* The script needs to run with root permissions in order to
do the ipset operations. So remove code to drop the permissions
on startup.
* Adjust execute calls to use the proper functions from
general functions.
* Add some code to set the correct ownership (nobody:nobody) for
changed files during script runtime.
Fixes#13072.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
- With change of common css entries into header.pl with commit
https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=b52a84ddc77f9db7e4ad7b129f21fbf528c6f990
I had missed that color20 and color22 etc, that come from colors.txt, are not known in
header.pl so that the alternate colours in tables were missing. Even though I tested the
previous commit I obviously did not look well enough because I missed that the tables
had no alternate colours. I just found it now when looking at Core Update 174 Testing.
- Confirmed by copying this version of header.pl into my CU174 Testing system and the
alternate colour rows came back again as they should be. I am sure now that they are
correct.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
Tested-by: Bernhard Bitsch <bbitsch@ipfire.org>
It only contains firmware files for some Qualcomm Bluetooth devices, for
which there is no use on IPFire, since we disabled Bluetooth support in
the kernel a long time ago due to security reasons.
To save some space (~ 1.9 MByte), do not ship these files, and delete
them on existing IPFire installations as well.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
- This updates the updatexlrator.cgi page to the same central use of extraHead from
header.pl and simplifying of css variables where appropriate.
- The variables for the percentage bar will also be able to be used in other cgi pages
with a percent bar.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- After looking at other .cgi files I realised that I had named the variables based on
their dhcp usage only. However colouryellow or color20 etc can be used not only in a
row but also in a cell or a column. Rather than ending up with multiple copies of the
same colour for rows, cells, columns etc I have simplified the variable names to just
the colour. They can then be used in whatever situation is wanted. The rest of the cgi
code will give the view of what structure the colour is being applied to.
- This will limit the number of different css variables defined in the header.pl file
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Now the rules files in a subfolder like "<provider>-rules" also will get
extracted.
Fixes rule file extraction for Snort Community ruleset.
Fixes#12948.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 65.4.1 to 67.5.1
- Update of rootfile
- Changelog
v67.5.1
Misc
* #3836: Fixed interaction between ``setuptools``' package auto-discovery and
auto-generated ``htmlcov`` files.
Previously, the ``htmlcov`` name was ignored when searching for single-file
modules, however the correct behaviour is to ignore it when searching for
packages (since it is supposed to be a directory, see `coverage config`_)
-- by :user:`yukihiko-shinoda`.
.. _coverage config: https://coverage.readthedocs.io/en/stable/config.html#html-directory
* #3838: Improved error messages for ``pyproject.toml`` validations.
* #3839: Fixed ``pkg_resources`` errors caused when parsing metadata of packages that
are already installed but do not conform with PEP 440.
v67.5.0
Changes
* #3843: Although pkg_resources has been discouraged for use, some projects still
consider pkg_resources viable for usage. This change makes it clear that
pkg_resources should not be used, emitting a DeprecationWarning when imported.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 10.4.0 to 11.3.0
- Update of rootfile
- Build changed to cmake from version 11.0 onwards
- find-dependencies run due to lib so bump. Only qpdf and cups-filters are linked to
the changed libs. cups-filters being shipped due to a change required because of
qpdf-11.3.0
- Changelog is too large to include here. Details can be found in the ChangeLog file in
the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
This reverts commit 6d3e6cfc16.
Arne informed me via the phone that this patch has to be reverted, since
his changes for riscv64 already made it redundant. Keeping it would
cause rootfile quirks to the riscv64 builds.
