mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-19 07:23:03 +02:00
fa2f6cb6df9fbbf4ddbd7f7bfcfbc995f6d1e9cc
3332 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Adolf Belka
|
024220e4df |
libtirpc: Convert from an addon to a core program - fixes Bug 13015
- libtirpc is required for lsof to work from CU172 onwards. rpc.h is no longer available from glibc. This would normally cause the lsof build to fail but libtirpc as an addon is built before lsof and so is present in the build and lsof is linked to it. When running lsof it fails as the linked libtirpc library is not present unless it has been installed as an addon. - This patch converts the libtirpc lfs from an addon to a core program and moves the rootfile from the packages directory to the common directory. - Tested out on my vm testbed. With CU172 lsof fails to run due to the missing libtirpc With the build based on this patch installed lsof works normally again. - Disabled the static library build in the configure options and updated the rootfile Tested-by: Adolf Belka <adolf.belka@ipfire.org> Fixes: Bug#13015 Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org> |
||
Matthias Fischer
|
c29109f859 |
grub 2.06: Fix for rootfile
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Matthias Fischer
|
36397fdc96 |
pango 1.50.6: Fix for rootfile
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
Peter Müller
|
57372934d4 |
Revert "ragel: Update to version 7.0.4"
This reverts commit
|
||
|
Peter Müller
|
d95e4d0dd5 |
Revert "colm: Update to version 0.14.7"
This reverts commit
|
||
|
Adolf Belka
|
d295a5a363 |
pixman: Update to version 0.42.2
- Update from version 0.40.0 to 0.42.2 - Update of rootfile - Build converted to meson - Changelog is empty in the source tarball as is the NEWS file. There is no change log info on the webpage. The only source of change info are the commits from the git repo https://cgit.freedesktop.org/pixman/log/ Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> |
||
|
Adolf Belka
|
e44d567877 |
cairo: Update to version 1.17.6
- Update from version 1.16.0 to 1.17.6 - Update of rootfile - Next version will only build with meson and as there were some bugs with the autoconf tools build which required a hack to overcome, this version was changed to run with meson. beos and os2 backends are no longer supported and windows only builds if the platform being used for the build is windows based. Therefore those options are no longer needed. meson uses shared libraries only by default. - The cairo-1.16.0-binutils-2.34 patch is no longer needed as the changes have been included in the source tarball. - tarball had to be changed to .bz2 as xz is no longer provided. - Changelog Release 1.17.6 (2022-03-18 Emmanuele Bassi <ebassi@gnome.org>) I spy with my little eye… a Cairo snapshot! First of all, many, many thanks to everyone who contributed to Cairo during this development cycle. A special thank you goes to: - Adrian Johnson - Uli Schlachter for their tireless efforts in ensuring that the lights are still on in the Cairo project. This snapshot sees the removal of the following backends and platform support: - Qt4 - BeOS - OS/2 - DirectFB - DRM - Cogl - OpenVG Thanks to all past contributors for their work on them. If you were using any of these backends then you will need to stick to Cairo 1.16. To offset the removal of the backends above, Adrian Johnson landed the DWrite font rendering backend on Windows. There have been multiple improvements in the Quartz backend, courtesy of John Ralls. Tim-Philipp Müller has kept the Meson build in top shape. This snapshot is going to be the **last** release of Cairo with the Autotools build system. The Meson build has seen many improvements and it is considerably easier to maintain and faster to build. Release 1.17.4 (2020-11-27 Bryce Harrington <bryce@bryceharrington.org>) Thank you to the many people who have contributed the large number of bug fixes and refinements since 1.17.2. A particularly noteworthy improvement in this release is the addition of the meson build system as an alternative to autotools. Autotools is still used for producing the releases, so will be the default in the tarball and presumably will still be preferred by distro packagers of Cairo. It should be possible to build the release tarball using meson, but as this is new functionality consider it still a work in progress. The meson configuration has striven to track the autotools implementation but be aware there may still be some differences between the two. Continuous Integration configurations have been added that enable testing on a variety of platforms including Fedora, Windows MSVC, etc. This work has helped in identifying updates and fixes including adjusting to changes in API calls in dependencies like rsvg and fontconfig, and to fix platform-specific build issues. The cogl Cairo backend underwent significant development this cycle. Cogl provides GPU accelerated drawing support. The development work includes implementation of core functionality, performance optimizations, and stabilization. Subpixel positioning support allows improved glyph outlines with the Freetype font backend. For a complete log of changes, please see https://cairographics.org/releases/ChangeLog.1.17.4 [On a personal note, this will be my last release for Cairo. My Cairo time availability has been non-existent (particularly this crazy past year). The release process is well documented and hopefully will help whomever picks up the baton from here.] Release 1.17.2 (2019-01-31 Bryce Harrington <bryce@bryceharrington.org>) This snapshot provides the new support for writing floating point formats as 16 bpc PNGs, with support for RGBA128F and RGB96F formats. This new feature increases Cairo's pixman version requirement to 0.36.0. Beyond this are a range of bugfixes and some work on establishing CI for Cairo. For a complete log of changes, please see https://cairographics.org/releases/ChangeLog.1.17.2 API Changes None Dependency Changes pixman 0.36.0 Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> |
||
|
Adolf Belka
|
804e7a2b77 |
xz: Update to version 5.4.1
- Update from version 5.4.0 to 5.4.1
- Update of rootfile
- Changelog
5.4.1 (2023-01-11)
* liblzma:
- Fixed the return value of lzma_microlzma_encoder() if the
LZMA options lc/lp/pb are invalid. Invalid lc/lp/pb options
made the function return LZMA_STREAM_END without encoding
anything instead of returning LZMA_OPTIONS_ERROR.
- Windows / Visual Studio: Workaround a possible compiler bug
when targeting 32-bit x86 and compiling the CLMUL version of
the CRC64 code. The CLMUL code isn't enabled by the Windows
project files but it is in the CMake-based builds.
* Build systems:
- Windows-specific CMake changes:
* Don't try to enable CLMUL CRC64 code if _mm_set_epi64x()
isn't available. This fixes CMake-based build with Visual
Studio 2013.
* Created a workaround for a build failure with windres
from GNU binutils. It is used only when the C compiler
is GCC (not Clang). The workaround is incompatible
with llvm-windres, resulting in "XZx20Utils" instead
of "XZ Utils" in the resource file, but without the
workaround llvm-windres works correctly. See the
comment in CMakeLists.txt for details.
* Included the resource files in the xz and xzdec build
rules. Building the command line tools is still
experimental but possible with MinGW-w64.
- Visual Studio: Added stream_decoder_mt.c to the project
files. Now the threaded decompressor lzma_stream_decoder_mt()
gets built. CMake-based build wasn't affected.
- Updated windows/INSTALL-MSVC.txt to mention that CMake-based
build is now the preferred method with Visual Studio. The
project files will probably be removed after 5.4.x releases.
- Changes to #defines in config.h:
* HAVE_DECL_CLOCK_MONOTONIC was replaced by
HAVE_CLOCK_MONOTONIC. The old macro was always defined
in configure-generated config.h to either 0 or 1. The
new macro is defined (to 1) only if the declaration of
CLOCK_MONOTONIC is available. This matches the way most
other config.h macros work and makes things simpler with
other build systems.
* HAVE_DECL_PROGRAM_INVOCATION_NAME was replaced by
HAVE_PROGRAM_INVOCATION_NAME for the same reason.
* Tests:
- Fixed test script compatibility with ancient /bin/sh
versions. Now the five test_compress_* tests should
no longer fail on Solaris 10.
- Added and refactored a few tests.
* Translations:
- Updated the Catalan and Esperanto translations.
- Added Korean and Ukrainian man page translations.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
|
||
|
Adolf Belka
|
a72263c6c5 |
lz4: Update to version 1.9.4
- Update from version 1.9.3 to 1.9.4 - Update of rootfile - Changelog v1.9.4 perf : faster decoding speed (~+20%) on aarch64 platforms perf : faster decoding speed (~+70%) for -BD4 setting in CLI api : new function `LZ4_decompress_safe_partial_usingDict()` by @yawqi api : lz4frame: ability to provide custom allocators at state creation api : can skip checksum validation for improved decoding speed api : new experimental unit `lz4file` for file i/o API, by @anjiahao1 api : new experimental function `LZ4F_uncompressedUpdate()`, by @alexmohr cli : `--list` works on `stdin` input, by @Low-power cli : `--no-crc` does not produce (compression) nor check (decompression) checksums cli : fix: `--test` and `--list` produce an error code when parsing invalid input cli : fix: support skippable frames when passed via `stdin`, reported by @davidmankin build: fix: Makefile respects CFLAGS directives passed via environment variable build: `LZ4_FREESTANDING`, new build macro for freestanding environments, by @t-mat build: `make` and `make test` are compatible with `-j` parallel run build: AS/400 compatibility, by @jonrumsey build: Solaris 10 compatibility, by @pekdon build: MSVC 2022 support, by @t-mat build: improved meson script, by @eli-schwartz doc : Updated LZ4 block format, provide an "implementation notes" section Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> |
||
|
Matthias Fischer
|
249819695d |
bind: Update to 9.16.37
For details for 9.16.36 and 9.16.37 see: https://downloads.isc.org/isc/bind9/9.16.37/doc/arm/html/notes.html#notes-for-bind-9-16-37 "Notes for BIND 9.16.37 Security Fixes An UPDATE message flood could cause named to exhaust all available memory. This flaw was addressed by adding a new update-quota option that controls the maximum number of outstanding DNS UPDATE messages that named can hold in a queue at any given time (default: 100). (CVE-2022-3094) ISC would like to thank Rob Schulhof from Infoblox for bringing this vulnerability to our attention. [GL #3523] named could crash with an assertion failure when an RRSIG query was received and stale-answer-client-timeout was set to a non-zero value. This has been fixed. (CVE-2022-3736) ISC would like to thank Borja Marcos from Sarenet (with assistance by Iratxe Niño from Fundación Sarenet) for bringing this vulnerability to our attention. [GL #3622] named running as a resolver with the stale-answer-client-timeout option set to any value greater than 0 could crash with an assertion failure, when the recursive-clients soft quota was reached. This has been fixed. (CVE-2022-3924) ISC would like to thank Maksym Odinintsev from AWS for bringing this vulnerability to our attention. [GL #3619] New Features The new update-quota option can be used to control the number of simultaneous DNS UPDATE messages that can be processed to update an authoritative zone on a primary server, or forwarded to the primary server by a secondary server. The default is 100. A new statistics counter has also been added to record events when this quota is exceeded, and the version numbers for the XML and JSON statistics schemas have been updated. [GL #3523] Feature Changes The Differentiated Services Code Point (DSCP) feature in BIND has been deprecated. Configuring DSCP values in named.conf now causes a warning to be logged. Note that this feature has only been partly operational since the new Network Manager was introduced in BIND 9.16.0. [GL #3773] The catalog zone implementation has been optimized to work with hundreds of thousands of member zones. [GL #3744] Bug Fixes In certain query resolution scenarios (e.g. when following CNAME records), named configured to answer from stale cache could return a SERVFAIL response despite a usable, non-stale answer being present in the cache. This has been fixed. [GL #3678] ... Notes for BIND 9.16.36 Feature Changes The auto-dnssec option has been deprecated and will be removed in a future BIND 9.19.x release. Please migrate to dnssec-policy. [GL #3667] Bug Fixes When a catalog zone was removed from the configuration, in some cases a dangling pointer could cause the named process to crash. This has been fixed. [GL #3683] When a zone was deleted from a server, a key management object related to that zone was inadvertently kept in memory and only released upon shutdown. This could lead to constantly increasing memory use on servers with a high rate of changes affecting the set of zones being served. This has been fixed. [GL #3727] In certain cases, named waited for the resolution of outstanding recursive queries to finish before shutting down. This was unintended and has been fixed. [GL #3183] The zone <name>/<class>: final reference detached log message was moved from the INFO log level to the DEBUG(1) log level to prevent the named-checkzone tool from superfluously logging this message in non-debug mode. [GL #3707]" Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> |
||
|
Adolf Belka
|
37f48533d7 |
help2man: Install new package required for updated libtool
- package only needed for build of libtool so rootfile is all commented out. Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> |
||
|
Adolf Belka
|
31c0c32779 |
libtool: Update to version 2.4.7
- Update from version 2.4.6 (Feb 2015) to 2.4.7 (Mar 2022)
- Update of rootfile
- The shebang in the libtoolize script has changed from ! /bin/sh to ! /usr/bin/env sh
because apparently the previous version presented challenges for containerised
environments. For IPFire build it meant that using libtoolize in the build of libxcrypt
failed because it could not deal with the changed shebang.
