Pending patches for upcoming Core Update 154

Pending patches for upcoming Core Update 154

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 415 bytes --]

Hello *,

to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
have heard of CVE-2021-3156 affecting the latter by now.

There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
not checked that, yet. :-)

Thanks, and best regards,
Peter Müller

Re: Pending patches for upcoming Core Update 154

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 2766 bytes --]

Hello development folks,

Man proposes, God disposes... *sigh*

Is anyone aware about current kernel in next being un-compilable or am I bumping into some
personal side-effects again?

> linux (4.14.212)                                                                                                                                                                                                    KCFG=[     3:48 ][ FAIL ]
> 
>     CC [M]  fs/xfs/xfs_inode_item.o
>     CC [M]  fs/xfs/xfs_refcount_item.o
>     CC [M]  fs/xfs/xfs_rmap_item.o
>     CC [M]  fs/xfs/xfs_log_recover.o
>     CC [M]  fs/xfs/xfs_trans_ail.o
>     CC [M]  fs/xfs/xfs_trans_bmap.o
>     CC [M]  fs/xfs/xfs_trans_buf.o
>     CC [M]  fs/xfs/xfs_trans_extfree.o
>     CC [M]  fs/xfs/xfs_trans_inode.o
>     CC [M]  fs/xfs/xfs_trans_refcount.o
>     CC [M]  fs/xfs/xfs_trans_rmap.o
>     CC [M]  fs/xfs/xfs_dquot.o
>     CC [M]  fs/xfs/xfs_dquot_item.o
>     fs/xfs/.tmp_xfs_trans_inode.o: warning: objtool: missing symbol for section .text
>     CC [M]  fs/xfs/xfs_trans_dquot.o
>     CC [M]  fs/xfs/xfs_qm_syscalls.o
>     CC [M]  fs/xfs/xfs_qm_bhv.o
>     fs/xfs/.tmp_xfs_trans_dquot.o: warning: objtool: missing symbol for section .text
>     CC [M]  fs/xfs/xfs_qm.o
>     CC [M]  fs/xfs/xfs_quotaops.o
>     fs/xfs/.tmp_xfs_qm_bhv.o: warning: objtool: missing symbol for section .text
>     CC [M]  fs/xfs/xfs_rtalloc.o
>     fs/xfs/.tmp_xfs_dquot.o: warning: objtool: missing symbol for section .init.text
>     CC [M]  fs/xfs/xfs_acl.o
>     CC [M]  fs/xfs/xfs_sysctl.o
>     CC [M]  fs/xfs/xfs_ioctl32.o
>     LD [M]  fs/xfs/xfs.o
>     AR      fs/built-in.o
>     make[1]: Leaving directory '/usr/src/linux-4.14.212'
>     make: *** [linux:149: /usr/src/log/linux-4.14.212-ipfire] Error 2

Unfortunately, ~/devel/ipfire-2.x/log/_build.ipfire.log does not contain further information regarding
the problem. Having had some issues with a too old kernel on my workstation, this should now be fine again:

> user(a)machine:~/devel/ipfire-2.x> uname -a
> Linux machine 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712) x86_64 x86_64 x86_64 GNU/Linux

Am I missing something? If yes, could somebody please enlighten my tired brain? :-)

Thanks, and best regards,
Peter Müller

> Hello *,
> 
> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
> have heard of CVE-2021-3156 affecting the latter by now.
> 
> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
> not checked that, yet. :-)
> 
> Thanks, and best regards,
> Peter Müller
> 

Re: Pending patches for upcoming Core Update 154

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 3193 bytes --]

Hi Peter,


On 27/01/2021 20:04, Peter Müller wrote:
> Hello development folks,
>
> Man proposes, God disposes... *sigh*
>
> Is anyone aware about current kernel in next being un-compilable or am I bumping into some
> personal side-effects again?

I started a build about two hours ago after a git pull from next and Linux built without any problems on my system.

I was updating sudo and arping but after starting I saw that you are also working on sudo so I will just send in the patch for arping.

Regards,

Adolf.

