- Update from version 3.22.4 to 3.22.6
- Update of rootfile
- Changelog
HPLIP 3.22.6 - This release has the following changes:
Added support for following new Distro's:
Mx Linux 21.1
Ubuntu 22.04
Fedora 36
Added support for the following new Printers:
HP Color LaserJet Managed MFP E785dn
HP Color LaserJet Managed MFP E78523dn
HP Color LaserJet Managed MFP E78528dn
HP Color LaserJet Managed MFP E786dn
HP Color LaserJet Managed MFP E786 Core Printer
HP Color LaserJet Managed MFP E78625dn
HP Color LaserJet Managed FlowMFP E786z
HP Color LaserJet Managed Flow MFP E78625z
HP Color LaserJet Managed MFP E78630dn
HP Color LaserJet Managed Flow MFP E78630z
HP Color LaserJet Managed MFP E78635dn
HP Color LaserJet Managed Flow MFP E78635z
HP LaserJet Managed MFP E731dn
HP LaserJet Managed MFP E731 Core Printer
HP LaserJet Managed MFP E73130dn
HP LaserJet Managed Flow MFP E731z
HP LaserJet Managed Flow MFP E73130z
HP LaserJet Managed MFP E73135dn
HP LaserJet Managed Flow MFP E73135z
HP LaserJet Managed MFP E73140dn
HP LaserJet Managed Flow MFP E73140z
HP Color LaserJet Managed MFP E877dn
HP Color LaserJet Managed MFP E877 Core Printer
HP Color LaserJet Managed MFP E87740dn
HP Color LaserJet Managed Flow MFP E877z
HP Color LaserJet Managed Flow MFP E87740z
HP Color LaserJet Managed MFP E87750dn
HP Color LaserJet Managed Flow MFP E87750z
HP Color LaserJet Managed MFP E87760dn
HP Color LaserJet Managed Flow MFP E87760z
HP Color LaserJet Managed MFP E87770dn
HP Color LaserJet Managed Flow MFP E87770z
HP LaserJet Managed MFP E826dn
HP LaserJet Managed MFP E826 Core Printer
HP LaserJet Managed MFP E82650dn
HP LaserJet Managed Flow MFP E826z
HP LaserJet Managed Flow MFP E82650z
HP LaserJet Managed MFP E82660dn
HP LaserJet Managed Flow MFP E82660z
HP LaserJet Managed MFP E82670dn
HP LaserJet Managed Flow MFP E82670z
HP LaserJet Managed MFP E730dn
HP LaserJet Managed MFP E73025dn
HP LaserJet Managed MFP E73030dn
HP LaserJet Pro MFP 3101fdwe
HP LaserJet Pro MFP 3101fdw
HP LaserJet Pro MFP 3102fdwe
HP LaserJet Pro MFP 3102fdw
HP LaserJet Pro MFP 3103fdw
HP LaserJet Pro MFP 3104fdw
HP LaserJet Pro MFP 3101fdne
HP LaserJet Pro MFP 3101fdn
HP LaserJet Pro MFP 3102fdne
HP LaserJet Pro MFP 3102fdn
HP LaserJet Pro MFP 3103fdn
HP LaserJet Pro MFP 3104fdn
HP LaserJet Pro 3001dwe
HP LaserJet Pro 3001dw
HP LaserJet Pro 3002dwe
HP LaserJet Pro 3002dw
HP LaserJet Pro 3003dw
HP LaserJet Pro 3004dw
HP LaserJet Pro 3001dne
HP LaserJet Pro 3001dn
HP LaserJet Pro 3002dne
HP LaserJet Pro 3002dn
HP LaserJet Pro 3003dn
HP LaserJet Pro 3004dn
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- libfmt required in run time by mpd
- mpd changelog specifically said fmt was a build only dependency
- Bug#12909 flagged up that fmt was also a run time dependency for mpd
Fixes: Bug#12909
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- v3 version adds specific armv6l based rootfile as xxxMACHINExxx does not get correct
substitution
Fixes: Bug#12611
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- starting tftpd currently throws "missing directory" error
- this change corrects the issue
Signed-off-by: Jon Murphy <jon.murphy@ipfire.org>
Acked-by: Stefan Schantl <stefan.schantl@ipfire.org>
For details see:
https://blog.clamav.net/2022/07/clamav-01037-01041-and-01051-patch.html
"ClamAV 0.105.1 is a critical patch release with the following fixes:
Upgrade the vendored UnRAR library to version 6.1.7.