- Patch created to change the shebang for libtoolize.in back to the version in 2.4.6 and
earlier.
- The change of libtoolize.in then caused the libtool build to try and rebuild the man
page for it but this fails as help2man is required for this. There is no option in the
configure to not build the docs so hence there is an associated patch with this one
that build help2man but the rootfile is completely commented out as it is only
required for the build
- Added --disable-static to the configure options
- Changelog
Noteworthy changes in release 2.4.7 (2022-03-16) [stable]
New features:
- Libtool script now supports (configure-time and runtime) ARFLAGS
variable, which obsoletes AR_FLAGS. This is due to naming conventions
among other *FLAGS and to be consistent with Automake's ARFLAGS.
- Gnulib testsuite is enabled and run during 'make check'.
- Support the Windows version of the Intel C Compiler (icl) in
libtool script.
- Pass '-fsanitize=*' flags for GCC and LLVM, and '-specs=*' for GCC
to linker.
- Pass '-Xassembler=*' and '-Wa,*' flag to compilers and linkers.
- The variable 'FILECMD' with default value of '/usr/bin/file' was used to
replace existing hard coded references to '/usr/bin/file'.
- Add MidnightBSD support.
Important incompatible changes:
- Libtool changed ARFLAGS/AR_FLAGS default from 'cru' to 'cr'.
- Do not pass '-pthread' to Solaris linker.
- 'libtool' and 'libtoolize' scripts now use '#! /usr/bin/env sh' shebang.
Previously '#! /bin/sh' was used, which presents challenges for
containerized environments.
Bug fixes:
- Fix significant slowdown of libtoolize for certain projects (regression
introduced in 2.4.3 release) caused by infinite m4 macro recursion.
- Mitigate the slowdown of libtool script (introduced in v2.4.3) caused by
increased number of calls to '$SED $sed_quote_subst' (bug#20006).
- Properly parse and export TLS symbols on AIX.
- Various bug fixes surrounding use of 'sed'.
- Darwin systems set proper "allow undefined" flag on OSX 11, and
PowerPC 10.5.
- Removed some deprecated tests related to 'Makefile.inc' files.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
|
||
|
Matthias Fischer
|
68e2844141 |
rust: Update to 1.65
For details see: https://github.com/rust-lang/rust/blob/stable/RELEASES.md#version-1650-2022-11-03 I started updating rust to 1.65 mainly because 'clamav 0.105.1-3' and the shortly thereafter released version 'clamav 1.0.0' need at least 'rust 1.56': "Building ClamAV requires, at a minimum, Rust compiler version 1.56, as it relies on features introduced in the Rust 2021 Edition." At this point we were still on 'nightly 2022-01-27'. Ok then... But it was a bit more tricky than I thought, because this update wouldn't build without patching most of the existing rust-crate-lfs files in a way I didn't expect. Please note the patch series following this update... Nevertheless, the update to 1.65 and ALL testbuilds completed without any errors. Unfortunately, I can only provide the rootfile for x86_64 - I don't have the appropriate hardware for anything else. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> |
||
|
Adolf Belka
|
fcc21cadf3 |
ragel: Update to version 7.0.4
- Update from version 7.0.0.11 to 7.0.4 - Update of rootfile - Changelog updated language flags, catch abortcompile throw in non-ragel progs 7.0.3 This version of colm includes a critical fix for big-endian system. Fixes #61. expect colm version 0.14.6 and version bump ragel to 7.0.3 7.0.2 Latest colm includes bugfixes for refcounting, which fixes a ragel issue with includes #58. expect colm 0.14.5 and version bump to 7.0.2 7.0.1 removed accidental commit of ragel/.exrc 7.0.0.12 implemented NfaClear in asm codegen Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> |
||
|
Adolf Belka
|
59408f2cbf |
colm: Update to version 0.14.7
- Update from version 0.13.0.6 to 0.14.7 - Update of rootfile - patch from colm commit fc61ecb required to fix bug of make looking for static and dynamic libs even if one of them was disabled - Changelog is not available in source tarball or on website etc. Changes have to be reviewed by the commits https://github.com/adrian-thurston/colm/commits/0.14.7 Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> |
||
|
Adolf Belka
|
c4597ec47e |
fontconfig: Update to version 2.14.1
- Update from version 2.13.1 (2018) to 2.14.1 (Oct 2022) - 8 versions - Update of rootfile - Changelog is the gitlab repository commits https://gitlab.freedesktop.org/fontconfig/fontconfig/-/commits/main/ Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> |
||
|
Matthias Fischer
|
ca92e035a7 |
apache: Update to 2.4.55
Again: huge changelog, for details see: https://dlcdn.apache.org/httpd/CHANGES_2.4.55 Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Adolf Belka
|
cdb528e22f |
fuse: Update to version 3.13.0
- Update from version 3.11.0 to 3.13.0 - Update of rootfile - Changelog libfuse 3.13.0 (2023-01-13) - There is a new low-level API function `fuse_session_custom_io` that allows to implement a daemon with a custom io. This can be used to create a daemon that can process incoming FUSE requests to other destinations than `/dev/fuse`. - A segfault when loading custom FUSE modules has been fixed. - There is a new `fuse_notify_expire_entry` function. - A deadlock when resolving paths in the high-level API has been fixed. - libfuse can now be build explicitly for C libraries without symbol versioning support. libfuse 3.12.0 (2022-09-08) - There is a new build parameter to specify where the SysV init script should be installed. - The *max_idle_threads* parameter has been deprecated in favor of the new max_threads* parameter (which avoids the excessive overhead of creating and destructing threads). Using max_threads == 1 and calling fuse_session_loop_mt() will run single threaded similar to fuse_session_loop(). The following changes apply when using the most recent API (-DFUSE_USE_VERSION=312, see `example/passthrough_hp.cc` for an example for how to usse the new API): - `struct fuse_loop_config` is now private and has to be constructed using - fuse_loop_cfg_create()* and detroyed with *fuse_loop_cfg_destroy()*. Parameters can be - changed using `fuse_loop_cfg_set_*()` functions. - fuse_session_loop_mt()* now accepts `struct fuse_loop_config *` as NULL pointer. - fuse_parse_cmdline()* now accepts a *max_threads* option. Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Peter Müller
|
22f2aa2187 |
boost: Update 32-bit ARM rootfile
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Peter Müller
|
731fb11b8d |
python3: Update 32-bit ARM rootfile
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Peter Müller
|
76ae491a19 |
linux: Update 32-bit ARM rootfile
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Peter Müller
|
13b65c78bf |
python3: Fix x86_64 rootfile
https://lists.ipfire.org/pipermail/nightly-builds/2023-January/004089.html Reported-by: Adolf Belka <adolf.belka@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Peter Müller
|
dce8d55955 |
linux: Update x86_64 rootfile
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
Michael Tremer
|
debf583b42 |
rootfiles: Remove further spaces
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Michael Tremer
|
f5c45515b5 |
linux-firmware: Drop hack to remove spaces in filenames
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Adolf Belka
|
ffec5f3ce1 |
iptables: Update to version 1.8.9
- Update from version 1.8.8 to 1.8.9
- Update of rootfile
- Changelog
xtables-monitor: add missing spaces in printed str
build: Fix error during out of tree build
iptables: xshared: Ouptut '--' in the opt field in ipv6's fake mode
iptables.8: mention that iptables exits when setuid
extensions: libxt_conntrack: remove always-false conditionals
nft: fix ebtables among match when mac+ip addresses are used
nft: support dissection of meta pkktype mode
nft: prefer native 'meta pkttype' instead of xt match
extensions: libxt_pkttype: support otherhost
nft: support ttl/hoplimit dissection
nft: prefer payload to ttl/hl module
nft: un-break among match with concatenation
Revert "nft: prefer payload to ttl/hl module"/'meta pkttype' match.
