- Update from version 9.0 to 9.5
- Update of the uname patch to 9.5
- Obtained the 9.5 version of the i18n patch. However this caused the coreutils build to
fail. Without the patch the build had no problems. After investigating for some time
I identified that coreutils used to have the mbchar.h and mbchar.c files in its
source tarball lib directory. However those are no longer needed by coreutils so they
have been deleted in the source tarball. However the i18n patch still requires them.
The patch creates the code for the mbchar.h and mbchar.c files. However it has made
the availability of the members buf & mb_setascii and some code related to old_mbc
dependent on GNULIB being defined. This is specified in configure.ac but that define
did not make it into the prepared configure file. This causes those members to not be
found and the build fails.
- Removing the three #if defined GNLIB_MBFILE statements from the coreutils-9.5-i18n
patch, so that the code is executed in the build, causes the members to be present
and the build is successfull.
- Update of rootfile
- Changelog
9.5
** Bug fixes
chmod -R now avoids a race where an attacker may replace a traversed file
with a symlink, causing chmod to operate on an unintended file.
[This bug was present in "the beginning".]
cp, mv, and install no longer issue spurious diagnostics like "failed
to preserve ownership" when copying to GNU/Linux CIFS file systems.
They do this by working around some Linux CIFS bugs.
cp --no-preserve=mode will correctly maintain set-group-ID bits
for created directories. Previously on systems that didn't support ACLs,
cp would have reset the set-group-ID bit on created directories.
[bug introduced in coreutils-8.20]
join and uniq now support multi-byte characters better.
For example, 'join -tX' now works even if X is a multi-byte character,
and both programs now treat multi-byte characters like U+3000
IDEOGRAPHIC SPACE as blanks if the current locale treats them so.
numfmt options like --suffix no longer have an arbitrary 127-byte limit.
[bug introduced with numfmt in coreutils-8.21]
mktemp with --suffix now better diagnoses templates with too few X's.
Previously it conflated the insignificant --suffix in the error.
[bug introduced in coreutils-8.1]
sort again handles thousands grouping characters in single-byte locales
where the grouping character is greater than CHAR_MAX. For e.g. signed
character platforms with a 0xA0 (aka  ) grouping character.
[bug introduced in coreutils-9.1]
split --line-bytes with a mixture of very long and short lines
no longer overwrites the heap (CVE-2024-0684).
[bug introduced in coreutils-9.2]
tail no longer mishandles input from files in /proc and /sys file systems,
on systems with a page size larger than the stdio BUFSIZ.
[This bug was present in "the beginning".]
timeout avoids a narrow race condition, where it might kill arbitrary
processes after a failed process fork.
[bug introduced with timeout in coreutils-7.0]
timeout avoids a narrow race condition, where it might fail to
kill monitored processes immediately after forking them.
[bug introduced with timeout in coreutils-7.0]
wc no longer fails to count unprintable characters as parts of words.
[bug introduced in textutils-2.1]
** Changes in behavior
base32 and base64 no longer require padding when decoding.
Previously an error was given for non padded encoded data.
base32 and base64 have improved detection of corrupted encodings.
Previously encodings with non zero padding bits were accepted.
basenc --base16 -d now supports lower case hexadecimal characters.
Previously an error was given for lower case hex digits.
cp --no-clobber, and mv -n no longer exit with failure status if
existing files are encountered in the destination. Instead they revert
to the behavior from before v9.2, silently skipping existing files.
ls --dired now implies long format output without hyperlinks enabled,
and will take precedence over previously specified formats or hyperlink mode.
numfmt will accept lowercase 'k' to indicate Kilo or Kibi units on input,
and uses lowercase 'k' when outputting such units in '--to=si' mode.
pinky no longer tries to canonicalize the user's login location by default,
rather requiring the new --lookup option to enable this often slow feature.
wc no longer ignores encoding errors when counting words.
Instead, it treats them as non white space.