Reported-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 1.5.2 to 1.5.4
- Update of rootfile
- Changelog
v1.5.4 (Feb 2023)
perf: +20% faster huffman decompression for targets that can't compile x64 assembly (#3449, @terrelln)
perf: up to +10% faster streaming compression at levels 1-2 (#3114, @embg)
perf: +4-13% for levels 5-12 by optimizing function generation (#3295, @terrelln)
pref: +3-11% compression speed for `arm` target (#3199, #3164, #3145, #3141, #3138, @JunHe77 and #3139, #3160, @danlark1)
perf: +5-30% faster dictionary compression at levels 1-4 (#3086, #3114, #3152, @embg)
perf: +10-20% cold dict compression speed by prefetching CDict tables (#3177, @embg)
perf: +1% faster compression by removing a branch in ZSTD_fast_noDict (#3129, @felixhandte)
perf: Small compression ratio improvements in high compression mode (#2983, #3391, @Cyan4973 and #3285, #3302, @daniellerozenblit)
perf: small speed improvement by better detecting `STATIC_BMI2` for `clang` (#3080, @TocarIP)
perf: Improved streaming performance when `ZSTD_c_stableInBuffer` is set (#2974, @Cyan4973)
cli: Asynchronous I/O for improved cli speed (#2975, #2985, #3021, #3022, @yoniko)
cli: Change `zstdless` behavior to align with `zless` (#2909, @binhdvo)
cli: Keep original file if `-c` or `--stdout` is given (#3052, @dirkmueller)
cli: Keep original files when result is concatenated into a single output with `-o` (#3450, @Cyan4973)
cli: Preserve Permissions and Ownership of regular files (#3432, @felixhandte)
cli: Print zlib/lz4/lzma library versions with `-vv` (#3030, @terrelln)
cli: Print checksum value for single frame files with `-lv` (#3332, @Cyan4973)
cli: Print `dictID` when present with `-lv` (#3184, @htnhan)
cli: when `stderr` is *not* the console, disable status updates, but preserve final summary (#3458, @Cyan4973)
cli: support `--best` and `--no-name` in `gzip` compatibility mode (#3059, @dirkmueller)
cli: support for `posix` high resolution timer `clock_gettime()`, for improved benchmark accuracy (#3423, @Cyan4973)
cli: improved help/usage (`-h`, `-H`) formatting (#3094, @dirkmueller and #3385, @jonpalmisc)
cli: Fix better handling of bogus numeric values (#3268, @ctkhanhly)
cli: Fix input consists of multiple files _and_ `stdin` (#3222, @yoniko)
cli: Fix tiny files passthrough (#3215, @cgbur)
cli: Fix for `-r` on empty directory (#3027, @brailovich)
cli: Fix empty string as argument for `--output-dir-*` (#3220, @embg)
cli: Fix decompression memory usage reported by `-vv --long` (#3042, @u1f35c, and #3232, @zengyijing)
cli: Fix infinite loop when empty input is passed to trainer (#3081, @terrelln)
cli: Fix `--adapt` doesn't work when `--no-progress` is also set (#3354, @terrelln)
api: Support for Block-Level Sequence Producer (#3333, @embg)
api: Support for in-place decompression (#3432, @terrelln)
api: New `ZSTD_CCtx_setCParams()` function, set all parameters defined in a `ZSTD_compressionParameters` structure (#3403, @Cyan4973)
api: Streaming decompression detects incorrect header ID sooner (#3175, @Cyan4973)
api: Window size resizing optimization for edge case (#3345, @daniellerozenblit)
api: More accurate error codes for busy-loop scenarios (#3413, #3455, @Cyan4973)
api: Fix limit overflow in `compressBound` and `decompressBound` (#3362, #3373, Cyan4973) reported by @nigeltao
api: Deprecate several advanced experimental functions: streaming (#3408, @embg), copy (#3196, @mileshu)
bug: Fix corruption that rarely occurs in 32-bit mode with wlog=25 (#3361, @terrelln)
bug: Fix for block-splitter (#3033, @Cyan4973)
bug: Fixes for Sequence Compression API (#3023, #3040, @Cyan4973)
bug: Fix leaking thread handles on Windows (#3147, @animalize)
bug: Fix timing issues with cmake/meson builds (#3166, #3167, #3170, @Cyan4973)
build: Allow user to select legacy level for cmake (#3050, @shadchin)
build: Enable legacy support by default in cmake (#3079, @niamster)
build: Meson build script improvements (#3039, #3120, #3122, #3327, #3357, @eli-schwartz and #3276, @neheb)
build: Add aarch64 to supported architectures for zstd_trace (#3054, @ooosssososos)
build: support AIX architecture (#3219, @qiongsiwu)
build: Fix `ZSTD_LIB_MINIFY` build macro, which now reduces static library size by half (#3366, @terrelln)
build: Fix Windows issues with Multithreading translation layer (#3364, #3380, @yoniko) and ARM64 target (#3320, @cwoffenden)
build: Fix `cmake` script (#3382, #3392, @terrelln and #3252 @Tachi107 and #3167 @Cyan4973)
doc: Updated man page, providing more details for `--train` mode (#3112, @Cyan4973)
doc: Add decompressor errata document (#3092, @terrelln)
misc: Enable Intel CET (#2992, #2994, @hjl-tools)
misc: Fix `contrib/` seekable format (#3058, @yhoogstrate and #3346, @daniellerozenblit)
misc: Improve speed of the one-file library generator (#3241, @wahern and #3005, @cwoffenden)
v1.5.3 (dev version, unpublished)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 6.8 to 7.0.2
- Update of rootfile
- Removal of patch which was needed due to inability to build texinfo-6.8 with glibc-2.34
Problem was fixed for building with glibc-2.34 and onwards with texinfo-7.0
- Changelog
7.0.2 (22 January 2023)
This is a bug-fix release with minimal changes.
