- Update from 4.13.4 to 4.13.7
- Update of x68_64 rootfile
- Changelog
Release Notes for Samba 4.13.7 March 24, 2021
This is a security release in order to address the following defects:
o CVE-2020-27840:
An anonymous attacker can crash the Samba AD DC LDAP server by sending easily
crafted DNs as part of a bind request. More serious heap corruption is likely
also possible.
Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* BUG 14595: CVE-2020-27840: Fix unauthenticated remote heap corruption via
bad DNs.
o CVE-2021-20277:
User-controlled LDAP filter strings against the AD DC LDAP server may crash
the LDAP server.
Andrew Bartlett <abartlet@samba.org>
* BUG 14655: CVE-2021-20277: Fix out of bounds read in ldb_handler_fold.
Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
* BUG 14655: CVE-2021-20277: Fix out of bounds read in ldb_handler_fold.
Release Notes for Samba 4.13.5 March 09, 2021
This is the latest stable release of the Samba 4.13 release series.
o Trever L. Adams <trever.adams@gmail.com>
* BUG 14634: s3:modules:vfs_virusfilter: Recent talloc changes cause infinite
start-up failure.
o Jeremy Allison <jra@samba.org>
* BUG 13992: s3: libsmb: Add missing cli_tdis() in error path if encryption
setup failed on temp proxy connection.
* BUG 14604: smbd: In conn_force_tdis_done() when forcing a connection closed
force a full reload of services.
o Andrew Bartlett <abartlet@samba.org>
* BUG 14593: dbcheck: Check Deleted Objects and reduce noise in reports about
expired tombstones.
o Ralph Boehme <slow@samba.org
* BUG 14503: s3: Fix fcntl waf configure check.
* BUG 14602: s3/auth: Implement "winbind:ignore domains".
* BUG 14617: smbd: Use fsp->conn->session_info for the initial
delete-on-close token.
o Peter Eriksson <pen@lysator.liu.se>
* BUG 14648: s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error
path.
o Björn Jacke <bj@sernet.de>
* BUG 14624: classicupgrade: Treat old never expires value right.
o Volker Lendecke <vl@samba.org>
* BUG 14636: g_lock: Fix uninitalized variable reads.
o Stefan Metzmacher <metze@samba.org>
* BUG 13898: s3:pysmbd: Fix fd leak in py_smbd_create_file().
o Andreas Schneider <asn@samba.org>
* BUG 14625: lib:util: Avoid free'ing our own pointer.
o Paul Wise <pabs3@bonedaddy.net>
* BUG 12505: HEIMDAL: krb5_storage_free(NULL) should work.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 4.1.4 to 5.1.0
- Update of rootfile carried out
- Changelog is too long to fit in here.
Changes for versions 5.0.0 and 5.1.0 can be found in the ChangeLog file
in the source tarball
Changes for versions 4.2.0 and 4.2.1 can be found in the ChangeLog.1
file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 0.2 to 1.17
- Update of rootfile carried out
- ed-0.2-mkstemp-1.patch from LFS is no longer required in later versions
of ed or LFS
- Changelog is a bit too long to add here.
Full change log can be found by viewing ChangeLog file in tar sourceball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.0.6 to 1.0.8
- Update of rootfile
- Changelog
1.0.8 (13 Jul 19)
* Accept as many selectors as the file format allows.
This relaxes the fix for CVE-2019-12900 from 1.0.7
so that bzip2 allows decompression of bz2 files that
use (too) many selectors again.
* Fix handling of large (> 4GB) files on Windows.
* Cleanup of bzdiff and bzgrep scripts so they don't use
any bash extensions and handle multiple archives correctly.
* There is now a bz2-files testsuite at
https://sourceware.org/git/bzip2-tests.git
1.0.7 (27 Jun 19)
* Fix undefined behavior in the macros SET_BH, CLEAR_BH, & ISSET_BH
* bzip2: Fix return value when combining --test,-t and -q.
* bzip2recover: Fix buffer overflow for large argv[0]
* bzip2recover: Fix use after free issue with outFile (CVE-2016-3189)
* Make sure nSelectors is not out of range (CVE-2019-12900)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
From https://www.openssl.org/news/secadv/20210325.txt:
OpenSSL Security Advisory [25 March 2021]
=========================================
CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)
========================================================================
Severity: High
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the
certificates present in a certificate chain. It is not set by default.