Fix issue building macOS universal binaries in some configurations.
Silence error message when the logical signature maximum functionality
level is lower than the current functionality level.
Fix scan error when scanning files containing malformed images that
cannot be loaded to calculate an image fuzzy hash.
Fix logical signature "Intermediates" feature.
Relax constraints on slightly malformed ZIP archives that contain
overlapping file entries."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update frpm version 5.2.9 (2012) to 5.3.4
- Update of rootfile
- find-dependencies run on sobumped libs. No dependencies found on old sobumped versions
only on the new versions.
- Changelog is too large to include here (approx 1700 lines). For details of changes see
the ChangeLog file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Provide IPFire specific items for the Zabbix server to monitor:
- ipfire.net.gateway.pingtime: Internet Line Quality
- ipfire.net.gateway.ping: Internet connection
- ipfire.net.fw.hits.raw: JSON formatted list of Firewall hits/chain
- ipfire.dhcpd.clients: Number of active DHCP leases
- ipfire.captive.clients: Number of Captive Portal clients
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
- Remove sudoers file 'zabbix' in favour of new IPFire managed
'zabbix_agentd' and user managed 'zabbix_agentd_user' which is
included in the backup
- Provide migration of old sudoers file 'zabbix' or 'zabbix.user' to
new zabbix_agentd_user sudoers file if it was modified by user.
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
- Restrict default main config to only the bare minimum options
and add upstream provided config as example file.
- Remove /etc/zabbix_agentd from backup and instead add only
zabbix_agentd.conf and subdirs 'scripts' and 'zabbix_agentd.d' to
the backup.
- Move ipfire managed userparameter_pakfire.conf from
user managed dir /etc/zabbix_agentd/zabbix_agent.d to
ipfire managed dir /var/ipfire/zabbix_agentd/userparameters
- Add Include line to existing zabbix_agentd.conf to include
the new ipfire managed config dir /var/ipfire/zabbix_agentd/...
- Add and include mandatory IPFire specific agent configuration
which should never be changed by the user.
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
- Add agent modules-dir to backup
- Remove original, not used agent modules dir from rootfile
- Create modules-dir during install if it not already exists
- bugfix: Add existence check before creating log-dir, avoiding error
messages if it already exists from a previous install
- bugfix: add extract_backup_includes to update.sh script to make
sure backup includes exist when backup is taken.
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
- Update from version 3.4.7 to 36.0.2
After version 3.4.8 the numbering scheme changed to 35.0.0 in Sept 2021
See Chanelog section 35.0.0 below
- New release requires a lot of rust packages - see Changelog sections 35.0.0 & 36.0.0
below. The required rust packages are installed in separate patches in this series
- Update of rootfile
- Changelog
36.0.2 - 2022-03-15¶
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1n.
36.0.1 - 2021-12-14¶
Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 1.1.1m.
36.0.0 - 2021-11-21¶
FINAL DEPRECATION Support for verifier and signer on our asymmetric key
classes was deprecated in version 2.0. These functions had an extended
deprecation due to usage, however the next version of cryptography will drop
support. Users should migrate to sign and verify.
The entire X.509 layer is now written in Rust. This allows alternate
asymmetric key implementations that can support cloud key management
services or hardware security modules provided they implement the necessary
interface (for example: EllipticCurvePrivateKey).