* texi2any
. do not distribute architecture-dependent files
. build fixed on OpenIndiana 11
* info
. further fix of recoding of UTF-8 files to ASCII
. fix check for presence of man pages on Solaris
* install-info
. fix build by avoiding function name clash on some platforms
. compiler warning re strncat silenced
7.0.1 (30 November 2022)
This is a bug-fix release with minimal changes.
* texi2any
. avoid crashes on empty @image argument and other potential crashes
(with "Can't use an undefined value as an ARRAY reference" message)
. avoid hang on @ref command inside section command
* info
. fix recoding of UTF-8 files to ASCII when run in C locale
* js
. index search fixed for new HTML output
. some obsolete files removed from distribution
7.0 (7 November 2022)
* texi2any
. LaTeX added as an output format, selected with --latex
. EPUB 3 added as an output format, selected with --epub3
. reform throughout the code in general
. thorough review of character encoding issues
. new customization variables involved with character encoding:
INPUT_FILE_NAME_ENCODING, OUTPUT_FILE_NAME_ENCODING,
DOC_ENCODING_FOR_INPUT_FILE_NAME, DOC_ENCODING_FOR_OUTPUT_FILE_NAME,
MESSAGE_ENCODING and COMMAND_LINE_ENCODING
. warn if full-text commands (@ref, @footnote, @anchor) appear in @w
. new variable NO_TOP_NODE_OUTPUT
. IGNORE_BEFORE_SETFILENAME variable removed. former effect
is now always on.
. HTML output:
. use manual_name_html as output directory for split HTML instead of
manual_name or manual_name.html
. default DOCTYPE declaration changed to plain HTML5 style rather than
HTML4 DTD reference
. output only the CSS rules that are needed in an output file
. remove CSS_LINES variable and add SHOW_BUILTIN_CSS_RULES
(custom CSS can still be output using EXTRA_HEAD)
. use <code> tag for the output of @t and @verb instead of <tt>
. use <abbr> for @acronym instead of <acronym>
. link to table of contents from short table of contents only if a
table of contents is actually output
. prefix classes from @example arguments with `user-'
. percent encode URL in @url/@uref, @email, @image and external
manual file
. new USE_XML_SYNTAX, HTML_ROOT_ELEMENT_ATTRIBUTES and
NO_CUSTOM_HTML_ATTRIBUTE variables can be used to output
valid XHTML
. systematic addition of classes attribute in HTML elements based on the
Texinfo @-command names. renaming of class attributes to avoid
confusion with @-commands formatting and describe the role in the
document rather than the formatting style.
. COPIABLE_ANCHORS renamed to COPIABLE_LINKS
. do not add a title by default; SHOW_TITLE or NO_TOP_NODE_OUTPUT has
to be set
. USE_TITLEPAGE_FOR_TITLE is now true by default
. L2H variable removed, replaced by HTML_MATH set to `l2h'
. rename OVERVIEW_LINK_TO_TOC to SHORT_TOC_LINK_TO_TOC
. rename BEFORE_OVERVIEW to BEFORE_SHORT_TOC_LINE
. rename AFTER_OVERVIEW to AFTER_SHORT_TOC_LINES
. remove PRE_ABOUT, AFTER_ABOUT, and add PROGRAM_NAME_IN_ABOUT
. remove KEEP_TOP_EXTERNAL_REF
. new variables IGNORE_REF_TO_TOP_NODE_UP, CONVERT_TO_LATEX_IN_MATH,
HTMLXREF_MODE and HTMLXREF_FILE
. DocBook output:
. do not output Top node or text before the first @node or sectioning
@-command. NO_TOP_NODE_OUTPUT can be set to false to output Top node
for now.
