Sodium is a new, easy-to-use software library for encryption,
decryption, signatures, password hashing and more.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This is now being dropped since the image won't fit onto a 2GB device
any more and since there is only one type of image, we don't need to
state the filesystem type.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://www.nano-editor.org/news.php
"Changes between v6.3 and v6.4:
------------------------------
Benno Schulenberg (24):
bump version numbers and add a news item for the 6.4 release
display: remember text and column positions when softwrapping a line
docs: concisely describe how the linter behaves
docs: remove the two notices about the changed defaults
docs: rename README.GIT to README.hacking, so it's clearer what is meant
docs: stop mentioning the obsoleted keywords that were removed
files: designate the root directory with a simple "/", not with "//"
formatter: instead of leaving curses, use full_refresh() to wipe messages
gnulib: update to its current upstream state
help: reshuffle two shortcuts so that more help-line items are paired
options: stop accepting -z, as --suspendable has been dropped too
rcfile: remove five obsolete or deprecated keywords
syntax: default: do not colorize a square or angle bracket after a URL
syntax: perl: add missing keywords, and reduce the length of some lines
syntax: python: mention an alternative linter in a comment
tweaks: add a missing word to a news item
tweaks: add a translator hint
tweaks: improve a comment, and reshuffle two functions plus some lines
tweaks: put each regex on separate line, to better show many keywords
tweaks: rename a variable, to not be the same as a function name
tweaks: rename two variables, to not contain the name of another
tweaks: reshuffle a description and rewrap another
tweaks: reshuffle a few lines, to group things better
version: condense the copyright message, to not dominate the output
LIU Hao (1):
build: ignore errors from `git describe`"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
realtek has released a third different usb ac wlan chipset.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- starting tftpd currently throws "missing directory" error
- this change corrects the issue
Signed-off-by: Jon Murphy <jon.murphy@ipfire.org>
Acked-by: Stefan Schantl <stefan.schantl@ipfire.org>
- this releases fixes the following major security issues:
CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
- FIX: afpd: make a variable declaration a definition
- UPD: Remove bundled libevent
Signed-off-by: Jon Murphy <jon.murphy@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- rootfile has all entries commented out as not needed for execution only build
Fixes: Bug#12611
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- The addition of pyfuse3 requires a total of 11 python3 module dependencies and the
addition of python3-Cython during the build
- The other dependencies etc are submitted in the rest of this patch series.
Fixes: Bug#12611
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
This is a maintenance release that bundles all the previously added
patches, which have therefore been deleted.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Full changelog since version 0.23.6:
ver 0.23.8 (2022/07/09)
* storage
- curl: fix crash if web server does not understand WebDAV
* input
- cdio_paranoia: fix crash if no drive was found
- cdio_paranoia: faster cancellation
- cdio_paranoia: don't scan for replay gain tags
- pipewire: fix playback of very short tracks
- pipewire: drop all buffers before manual song change
- pipewire: fix stuttering after manual song change
- snapcast: fix busy loop while paused
- snapcast: fix stuttering after resuming playback
* mixer
- better error messages
- alsa: fix setting volume before playback starts
- pipewire: fix crash bug
- pipewire: fix volume change events with PipeWire 0.3.53
- pipewire: don't force initial volume=100%
* support libfmt 9
ver 0.23.7 (2022/05/09)
* database
- upnp: support pupnp 1.14
* decoder
- ffmpeg: fix HLS seeking
- opus: fix missing song length on high-latency files
* output
- shout: require at least libshout 2.4.0
* mixer
- pipewire: fix volume restore
- software: update volume of disabled outputs
* support libiconv
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Full changelog:
4.1.0 - 2022-07-18
ENHANCEMENTS
Add support for OpenSSL 3 (and EL9/Debian 11/Ubuntu 22)
Allow tcpd/libwrap to be excluded from build when present on the system
Allow loading of full certificate chains
Change -u (connection issues return UNKNOWN) to include all SSL-layer failures.
Disable renegotiation and enforce server cipher order when using SSL
Verify that private keys match certificates when using SSL
FIXES
Fixed incorrect default for nasty_metachars in nrpe.cfg
Fixed incorrect help text for --use-adh
Fixed potential out-of-bound read when used with IPv6
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
- In 2018 parted was moved from being an addon to being a core program
- The rootfile was moved from rootfiles/packages/ to rootfiles/common/
- The LFS was not updated to remove the PAK_VER etc elements.
- This patch adjusts the LFS file to be in line with being a core program
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
For details see:
https://nlnetlabs.nl/projects/unbound/download/#unbound-1-16-2
"Features
Merge #718: Introduce infra-cache-max-rtt option to config max retransmit timeout.
Bug Fixes
Fix the novel ghost domain issues CVE-2022-30698 and CVE-2022-30699.
Fix bug introduced in 'improve val_sigcrypt.c::algo_needs_missing
for one loop pass'.
Merge PR #668 from Cristian Rodríguez: Set IP_BIND_ADDRESS_NO_PORT
on outbound tcp sockets.
Fix verbose EDE error printout.
Fix dname count in sldns parse type descriptor for SVCB and HTTPS.
For windows crosscompile, fix setting the IPV6_MTU socket option
equivalent (IPV6_USER_MTU); allows cross compiling with latest cross-compiler versions.
Merge PR 714: Avoid treat normal hosts as unresponsive servers. And fixup the lock code.
iana portlist update.
Update documentation for 'outbound-msg-retry:'.
Tests for ghost domain fixes."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Please refer to https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.57
for the changelog of this version. Since it introduces
architecture-dependent rootfile changes due to CPU side-channel
mitigations, changes to ARM rootfiles have been omitted due to the lack
of hardware.
Supposed hardening changes will be submitted separately.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
For details see:
https://blog.clamav.net/2022/07/clamav-01037-01041-and-01051-patch.html
"ClamAV 0.105.1 is a critical patch release with the following fixes:
Upgrade the vendored UnRAR library to version 6.1.7.
Fix issue building macOS universal binaries in some configurations.
Silence error message when the logical signature maximum functionality
level is lower than the current functionality level.
Fix scan error when scanning files containing malformed images that
cannot be loaded to calculate an image fuzzy hash.
Fix logical signature "Intermediates" feature.
Relax constraints on slightly malformed ZIP archives that contain
overlapping file entries."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://downloads.isc.org/isc/bind9/9.16.31/doc/arm/html/notes.html#notes-for-bind-9-16-31
Excerpt from changelog:
" --- 9.16.31 released ---
5917. [bug] Update ifconfig.sh script as is miscomputed interface
identifiers when destroying interfaces. [GL #3061]
5915. [bug] Detect missing closing brace (}) and computational
overflows in $GENERATE directives. [GL #3429]
5913. [bug] Fix a race between resolver query timeout and
validation in resolver.c:validated(). Remove
resolver.c:maybe_destroy() as it is no loger needed.
[GL #3398]
5909. [bug] The server-side destination port was missing from dnstap
captures of client traffic. [GL #3309]
5905. [bug] When the TCP connection would be closed/reset between
the connect/accept and the read, the uv_read_start()
return value would be unexpected and cause an assertion
failure. [GL #3400]
5903. [bug] When named checks that the OPCODE in a response matches
that of the request, if there is a mismatch named logs
an error. Some of those error messages incorrectly
used RCODE instead of OPCODE to lookup the nemonic.
This has been corrected. [GL !6420]"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