nft: track each register individually
tests: extend native delinearize script
nft: check for unknown meta keys
iptables-nft: exit nonzero when iptables-save cannot decode all expressions
xlate: get rid of escape_quotes
extensions: change expected output for new format
xlate-test: avoid shell entanglements
nft-bridge: work around recent "among" decode breakage
extensions: add xt_statistics random mode translation
netfilter: add nf_log.h
treewide: use uint* instead of u_int*
nft: replace nftnl_.*_nlmsg_build_hdr() by nftnl_nlmsg_build_hdr()
nft-shared: replace nftnl_expr_get_data() by nftnl_expr_get()
xshared: Fix build for -Werror=format-security
Revert "fix build for missing ETH_ALEN definition"
tests: shell: Check overhead in iptables-save and -restore
libxtables: Unexport init_extensions*() declarations
arptables: Support -x/--exact flag
iptables-legacy: Drop redundant include of xtables-multi.h
xshared: Make some functions static
Makefile: Add --enable-profiling configure option
tests: shell: Add some more rules to 0002-verbose-output_0
tests: shell: Extend iptables-xml test a bit
tests: shell: Extend zero counters test a bit further
extensions: libebt_standard.t: Test logical-{in,out} as well
ebtables-restore: Deny --init-table
extensions: string: Do not print default --to value
extensions: string: Review parse_string() function
extensions: string: Fix and enable tests
nft: Exit if nftnl_alloc_expr fails
libxtables: Move struct xtables_afinfo into xtables.h
libxtables: Define XT_OPTION_OFFSET_SCALE in xtables.h
libxtables: Fix unsupported extension warning corner case
tests: shell: Fix testcases for changed ip6tables opts output
xshared: Fix for missing space after 'prot' column
xshared: Print protocol numbers if --numeric was given
xtables-restore: Extend failure error message
nft: Expand extended error reporting to nft_cmd, too
tests: shell: Test delinearization of native nftables expressions
ebtables: Drop unused OPT_* defines
ebtables: Eliminate OPT_TABLE
ebtables: Merge OPT_* flags with xshared ones
nft-shared: Introduce __get_cmp_data()
ebtables: Support '-p Length'
ebtables: Fix among match
nft: Fix meta statement parsing
nft-bridge: Drop 'sreg_count' variable
tests: iptables-test: Simplify '-N' option a bit
tests: iptables-test: Simplify execute_cmd() calling
tests: iptables-test: Pass netns to execute_cmd()
tests: iptables-test: Test both variants by default
extensions: among: Remove pointless fall through
extensions: among: Fix for use with ebtables-restore
extensions: libebt_stp: Eliminate duplicate space in output
extensions: libip6t_dst: Fix output for empty options
extensions: TCPOPTSTRIP: Do not print empty options
extensions: libebt_log: Avoid empty log-prefix in output
tests: IDLETIMER.t: Fix syntax, support for restore input
tests: libebt_stp.t: Drop duplicate whitespace
tests: shell: Fix expected output for ip6tables dst match
tests: shell: Fix expected ebtables log target output
libiptc: Fix for segfault when renaming a chain
nft: Fix compile with -DDEBUG
extensions: NFQUEUE: Document queue-balance limitation
tests: iptables-test: Implement fast test mode
tests: iptables-test: Cover for obligatory -j CONTINUE in ebtables
tests: *.t: Fix expected output for simple calls
tests: *.t: Fix for hexadecimal output
tests: libebt_redirect.t: Plain redirect prints with trailing whitespace
tests: libxt_length.t: Fix odd use-case output
tests: libxt_recent.t: Add missing default values
tests: libxt_tos.t, libxt_TOS.t: Add missing masks in output
tests: libebt_vlan.t: Drop trailing whitespace from rules
tests: libxt_connlimit.t: Add missing default values
tests: *.t: Add missing all-one's netmasks to expected output
extensions: DNAT: Fix bad IP address error reporting
extensions: *NAT: Drop NF_NAT_RANGE_PROTO_RANDOM* flag checks
extensions: DNAT: Use __DNAT_xlate for REDIRECT, too
extensions: DNAT: Generate print, save and xlate callbacks
extensions: DNAT: Rename some symbols
extensions: Merge SNAT, DNAT, REDIRECT and MASQUERADE
tests: xlate-test: Cleanup file reading loop
tests: xlate-test.py: Introduce run_proc()
tests: xlate-test: Replay results for reverse direction testing
xshared: Share make_delete_mask() between ip{,6}tables
nft-shared: Introduce port_match_single_to_range()
extensions: libip*t_LOG: Merge extensions
extensions: libebt_ip: Include kernel header
extensions: libebt_arp, libebt_ip: Use xtables_ipparse_any()
extensions: Collate ICMP types/codes in libxt_icmp.h
extensions: Unify ICMP parser into libxt_icmp.h
Drop extra newline from xtables_error() calls
extensions: mark: Test double bitwise in a rule
extensions: libebt_mark: Fix mark target xlate
extensions: libebt_mark: Fix xlate test case
extensions: libebt_redirect: Fix xlate return code
extensions: libipt_ttl: Sanitize xlate callback
extensions: CONNMARK: Fix xlate callback
extensions: MARK: Sanitize MARK_xlate()
extensions: TCPMSS: Use xlate callback for IPv6, too
extensions: TOS: Fix v1 xlate callback
extensions: ecn: Sanitize xlate callback
extensions: tcp: Translate TCP option match
extensions: libebt_log: Add comment to clarify xlate callback
extensions: frag: Add comment to clarify xlate callback
extensions: ipcomp: Add comment to clarify xlate callback
libxtables: xt_xlate_add() to take care of spacing
extensions: Leverage xlate auto-spacing
extensions: libxt_conntrack: Drop extra whitespace in xlate
extensions: xlate: Format sets consistently
tests: shell: Test selective ebtables flushing
tests: shell: Fix valgrind mode for 0008-unprivileged_0
iptables-restore: Free handle with --test also
iptables-xml: Free allocated chain strings
nft: Plug memleak in nft_rule_zero_counters()
iptables: Plug memleaks in print_firewall()
xtables: Introduce xtables_clear_iptables_command_state()
iptables: Properly clear iptables_command_state object
xshared: Free data after printing help
libiptc: Eliminate garbage access
ebtables: Implement --check command
tests: xlate: Use --check to verify replay
nft: Fix for comparing ifname matches against nft-generated ones
nft: Fix match generator for '! -i +'
nft: Recognize INVAL/D interface name
xtables-translate: Fix for interfaces with asterisk mid-string
ebtables: Fix MAC address match translation
Makefile: Create LZMA-compressed dist-files
Drop INCOMPATIBILITIES file
Drop libiptc/linux_stddef.h
Makefile: Generate ip6tables man pages on the fly
extensions: Makefile: Merge initext targets
iptables/Makefile: Reorg variable assignments
iptables/Makefile: Split nft-variant man page list
Makefile: Fix for 'make distcheck'
Makefile: Generate .tar.xz archive with 'make dist'
include/Makefile: xtables-version.h is generated
tests: Adjust testsuite return codes to automake guidelines
Makefile.am: Integrate testsuites
nft: Parse icmp header matches
arptables: Check the mandatory ar_pln match
nft: Increase rule parser strictness
nft: Make rule parsing errors fatal
nft: Reject tcp/udp extension without proper protocol match
gitignore: Ignore utils/nfsynproxy
gitignore: Ignore generated ip6tables man pages
ebtables-translate: Install symlink
Makefile: Replace brace expansion
configure: Bump version for 1.8.9 release
tests: add ebtables among testcase
xt_sctp: support a couple of new chunk types
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Adolf Belka
|
d64553af77 |
libtiff: Update to version 4.5.0
- Update from version 4.4.0 to 4.5.0 - Update o0f rootfile - sobump requires shipping of core programs poppler (covered by update patch) and perl together with addons cups-filters and spandsp (covered by PAK_VER updates in patch series. - Changelog is t6oo long to include here. For details see the ChangeLog file in the source tarball. Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> |
||
|
Matthias Fischer
|
73cb5771b1 |
libpcap: Update to 1.10.3
For deails see: https://git.tcpdump.org/libpcap/blob/HEAD:/CHANGES#43 Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Peter Müller
|
177db98c21 | Merge remote-tracking branch 'arne_f/kernel-6.1' into next | ||
Arne Fitzenreiter
|
3e066f550b |
kernel: update rootfiles and config
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> |
||
|
Adolf Belka
|
275ca7abb8 |
xfsprogs: Update to version 6.1.0
- Update from version 5.18.0 to 6.1.0 - Update of rootfile - Changelog There is no changelog in the source tarball or in the kernel site where the source tarballs are available from. xfs.org, which normally provides access to the git repository, fails to connect. xfs.wiki.kernel.org has no changelog info in it. Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Adolf Belka
|
268c91d163 |
poppler: Update to version 23.01.0
- Update from version 22.11.0 to 23.01.0
- Update of rootfile
- sobump checked with find-dependencies but not other programs other than from poppler
are flagged up.
- Changelog
Release 23.01.0:
core:
* PDFDoc::sign: Fix crash if font can't be found
* PDFDoc::sign: Try Arial to sign if Helvetica isn't found
* FoFiType1::parse: Be more flexible parsing the encoding content. Issue #1324
* Gfx::opBeginMarkedContent: Support Span with Name. Issue #1327
* Splash: Avoid color issues due to implicit rounding
* Splash: Fix crash on malformed file.
* CairoOutputDev: Ignore text rendering mode for type3 fonts
* Remove unused FoFiType1::load function
build system:
* Increase minimum required versions of several dependencies
* Improve include path handling
qt6:
- Use less deprecated functions
Release 22.12.0:
core:
* Form::addFontToDefaultResources: Be stubborn in finding a font we can use.
Issue #1272
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Adolf Belka
|
3d0cdaea87 |
mpfr: Update to version 4.2.0
- Update from version 4.1.1 to 4.2.0
- Update of rootfile
- Changelog
Changes from versions 4.1.1 to version 4.2.0
Binary compatible with MPFR 4.0.* and 4.1.*, though some minor changes in
the behavior of the formatted output functions may be visible, regarded as
underspecified behavior or bug fixes (see below).
New functions mpfr_cosu, mpfr_sinu, mpfr_tanu, mpfr_acosu, mpfr_asinu,
mpfr_atanu and mpfr_atan2u.
New functions mpfr_cospi, mpfr_sinpi, mpfr_tanpi, mpfr_acospi, mpfr_asinpi,
mpfr_atanpi and mpfr_atan2pi.
New functions mpfr_log2p1, mpfr_log10p1, mpfr_exp2m1, mpfr_exp10m1 and
mpfr_compound_si.
New functions mpfr_fmod_ui, mpfr_powr, mpfr_pown, mpfr_pow_uj, mpfr_pow_sj
and mpfr_rootn_si (mpfr_pown is actually a macro defined as an alias for
mpfr_pow_sj).
Bug fixes.
In particular, for the formatted output functions (mpfr_printf, etc.),
the case where the precision consists only of a period has been fixed
to be like .0 as specified in the ISO C standard, and the manual has
been corrected and clarified.
The macros of the custom interface have also been fixed: they now behave
like functions (except a minor limitation for mpfr_custom_init_set).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Adolf Belka
|
e3377abbb1 |
keyutils: Update to version 1.6.3
- Update from version 1.5.11 to 1.6.3 - Update of rootfile - Changelog is not available in source tarball. Only source for changes is the git repository https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/log/ Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Adolf Belka
|
3816b8b5bc |
knot: Update to version 3.2.4
- Update from version 3.1.7 to 3.2.4
- Update of rootfile
- find-dependencies run and only thing showing as depending on the libs are knot itself.