. replace @definfocenlose defined @-commands by the argument as-is
to be more consistent with printed output
. HTML/DocBook output:
. USE_NUMERIC_ENTITY changed to mean to use numeric entities instead
of named entities. former effect is now always on.
. ENABLE_ENCODING_USE_ENTITY variable removed. former effect is now
always off.
. Info output
. quote problematic node names (with :, comma...) by default
. new customization variable ASCII_PUNCTUATION to use plain ASCII
characters for quotation marks and a few other symbols
* texinfo.tex
. `@microtype on' uses microtypography in formatting for pdfTeX and LuaTeX
. do not ignore @part page immediately following Top node
. do `@set txicodevaristt' to get slanted typewriter for @var in code,
`@clear txicodevaristt' to use slanted, variable-width roman font for
@var everywhere. flag is @set by default, but we may turn this off
in the future.
. new file doc/texinfo-zh.tex for Texinfo documents in Chinese.
new support file doc/txi-zh.tex for Chinese. doc/short-sample-zh.texi is
a sample document.
* info
. better support for index entries containing parentheses
. better support for getting bold text etc. when displaying manpages
. bug fixed where the first index entry in a file could be ignored
. M-C-f closes as well as opens footnotes window
. do not crash if run in Brazilian Portuguese locale
* Language
. @deftype* commands use typewriter font in argument list
. new commands @latex, @iflatex, @ifnotlatex for new LaTeX output format
. do `@set txidefnamenospace' to omit space after a definition name
* Other
. build fixed for glibc 2.34
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 1.9.12p2 to 1.9.13p2
- Update of rootfile
- Changelog
What's new in Sudo 1.9.13p2
* Fixed the --enable-static-sudoers option, broken in sudo 1.9.13.
GitHub issue #245.
* Fixed a potential double-free bug when matching a sudoers rule
that contains a per-command chroot directive (CHROOT=dir). This
bug was introduced in sudo 1.9.8.
What's new in Sudo 1.9.13p1
* Fixed a typo in the configure script that resulted in a line
like "]: command not found" in the output. GitHub issue #238.
* Corrected the order of the C23 [[noreturn]] attribute in function
prototypes. This fixes a build error with GCC 13. GitHub issue
#239.
* The "check" make target misbehaved when there was more than
one version of the UTF-8 C locale in the output of "locale -a".
GitHub issue #241.
* Removed a dependency on the AC_SYS_YEAR2038 macro in configure.ac.
This was added in autoconf 2.72 but sudo's configure.ac only
required autoconf 2.70.
* Relaxed the autoconf version requirement to version 2.69.
What's new in Sudo 1.9.13
* Fixed a bug running relative commands via sudo when "log_subcmds"
is enabled. GitHub issue #194.
* Fixed a signal handling bug when running sudo commands in a shell
script. Signals were not being forwarded to the command when
the sudo process was not run in its own process group.
* Fixed a bug in cvtsudoers' LDIF parsing when the file ends without
a newline and a backslash is the last character of the file.
* Fixed a potential use-after-free bug with cvtsudoers filtering.
GitHub issue #198.
* Added a reminder to the default lecture that the password will
not echo. This line is only displayed when the pwfeedback option
is disabled. GitHub issue #195.
* Fixed potential memory leaks in error paths. GitHub issues #199,
#202.
* Fixed potential NULL dereferences on memory allocation failure.
GitHub issues #204, #211.
* Sudo now uses C23-style attributes in function prototypes instead
of gcc-style attributes if supported.
* Added a new "list" pseudo-command in sudoers to allow a user to
list another user's privileges. Previously, only root or a user
with the ability to run any command as either root or the target
user on the current host could use the -U option. This also
includes a fix to the log entry when a user lacks permission to
run "sudo -U otheruser -l command". Previously, the logs would
indicate that the user tried to run the actual command, now the
log entry includes the list operation.
* JSON logging now escapes control characters if they happen to
appear in the command or environment.
* New Albanian translation from translationproject.org.
* Regular expressions in sudoers or logsrvd.conf may no longer
contain consecutive repetition operators. This is implementation-
specific behavior according to POSIX, but some implementations
will allocate excessive amounts of memory. This mainly affects
the fuzzers.
