The mq_notify function has a potential use-after-free issue when using a
notification type of SIGEV_THREAD and a thread attribute with a non-default
affinity mask.
The fix for this introduced a NULL pointer dereference.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Patch created to convert all python modules to python3 compatibility that need it.
2to3 converter used for this.
- Start initscript changed to use python3
- No change required in rootfile
- Execution of patch added to lfs file
- Tested in vm machine. WUI page showed the same as with the python version.
scan of directory for mp3 (.flac) files was successful. Could not test actual audio
playing capability as my vm testbed does not have any audio setup at this time.
I believe that the purpose of client175 is to provide the WUI page and for that my
testing seemed to show everything working as expected.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 7.80 to 7.91
- Update of rootfile
- Changelog is too long to include here
Full details can be found in the CHANGELOG file in the source tarball
- Added patch to fix segfault - https://github.com/nmap/nmap/issues/2154
- Ran with unpatched 7.91 version
$ touch /tmp/foo
$ nc -U /tmp/foo
Segmentation fault - flagged problem in #12647
- Ran with patched 7.91 version
$ touch /tmp/foo
$ nc -U /tmp/foo
Ncat: Connection refused. - Expected behaviour
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Since systemd, many programs no longer behave like a well-behaved
daemon. To avoid any extra solutions, this patch adds a -b switch which
will start a program in the background and throw away any output.
The behaviour remains unchanged for any other programs.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 6.0.2 (2005) to 12.5.4 (2021)
- sysstat-6.0.2-sysconf.patch no longer required. Built into source as standard now.
- Update rootfile
rootfile made the same as previous version. New options are available, such as
pidstat and tapestat but they have been commented out in the rootfile. If required
in the future they can be uncommented.
- iso that was built with this sysstat was installed into vm testbed and confirmed
that all graphs working, especially those related to disk stats.
- Changelog is too large to show here. Full details for all previous versions can be
found in the CHANGES file in the source tarball.
- At least 25 bugs fixed between the two versions.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This is a major update to the latest available version of ddns.
Remove patches which are part of the upstream release.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 2.0.18 (2011) to 2.1.0 (2016 - latest version)
- Update of rootfile not required
- Changelog
2016-03-08 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.1.0
* Improve the main loop for better interactivity.
Instead of waiting silently for maximum expiration time of probes
in progress, use timeout of the first probe (which will be printed
first from now) only.
* Speedup wait mechanism.
Traditional traceroute implementation always waited the whole timeout
for any probe. But if we already have some replies from the same hop,
or even from some next hop, we can use the round trip time
of such a reply as a hint to determine the actual reasonable
amount of time to wait.
Now the `-w' option has a form of three (in general) float values
separated by a comma (or a slash): `-w MAX_SECS,HERE,NEAR' .
(last two are optional). MAX_SECS specifies the maximum time
(in seconds) to wait, in any case.
The optional HERE specifies a factor to multiply the round trip time
of an already received response from the same hop.
The resulting value is used as a timeout for the probe, instead of
(but no more than) MAX_SECS. The optional NEAR specifies a similar
factor for a response from some next hop.
The time of the first found result is used in both cases.
First, we look for the same hop (of the probe which will be printed
first from now). If nothing found, then look for some next hop.
If nothing found, use MAX_SECS. If HERE and/or NEAR have zero values,
the corresponding computation is skipped.
HERE and NEAR are always set to zero if only MAX_SECS is specified
(which provides compatibility with previous versions). Thus, if your
scripts use `-w SECS', then nothing changed for you, since
the lonely SECS implies `-w SECS,0,0' .
Defaults are 5.0 seconds for MAX_SECS, 3.0 times for HERE and
10.0 times for NEAR.
Certainly, the new algorithm can lead to premature expiry
(especially when response times differ at times) and printing "*"
instead of a time. Anyway, you can always switch this algorithm off,
just by specifying `-w' with the desired timeout only (fe. `-w 5').
We continue to wait whole MAX_SECS when one probe per time
must be sent (`--sport', `-P proto'), because it seems more harmful
rather than helpful to try to wait less in such cases.
To provide compatibility with 2.0.x versions, use:
traceroute -w 5
(or any other desired `-w' value).
* Hint people to use the system traceroute(8) instead of
tcptraceroute wrapper (by providing a stderr header).
The using of this wrapper is a little bit harmful, since it has
less possibilities and a little different set of options.
For those who are used to use tcptraceroute in cmdline,
just create a link with that name to the system traceroute.
When invoked as "tcp*", it then behaves as `traceroute -T'.
(The simple manual page added for this case in the wrapper subdir).
The original tcptraceroute had some options differ ("lpNSAE"),
but they was rare used. Most common "dnFifmqwst" was just the same.
Therefore it should be painless to use the system binary directly,
instead of the limited wrapper (which is still provided indeed).