- Changelog
Knot DNS 3.2.4 (2022-12-12)
Improvements:
- knotd: significant speed-up of catalog zone update processing
- knotd: new runtime check if RRSIG lifetime is lower than RRSIG refresh
- knotd: reworked zone re-bootstrap scheduling to be less progressive
- mod-synthrecord: module can work with CIDR-style reverse zones #826
- python: new libknot wrappers for some dname transformation functions
- doc: a few fixes and improvements
Bugfixes:
- knotd: incomplete zone is received when IXFR falls back to AXFR due to
connection timeout if primary puts initial SOA only to the first message
- knotd: first zone re-bootstrap is planned after 24 hours
- knotd: EDNS EXPIRE option is present in outgoing transfer of a catalog zone
- knotd: catalog zone can expire upon EDNS EXPIRE processing
- knotd: DNSSEC signing doesn't fail if no offline KSK records available
Knot DNS 3.2.3 (2022-11-20)
Improvements:
- knotd: new per-zone DS push configuration option (see 'zone.ds-push')
- libs: upgraded embedded libngtcp2 to 0.11.0
Bugfixes:
- knsupdate: program crashes when sending an update
- knotd: server drops more responses over UDP under higher load
- knotd: missing EDNS padding in responses over QUIC
- knotd: some memory issues when handling unusual QUIC traffic
- kxdpgun: broken IPv4 source subnet processing
- kdig: incorrect handling of unsent data over QUIC
Knot DNS 3.2.2 (2022-11-01)
Features:
- knotd,kxdpgun: support for VLAN (802.1Q) traffic in the XDP mode
- knotd: added configurable delay upon D-Bus initialization (see 'server.dbus-init-delay')
- kdig: support for JSON (RFC 8427) output format (see '+json')
- kdig: support for PROXYv2 (see '+proxy') (Gift for Peter van Dijk)
Improvements:
- mod-geoip: module respects the server configuration of answer rotation
- libs: upgraded embedded libngtcp2 to 0.10.0
- tests: improved robustness of some unit tests
- doc: added description of zone bootstrap re-planning
Bugfixes:
- knotd: catalog confusion when a member is added and immediately deleted #818
- knotd: defective handling of short messages with PROXYv2 header #816
- knotd: inconsistent processing of malformed messages with PROXYv2 header #817
- kxdpgun: incorrect XDP mode is logged
- packaging: outdated dependency check in RPM packages
Knot DNS 3.2.1 (2022-09-09)
Improvements:
- libknot: added compatibility with libbpf 1.0 and libxdp
- libknot: removed some trailing white space characters from textual RR format
- libs: upgraded embedded libngtcp2 to 0.8.1
Bugfixes:
- knotd: some non-DNS packets not passed to OS if XDP mode enabled
- knotd: inappropriate log about QUIC port change if QUIC not enabled
- knotd/kxdpgun: various memory leaks related to QUIC and TCP
- kxdpgun: can crash at high rates in emulated XDP mode
- tests: broken XDP-TCP test on 32-bit platforms
- kdig: failed to build with enabled QUIC on OpenBSD
- systemd: failed to start server due to TemporaryFileSystem setting
- packaging: missing knot-dnssecutils package on CentOS 7
Knot DNS 3.2.0 (2022-08-22)
Features:
- knotd: finalized TCP over XDP implementation
- knotd: initial implementation of DNS over QUIC in the XDP mode (see 'xdp.quic')
- knotd: new incremental DNSKEY management for multi-signer deployment (see 'policy.dnskey-management')
- knotd: support for remote grouping in configuration (see 'groups' section)
- knotd: implemented EDNS Expire option (RFC 7314)
- knotd: NSEC3 salt is changed with every ZSK rollover if lifetime is set to -1
- knotd: support for PROXY v2 protocol over UDP (Thanks to Robert Edmonds) #762
- knotd: support for key labels with PKCS #11 keystore (see 'keystore.key-label')
- knotd: SVCB/HTTPS treatment according to draft-ietf-dnsop-svcb-https
- keymgr: new JSON output format (see '-j' parameter) for listing keys or zones (Thanks to JP Mens)
- kxdpgun: support for DNS over QUIC with some testing modes (see '-U' parameter)
- kdig: new DNS over QUIC support (see '+quic')
Improvements:
- knotd: reduced memory consumption when processing IXFR, DNSSEC, catalog, or DDNS
- knotd: RRSIG refresh values don't have to match in the mode Offline KSK
- knotd: better decision whether AXFR fallback is needed upon a refresh error
- knotd: NSEC3 resalt event was merged with the DNSSEC event
- knotd: server logs when the connection to remote was taken from the pool
- knotd: server logs zone expiration time when the zone is loaded
- knotd: DS check verifies removal of old DS during algorithm rollover
- knotd: DNSSEC-related records can be updated via DDNS
- knotd: new 'xdp.udp' configuration option for disabling UDP over XDP
- knotd: outgoing NOTIFY is replanned if failed
- knotd: configuration checks if zone MIN interval values are lower or equal to MAX ones
- knotd: DNSSEC-related zone semantic checks use DNSSEC validation
- knotd: new configuration value 'query' for setting ACL action
- knotd: new check on near end of imported Offline KSK records
- knotd/knotc: implemented zone catalog purge, including orphaned member zones
- knotc: interactive mode supports catalog zone completion, value completion, and more
- knotc: new default brief and colorized output from zone status
- knotc: unified empty values in zone status output
- keymgr: DNSKEY TTL is taken from KSR in the Offline KSK mode
- kjournalprint: path to journal DB is automatically taken from the configuration,
which can be specified using '-c', '-C' (or '-D')
- kcatalogprint: path to catalog DB is automatically taken from the configuration,
which can be specified using '-c', '-C' (or '-D')
- kzonesign: added automatic configuration file detection and '-C' parameter
for configuration DB specificaion
- kzonesign: all CPU threads are used for DNSSEC validation
- libknot: dname pointer cannot point to another dname pointer when encoding RRsets #765
- libknot: QNAME case is preserved in knot_pkt_t 'wire' field (Thanks to Robert Edmonds) #780
- libknot: reduced memory consumption of the XDP mode
- libknot: XDP filter supports up to 256 NIC queues
- kxdpgun: new options for specifying source and remote MAC addresses
- utils: extended logging of LMDB-related errors
- utils: improved error outputs
- kdig: query has AD bit set by default
- doc: various improvements
Bugfixes:
- knotd: zone changeset is stored to journal even if disabled
- knotd: journal not applied to zone file if zone file changed during reload
- knotd: possible out-of-order processing or postponed zone events to far future
- knotd: incorrect TTL is used if updated RRSet is empty over control interface
- knotd/libs: serial arithmetics not used for RRSIG expiration processing
- knsupdate: incorrect RRTYPE in the question section
Compatibility:
- knotd: default value for 'zone.journal-max-depth' was lowered to 20
- knotd: default value for 'policy.nsec3-iterations' was lowered to 0
- knotd: default value for 'policy.rrsig-refresh' is propagation delay + zone maximum TTL
- knotd: server fails to load configuration if 'policy.rrsig-refresh' is too low
- knotd: configuration option 'server.listen-xdp' has no effect
- knotd: new configuration check on deprecated DNSSEC algorithm
- knotc: new '-e' parameter for full zone status output
- keymgr: new '-e' parameter for full key list output
- keymgr: brief key listing mode is enabled by default
- keymgr: renamed parameter '-d' to '-D'
- knsupdate: default TTL is set to 3600
- knsupdate: default zone is empty
- kjournalprint: renamed parameter '-c' to '-H'
- python/libknot: removed compatibility with Python 2
Packaging:
- systemd: removed knot.tmpfile
- systemd: added some hardening options
- distro: Debian 9 and Ubuntu 16.04 no longer supported
- distro: packages for CentOS 7 are built in a separate COPR repository
- kzonecheck/kzonesign/knsec3hash: moved to new package knot-dnssecutils
Knot DNS 3.1.9 (2022-08-10)
Improvements:
- knotd: new configuration checks on unsupported catalog settings
- knotd: semantic check issues have notice log level in the soft mode
- keymgr: command generate-ksr automatically sets 'from' parameter to last
offline KSK records' timestamp if it's not specified
- keymgr: command show-offline starts from the first offline KSK record set
if 'from' parameter isn't specified
- kcatalogprint: new parameters for filtering catalog or member zone
- mod-probe: default rate limit was increased to 100000
- libknot: default control timeout was increased to 30 seconds
- python/libknot: various exceptions are raised from class KnotCtl
- doc: some improvements
Bugfixes:
- knotd: incomplete outgoing IXFR is responded if journal history is inconsistent
- knotd: manually triggered zone flush is suppressed if disabled zone synchronization
- knotd: failed to configure XDP listen interface without port specification
- knotd: de-cataloged member zone's file isn't deleted #805
- knotd: member zone leaks memory when reloading catalog during dynamic configuration change
- knotd: server can crash when reloading modules with DNSSEC signing (Thanks to iqinlongfei)
- knotd: server crashes during shutdown if PKCS #11 keystore is used
- keymgr: command del-all-old isn't applied to all keys in the removed state
- kxdpgun: user specified network interface isn't used
- libs: fixed compilation on illumos derivatives (Thanks to Nick Ewins)
Knot DNS 3.1.8 (2022-04-28)
Features:
- knotd: optional automatic ACL for XFR and NOTIFY (see 'remote.automatic-acl')
- knotd: new soft zone semantic check mode for allowing defective zone loading
- knotc: added zone transfer freeze state to the zone status output
Improvements:
- knotd: added configuration check for serial policy of generated catalogs
Bugfixes:
- knotd/libknot: the server can crash when validating a malformed TSIG record
- knotd: outgoing zone transfer freeze not preserved during server reload
- knotd: catalog UPDATE not processed if previous UPDATE processing not finished #790
- knotd: zone refresh not started if planned during server reload
- knotd: generated catalogs can be queried over UDP
- knotd/utils: failed to open LMDB database if too many stale slots occupy the lock table
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Adolf Belka
|
7faaa713df |
lcms2: Update to version 2.14
- Update from version 2.13.1 to 2.14
- Update of rootfile
- Changelog
2.14 Featured release
lcms2 now implements ICC specification 4.4
New multi-threaded plug-in
several fixes to keep fuzzers happy
Remove check on DLL when CMS_NO_REGISTER_KEYWORD is used
Added more validation against broken profiles
Add more help to several tools
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Arne Fitzenreiter
|
6535255270 |
kernel: update to 6.1.3
the kernel-6.1.x series should be the next lts series... |
||
|
Peter Müller
|
ed6310bc6a |
linux-firmware: Update to 20221214
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Adolf Belka
|
a3fc79f127 |
ipset: Update to version 7.17
- Update from version 7.15 to 7.17
- Update of rootfile
- Changelog
7.17
- Tests: When verifying comments/timeouts, make sure entries don't expire
- Tests: Make sure the internal batches add the correct number of elements
- Tests: Verify that hash:net,port,net type can handle 0/0 properly
- Makefile: Create LZMA-compressed dist-files (Phil Sutter)
7.16
- Add new ipset_parse_bitmask() function to the library interface
- test: Make sure no more than 64 clashing elements can be added
to hash:net,iface sets
- netfilter: ipset: add tests for the new bitmask feature (Vishwanath Pai)
- netfilter: ipset: Update the man page to include netmask/bitmask options
(Vishwanath Pai)
- netfilter: ipset: Add bitmask support to hash:netnet (Vishwanath Pai)
- netfilter: ipset: Add bitmask support to hash:ipport (Vishwanath Pai)
- netfilter: ipset: Add bitmask support to hash:ip (Vishwanath Pai)
- netfilter: ipset: Add support for new bitmask parameter (Vishwanath Pai)
- ipset-translate: allow invoking with a path name (Quentin Armitage)
- Fix IPv6 sets nftables translation (Pablo Neira Ayuso)
- Fix typo in ipset-translate man page (Bernhard M. Wiedemann)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Adolf Belka