* Sudo now builds AIX-style shared libraries and dynamic shared
objects by default instead of svr4-style. This means that the
default sudo plugins are now .a (archive) files that contain a
.so shared object file instead of bare .so files. This was done
to improve compatibility with the AIX Freeware ecosystem,
specifically, the AIX Freeware build of OpenSSL. Sudo will still
load svr4-style .so plugins and if a .so file is requested,
either via sudo.conf or the sudoers file, and only the .a file
is present, sudo will convert the path from plugin.so to
plugin.a(plugin.so) when loading it. This ensures compatibility
with existing configurations. To restore the old, pre-1.9.13
behavior, run configure using the --with-aix-soname=svr4 option.
* Sudo no longer checks the ownership and mode of the plugins that
it loads. Plugins are configured via either the sudo.conf or
sudoers file which are trusted configuration files. These checks
suffered from time-of-check vs. time-of-use race conditions and
complicate loading plugins that are not simple paths. Ownership
and mode checks are still performed when loading the sudo.conf
and sudoers files, which do not suffer from race conditions.
The sudo.conf "developer_mode" setting is no longer used.
* Control characters in sudo log messages and "sudoreplay -l"
output are now escaped in octal format. Space characters in the
command path are also escaped. Command line arguments that
contain spaces are surrounded by single quotes and any literal
single quote or backslash characters are escaped with a backslash.
This makes it possible to distinguish multiple command line
arguments from a single argument that contains spaces.
* Improved support for DragonFly BSD which uses a different struct
procinfo than either FreeBSD or 4.4BSD.
* Fixed a compilation error on Linux arm systems running older
kernels that may not define EM_ARM in linux/elf-em.h.
GitHub issue #232.
* Fixed a compilation error when LDFLAGS contains -Wl,--no-undefined.
Sudo will now link using -Wl,--no-undefined by default if possible.
GitHub issue #234.
* Fixed a bug executing a command with a very long argument vector
when "log_subcmds" or "intercept" is enabled on a system where
"intercept_type" is set to "trace". GitHub issue #194.
* When sudo is configured to run a command in a pseudo-terminal
but the standard input is not connected to a terminal, the command
will now be run as a background process. This works around a
problem running sudo commands in the background from a shell
script where changing the terminal to raw mode could interfere
with the interactive shell that ran the script.
GitHub issue #237.
* A missing include file in sudoers is no longer a fatal error
unless the error_recovery plugin argument has been set to false.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 1.50.6 to 1.50.13
- Update of rootfile
- Changelog
Overview of changes in 1.50.13, 20-02-2023
- win32: Add back fallback for empty fontsets
- win32: Improve DirectWrite support
- Fix word segmentation for Japanese
- Don't set backspace-deletes-char for math symbols
- coretext: Fix a crash
- cairo: Apply metrics hinting to underlines too
- Treat COLRv1 fonts as color fonts
Overview of changes in 1.50.12, 18-11-2022
- Fix weight conversion on MacOS
- Update to Unicode 15
- Some introspection annotation fixes
- Improve PangoAttrList serialization
- Fix char offset calculatiosn in multi-paragraph
layouts
Overview of changes in 1.50.11, 03-10-2022
- Don't crash for lack of fonts
- Avoid a crash in shaping
Overview of changes in 1.50.10, 16-09-2022
- Avoid some unnecessary strdups
- Fix line height computations with a non-trivial CTM
Overview of changes in 1.50.9, 09-08-2022
- Apply show flags to line separators
- Fix a thread-safety problem
Overview of changes in 1.50.8, 02-07-2022
- Add some properties to fontmap and family
- Fix handling of ligature carets in mixed directions
Overview of changes in 1.50.7, 14-04-2022
- coretext: Fix the build
- editing: Fix moving across paragraph boundaries in rtl
- layout: Try harder to survive without fonts
- Windows: Register a sans-serif font
- Windows: Try harder to load a font
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 0.13.2 to 0.14.0
- Update of rootfile
- Changelog
2023-02-14 Userspace RCU 0.14.0
* Fix: urcu-bp: only teardown call-rcu worker in destructor