Deprecated the backend argument for all functions.
Added support for AESOCB3.
Added support for iterating over arbitrary request attributes.
Deprecated the get_attribute_for_oid method on CertificateSigningRequest in
favor of get_attribute_for_oid() on the new Attributes object.
Fixed handling of PEM files to allow loading when certificate and key are in
the same file.
Fixed parsing of CertificatePolicies extensions containing legacy BMPString
values in their explicitText.
Allow parsing of negative serial numbers in certificates. Negative serial
numbers are prohibited by RFC 5280 so a deprecation warning will be raised
whenever they are encountered. A future version of cryptography will drop
support for parsing them.
Added support for parsing PKCS12 files with friendly names for all
certificates with load_pkcs12(), which will return an object of type
PKCS12KeyAndCertificates.
rfc4514_string() and related methods now have an optional attr_name_overrides
parameter to supply custom OID to name mappings, which can be used to match
vendor-specific extensions.
BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address
fields as E in rfc4514_string() methods from version 35.0.
The previous behavior can be restored with:
name.rfc4514_string({NameOID.EMAIL_ADDRESS: "E"})
Allow X25519PublicKey and X448PublicKey to be used as public keys when
parsing certificates or creating them with CertificateBuilder. These key
types must be signed with a different signing algorithm as X25519 and X448
do not support signing.
Extension values can now be serialized to a DER byte string by calling
public_bytes().
Added experimental support for compiling against BoringSSL. As BoringSSL
does not commit to a stable API, cryptography tests against the latest
commit only. Please note that several features are not available when
building against BoringSSL.
Parsing CertificateSigningRequest from DER and PEM now, for a limited time
period, allows the Extension critical field to be incorrectly encoded. See
the issue for complete details. This will be reverted in a future
cryptography release.
When OCSPNonce are parsed and generated their value is now correctly wrapped
in an ASN.1 OCTET STRING. This conforms to RFC 6960 but conflicts with the
original behavior specified in RFC 2560. For a temporary period for
backwards compatibility, we will also parse values that are encoded as
specified in RFC 2560 but this behavior will be removed in a future release.
35.0.0 - 2021-09-29¶
Changed the version scheme. This will result in us incrementing the major
version more frequently, but does not change our existing backwards
compatibility policy.
BACKWARDS INCOMPATIBLE: The X.509 PEM parsers now require that the PEM
string passed have PEM delimiters of the correct type. For example, parsing
a private key PEM concatenated with a certificate PEM will no longer be
accepted by the PEM certificate parser.
BACKWARDS INCOMPATIBLE: The X.509 certificate parser no longer allows
negative serial numbers. RFC 5280 has always prohibited these.
BACKWARDS INCOMPATIBLE: Additional forms of invalid ASN.1 found during X.509
parsing will raise an error on initial parse rather than when the malformed
field is accessed.
Rust is now required for building cryptography, the
CRYPTOGRAPHY_DONT_BUILD_RUST environment variable is no longer respected.
Parsers for X.509 no longer use OpenSSL and have been rewritten in Rust.
This should be backwards compatible (modulo the items listed above) and
improve both security and performance.
Added support for OpenSSL 3.0.0 as a compilation target.
Added support for SM3 and SM4, when using OpenSSL 1.1.1. These algorithms
are provided for compatibility in regions where they may be required, and
are not generally recommended.
We now ship manylinux_2_24 and musllinux_1_1 wheels, in addition to our
manylinux2010 and manylinux2014 wheels. Users on distributions like Alpine
Linux should ensure they upgrade to the latest pip to correctly receive
wheels.
Added rfc4514_attribute_name attribute to x509.NameAttribute.
Added KBKDFCMAC.
3.4.8 - 2021-08-24¶
Updated Windows, macOS, and manylinux wheels to be compiled with
OpenSSL 1.1.1l.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