|
42b0bb0d7a |
iputils: Update to version 20221126
- Update from version 20210202 to 20221126
- Update of rootfile - none of the removed tools were in the rootfile
- Changelog
20221126
* removed tools (issue: #363)
- ninfod (commit: 8f0d897, reason: experimental unused protocol)
- rarpd (commit: fba7b62, reason: superseded by DHCP protocol)
- rdisc (commit: 7447806, reason: superseded by DHCP protocol)
* license
- use SPDX identifiers for license names
* tree
- make _GNU_SOURCE mandatory (commit: 2410ed1, PR: #402)
* arping
- fix: exit 0 if running in deadline mode and we see replies (commit: 854873b,
PR: #395)
- fix: check correct variable (commit: 8a6a2ce, PR: #395)
- man: Mention IPv4 only and ndisc6(8) (commit: 6becbb3)
* clockdiff
- setcap-setuid.sh: Add cap_sys_nice for clockdiff (commit: 9139397, issue:
#326, #422)
- document CAP_SYS_NICE requirement (PR: #416)
* ping
- feature: add option -C to call connect() before sending/receiving - useful
when using Path MTU Discovery (commit: 07eca4a, PR: #391)
- feature: add option -e to set Identifier field for ICMP ECHO_REQUEST (commit:
43e38f2, PR: #426)
- feature: print various debug info on -v (issue: #411)
- feature: print config options on -V (PR: #432)
- fix: -m (SO_MARK) in 32-bit archs (commit: fecf335, PR: #394, more fixes will
come next release)
- fix: potential memory leakage on -p option (commit: 626ea66, PR: #409)
- fix: socket error reporting (commit: bbe451f, issue: #406)
- fix: make ping_rts struct static - fix occasional segfault (commit: 7861af9,
issue: #423)
- fix: add SA_RESTART to sa_flags - avoid missing output in write on aarch64
(commit: 09f1b37, issue: #424)
- security: drop capabilities for IPv4 (commit: 5990843, PR: #400)
- print warning on missing '%'-notation (commit: c4b8b44, issue: #398, PR: #405)
- man: add "IPV6 LINK-LOCAL DESTINATIONS" section (PR: #405)
- man: use "ICMP datagram socket" (PR: #405)
* CI
- Debian: unstable -> testing (stability)
- Ubuntu: xenial -> bionic, groovy -> jammy (EOL)
- remove CentOS 8 (EOL, commit: 931504a)
* localization
- new translations: Georgian (by Temuri Doghonadze)
- many updates
- 100% translated: Czech, Finnish, Georgian, Korean, Turkish, Ukrainian
* tests
- don't fail when ip binary missing (issue: #383, PR: #390)
20211215
* removed tools (issue: #363)
- tftpd: removing commit: 341975a, PR: #369
replacement:
- tftp-hpa (https://git.kernel.org/pub/scm/network/tftp/tftp-hpa.git)
- dnsmasq (https://thekelleys.org.uk/dnsmasq/doc.html)
- traceroute6: removing commit: a139421, PR: #362
replacement:
- mtr (https://www.bitwizard.nl/mtr/)
- traceroute (http://traceroute.sourceforge.net/)
- tracepath (https://github.com/iputils/iputils/blob/master/tracepath.c)
WARNING: More tools (ninfod, rarpd, rdisc) are going to be removed in next
release, see issue: #363
* Meson build system
- require version 0.40 (due multiple install_dir for custom_target; commit: 65941ab)
* arping
- fix: ARP protocol field for AX.25 and NETROM (PR: #360)
* clockdiff
- fix man: remove duplicated word (PR: #384)
* ninfod
- fix: build with -DNINFOD_MESSAGES=false (commit: a0b3917)
- systemd unit: add ProtectHostname, ProtectKernelLogs (PR: #375)
* ping
- fix: remove 'unsupported IPv6' warning on disabled IPv6 (issue: #293, PR: #370)
- fix: ping6 binding to VRF and address (PR: #344)
- fix: print reply from Subnet-Router anycast address (issue: #371)
- fix: print reply with wrong source with warning (issue: #371)
- fix: set mark (SO_MARK) on probe socket (PR: #340)
- fix: man: update lowered minimum ping interval (issue: #367)
- fix: mark is unsigned int, not signed (PR: #345)
* rarpd
- systemd unit: add ProtectHostname, ProtectKernelLogs (PR: #375)
* rdisc
- systemd unit: add ProtectHostname, ProtectKernelLogs (PR: #375)
* localization
- fix: add missing cs, id, ko languages (commit: be8f704)
- new translations: Finnish, Korean
- updated translations: German, Japanese, Turkish, Ukrainian
* CI
- add build with some non-default options (commit: c4a5373)
- remove Tumbleweed (not only ocassional bugs: 086de3c, b19df68, but the way
how repos are published often breaks using it)
- add latest CentOS (currently CentOS 8, commit: 5f3711e)
* tests
- add -V test for all binaries (commit: 802fade)
- make tests optional with -DSKIP_TESTS=true (PR: #359)
20210722
* Meson build system
- enable NO_SETCAP_OR_SUID by default
* clockdiff
- fix missing new line
* ping
- lower minimal interval for flooding to 2 (issue: #317)
- revert f7710a1 ("Add strict pattern matching on response when pattern was
provided") to fix broken report of truncated packets (issue: #320, PR: #331)
* rdisc
- systemd unit: remove PrivateUsers=yes from systemd service file (issue: #314)
- systemd unit: support /etc/default/rdisc environment file (for Debian, PR: #356)
- systemd unit: Add DynamicUser=yes (PR: #358)
- systemd unit: add CAP_NET_ADMIN capability (PR: #351)
- Add support for capability/setuid (PR: #347, #348) NOTE: This is strongly
discouraged as normal uses could possibly modify routing tables, recommended
way is to run it as systemd service which does not require it to be enabled.
It's added just for non-systemd users, which should run allow it to run just
for dedicated user.
- set correct caps in setcap-setuid.sh
* traceroute6
- mention -V in usage() (PR: #323)
* localization
- new translations: Czech (100%), Indonesian (94%)
- updated translations: Portuguese (Brazil, 95%), Indonesian (94%), French:
(58%), Chinese (Simplified, 53%)
- fully translated languages in this release: Czech, Turkish, Ukrainian
* CI
- migrate from Travis CI to GitHub Actions (PR: #336)
- add very basic ping testing (issue: #338, PR: #243)
- skip tests on Ubuntu Xenial (commit: 9833cae)
- various build.sh improvements
* tests
- skip tests on disabled IPv6 (commit: f10bfd8)
- fix: flood ping test should pass on root (commit: 3dff080)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Adolf Belka
|
5a6795f155 |
json-c: Update to version 0.16
- Update from version 0.13.1 to 0.16
- Update of rootfile
- json-c moved from building with autotools to building with cmake
This required cmake, curl and libarchive to be moved earlier in make.sh than json-c
- sobump occurs with this change. Identified 28 addons that are linked to json-c
using find-dependencies and added them as additional patches to this patch as a series
for shipping with the core update.
- Changelog
0.16 (up to commit 66dcdf5, 2022-04-13)
Deprecated and removed features:
* JSON_C_OBJECT_KEY_IS_CONSTANT is deprecated in favor of
JSON_C_OBJECT_ADD_CONSTANT_KEY
* Direct access to lh_table and lh_entry structure members is deprecated.
Use access functions instead, lh_table_head(), lh_entry_next(), etc...
* Drop REFCOUNT_DEBUG code.
New features
* The 0.16 release introduces no new features
Build changes
* Add a DISABLE_EXTRA_LIBS option to skip using libbsd
* Add a DISABLE_JSON_POINTER option to skip compiling in json_pointer support.
Significant changes and bug fixes
* Cap string length at INT_MAX to avoid various issues with very long strings.
* json_object_deep_copy: fix deep copy of strings containing '\0'
* Fix read past end of buffer in the "json_parse" command
* Avoid out of memory accesses in the locally provided vasprintf() function
(for those platforms that use it)
* Handle allocation failure in json_tokener_new_ex
* Fix use-after-free in json_tokener_new_ex() in the event of printbuf_new() returning NULL
* printbuf_memset(): set gaps to zero - areas within the print buffer which
have not been initialized by using printbuf_memset
* printbuf: return -1 on invalid arguments (len < 0 or total buffer > INT_MAX)
* sprintbuf(): propagate printbuf_memappend errors back to the caller
Optimizations
* Speed up parsing by replacing ctype functions with simplified, faster
non-locale-sensitive ones in json_tokener and json_object_to_json_string.
* Neither vertical tab nor formfeed are considered whitespace per the JSON spec
* json_object: speed up creation of objects, calloc() -> malloc() + set fields
* Avoid needless extra strlen() call in json_c_shallow_copy_default() and
json_object_equal() when the object is known to be a json_type_string.
Other changes
* Validate size arguments in arraylist functions.
* Use getrandom() if available; with GRND_NONBLOCK to allow use of json-c
very early during boot, such as part of cryptsetup.
* Use arc4random() if it's available.
* random_seed: on error, continue to next method instead of exiting the process
* Close file when unable to read from /dev/urandom in get_dev_random_seed()
0.15 (up to commit 870965e, 2020/07/26)
Deprecated and removed features:
* Deprecate `array_list_new()` in favor of `array_list_new2()`
* Remove the THIS_FUNCTION_IS_DEPRECATED define.
* Remove config.h.win32
New features
* Add a `JSON_TOKENER_ALLOW_TRAILING_CHARS` flag to allow multiple objects
to be parsed even when `JSON_TOKENER_STRICT` is set.
* Add `json_object_new_array_ext(int)` and `array_list_new_2(int)` to allow
arrays to be allocated with the exact size needed, when known.
* Add `json_object_array_shrink()` (and `array_list_shrink()`) and use it in
json_tokener to minimize the amount of memory used.
* Add a json_parse binary, for use in testing changes (not installed, but
available in the apps directory).
Build changes
* #639/#621 - Add symbol versions to all exported symbols
* #508/#634 - Always enable -fPIC to allow use of the json-c static library in
other libraries
* Build both static and shared libraries at the same time.
* #626 - Restore compatibility with cmake 2.8
* #471 - Always create directories with mode 0755, regardless of umask.
* #606/#604 - Improve support for OSes like AIX and IBM i, as well as for
MINGW32 and old versions of MSVC
* #451/#617 - Add a DISABLE_THREAD_LOCAL_STORAGE cmake option to disable
the use of thread-local storage.
Significant changes and bug fixes
* Split the internal json_object structure into several sub-types, one for
each json_type (json_object_object, json_object_string, etc...).
This improves memory usage and speed, with the benchmark under
bench/ report 5.8% faster test time and 6%(max RSS)-12%(peak heap)
less memory usage.
Memory used just for json_object structures decreased 27%, so use cases
with fewer arrays and/or strings would benefit more.
* Minimize memory usage in array handling in json_tokener by shrinking
arrays to the exact number of elements parsed. On bench/ benchmark:
9% faster test time, 39%(max RSS)-50%(peak heap) less memory usage.
Add json_object_array_shrink() and array_list_shrink() functions.
* #616 - Parsing of surrogate pairs in unicode escapes now properly handles
incremental parsing.
* Fix incremental parsing of numbers, especially those with exponents, e.g.
so parsing "[0", "e+", "-]" now properly returns an error.
Strict mode now rejects missing exponents ("0e").
* Successfully return number objects at the top level even when they are
followed by a "-", "." or "e". This makes parsing things like "123-45"
behave consistently with things like "123xyz".
Other changes
* #589 - Detect broken RDRAND during initialization; also, fix segfault
in the CPUID check.
* #592 - Fix integer overflows to prevert out of bounds write on large input.
* Protect against division by zero in linkhash, when created with zero size.
* #602 - Fix json_parse_uint64() internal error checking, leaving the retval
untouched in more failure cases.
* #614 - Prevent truncation when custom double formatters insert extra \0's
0.14 (up to commit 9ed00a6, 2020/04/14)
Deprecated and removed features:
* bits.h has been removed
* lh_abort() has been removed
* lh_table_lookup() has been removed, use lh_table_lookup_ex() instead.
* Remove TRUE and FALSE defines, use 1 and 0 instead.
Build changes:
Deprecated and removed features:
* bits.h has been removed
* lh_abort() has been removed
* lh_table_lookup() has been removed, use lh_table_lookup_ex() instead.
* Remove TRUE and FALSE defines, use 1 and 0 instead.