* Fix: rculfhash: urcu_die() takes positive error value
* Fix: call_rcu: teardown default call_rcu worker on application exit
* Fix: join worker thread in call_rcu_data_free
* Docs: clarify grace period polling API
* Document grace period polling in rcu-api.md
* Implement poll rcu stress test in rcutorture
* urcu-memb,mb,signal: Implement grace period polling
* Fix: auto-resize hash table destroy deadlock
* Fix building on MSYS2
* rculfhash: Include rculfhash-internal.h from local directory
* Remove "Darwin" from "should also work on list"
* Merge branch 'adah1972-improve-md'
* Add semicolons at the end of function prototypes
* Wrap a file name in backticks
* Wrap command-line options in backticks
* Fix a wrong format
* Wrap URLs in angle brackets
* Fix Markdown issues
* Fix: Always check pthread_create for failures
* Disable signals in URCU background threads
* Fix: futex.h: include headers outside extern C
* Fix: add missing unused attribute to _rcu_dereference
* Fix: change method used by _rcu_dereference to strip type constness
* Fix: remove type constness in URCU_FORCE_CAST's C++ version
* Move extern "C" down in include/urcu/urcu-bp.h
* fix: ifdef linux specific cpu count compat
* Add unit tests for possible_cpus_array_len
* fix: sysconf(_SC_NPROCESSORS_CONF) can be less than max cpu id
* Fix: revise obsolete command in README.md
* Fix: workqueue: remove unused variable "ret"
* Fix: urcu-qsbr: futex wait: handle spurious futex wakeups
* Fix: urcu: futex wait: handle spurious futex wakeups
* Fix: urcu-wait: futex wait: handle spurious futex wakeups
* Fix: defer_rcu: futex wait: handle spurious futex wakeups
* Fix: call_rcu: futex wait: handle spurious futex wakeups
* Fix: workqueue: futex wait: handle spurious futex wakeups
* Fix: Use %lu rather than %ld to print count
* Update ABI definition files
* Bump version current and age
* alpha: allocate membarrier system call number
* Bump version to 0.14.0-pre
* Improved test framework
* rculfhash: introduce cds_lfht_node_init_deleted
* Fix: changelog: v0.13.0 was released in 2021
* cleanup: i386 arch detection
* fix: properly detect 'cmpxchg' on x86-32
* fix: use urcu-tls compat with c++ compiler
* Fix typo
* fix: remove autoconf features default value in help message
* fix: add missing pkgconfig file for memb flavour lib
* Cleanup: Tests: Remove useless pre-C99 compatibility code from tap.h
* Document C99 and C++11 requirement in README.md
* Always use '__thread' for Thread local storage except on MSVC
* Fix: powerpc32: transparent unions alter calling convention
* fix: don't use C++ thread_local on MacOs
* wfcqueue API: implement overloaded wrappers with templates
* wfcqueue: combine C++ API cds_wfcq_head_cast with overloading
* wfstack C++ API: implement overloaded wrappers with templates
* lfstack C++ API: implement overloaded wrappers with templates
* wfstack: combine C++ API cds_wfs_stack_cast with overloading
* lfstack: combine C++ API cds_lfs_stack_cast with overloading
* fix: test_build tap plan
* Test C++ build of list head init
* Fix order of initializers in CDS_LIST_HEAD_INIT
* unit tests: test wfcqueue, wfstack, lfstack empty check functions in C++
* wfcqueue: implement C++ API based on function overloading
* wfstack: implement C++ API based on function overloading
* lfstack: implement C++ API based on function overloading
* Fix tap.h: remove extra semicolon in pass/fail macros
* Add C++ build tests
* Build and run regression and unit tests as C++ programs
* Add --enable-Werror configure switch
* Add `urcu_posix_assert()` as `assert()` replacement
* Rename `urcu_assert()` to `urcu_assert_debug()`
* cleanup: spelling fixes in comments
* Make temporary variable in _rcu_dereference non-const
* (tls-ie2) Fix: x86 and s390: uatomic __hp() macro C++ support
* Fix: x86 and s390: uatomic __hp() macro clang support
* Fix: x86 and s390 uatomic: __hp() macro warning with gcc 11
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 6.0.0 to 7.0.1
- Update of rootfile
- Changelog
Overview of changes leading to 7.0.1
- Various build and bug fixes.
Overview of changes leading to 7.0.0
- New hb-paint API that is designed mainly to paint “COLRv1” glyphs, but can be
also used as a unified API to paint any of the glyph representations
supported by HarfBuzz (B/W outlines, color layers, or color bitmaps).