Starting from OpenSSL version 1.1.1h a check to disallow certificates in
the chain that have explicitly encoded elliptic curve parameters was added
as an additional strict check.
An error in the implementation of this check meant that the result of a
previous check to confirm that certificates in the chain are valid CA
certificates was overwritten. This effectively bypasses the check
that non-CA certificates must not be able to issue other certificates.
If a "purpose" has been configured then there is a subsequent opportunity
for checks that the certificate is a valid CA. All of the named "purpose"
values implemented in libcrypto perform this check. Therefore, where
a purpose is set the certificate chain will still be rejected even when the
strict flag has been used. A purpose is set by default in libssl client and
server certificate verification routines, but it can be overridden or
removed by an application.
In order to be affected, an application must explicitly set the
X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
for the certificate verification or, in the case of TLS client or server
applications, override the default purpose.
OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these
versions should upgrade to OpenSSL 1.1.1k.
OpenSSL 1.0.2 is not impacted by this issue.
This issue was reported to OpenSSL on 18th March 2021 by Benjamin Kaduk
from Akamai and was discovered by Xiang Ding and others at Akamai. The fix was
developed by Tomáš Mráz.
NULL pointer deref in signature_algorithms processing (CVE-2021-3449)
=====================================================================
Severity: High
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation
ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits
the signature_algorithms extension (where it was present in the initial
ClientHello), but includes a signature_algorithms_cert extension then a NULL
pointer dereference will result, leading to a crash and a denial of service
attack.
A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which
is the default configuration). OpenSSL TLS clients are not impacted by this
issue.
All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions
should upgrade to OpenSSL 1.1.1k.
OpenSSL 1.0.2 is not impacted by this issue.
This issue was reported to OpenSSL on 17th March 2021 by Nokia. The fix was
developed by Peter Kästle and Samuel Sapalski from Nokia.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update git from 2.28.0 to 2.31.0
- Updated rootfile
- Changelog
Nine releases between these two versions so the changes are too many
to enter here.
The change logs for each version can be found in the tarball under
Documentation/RelNotes
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 0.91 to 0.92
- Update of rootfile
- Changelog
2019-07-16 Tim Bishop <tim@bishnet.net>
Fix build/install of manpages.
This defaults to attempting to install manpages, unless --disable-man is
given to stop it. It defaults to not building the manpages, unless it
finds docbook2man to build them with.
So for users of the release tarball this will install the manual pages
from the tarball, unless requested not to.
For users of the git repository it will error if they don't have
docbook2man, unless they choose to disable manual pages. I think this is
reasonable because docbook2man is a required tool for build from source.
Files affected:
configure.ac
docs/libstatgrab/Makefile.am
docs/saidar/Makefile.am
docs/statgrab/Makefile.am
2019-07-15 Tim Bishop <tim@bishnet.net>
Allow version to be overridden.
By default, it still uses the short version of the commit reference.
This is most useful for normal CI builds so you can easily see which
commit a tarball is made from. But when testing for a release one might
want to specify the version explicitly, so this can now be overridden by
manually triggering a build and setting LSG_VERSION (eg. 0.92).
Files affected:
.gitlab-ci.yml
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 0.2.3 to 1.2.5
- rpcbind-0.2.3-tirpc_fix-1.patch no longer needed as changes are now
included in the tarball
- Updated rootfile
- Dependency of nfs addon package
- Changelog
Too many lines to put in here
Full change logs for 0.2.4 and 1.2.5 can be found at
https://sourceforge.net/projects/rpcbind/files/rpcbind/
No bug fixes in 0.2.4
One bug fix in 1.2.5
Author: Steve Dickson <steved@redhat.com>
Date: Sat Dec 16 15:31:21 2017 -0500
rpcbind.service: Not pulling the rpcbind.target
According to systemd.special(7) manpage:
rpcbind.target
The portmapper/rpcbind pulls in this target and orders itself
before it, to indicate its availability. systemd automatically
adds dependencies of type After= for this target unit to
all SysV init script service units with an LSB header
referring to the "$portmap" facility.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1431574
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 1.0.2 to 1.3.1
- libtirpc-1.0.2-glibc-2.26.patch no longer needed as changes are now
included in the tarball
- Updated rootfile
- Dependency of rpcbind addon which is a dependency for the nfs addon
- Changelog
No changelog file provided anymore. Only git commits available
See http://git.linux-nfs.org/?p=steved/libtirpc.git;a=log for details
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.2 to 3.4
- Updated rootfile
- parted-3.2-device-mapper.patch and parted-3.2-sysmacros.patch are no
longer needed as changes are now included in the tarball
- Changelog is too large to put in here.