* autoconf support, including autogen.sh, has been removed. See details about cmake, below.
* With the addition of json_tokener_get_parse_end(), access to internal fields of json_tokener, as well as use of many other symbols and types in json_tokener.h, is deprecated now.
* The use of Android.configure.mk to build for Android no longer works, and it is unknown how (or if) the new cmake-based build machinery can be used.
* Reports of success, or pull requests to correct issues are welcome.
Notable improvements and new features
Builds and documentation
* Build machinery has been switched to CMake. See README.md for details about how to build.
* TL;DR: `mkdir build ; cd build ; cmake -DCMAKE_INSTALL_PREFIX=/some/path ../json-c ; make all test install`
* To ease the transition, there is a `cmake-configure` wrapper that emulates the old autoconf-based configure script.
* This has enabled improvements to the build on Windows system; also all public functions have been fixed to be properly exported. For best results, use Visual Studio 2015 or newer.
* The json-c style guide has been updated to specify the use of clang-format, and all code has been reformatted.
* Since many lines of code have trivial changes now, when using git blame, be sure to specify -w
* Numerous improvements have been made to the documentation including function effects on refcounts, when passing a NULL is safe, and so on.
json_tokener changes
* Added a json_tokener_get_parse_end() function to replace direct access of tok->char_offset.
* The char_offset field, and the rest of the json_tokener structure remain exposed for now, but expect a future release to hide it like is done with json_object_private.h
* json_tokener_parse_ex() now accepts a new JSON_TOKENER_VALIDATE_UTF8 flag to validate that input is UTF8.
* If validation fails, json_tokener_get_error(tok) will return json_tokener_error_parse_utf8_string (see enum json_tokener_error).
Other changes and additions
* Add support for unsigned 64-bit integers, uint64_t, to gain one extra bit of magnitude for positive ints.
* json_tokener will now parse values up to UINT64_MAX (18446744073709551615)
* Existing methods returning int32_t or int64_t will cap out-of-range values at INT32_MAX or INT64_MAX, preserving existing behavior.
* The implementation includes the possibility of easily extending this to larger sizes in the future.
* A total of 7 new functions were added:
* json_object_get_uint64 ( struct json_object const* jso )
* json_object_new_uint64 ( uint64_t i )
* json_object_set_uint64 ( struct json_object* jso, uint64_t new_value )
* json_parse_uint64 ( char const* buf, uint64_t* retval )
* See description of uint64 support, above.
* json_tokener_get_parse_end ( struct json_tokener* tok )
* See details under "json_tokener changes", above.
* json_object_from_fd_ex ( int fd, int in_depth )
* Allows the max nesting depth to be specified.
* json_object_new_null ( )
* Simply returns NULL. Its use is not recommended.
* The size of struct json_object has decreased from 96 bytes to 88 bytes.
Testing
* Many updates were made to test cases, increasing code coverage.
* There is now a quick way (JSONC_TEST_TRACE=1) to turn on shell tracing in tests.
* To run tests, use `make test`; the old "check" target no longer exists.
Significant bug fixes
For the full list of issues and pull requests since the previous release, please see issues_closed_for_0.14.md
* [Issue #389](https://github.com/json-c/json-c/issues/389): Add an assert to explicitly crash when _ref_count is corrupted, instead of a later "double free" error.
* [Issue #407](https://github.com/json-c/json-c/issues/407): fix incorrect casts in calls to ctype functions (isdigit and isspace) so we don't crash when asserts are enabled on certain platforms and characters > 128 are parsed.
* [Issue #418](https://github.com/json-c/json-c/issues/418): Fix docs for json_util_from_fd and json_util_from_file to say that they return NULL on failures.
* [Issue #422](https://github.com/json-c/json-c/issues/422): json_object.c:set errno in json_object_get_double() when called on a json_type_string object with bad content.
* [Issue #453](https://github.com/json-c/json-c/issues/453): Fixed misalignment in JSON serialization when JSON_C_TO_STRING_SPACED and JSON_C_TO_STRING_PRETTY are used together.
* [Issue #463](https://github.com/json-c/json-c/issues/463): fix newlocale() call to use LC_NUMERIC_MASK instead of LC_NUMERIC, and remove incorrect comment.
* [Issue #486](https://github.com/json-c/json-c/issues/486): append a missing ".0" to negative double values to ensure they are serialized as floating point numbers.
* [Issue #488](https://github.com/json-c/json-c/issues/488): use JSON_EXPORT on functions so they are properly exported on Windows.
* [Issue #539](https://github.com/json-c/json-c/issues/539): use an internal-only serializer function in json_object_new_double_s() to avoid potential conflicts with user code that uses the json_object_userdata_to_json_string serializer.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Peter Müller
|
5f2d660967 |
linux: Align ARM rootfiles and configurations
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Matthias Fischer
|
5e768852f3 |
libpcap: Update to 1.10.2
For details see: https://git.tcpdump.org/libpcap/blob/HEAD:/CHANGES#l42 Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Matthias Fischer
|
61a1248605 |
ncurses: Update to 6.4
For details see: https://invisible-island.net/ncurses/announce.html#h2-release-notes Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Adolf Belka
|
cada5b5387 |
perl-HTML-Parser: Update to version 3.78
- Update from 3.45 (2005) to 3.78 (2022)
- Update to rootfile
- Changelog
3.78 2022-03-28
* Remove unused variable (GH#26) (Michal Josef Špaček)
3.77 2022-03-14
* Update tests to remove HTML4 specific tags (GH#25) (Jess)
3.76 2021-03-04
* Add a fix for a stack confusion error on `eof`. (GH#21) (Matthew Horsfall
and Chase Whitener)
3.75 2020-08-30
* Clean up the prereqs a bit
* Mark HTML::Filter as deprecated as the docs point out
* Move Parser.pm into the lib directory with the others. This will help
with everything from auto version bumps after releases, to scanning for
prerequisites and spelling errors.
* Fix a few spelling errors in the POD for HTML::Parser
* Clean up the spacing on many examples in HTML::Parser
3.74 2020-08-30
* Fix the order of date and version in this change log. (Thanks, haarg)
* Convert to Dist::Zilla
* Build all prereqs from our cpanfile
* Go through all test files and:
* perltidy
* Use strict/warnings
* Get rid of two-arg open
* Get rid of BAREWORD filehandles
* Fix the eval pattern used
* Only use -w where we catch $SIG{__WARN__}
* Fix encoding problems
* use utf8 where we have unicode in the source
* Fix a typo here and there
* perltidy all of the example apps in eg/
* Add comments explaining the apps in eg/ (GH#13 Thanks, Salvatore Bonaccorso)
* Print out UTF-8 encoded data where sensible in eg/
3.73 2020-08-24
* Cleaned up this changes log.
* Added a .mailmap file to organize contributions accurately.
* Ensure all versions are equal and on the current version
* Add the .mailmap to the MANIFEST
* Change the META information to point to the new GH repository
* Add a .perltidyrc to use going forward
* Add hctype.h and pfunc.h to the dist as static files and stop asking
for them to be built on the user's end.
* Remove t/pod.t from userland testing
* Remove t/pod-coverage.t from userland testing
* Clean up the MANIFEST
* Start testing via GitHub Actions/Workflows
* Protect active parser from being freed (PR 13, RT #115034)
3.72 2016-01-19
* Avoid more clang casting warnings
* Remove trailing whitespace
* Ensure entities expand to utf8 sequences under 'utf8_mode' [RT#99755]
* typo fixes (David Steinbrunner)
* Silence clang warning (Jacques Germishuys)
* const+static-ing (bulk88)
3.71 2013-05-09
* Transform ':' in headers to '-' [RT#80524]
3.70 2013-03-28
* Fix for cross-compiling with Buildroot (François Perrad)
* Comment typo fix
* Fix Issue #3 / RT #84144: HTML::Entities::decode_entities() needs
to call SV_CHECK_THINKFIRST() before checking READONLY flag (Yves Orton)
3.69 2011-10-15
* Documentation fix; encode_utf8 mixup [RT#71151]
* Make it clearer that there are 2 (actually 3) options for handing "UTF-8 garbage"
* Github is the official repo
* Can't be bothered to try to fix the failures that occur on perl-5.6
* fix to TokeParser to correctly handle option configuration (Barbie)
* Aesthetic change: remove extra ; (Jon Jensen)
* Trim surrounding whitespace from extracted URLs. (Ville Skyttä)
3.68 2010-09-01
* Declare the encoding of the POD to be utf8
3.67 2010-08-17
* bleadperl 2154eca7 breaks HTML::Parser 3.66 [RT#60368] (Nicholas Clark)
3.66 2010-07-09
* Fix entity decoding in utf8_mode for the title header
3.65 2010-04-04
* Eliminate buggy entities_decode_old
* Fixed endianness typo [RT#50811] (Salvatore Bonaccorso)
* Documentation Fixes. (Ville Skyttä)
3.64 2009-10-25
* Convert files to UTF-8
* Don't allow decode_entities() to generate illegal Unicode chars
* Copyright 2009
* Remove rendundant (repeated) test
* Make parse_file() method use 3-arg open [RT#49434]
3.63 2009-10-22
* Take more care to prepare the char range for encode_entities [RT#50170]
* decode_entities confused by trailing incomplete entity
3.62 2009-08-13
* Doc patch: Make it clearer what the return value from ->parse is
* HTTP::Header doc typo fix. (Ville Skyttä)
* Do not bother tracking style or script, they're ignored. (Ville Skyttä)
* Bring HTML 5 head elements up to date with WD-html5-20090423. (Ville Skyttä)
* Improve HeadParser performance. (Ville Skyttä)
3.61 2009-06-20
* Test that triggers the crash that Chip fixed
* Complete documented list of literal tags
* Avoid crash (referenced pend_text instead of skipped_text) (Chip Salzenberg)
* Reference HTML::LinkExttor [RT#43164] (Antonio Radici)
3.60 2009-02-09
* Spelling fixes. (Ville Skyttä)
* Test multi-value headers. (Ville Skyttä)
* Documentation improvements. (Ville Skyttä)
* Do not terminate head parsing on the <object> element (added in HTML 4.0). (Ville Skyttä)
* Add support for HTML 5 <meta charset> and new HEAD elements. (Ville Skyttä)
* Short description of the htextsub example (Damyan Ivanov)
* Suppress warning when encode_entities is called with undef [RT#27567] (Mike South)
* HTML::Parser doesn't compile with perl 5.8.0. (Zefram)
3.59 2008-11-24
* Restore perl-5.6 compatibility for HTML::HeadParser.
* Improved META.yml
3.58 2008-11-17
* Suppress "Parsing of undecoded UTF-8 will give garbage" warning
with attr_encoded [RT#29089]
* HTML::HeadParser:
- Recognize the Unicode BOM in utf8_mode as well [RT#27522]
- Avoid ending up with '/' keys attribute in Link headers.
3.57 2008-11-16
* The <iframe> element content is now parsed in literal mode.
* Parsing of <script> and <style> content ends on the first end tag
even when that tag was in a quoted string. That seems to be the
behaviour of all modern browsers.
* Implement backquote() attribute as requested by Alex Kapranoff.
* Test and documentation tweaks from Alex Kapranoff.
3.56 2007-01-12
* Cloning of parser state for compatibility with threads.