(Behdad Esfahbod, Matthias Clasen)
- New hb-cairo API for integrating with cairo graphics library. This is provided
as a separate harfbuzz-cairo library. (Behdad Esfahbod, Matthias Clasen)
- Support for instancing “CFF2” table. (Behdad Esfahbod)
- Support font emboldening. (Behdad Esfahbod)
- Support feature ranges with AAT shaping. (Behdad Esfahbod)
- Experimental support to cubic curves in “glyf” table, see
https://github.com/harfbuzz/boring-expansion-spec/blob/main/glyf1-cubicOutlines.md
for spec. (Behdad Esfahbod)
- Various subsetter improvements. (Garret Rieger, Qunxin Liu, Behdad Esfahbod)
- Various documentation improvements.
(Behdad Esfahbod, Matthias Clasen, Khaled Hosny)
- Significantly reduced memory use during shaping. (Behdad Esfahbod)
- Greatly reduced memory use during subsetting “CFF” table. (Behdad Esfahbod)
- New command line utility, hb-info, for querying various font information.
(Behdad Esfahbod, Matthias Clasen)
- New hb-shape/hb-view options: --glyphs, --color-palette, --font-bold,
--font-grade, and --named-instance. (Behdad Esfahbod)
- Miscellaneous fixes and improvements.
(Amir Masoud Abdol, Andres Salomon, Behdad Esfahbod, Chun-wei Fan,
Garret Rieger, Jens Kutilek, Khaled Hosny, Konstantin Käfer, Matthias Clasen,
Nirbheek Chauhan, Pedro J. Estébanez, Qunxin Liu, Sergei Trofimovich)
- New API:
+HB_FONT_NO_VAR_NAMED_INSTANCE
+HB_PAINT_IMAGE_FORMAT_BGRA
+HB_PAINT_IMAGE_FORMAT_PNG
+HB_PAINT_IMAGE_FORMAT_SVG
+hb_cairo_font_face_create_for_face
+hb_cairo_font_face_create_for_font
+hb_cairo_font_face_get_face
+hb_cairo_font_face_get_font
+hb_cairo_font_face_get_scale_factor
+hb_cairo_font_face_set_font_init_func
+hb_cairo_font_face_set_scale_factor
+hb_cairo_font_init_func_t
+hb_cairo_glyphs_from_buffer
+hb_cairo_scaled_font_get_font
+hb_color_line_get_color_stops
+hb_color_line_get_color_stops_func_t
+hb_color_line_get_extend
+hb_color_line_get_extend_func_t
+hb_color_line_t
+hb_color_stop_t
+hb_draw_funcs_get_empty
+hb_draw_funcs_get_user_data
+hb_draw_funcs_set_user_data
+hb_face_collect_nominal_glyph_mapping
+hb_font_draw_glyph
+hb_font_draw_glyph_func_t
+hb_font_funcs_set_draw_glyph_func
+hb_font_funcs_set_paint_glyph_func
+hb_font_get_synthetic_bold
+hb_font_get_var_named_instance
+hb_font_paint_glyph
+hb_font_paint_glyph_func_t
+hb_font_set_synthetic_bold
+hb_map_keys
+hb_map_next
+hb_map_update
+hb_map_values
+hb_ot_color_glyph_has_paint
+hb_ot_color_has_paint
+hb_ot_layout_script_select_language2
+hb_ot_name_id_predefined_t
+hb_paint_color
+hb_paint_color_func_t
+hb_paint_composite_mode_t
+hb_paint_custom_palette_color
+hb_paint_custom_palette_color_func_t
+hb_paint_extend_t
+hb_paint_funcs_create
+hb_paint_funcs_destroy
+hb_paint_funcs_get_empty
+hb_paint_funcs_get_user_data
+hb_paint_funcs_is_immutable
+hb_paint_funcs_make_immutable
+hb_paint_funcs_reference
+hb_paint_funcs_set_color_func
+hb_paint_funcs_set_custom_palette_color_func
+hb_paint_funcs_set_image_func
+hb_paint_funcs_set_linear_gradient_func
+hb_paint_funcs_set_pop_clip_func
+hb_paint_funcs_set_pop_group_func
+hb_paint_funcs_set_pop_transform_func
+hb_paint_funcs_set_push_clip_glyph_func
+hb_paint_funcs_set_push_clip_rectangle_func
+hb_paint_funcs_set_push_group_func
+hb_paint_funcs_set_push_transform_func
+hb_paint_funcs_set_radial_gradient_func
+hb_paint_funcs_set_sweep_gradient_func
+hb_paint_funcs_set_user_data
+hb_paint_funcs_t
+hb_paint_image
+hb_paint_image_func_t
+hb_paint_linear_gradient
+hb_paint_linear_gradient_func_t
+hb_paint_pop_clip
+hb_paint_pop_clip_func_t
+hb_paint_pop_group
+hb_paint_pop_group_func_t
+hb_paint_pop_transform
+hb_paint_pop_transform_func_t
+hb_paint_push_clip_glyph
+hb_paint_push_clip_glyph_func_t
+hb_paint_push_clip_rectangle
+hb_paint_push_clip_rectangle_func_t
+hb_paint_push_group
+hb_paint_push_group_func_t
+hb_paint_push_transform
+hb_paint_push_transform_func_t
+hb_paint_radial_gradient
+hb_paint_radial_gradient_func_t
+hb_paint_sweep_gradient
+hb_paint_sweep_gradient_func_t
+hb_set_is_inverted
+hb_subset_input_keep_everything
- Deprecated API:
+hb_font_funcs_set_glyph_shape_func
+hb_font_get_glyph_shape_func_t
+hb_font_get_glyph_shape
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Update from version 3.7.7 to 3.8.0
- Update of rootfile
- Changelog
Version 3.8.0 (unreleased 2023-02-09)
-- libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
Reported by Hubert Kario (#1050). Fix developed by Alexander Sosedkin.