11 bug fixes included in logs
Full changelog can be viewed in the tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 6.40 to 6.85
- Updated rootfile
- perl-Date-Manip is a dependency of the swatch addon
- Changelog is too long to include here
Full changelog can be viewed in tarball
Approximately 31 bug fixes in the 36 releases between 6.40 and 6.85
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 6.04 to 6.08
- Updated rootfile
- perl-Carp-Clan is a dependency of the swatch addon
- Changelog
6.08 2019-09-14 17:09:41Z
- fix warning in bad test (thanks, Todd Rinaldo - RT#130494)
- speed up code that was accomodating ancient perl versions that are no
longer supported
6.07 2018-12-02 21:44:55Z
- declared test prerequisites in the proper phase (RT#125288)
- modernized distribution tooling
6.06 2016-05-29
- Avoid failure due to version self-check in 20pre560.t
This test seems like a footgun for release management reasons, but apprently
I wasn't quite as careful as I tried to be in keeping the last release minimal.
6.05 2016-05-29
- Patch tests failing due to 5.25.1+'s deprecated unquoted { } in regex.
(RT #114537)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 3.0.12 to 4.0.2
- Updated rootfile
- Changelog is too large to include here
Full chagelog can be found in the tarball in CHANGES and CHANGES.current
Large number of bugs fixed in the two versions between 3.0.12 and 4.0.2
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 0.4.12 to 1.0.20
- Updated rootfile
- Changelog
2020-04-24 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.20
* build/CI/packaging: Add arm64 to Travis CI matrix (#358)
* build/CI/packaging: add Ubuntu Focal
* build/CI/packaging: remove Fedora Rawhide from CI matrix
* build/CI/packaging: fix regression tests to work with MySQL 8.0.19+
* build/CI/packaging: fix macOS builds in Travis
* build/CI/packaging: remove Ubuntu Disco (EOL)
2019-12-08 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.19
* build/CI/packaging: fix Ubuntu packaging for Bionic and later versions
* regression tests: compatibility fix for PostgreSQL 12
* build/CI/packaging: fix macOs builds in Travis
* build/CI/packaging: add Fedora 31.
2019-10-21 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.18
* build/CI/packaging: add Ubuntu Eoan.
* build/CI/packaging: remove Ubuntu Cosmic (EOL).
* build/CI/packaging: add CentOS 8.
* build/CI/packaging: add Ubuntu Disco.
* build/CI/packaging: remove Ubuntu Trusty (EOL).
* build/CI/packaging: remove Fedora 28 (EOL).
* build/CI/packaging: add Fedora 30.
* build/CI/packaging: cherry-pick fix for LuaJIT/LuaJIT#484 to
fix builds on macOS Mojave.
* build/CI/packaging: add Debian Buster
2019-03-15 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.17
* build/CI/packaging: update RPM spec to support RHEL8-beta
(thanks to Alexey Bychko for the patch)
* regression tests: remove unnecessary error leading to opt_rate.t instability.
* --rate mode: return a non-zero exit code on event queue
overflow.
* --rate mode: fix a bogus error about eventgen thread termination
2018-12-16 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.16
* build/CI/packaging: add Ubuntu Cosmic.
* build/CI/packaging: add Fedora 29.
* build/CI/packaging: remove Fedora 27 (EOL).
* SQL API: fix GH-282 (Mysql's fetch_row() is broken)
* --rate mode: fix latency stats skew on low rates
* Lua: Add /usr/share/lua/5.1 to LUA_PATH and /usr/lib/lua/5.1
to LUA_CPATH.
* build/CI/packaging: add -Wvla to default compiler flags.
* build/CI/packaging: fix debian/changelog format
* build/CI/packaging: fix buildpack.sh to not push multiple file
types to packagecloud.
* build/CI/packaging: add libaio-dev to Debian/Ubuntu build
dependencies.