** New features
chgrp now accepts the --from=OWNER:GROUP option to restrict changes to files
with matching current OWNER and/or GROUP, as already supported by chown(1).
chmod adds support for -h, -H,-L,-P, and --dereference options, providing
more control over symlink handling. This supports more secure handling of
CLI arguments, and is more consistent with chown, and chmod on other systems.
cp now accepts the --keep-directory-symlink option (like tar), to preserve
and follow existing symlinks to directories in the destination.
cp and mv now accept the --update=none-fail option, which is similar
to the --no-clobber option, except that existing files are diagnosed,
and the command exits with failure status if existing files.
The -n,--no-clobber option is best avoided due to platform differences.
env now accepts the -a,--argv0 option to override the zeroth argument
of the command being executed.
mv now accepts an --exchange option, which causes the source and
destination to be exchanged. It should be combined with
--no-target-directory (-T) if the destination is a directory.
The exchange is atomic if source and destination are on a single
file system that supports atomic exchange; --exchange is not yet
supported in other situations.
od now supports printing IEEE half precision floating point with -t fH,
or brain 16 bit floating point with -t fB, where supported by the compiler.
tail now supports following multiple processes, with repeated --pid options.
** Improvements
cp,mv,install,cat,split now read and write a minimum of 256KiB at a time.
This was previously 128KiB and increasing to 256KiB was seen to increase
throughput by 10-20% when reading cached files on modern systems.
env,kill,timeout now support unnamed signals. kill(1) for example now
supports sending such signals, and env(1) will list them appropriately.
SELinux operations in file copy operations are now more efficient,
avoiding unneeded MCS/MLS label translation.
sort no longer dynamically links to libcrypto unless -R is used.
This decreases startup overhead in the typical case.
wc is now much faster in single-byte locales and somewhat faster in
multi-byte locales.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Historically, the MD5 checksums in our LFS files serve as a protection
against broken downloads, or accidentally corrupted source files.
While the sources are nowadays downloaded via HTTPS, it make sense to
beef up integrity protection for them, since transparently intercepting
TLS is believed to be feasible for more powerful actors, and the state
of the public PKI ecosystem is clearly not helping.
Therefore, this patch switches from MD5 to BLAKE2, updating all LFS
files as well as make.sh to deal with this checksum algorithm. BLAKE2 is
notably faster (and more secure) than SHA2, so the performance penalty
introduced by this patch is negligible, if noticeable at all.
In preparation of this patch, the toolchain files currently used have
been supplied with BLAKE2 checksums as well on
https://source.ipfire.org/.
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremeripfire.org>
This is required because some packages do not recommend building with
time_t when it is 32 bit (Y2038 problem).
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch represents the first batch of various patches we do not use
anymore, hence there is no sense in keeping them, polluting ~/src/patches/.
Two coreutils patches have been moved into the already existing
coreutils folder, while one libloc patch has been a duplicate to that
one already existing in ~/src/patches/libloc/.
Cleaning up this dump remains a non-exhaustive attempt, though. There
are several other patches I could not locate in LFS files in the first
place, which means that the amount of files we can drop from this
directory is likely to be greater than this patch currently covers.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
This patch represents the first batch of various patches we do not use
anymore, hence there is no sense in keeping them, polluting ~/src/patches/.
Two coreutils patches have been moved into the already existing
coreutils folder, while one libloc patch has been a duplicate to that
one already existing in ~/src/patches/libloc/.
Cleaning up this dump remains a non-exhaustive attempt, though. There
are several other patches I could not locate in LFS files in the first
place, which means that the amount of files we can drop from this
directory is likely to be greater than this patch currently covers.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Most of these files still used old dates and/or domain names for contact
mail addresses. This is now replaced by an up-to-date copyright line.
Just some housekeeping... :-)
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This will allow us to run multiple builds on the same
system at the same time (or at least have them on disk).
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Coreutils 8.25 needs the automake 1.15
I have send this patch earlier.
Plaese merge automake before coreutils 8.25
Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