2016-02-15 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.22
* Some portability fixing and improvements (Felix Janda)
* Require clear numbers for options and arguments (Sergey Salnikov)
* Drop compilation date from the version string (Debian #774365)
* New tcp module option `reuse', which utilize SO_REUSEADDR
to reuse local port numbers for the huge workloads (Richard Sheehan)
* Avoid poll(2) call with spurious zero timeout in some rare cases
by rounding the value properly using ceil(3)
2014-11-12 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.21
* Fix `--mtu' and `-F' working on kernels >= 3.13
* Some manual page improving (Christopher Mann)
2014-06-14 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.20
* Describe all complementary long options in the man page (Jan Synacek)
* Use correct service name for AS lookups (Frederic Mangano)
* Avoid some rare case null dereference (geogriffin@jsgriff.com)
* Improve expiration check for simultaneous probes
2012-11-19 Dmitry Butskoy <Dmitry@Butskoy.name> - 2.0.19
* DCCP protocol support (rfc4340), by Samuel Jero
Use "-D" option for it (the protocol-specific options
are available too).
* Update COPYING and COPYING.LIB license files to the latest
published ones (due to FSF address changes etc.) (Jan Synacek)
* Add mention of "-l" option to manual (Filip Holec)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 9.53.3 to 9.54.0
- Update rootfile
- delete patch related to FT_CALLBACK_DEF as fix has been implemented in the source
tarball
- Changelog highlights
Version 9.54.0 (2021-03-30)
The 9.54.0 release is a maintenance release, and also adds new functionality.
Highlights in this release include:
Overprint simulation is now available to all output devices, allowing quality previewing/proofing of PostScript and PDF jobs that rely on overprint. See the -dOverprint option documentation in: Overprint
The "docxwrite" device adds the ability to output to Microsoft Word "docx" format. See: docxwrite
The pdfwrite device is now capable of using the Tesseract OCR engine when it is built into Ghostscript to improve searchability and copy and paste functionality when the input lacks the metadata for that purpose. See: UseOCR
Ghostscript/GhostPDL now includes a "map text to black" function, where text drawn by an input job (except when drawn using a Type 3 font) can be forced to draw in solid black. See: BlackText
Ghostscript/GhostPDL now supports simple N-up imposition "internally". See: NupControl
Our efforts in code hygiene and maintainability continue.
The usual round of bug fixes, compatibility changes, and incremental improvements.
Full details of above highlights can be found at https://www.ghostscript.com/doc/9.54.0/History9.htm
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Update from 0.3.4 to 0.3.5
- Created libcdada-0.3.5-Werror.patch based on the gentoo 0.3.5 patch to remove -Werror
flags from the configure. This was flagging up warnings as errors and stopping
the build
- Removed the SUP_ARCH line to allow it to build again
- Added --without-tests and --without-checks to the ./configure statement. This prevents
the test and checks being built
- Removed libcdada-0.3.4-use-shared-library-for-tests-and-examples-build.patch as no
longer needed with the tests and checks no longer being built
- No update required for rootfile
- Changelog
v0.3.5 (20th April 2021)
New
- Improved public API documentation
- build: add --without-tests --without-examples build options
Bug fix
- Fix `E_EMPTY` return codes set/map/list/stack/queue
- Fix `make check` when valgrind is not installed
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
- Created pmacct-1.7.6-Werror.patch to remove -Werror flags from the configure
This was flagging up warnings as errors and stopping the build
- Removed the SUP_ARCH line to allow it to build again
- No update required to the rootfile
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This patch uses the new Zstandard algorithm to compress the file system
image on the ISO image. This comes with these advantages:
* Compression is about twice as fast than XZ with the parameters we have
selected here
* We use a lot less memory during compression and can therefore utilise
all processor cores of the build machines
* Decompression (when installing IPFire and when creating the
flash-image) is substantically faster
The downside is that the generated ISO image is slighty larger (~10MiB)
which I am okay with as a trade-off for the points mentioned above.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
The installer was reading the kernel command line and was looking for
certain values which configured the installer.
GRUB appended a trailing newline character which was not accounted for
and caused that the last parameter was not correctly compared to the
list of possible keys.
Fixes: #12656 - core 157: unattended installation don't work as expected on EFI
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
AWS for some time now has a serial console feature which is enabled by
default on all systems. The VGA console is not enabled for any new
non-x86 instance types and not interactive.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
with kernel 5.10.x also the reading of s.m.a.r.t. data to update
the temperatur graphs is countet as disk read so update the stored
value after reading.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
During the build process, we set capabilities to elevate privileges of
certain progrems (e.g. ping). These have been removed during the build
process because of strip.
This patch collects any capabilities from all files that are being
stripped and restores them after calling strip.
Fixes: #12652
Reported-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
After upgrading to Core Update 157, a few number of users reported their
systems to be unworkable after a reboot. Most of them (the systems, not
the users) were apparently missing the new Linux kernel in their Grub
configuration, causing a non-functional bootloader written to disk.
While we seem to be able to rule out issues related to poor storage
(SDDs, flash cards, etc.) or very high I/O load, it occurred to me we
are not calling "sync" after having extracted a Core Update's .tar.gz
file.
This patch therefore proposes to do so. It is a somewhat homeopathic
approach, though, but might ensure all parts of the system to have
properly processed the contents of an extracted archive. While we cannot
even reasonably guess it will solve the problem(s) mentioned initially,
doing so cannot hurt either.
See also:
https://community.ipfire.org/t/after-update-ipfire-to-157-no-boot/5641/45
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
we have no supported armv5tel board left so we can switch to the higher
arch. This now can use the vpu (still in softfp calling convention to
not break existing installations.)
this fix many compile problems, also boost is now working again.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
with kernel 5.10 dhcpcd hung at shutdown if red was a wireless client
becuase there was two running instances. This change repeat the
dcpcd -k call.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
