vnstat is linked against libgd which has had an SO bump and therefore
needs to be shipped again.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
mount, as updated via util-linux, no longer writes /etc/mtab, causing
programs to rely on this file's content (such as the check_disk Nagios
plugin) to stop working.
/proc/self/mounts contains all the necessary information, so it is fine
to replace /etc/mtab by a symlink to it.
Fixes: #12843
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
remove the old kernel and reconfigure bootscripts for arm boards
and run user scripts to switch to a new kernel.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 9.55.0 to 9.56.1
- Update of rootfile
- Changelog
Version 9.56.0 (2022-02-22)
Highlights in this release include:
New PDF Interpreter: This is an entirely new implementation written in C
(rather than PostScript, as before). For a full discussion of this change
and reasons for it see: Changes Coming to the PDF Interpreter.
In this (9.56.0) release, the new PDF interpreter is now ENABLED by default
in Ghostscript, but the old PDF interpreter can be used as a fallback by
specifying -dNEWPDF=false. We've provided this so users that encounter
issues with the new interpreter can keep working while we iron out those
issues, the option will not be available in the long term.
This also allows us to offer a new executable (gpdf, or gpdfwin??.exe on
Windows) which is purely for PDF input. For this release, those new binaries
are not included in the "install" make targets, nor in the Windows installers.
Calling Ghostscript via the GS API is now thread safe. The one limitation is
that the X11 devices for Unix-like systems (x11, x11alpha, x11cmyk, x11cmyk2,
x11cmyk4, x11cmyk8, x11gray2, x11gray4 and x11mono) cannot be made thread
safe, due to their interaction with the X11 server, those devices have been
modified to only allow one instance in an executable.
The PSD output device now writes ICC profiles to their output files, for
improved color fidelity.
Our efforts in code hygiene and maintainability continue.
The usual round of bug fixes, compatibility changes, and incremental
improvements.
Included below are incompatible changes from recent releases (the specific release
in question is listed in parentheses). We include these, for now, as we are aware
that not everyone upgrades with every release.
(9.55.0) Changes to the device API. This will affect developers and
maintainers of Ghostscript devices. Firstly, and most importantly,
the way device-specific "procs" are specified has been rewritten
to make it (we think!) clearer and less confusing. See The
Interface between Ghostscript and Device Drivers and The Great
Device Rework Of 2021 for more details.
(9.55.0) The command line options -sGraphicsICCProfile=___,
-dGraphicsIntent=#, -dGraphicsBlackPt=#, -dGraphicsKPreserve=# have
been changed to -sVectorICCProfile=___, -dVectorIntent=#,
-dVectorBlackPt=#, -dVectorKPreserve=#.
(9.53.0) As of 9.53.0, we have (re-)introduced the patch level to the
version number, this helps facilitate a revised policy on handling
security-related issues.
Note for GSView Users: The patch level addition breaks GSView 5 (it is
hardcoded to check for versions 704-999. It is possible, but not guaranteed
that a GSView update might be forthcoming to resolve this.
(9.52) -dALLOWPSTRANSPARENCY: The transparency compositor (and related
features), whilst we are improving it, remains sensitive to being
driven correctly, and incorrect use can have unexpected/undefined
results. Hence, as part of improving security, we limited access to
these operators, originally using the -dSAFER feature. As we made
"SAFER" the default mode, that became unacceptable, hence the new
option -dALLOWPSTRANSPARENCY which enables access to the operators.
(9.50) There are a couple of subtle incompatibilities between the old and
new SAFER implementations. Firstly, as mentioned in the 9.50 release
notes, SAFER now leaves standard PostScript functionality unchanged
(except for the file access limitations). Secondly, the interaction
with save/restore operations has changed. See SAFER.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- The directory name for the hostile data was using HOSTILE while the chain was called
HOSTILE_DROP. This resulted in the files in the directory not being updated.
Fixes: bug#12838
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
- Chain that was specified was HOSTILE but actual used is HOSTILE_DROP
- Using HOSTILE caused no update fro the hostile data used in the Firewall Hits graph
Fixes: bug#12838
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Acked-by: Bernhard Bitsch <bbitsch@ipfire.org>
This saves some resources when we re-read the same configuration file
too often.
Suggested-by: Anthony Heading <ajrh@ajrh.net>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch changes that the script will listen to changes to the
directory instead of the file which got complicated when files got
renamed.
It also processes all changes at the same time and tries finding out
what actions have to be performed in order to avoid unnecessary
iterations.
The script is also limited to process any changes only once every five
seconds to keep resource usage in check on busy systems.
Suggested-by: Anthony Heading <ajrh@ajrh.net>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This improves logging and enables logging to the console.
Suggested-by: Anthony Heading <ajrh@ajrh.net>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Since running virtual machines is one of our legitimate use cases, it
makes sense to provide Qemu with the ability of taking advantage of
IOMMU support for safer virtuall memory allocation, if available.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremer@ipfire.org>
