as the changes are now built into the source tarball.
- This will need to be tested thoroughly by people with ppp to confirm that the lock
directory is created if it doesn't exist on the system. I can't test that as I have
no access to a ppp connection system.
- For a view of the changelog between 2.5.0 and e1266c7 the github commits list needs to
be reviewed. https://github.com/ppp-project/ppp/commits/master/?before=e1266c76d1ad39f98f11676e34f180f78c5a510c+35
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 2.6.1 to 2.6.2
- Update of rootfile
- Changelog
2.6.2
Security fixes:
#839#842 CVE-2024-28757 -- Prevent billion laughs attacks with
isolated use of external parsers. Please see the commit
message of commit 1d50b80cf31de87750103656f6eb693746854aa8
for details.
Bug fixes:
#839#841 Reject direct parameter entity recursion
and avoid the related undefined behavior
Other changes:
#847 Autotools: Fix build for DOCBOOK_TO_MAN containing spaces
#837 Add missing #821 and #824 to 2.6.1 change log
#838#843 Version info bumped from 10:1:9 (libexpat*.so.1.9.1)
to 10:2:9 (libexpat*.so.1.9.2); see https://verbump.de/
for what these numbers do
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 5.6.0 to 5.6.1
- Update of rootfile
- Changelog
5.6.1
* liblzma: Fixed two bugs relating to GNU indirect function (IFUNC)
with GCC. The more serious bug caused a program linked with
liblzma to crash on start up if the flag -fprofile-generate was
used to build liblzma. The second bug caused liblzma to falsely
report an invalid write to Valgrind when loading liblzma.
* xz: Changed the messages for thread reduction due to memory
constraints to only appear under the highest verbosity level.
* Build:
- Fixed a build issue when the header file <linux/landlock.h>
was present on the system but the Landlock system calls were
not defined in <sys/syscall.h>.
- The CMake build now warns and disables NLS if both gettext
tools and pre-created .gmo files are missing. Previously,
this caused the CMake build to fail.
* Minor improvements to man pages.
* Minor improvements to tests.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 8.6.13 to 8.6.14
- Update of rootfile
- Changelog
8.6.14
This is a patch release, so it primarily includes bug fixes and corrections
to erratic behavior. Highlighted changes are noted below. The changes file
at the root of the source tree contains a more complete list. The Timelines
of all changes are online.
http://core.tcl-lang.org/tcl/timelinehttp://core.tcl-lang.org/tk/timeline
* [TIP 402] revise path normalization for x-platform UNC path support
*** POTENTIAL INCOMPATIBILITY ***
* Harmonize Tk's parse of numbers (screen distance, etc) with Tcl
*** POTENTIAL INCOMPATIBILITY ***
* Iconlist ignores options db for fg text color; affects dialogs
*** POTENTIAL INCOMPATIBILITY ***
* Aqua: XPutImage() swaps red and blue channels
*** POTENTIAL INCOMPATIBILITY ***
* [encoding convertfrom] handling of incomplete code sequences
*** POTENTIAL INCOMPATIBILITY ***
* Harmonize handling of ~ in paths across platforms.
*** POTENTIAL INCOMPATIBILITY ***
* Fix menu clone binding misbehavior, menu-20.1[2-6].
*** POTENTIAL INCOMPATIBILITY ***
* Improved performance of [exec] and [open |$cmd] on unix-lke
systems, especially with large memory footprints.
* Improve performance of large treeview destruction.
* Improve performance of large image insertions into text.
* Improve widget creation performance due to poor font caching.
* Fix notebook tab appearances when placed on edge other than top.
* Enable treeview display of partial final line.
* Win: restore [exec %var%] that was dropped in 8.6.13.
* Allow [chan create {} $cmd]. Enables simulation of server channels.
* Allow return from [tk scaling] in safe interps.
* Prevent navigation by word exposing clues to masked entry contents.
* Fix crashes or hangs in...
- [chan pop] with pending input
- thread finalization of reflected channels
- [label .l -bitmap floppy]
- [set tcl_precision 15; expr 6.4623485355705287e-27]
- [tk busy forget] and [tk busy hold]
- channel read into "string" Tcl_Obj can BO, and perform poorly
- KVO crash after destroying Aqua's first root toplevel
- Test treeview-6ee162c3f9
- Test tailcall-bug-784befb0ba
- Tests menu-40.[12]
* Repair memory leaks and errors
- Eliminate undefined realloc() calls
- Silence many warnings from -fsanitize=function
- Flawed interfacing with XIM
- Tcl_UtfToExternal writing to one-byte buffer
- Tcl_UtfToUniChar() handling of 0xC1.
- Tk_ConfigureValue could call wrong free() routine.
- tests getuncichar-1.* in utf.test
- ...and many more
* No more support for 32-bit Cygwin
* ::tcl_platform(osVersion) updated to report Windows 11
* Accommodate macOS deprecation of sprintf()
* Silence macOS 14 warnings about secure restorable state.
* Code changes to support ASan use-after-return detection
* Revise Tcl_MakeFileChannel() to better partner with pledge()
* Prevent false [clock format] error reports on FreeBSD
* Region clip & copy make better use of OS facilities.
* Update handling of Apple FourCC creator codes.
* Text selection omits first character, text-38.1
* Windows: improved support of non-BMP pathnames
* Fixed some Y2038 limitations
* Fix photo color drawing on X11 32-bit visuals.
* Fix <<MenuSelect>> regression on menus with -tearoff
* Correct rounding of [nsFont pointSize].
* zlib comment/filename error handling (zlib-8.19, zlib-8.2[012])
* Prevent theme change attempts after Tk finalize.
* Make dialogs robust against parent destruction.
* Make [tk_chooseColor] robust against failed grab.
* Fix menu parsing of @x,y indices. menu-22.[6-9]
* Fix inconsistent results from [font measure].
* Fixed [clock scan|add] handling of abbreviated options
* Avoid endless loops replacing [unknown] or [history].
* Fix polluted error messages from [send -option].
* PNG photo image decoder missed a 0xFF entry.
* Fix failing winTime-2.1 on Windows
* test string-2.20.1 failed on big endian platforms
* Updated bundled packages, libraries, standards, data
- Itcl 4.2.4
- sqlite3 3.44.2
- Thread 2.8.9
- TDBC* 1.1.7
- tcltest 2.5.7
- libtommath 1.2.1
- zlib 1.3.1
- Unicode 15.1
- tzdata 2024a
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 24.01.0 to 24.03.0
- Update of rootfile
- find-dependencies run due to sobump. No issues found
- Changelog
24.03.0:
core:
* Fix opening some malformed files. Issue #1447
* Skip drawing image when it has singular matrix. Issue #1114
* Fix crash on malformed files
* Small internal code cleanup
utils:
* pdfdetach: Fix potential directory traversal
* pdfimages: Enable to print filenames to stdout.
* pdfsig: Add visible name/date when signing an existing form signature field
24.02.0:
core:
* Fix reading some JBIG2 streams. Issue #1319
* Fix saving some annotation interior color when it's empty
* Make searching for fonts when adding annotations a bit faster
* Make sure images are compressed when adding them
* Small internal code cleanup
utils:
* pdfimages: return exit code 2 when error opening output files
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