Fixed by Bo Lindbergh <blgl@hagernas.com>.
* Don't require whitespace between declaration tokens.
<http://rt.cpan.org/Ticket/Display.html?id=20864>
3.55 2006-07-10
* Treat <> at the end of document as text. Used to be
reported as a comment.
* Improved Firefox compatibility for bad HTML:
- Unclosed <script>, <style> are now treated as empty tags.
- Unclosed <textarea>, <xmp> and <plaintext> treat rest as text.
- Unclosed <title> closes at next tag.
* Make <!a'b> a comment by itself.
3.54 2006-04-28
* Yaakov Belch discovered yet another issue with <script> parsing.
Enabling of 'empty_element_tags' got the parser confused
if it found such a tag for elements that are normally parsed
in literal mode. Of these <script src="..."/> is the only
one likely to be found in documents.
<http://rt.cpan.org//Ticket/Display.html?id=18965>
3.53 2006-04-27
* When ignore_element was enabled it got confused if the
corresponding tags did not nest properly; the end tag
was treated it as if it was a start tag.
Found and fixed by Yaakov Belch <code@yaakovnet.net>.
<http://rt.cpan.org/Ticket/Display.html?id=18936>
3.52 2006-04-26
* Make sure the 'start_document' fires exactly once for
each document parsed. For earlier releases it did not
fire at all for empty documents and could fire multiple
times if parse was called with empty chunks.
* Documentation tweaks and typo fixes.
3.51 2006-03-22
* Named entities outside the Latin-1 range are now only expanded
when properly terminated with ";". This makes HTML::Parser
compatible with Firefox/Konqueror/MSIE when it comes to how these
entities are expanded in attribute values. Firefox does expand
unterminated non-Latin-1 entities in plain text, so here
HTML::Parser only stays compatible with Konqueror/MSIE.
Fixes <http://rt.cpan.org/Ticket/Display.html?id=17962>.
* Fixed some documentation typos spotted by <william@knowmad.com>.
<http://rt.cpan.org/Ticket/Display.html?id=18062>
3.50 2006-02-14
* The 3.49 release didn't compile with VC++ because it mixed code
and declarations. Fixed by Steve Hay <steve.hay@uk.radan.com>.
3.49 2006-02-08
* Events could sometimes still fire after a handler has signaled eof.
* Marked_sections with text ending in square bracket parsed wrong.
Fix provided by <paul.bijnens@xplanation.com>.
<http://rt.cpan.org/Ticket/Display.html?id=16749>
3.48 2005-12-02
* Enabling empty_element_tags by default for HTML::TokeParser
was a mistake. Reverted that change.
<http://rt.cpan.org/Ticket/Display.html?id=16164>
* When processing a document with "marked_sections => 1", the
skipped text missed the first 3 bytes "<![".
<http://rt.cpan.org/Ticket/Display.html?id=16207>
3.47 2005-11-22
* Added empty_element_tags and xml_pic configuration
options. These make it possible to enable these XML
features without enabling the full XML-mode.
* The empty_element_tags is enabled by default for
HTML::TokeParser.
3.46 2005-10-24
* Don't try to treat an literal as space.
This breaks Unicode parsing.
<http://rt.cpan.org/Ticket/Display.html?id=15068>
* The unbroken_text option is now on by default
for HTML::TokeParser.
* HTML::Entities::encode will now encode "'" by default.
* Improved report/ignore_tags documentation by
Norbert Kiesel <nkiesel@tbdnetworks.com>.
* Test suite now use Test::More, by
Norbert Kiesel <nkiesel@tbdnetworks.com>.
* Fix HTML::Entities typo spotted by
Stefan Funke <bundy@adm.arcor.net>.
* Faster load time with XSLoader (perl-5.6 or better now required).
* Fixed POD markup errors in some of the modules.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
|
||
|
Peter Müller
|
f46f939827 |
linux: Update configuration files and x86_64 rootfile
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Peter Müller
|
63b3a6edb3 |
linux: Update to 5.15.85
Signed-off-by: Peter Müller <peter.mueller@ipfire.org> |
||
|
Adolf Belka
|
f5a57a8d6a |
curl: Update to version 7.87.0
- Update from version 7.86.0 to 7.87.0
- Update of rootfile
- version 7.87.0 changed hoiw it deals with deprecated typecheck expressions. This caused
zabbix_agentd build to fail. Curl developers created a commit to fix this in next
version release. Added as patch here. Should be able to be removed with next curl
update.
- Changelog
curl and libcurl 7.87.0
This release includes the following changes:
o curl: add --url-query [52]
o CURLOPT_QUICK_EXIT: don't wait for DNS thread on exit [75]
o lib: add CURL_WRITEFUNC_ERROR to signal write callback error [47]
o openssl: reduce CA certificate bundle reparsing by caching [11]
o version: add a feature names array to curl_version_info_data [67]
This release includes the following bugfixes:
o altsvc: fix rejection of negative port numbers [144]
o aws_sigv4: consult x-%s-content-sha256 for payload hash [102]
o aws_sigv4: fix typos in aws_sigv4.c [101]
o base64: better alloc size [124]
o base64: encode without using snprintf [123]
o base64: faster base64 decoding [120]
o build: assume assert.h is always available [111]
o build: assume errno.h is always available [110]
o c-hyper: CONNECT respones are not server responses [137]
o c-hyper: fix multi-request mechanism [115]
o CI: Change FreeBSD image from 12.3 to 12.4 [108]
o CI: LGTM.com will be shut down in December 2022 [112]
o ci: Remove zuul fuzzing job as it's superseded by CIFuzz
o cmake: check for cross-compile, not for toolchain [54]
o CMake: fix build with `CURL_USE_GSSAPI` [78]
o cmake: really enable warnings with clang [25]
o cmake: set the soname on the shared library [140]
o cmdline-opts/gen.pl: fix the linkifier [64]
o cmdline-opts/page-footer: remove long option nroff formatting
o config-mac: define HAVE_SYS_IOCTL_H [107]
o config-mac: fix typo: size_T -> size_t [125]
o config-mac: remove HAVE_SYS_SELECT_H [116]
o config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW [41]
o configure: require fork for NTLM-WB [36]
o contributors.sh: actually use $CURLWWW instead of just setting it [129]
o cookie: compare cookie prefixes case insensitively [14]
o cookie: expire cookies at once when max-age is negative [45]
o cookie: open cookie jar as a binary file [89]
o curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS [90]
o curl-rustls.m4: on macOS, rustls also needs the Security framework [44]
o curl.h: include <sys/select.h> on SerenityOS [104]
o curl.h: name all public function parameters [118]
o curl.h: reword comment to not use deprecated option [132]
o curl: override the numeric locale and set "C" by force [60]
o curl: timeout in the read callback [15]
o curl_endian: remove Curl_write64_le from header [81]
o curl_get_line: allow last line without newline char [88]
o curl_path: do not add '/' if homedir ends with one [4]
o curl_url_get.3: remove spurious backtick [127]
o curl_url_set.3: document CURLU_DISALLOW_USER [139]
o curl_url_set.3: fix typo [148]
o CURLMOPT_SOCKETFUNCTION.3: clarify CURL_POLL_REMOVE [1]
o CURLOPT_COOKIEFILE.3: advice => advise [131]
o CURLOPT_DEBUGFUNCTION.3: do not assume nul-termination in example [31]
o CURLOPT_DEBUGFUNCTION.3: emphasize that incoming data is "raw" [130]
o CURLOPT_POST.3: Explain setting to 0 changes request type [61]
o docs/curl_ws_send: Fixed typo in websocket docs [114]
o docs/EARLY-RELEASE.md: how to determine an early release [37]
o docs/examples: spell correction ('Retrieve') [119]
o docs/INSTALL.md: expand on static builds [62]
o docs/WEBSOCKET.md: explain the URL use [71]
o docs: add missing parameters for --retry flag [2]
o docs: add more "SEE ALSO" links to CA related pages [82]
o docs: explain the noproxy CIDR notation support [17]
o docs: extend the dump-header documentation [150]
o docs: remove performance note in CURLOPT_SSL_VERIFYPEER [13]
o examples/10-at-a-time: fix possible skipped final transfers [85]
o examples: update descriptions [83]
o ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH [96]
o gen.pl: do not generate CURLHELP bitmask lines > 79 characters [10]
o GHA: clarify workflows permissions, set least possible privilege [79]
o GHA: NSS use clang instead of clang-9 [103]
o gnutls: use common gnutls init and verify code for ngtcp2 [98]
o headers: add endif comments [51]
o HTTP-COOKIES.md: mention that http://localhost is a secure context [76]
o HTTP-COOKIES.md: update the 6265bis link to draft-11 [70]
o http: do not send PROXY more than once [46]
o http: fix the ::1 comparison for IPv6 localhost for cookies [155]
o http: set 'this_is_a_follow' in the Location: logic [40]
o http: use the IDN decoded name in HSTS checks [154]
o hyper: classify headers as CONNECT and 1XX [56]
o hyper: fix handling of hyper_task's when reusing the same address [33]
o idn: remove Curl_win32_ascii_to_idn [153]
o INSTALL: update operating systems and CPU archs [91]
o KNOWN_BUGS: remove eight entries [50]
o lib1560: add some basic IDN host name tests [151]
o lib: connection filters (cfilter) addition to curl: [43]
o lib: feature deprecation warnings in gcc >= 4.3 [58]
o lib: fix some type mismatches and remove unneeded typecasts [12]
o lib: parse numbers with fixed known base 10 [77]
o lib: remove bad set.opt_no_body assignments [42]
o lib: rewind BEFORE request instead of AFTER previous [65]
o lib: sync guard for Curl_getaddrinfo_ex() definition and use [6]
o lib: use size_t or int etc instead of longs [145]
o libcurl-errors.3: remove duplicate word [3]
o libssh2: return error when ssh_hostkeyfunc returns error [121]
o limit-rate.d: see also --rate
o log2changes.pl: wrap long lines at 80 columns [59]
o Makefile.mk: address minor issues [87]
o Makefile.mk: improve a GNU Make hack [122]
o Makefile.mk: portable Makefile.m32 [86]
o maketgz: set the right version in lib/libcurl.plist [53]
o mime: relax easy/mime structures binding [94]
o misc: Fix incorrect spelling [113]
o misc: remove duplicated include files [28]
o misc: typo and grammar fixes [23]
o negtelnetserver.py: have it call its close() method [68]
o netrc.d: provide mutext info [63]
o netware: remove leftover traces [80]
o noproxy: also match with adjacent comma [19]
o noproxy: guard against empty hostnames in noproxy check [136]
o noproxy: tailmatch like in 7.85.0 and earlier [35]
o nroff-scan.pl: detect double highlights
o ntlm: improve comment for encrypt_des [55]
o ntlm: silence ubsan warning about copying from null target_info pointer [69]
o openssl/mbedtls: use %d for outputing port with failf (int) [72]
o openssl: prefix errors with '[lib]/[version]: ' [105]
o os400: use platform socklen_t in Curl_getnameinfo_a [18]
o page-header: grammar improvement (display transfer rate) [126]
o proxy: refactor haproxy protocol handling as connection filter [57]
o README.md: remove badges and xmas-tree garnish [9]
o rtsp: fix RTSP auth [49]
o runtests: --no-debuginfod now disables DEBUGINFOD_URLS [100]
o runtests: do CRLF replacements per section only [97]
o scripts/checksrc.pl: detect duplicated include files [29]
o sendf: change Curl_read_plain to wrap Curl_recv_plain [48]
o sendf: remove unnecessary if condition [26]
o setup: do not require __MRC__ defined for Mac OS 9 builds [117]
o smb/telnet: do not free the protocol struct in *_done() [152]
o socks: fix username max size is 255 (0xFF) [146]
o spellcheck.words: remove 'github' as an accepted word [22]
o ssl-reqd.d: clarify that this is for upgrading connections only [138]
o strcase: use curl_str(n)equal for case insensitive matches [8]
o styled-output.d: this option does not work on Windows [93]
o system.h: fix socklen_t, curl_off_t, long long for Classic Mac OS [133]
o system.h: support 64-bit curl_off_t for NonStop 32-bit [21]
o test1421: fix typo [109]
o test3026: reduce runtime in legacy mingw builds [73]
o tests/sshserver.pl: re-enable ssh-rsa while using openssh 8.8+
o tests: add authorityInfoAccess to generated certs [99]
o tests: add HTTP/3 test case, custom location for proper nghttpx [106]
o tls: backends use connection filters for IO, enabling HTTPS-proxy [92]
o tool: determine the correct fopen option for -D [95]
o tool_cfgable: free the ssl_ec_curves on exit [142]
o tool_cfgable: make socks5_gssapi_nec a boolean [128]
o tool_formparse: avoid clobbering on function params [135]
o tool_getparam: make --no-get work as the opposite of --get [39]
o tool_operate: provide better errmsg for -G with bad URL [16]
o tool_operate: when aborting, make sure there is a non-NULL error buffer [20]
o tool_paramhlp: free the proto strings on exit [141]
o url: move back the IDN conversion of proxy names [74]
o urlapi: reject more bad letters from the host name: &+() [143]
o urldata: change port num storage to int and unsigned short [66]
o vms: remove SIZEOF_SHORT [134]
o vtls: fix build without proxy support [38]
o vtls: localization of state data in filters [84]
o WEBSOCKET.md: fix broken link [30]
o Websocket: fixes for partial frames and buffer updates [7]
o websockets: fix handling of partial frames [32]
o windows: fail early with a missing windres in autotools [5]
o windows: fix linking .rc to shared curl with autotools [24]
o winidn: drop WANT_IDN_PROTOTYPES [27]
o ws: if no connection is around, return error [149]
o ws: return CURLE_NOT_BUILT_IN when websockets not built in [34]
o x509asn1: avoid freeing unallocated pointers [147]
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Adolf Belka
|
2e65bba2a0 |
harfbuzz: Update to version 6.0.0
- Update from version 4.4.1 to 6.0.0
- Update of rootfile
- Changelog
Overview of changes leading to 6.0.0
- A new API have been added to pre-process the face and speed up future
subsetting operations on that face. Provides up to a 95% reduction in
subsetting times when the same face is subset more than once.