2018-07-03 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.15
* CI/build/packaging: add Fedora 28
* CI/build/packaging: add Ubuntu Bionic
* CI/build/packaging: remove Fedora 26 (EOL)
* CI/build/packaging: remove Debian Wheezy (EOL)
* fileio: fix GH-229 (--file-fsync-freq=0 seems to prevent
fsync() at the end of the test)
* command line: improve parsing of boolean command line options
* tests: fix GH-220 (Testsuite api_sql_mysql.t failed ...)
* tests: fix GH-223 (test failure on ppc64)
* tests: fix opt_help.t to pass when the binary is not
configured with MySQL support
* MySQL driver: use it by default in DB benchmarks
2018-04-01 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.14
* reports: fix JSON stats reporter to produce valid JSON
(GH-195)
* Lua SQL API: don't crash when query_row() is called with a
SELECT returning empty result set
* Lua SQL API: don't crash when bulk insert API calls are used
out of order
* regression tests: make PostgreSQL tests compatible with the
new dump format introduced in 10.3
* regression tests: minor stability and coverage improvements
2018-02-17 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.13
* remove Ubuntu Zesty from CI/build/packaging matrices (EOL)
* minor cleanups in build scripts
* improve report formatting for long latency values
* fileio: --file-extra-flags now accepts a list of flags rather
than just a single value
* OLTP: re-prepare prepared statements after reconnects, i.e. in
cases when a server connection is lost and sysbench is
configured to ignore such errors
2018-01-17 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.12
* improve --rate mode precision for high argument values
* add Fedora Rawhide and Debian Sid to CI matrix
* fix compile-time architecture detection for some Broadwell
CPUs which were incorrectly identified as Core 2.
* remove build dependency on xxd (and vim-minimal package)
* fix Lua API to correctly stop the benchmark when event()
returns a value other than nil or false (thanks to caojiafeng
for the patch)
* fix the fileio benchmark when the specified file size is not a
multiple of block size
* fix the fileio benchmark to throw a descriptive error when the
specified file size does not match the size of files created by
'prepare'
* remove Fedora 25 from CI/build/packaging matrices (EOL)
* minor improvements in tests and documentation.
2017-12-09 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.11
* add Debian Stretch to CI/build/packaging matrices
* add Fedora 27 to CI/build/packaging matrices
* make statistic counters usable from Lua scripts
* fix the PostgreSQL driver to be compatible with CockroachDB
(GH-180)
* fix oltp_insert.lua to work correctly when both --tables and
--threads are greater than 1 (GH-178)
* fix FreeBSD builds by adding -rdynamic to the default linker
flags (GH-174)
* minor documentation updates
2017-10-25 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.10
* fixed PK conflicts in oltp_insert.lua by creating empty tables
on 'prepare'
* made sysbench.opt available to init()/done() by exporting it
to the global Lua state
* added Fedora 26 (both x86_64 and AArch64) to the list of
supported and tested distributions
* fixed GH-172: sysbench 1.0.9 doesn't build with mariadb 10.2.8
* add the /usr/local LuaRocks root directory to default LUA_PATH
and LUA_CPATH
* removed Fedora 24, Ubuntu Precise, Yakkety from default build
matrices
* added Ubuntu Artful to default build matrices
2017-09-05 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.9
* fixed oltp_delete.lua to not use INSERT statements for
consistency with other oltp_* benchmarks (GH-168)
* added a workaround for MySQL bug #87337 "8.0.2 reintroduces
my_bool to client API"
* fixed building on on Debian GNU/kFreeBSD (GH-161)
* fixed building against MariaDB 10.2 (thanks to Xavier Bachelot
for the patch, GH-160)
2017-07-04 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.8
* fixed api_report test for slow machines (thanks to @jcfp)
* fileio: suggest to run prepare step on missing files (thanks
to Heinrich Schuchardt)
* JSON reports: removed an erroneous trailing comma (GH-139)
* added events per second to the CPU benchmark report (GH-140)
* fixed db_connect() in legacy SQL API to use the default value
for --db-driver (GH-146)
* removed busy-wait in the bounded event generation mode
(--rate) to avoid CPU hogging
2017-05-15 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.7
* Ubuntu Zesty added to package build matrix
* fixed GH-130: Mutex Benchmark Documentation
* fixed latency reports in the --rate mode