[GNUTLS-SA-2020-07-14, CVSS: medium] [CVE-2023-0361]
-- libgnutls: C++ library is now header only. All definitions from
gnutlsxx.c have been moved into gnutlsxx.h. Users of the C++
interface have two options:
1. include gnutlsxx.h in their application and link against
the C library. (default)
2. include gnutlsxx.h in their application, compile with
GNUTLS_GNUTLSXX_NO_HEADERONLY macro defined and link
against the C++ library.
-- libgnutls: GNUTLS_NO_STATUS_REQUEST flag and %NO_STATUS_REQUEST
priority modifier have been added to allow disabling of the
status_request TLS extension in the client side.
-- libgnutls: TLS heartbeat is disabled by default.
The heartbeat extension in TLS (RFC 6520) is not widely used given
other implementations dropped support for it. To enable back
support for it, supply --enable-heartbeat-support to configure
script.
-- libgnutls: SRP authentication is now disabled by default.
It is disabled because the SRP authentication in TLS is not up to
date with the latest TLS standards and its ciphersuites are based
on the CBC mode and SHA-1. To enable it back, supply
--enable-srp-authentication option to configure script.
-- libgnutls: All code has been indented using "indent -ppi1 -linux".
CI/CD has been adjusted to catch regressions. This is implemented
through devel/indent-gnutls, devel/indent-maybe and .gitlab-ci.yml’s
commit-check. You may run devel/indent-gnutls to fix any
indentation issues if you make code modifications.
-- guile: Guile-bindings removed.
They have been extracted into a separate project to reduce complexity
and to simplify maintenance, see <https://gitlab.com/gnutls/guile/>.
-- minitasn1: Upgraded to libtasn1 version 4.19.
-- API and ABI modifications:
GNUTLS_NO_STATUS_REQUEST: New flag
GNUTLS_SRTP_AEAD_AES_128_GCM: New gnutls_srtp_profile_t enum member
GNUTLS_SRTP_AEAD_AES_256_GCM: New gnutls_srtp_profile_t enum member
Version 3.7.8 (released 2022-09-27)
-- libgnutls: In FIPS140 mode, RSA signature verification is an approved
operation if the key has modulus with known sizes (1024, 1280,
1536, and 1792 bits), in addition to any modulus sizes larger than
2048 bits, according to SP800-131A rev2.
-- libgnutls: gnutls_session_channel_binding performs additional checks when
GNUTLS_CB_TLS_EXPORTER is requested. According to RFC9622 4.2, the
"tls-exporter" channel binding is only usable when the handshake is
bound to a unique master secret (i.e., either TLS 1.3 or extended
master secret extension is negotiated). Otherwise the function now
returns error.
-- libgnutls: usage of the following functions, which are designed to
loosen restrictions imposed by allowlisting mode of configuration,
has been additionally restricted. Invoking them is now only allowed
if system-wide TLS priority string has not been initialized yet:
gnutls_digest_set_secure
gnutls_sign_set_secure
gnutls_sign_set_secure_for_certs
gnutls_protocol_set_enabled
-- API and ABI modifications:
No changes since last version.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