For more details and benchmarks, see:
https://github.com/harfbuzz/harfbuzz/blob/main/docs/subset-preprocessing.md
- Shaping have been speedup by skipping entire lookups when the buffer contents
don't intersect with the lookup. Shows up to a 10% speedup in shaping some
fonts. (Behdad Esfahbod)
- A new experimental feature, “Variable Composites” (enabled by passing
-Dexperimental_api=true to meson), is also featured in this release.
This technology enables drastic compression of fonts in the Chinese,
Japanese, Korean, and other writing systems, by reusing the OpenType Font
Variations technology for encoding “smart components” into the font.
The specification for these extensions to the font format can be found in:
https://github.com/harfbuzz/boring-expansion-spec/blob/glyf1/glyf1.md
A test variable-font with ~7160 Hangul syllables derived from the
NotoSerifKR-VF font has been built, with existing OpenType technology, as
well as with the new Variable Composites (VarComposites) technology. The
VarComposites font is over 90% smaller than the OpenType version of the font!
Both fonts can be obtained from the “smarties” repository:
https://github.com/behdad/smarties/tree/3.0/fonts/hangul/serif
When building HarfBuzz with experimental features enabled, you can test
the “smarties” font with a sample character like this:
$ hb-view butchered-hangul-serif-smarties-variable.ttf -u AE01 --variations=wght=700
- The HarfBuzz subsetter can now drop axes by pinning them to specific values
(also referred to as instancing). There are a couple of restrictions
currently:
- Only works with TrueType (“glyf”) based fonts. “CFF2” fonts are not yet
supported.
- Only supports the case where all axes in a font are pinned.
- Miscellaneous fixes and improvements.
- New API
+hb_subset_input_pin_axis_location()
+hb_subset_input_pin_axis_to_default()
+hb_subset_preprocess()
Overview of changes leading to 5.3.1
- Subsetter repacker fixes. (Garret Rieger)
- Adjust Grapheme clusters for Katakana voiced sound marks. (Behdad Esfahbod)
- New “hb-subset” option “--preprocess-face”. (Garret Rieger)
Overview of changes leading to 5.3.0
- Don’t add glyphs from dropped MATH or COLR tables to the subset glyphs.
(Khaled Hosny)
- Map “rlig” to appropriate AAT feature selectors. (Jonathan Kew)
- Update USE data files to latest version. (David Corbett)
- Check “CBDT” extents first before outline tables, to help with fonts that
also include an empty “glyf” table. (Khaled Hosny)
- More work towards variable font instancing in the subsetter. (Qunxin Liu)
- Subsetter repacker improvements. (Garret Rieger)
- New API:
+hb_ot_layout_lookup_get_optical_bound()
+hb_face_builder_sort_tables()
Overview of changes leading to 5.2.0
- Fix regressions in hb-ft font functions for FT_Face’s with transformation
matrix. (Behdad Esfahbod)
- The experimental hb-repacker API now supports splitting several GPOS subtable
types when needed. (Garret Rieger)
- The HarfBuzz extensions to OpenType font format are now opt-in behind
build-time flags. (Behdad Esfahbod)
- The experimental hb-subset variable fonts instantiation API can now
instantiate more font tables and arbitrary axis locations. (Qunxin Liu)
- Unicode 15 support. (David Corbett)
- Various documentation improvements. (Behdad Esfahbod, Matthias Clasen)
- The hb-view command line tool now detects WezTerm inline images support.
(Wez Furlong)
- Fix FreeType and ICU dependency lookup with meson. (Xavier Claessens)
- New API:
+HB_SCRIPT_KAWI
+HB_SCRIPT_NAG_MUNDARI
Overview of changes leading to 5.1.0
- More extensive buffer tracing messages. (Behdad Esfahbod)
- Fix hb-ft regression in bitmap fonts rendering. (Behdad Esfahbod)
- Support extension promotion of lookups in hb-subset-repacker. (Garret Rieger)
- A new HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL for scripts that use elongation
(e.g. Arabic) to signify where it is safe to insert tatweel glyph without
interrupting shaping. (Behdad Esfahbod)
- Add “--safe-to-insert-tatweel” to “hb-shape” tool. (Behdad Esfahbod)
- New API
+HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL
+HB_BUFFER_FLAG_PRODUCE_SAFE_TO_INSERT_TATWEEL
Overview of changes leading to 5.0.1
- Fix version 2 “avar” table with hb-ft. (Behdad Esfahbod)
Overview of changes leading to 5.0.0
- Support fonts with more than 65535 glyphs in “GDEF”, “GSUB”, and “GPOS”
tables. This is part of https://github.com/be-fonts/boring-expansion-spec to
extend OpenType in a backward-compatible way.
(Behdad Esfahbod, Garret Rieger)
- Complete support for more than 65535 glyphs in “glyf” table that started in
4.0.0 release. Part of boring-expansion-spec. (Behdad Esfahbod)
- Support version 2 of “avar” table. Part of boring-expansion-spec.
(Behdad Esfahbod)
- Fix mark attachment on multiple substitutions in some cases.
(Behdad Esfahbod)
- Fix application of “calt”, “rclt”, and “ccmp” features to better match
Uniscribe behaviour with some Arabic fonts. (Behdad Esfahbod)
- Improvement to interaction between multiple cursive attachments.
(Behdad Esfahbod)
- Improve multiple mark interactions in Hebrew. (Behdad Esfahbod)
- Implement language-specific forms in AAT shaping. (Behdad Esfahbod)
- Fix variation of “VORG” table. (Behdad Esfahbod)
- Support for specific script tags to be retained in the subsetter, and add
“--layout-scripts” option to “hb-subset” tool. (Garret Rieger)
- Accept space as delimiter for --features/--variations in command line tools.
- Improve subsetting of “COLR” table. (Qunxin Liu)
- Improved fuzzing coverage for ot-math API. (Frédéric Wang)
- Fix “kern” table version 2 (AAT) sanitization on 32-bit systems.
(Behdad Esfahbod)
- Allow negative glyph advances from “graphite2” shaper. (Stephan Bergmann)
- Implement loading (color) bitmap fonts with hb-ft. (Behdad Esfahbod)
- Fix regression in hb-ft when changing font size. (Behdad Esfahbod)
- Fix build on GCC < 7. (Kleis Auke Wolthuizen)
- Dynamically load dwrite.dll on windows if “directwrite” shaper is enabled.
(Luca Bacci)
- Provide a single-file harfbuzz-subset.cc file for easier alternate building
of hb-subset library, similar to harfbuzz.cc. (Khaled Hosny)
- New API
+HB_SUBSET_SETS_LAYOUT_SCRIPT_TAG
+hb_language_matches()
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|
||
|
Adolf Belka
|
f05a2a1a6f |
libcap: Update to version 2.66
- Update from version 2.64 to 2.66
- Update of rootfile
- Changelog
Release notes for 2.66
Fix documentation typos in cap_from_text.3 (Bug: 216514 reported by Paulo
Andrade.)
Some getpcaps code clean up and a fix for PID argument parsing from Jakub Wilk.
Slightly more robust Makefiles to address an error with make -j48 test
observed by Tomasz Kłoczko.
Include a simple Go program, captrace, to trace kernel capability validation
checks
This program can be used to figure out what capabilities a program needs
to operate.
captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel
for capability checks and whether or not they succeed for the system, a
specific PID or a program's direct execution.
Trim down the default file capabilities for contrib/sucap/su to those
actually needed and set USER and HOME environment variables so bash doesn't
complain about a sourcing error.
Release notes for 2.65
Fix syntax error in DEBUG build of protected code in setcap.c. (Bug reported
by yixiangzhike.)
Prevent bash from reading the wrong startup files when the capsh --user=xxx
argument is used to invoke a shell as the user xxx. This is done by capsh
now changing the USER and HOME environment variables when --user is
specified. The argument --noenv can be used to suppress this behavior to
what used to be the problematic default. (Bug: 215926)
Improved documentation:
Man page info for cap_get_pid() and cap_reset_ambient(). (Bug reports
from nomonemo and Tinkerer One.)
Improve documentation and help for the captree program.
Updated go/Makefile comment about an unfixed Go runtime bug in go1.16 and
go1.17 (resolved in go1.18+), and the deadlock behavior of the psx-fd test.
Refresh the signatures on the two GPG keys morgan@ uses. The 4096 bit one is
preferred, but the older one is also used for continuity reasons. This set
of signatures should also be available from the various key servers out there.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
|