* fixed compiler warnings when building against MySQL 8.0 client
libraries
2017-04-13 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.6
* no functional changes
* many build- and packaging-related improvements
* Linux packages are now automatically built using Travis CI and
packpack, hosted by packagecloud.io
2017-04-02 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.5
* various build-related documentation updates
* benchmark can now be specified by a module name on the command
line
* memory benchmark: performance and scalability improvements
* fix ARMv6 builds with system ConcurrencyKit
* fix GH-123: Table already exists error on prepare
* fix GH-121: make buildhost cpudetection optional
2017-03-13 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.4
* fixed a number of compilation errors and warnings that were
specific to 32-bit platforms
* bundle cram (regression tests framework) and use it by default
in 'make test'
* bundled ConcurrencyKit updated to 0.6.0
2017-02-26 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.3
* LuaJIT scalability improvements for non-x86 architectures
* performance optimizations in oltp_read_write.lua to avoid Lua
string management
* fixed Illumos builds (thanks to Dillon Amburgey)
2017-02-17 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.2
* improved scalability for --report-checkpoints mode
* fix builds on CentoOS 6 and autoconf 2.63
* support for Snap (http://snapcraft.io) packages
2017-02-05 Alexey Kopytov <akopytov@gmail.com>
* version 1.0.1
* fix clock_gettime runtime failure built with macOS 10.11 and
Xcode 8.x
2017-02-04 Aleksei Kopytov <akopytov@gmail.com>
* version 1.0.0
* too much time and too many changes since the previous formal
release, so briefly:
* Lua scripts instead of hard-coded C tests for database
("oltp") benchmarks + ability to create custom workloads
* much better single-threaded performance
* much better scalability
* improvements and cleanups in command line syntax and options
* latency histograms in cumulative statistic reports
* report hooks to print statistics in custom formats
(CSV/JSON/XML/etc.)
* Dropped Windows support
* Dropped support for Oracle, Drizzle and libattachsql drivers
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.4.48 to 2.5.1
- Update rootfile
- Changelog
Version 2.5.1
Fix libtool library versioning regression Andreas Gruenbacher
Version 2.4.48
Update po files and German translation Andreas Gruenbacher
getfattr: Add --one-file-system option Andreas Gruenbacher
Move struct stat into struct walk_tree_args Andreas Gruenbacher
Move list of open directories into struct walk_tree_args Andreas Gruenbacher
Move walk_tree_rec arguments into a separate struct Andreas Gruenbacher
xattr.conf: Indicate afs metadata xattrs should be skipped when copying David Howells
Fix typos in manual pages Samanta Navarro
Update my email address Andreas Gruenbacher
man: add examples to setfattr.1 Achilles Gaikwad
install-data: Don't remove unrelated empty directories Andreas Gruenbacher
attr: Replace bzero with memset Rosen Penev
getfattr: don't count terminating NULL in well_enough_printable Jeff Layton
attr_list, attr_listf: Guard against unterminated buffer Andreas Gruenbacher
attr_multi, attr_multif: Don't set errno to -EINVAL Andreas Gruenbacher
Switch back to syscall() Andreas Gruenbacher
attr_list.3: Fix the attributes.h include path Andreas Gruenbacher
getfattr.1: by default only user namespace attributes are dumped Simon Ruderich
Enable large-file support on systems that do not enable it by default Dmitry V. Levin
man: standardize AUTHORS section Mike Frysinger
man: fix bold style in SEE ALSO section Mike Frysinger
test: escape left brace in a regex in test/run Troy Dawson
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from 2.2.53 to 2.3.1
- Updated rootfile
- Changelog
Version 2.3.1
Fix libtool library versioning regression Andreas Gruenbacher
Version 2.3.0
Update po files and German translation Andreas Gruenbacher
getfacl: fix indent in --help output Valentin Vidic
getfacl: Add --one-file-system optionnext Pavel Polacek
Move struct stat into struct walk_tree_args Andreas Gruenbacher
Move list of open directories into struct walk_tree_args Andreas Gruenbacher
Move walk_tree_rec arguments into a separate struct Andreas Gruenbacher
acl_from_mode, acl_copy_int: Fix segfault on allocation failure Tavian Barnes
__acl_create_entry_obj: do not break strict aliasing rules Kamil Dudka
Fix typo in getfacl(1) man page Anthony Sottile
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