>> linux (4.14.212)                                                                                                                                                                                                    KCFG=[     3:48 ][ FAIL ]
>>
>>      CC [M]  fs/xfs/xfs_inode_item.o
>>      CC [M]  fs/xfs/xfs_refcount_item.o
>>      CC [M]  fs/xfs/xfs_rmap_item.o
>>      CC [M]  fs/xfs/xfs_log_recover.o
>>      CC [M]  fs/xfs/xfs_trans_ail.o
>>      CC [M]  fs/xfs/xfs_trans_bmap.o
>>      CC [M]  fs/xfs/xfs_trans_buf.o
>>      CC [M]  fs/xfs/xfs_trans_extfree.o
>>      CC [M]  fs/xfs/xfs_trans_inode.o
>>      CC [M]  fs/xfs/xfs_trans_refcount.o
>>      CC [M]  fs/xfs/xfs_trans_rmap.o
>>      CC [M]  fs/xfs/xfs_dquot.o
>>      CC [M]  fs/xfs/xfs_dquot_item.o
>>      fs/xfs/.tmp_xfs_trans_inode.o: warning: objtool: missing symbol for section .text
>>      CC [M]  fs/xfs/xfs_trans_dquot.o
>>      CC [M]  fs/xfs/xfs_qm_syscalls.o
>>      CC [M]  fs/xfs/xfs_qm_bhv.o
>>      fs/xfs/.tmp_xfs_trans_dquot.o: warning: objtool: missing symbol for section .text
>>      CC [M]  fs/xfs/xfs_qm.o
>>      CC [M]  fs/xfs/xfs_quotaops.o
>>      fs/xfs/.tmp_xfs_qm_bhv.o: warning: objtool: missing symbol for section .text
>>      CC [M]  fs/xfs/xfs_rtalloc.o
>>      fs/xfs/.tmp_xfs_dquot.o: warning: objtool: missing symbol for section .init.text
>>      CC [M]  fs/xfs/xfs_acl.o
>>      CC [M]  fs/xfs/xfs_sysctl.o
>>      CC [M]  fs/xfs/xfs_ioctl32.o
>>      LD [M]  fs/xfs/xfs.o
>>      AR      fs/built-in.o
>>      make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>      make: *** [linux:149: /usr/src/log/linux-4.14.212-ipfire] Error 2
> Unfortunately, ~/devel/ipfire-2.x/log/_build.ipfire.log does not contain further information regarding
> the problem. Having had some issues with a too old kernel on my workstation, this should now be fine again:
>
>> user(a)machine:~/devel/ipfire-2.x> uname -a
>> Linux machine 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712) x86_64 x86_64 x86_64 GNU/Linux
> Am I missing something? If yes, could somebody please enlighten my tired brain? :-)
>
> Thanks, and best regards,
> Peter Müller
>
>> Hello *,
>>
>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>> have heard of CVE-2021-3156 affecting the latter by now.
>>
>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>> not checked that, yet. :-)
>>
>> Thanks, and best regards,
>> Peter Müller
>>

Re: Pending patches for upcoming Core Update 154

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 4009 bytes --]

Good evening Adolf,

thanks for your reply.

The problem is at my end, then. Would you mind working on sudo anyways, so we definitely have
a patch ready for Core Update 154? I would skip it then - but are of course willing to review
your patch and/or help, if any help is needed (and I got my environment ready until then). :-)

Thanks, and best regards,
Peter Müller


> Hi Peter,
> 
> 
> On 27/01/2021 20:04, Peter Müller wrote:
>> Hello development folks,
>>
>> Man proposes, God disposes... *sigh*
>>
>> Is anyone aware about current kernel in next being un-compilable or am I bumping into some
>> personal side-effects again?
> 
> I started a build about two hours ago after a git pull from next and Linux built without any problems on my system.
> 
> I was updating sudo and arping but after starting I saw that you are also working on sudo so I will just send in the patch for arping.
> 
> Regards,
> 
> Adolf.
> 
>>> linux (4.14.212)                                                                                                                                                                                                    KCFG=[     3:48 ][ FAIL ]
>>>
>>>      CC [M]  fs/xfs/xfs_inode_item.o
>>>      CC [M]  fs/xfs/xfs_refcount_item.o
>>>      CC [M]  fs/xfs/xfs_rmap_item.o
>>>      CC [M]  fs/xfs/xfs_log_recover.o
>>>      CC [M]  fs/xfs/xfs_trans_ail.o
>>>      CC [M]  fs/xfs/xfs_trans_bmap.o
>>>      CC [M]  fs/xfs/xfs_trans_buf.o
>>>      CC [M]  fs/xfs/xfs_trans_extfree.o
>>>      CC [M]  fs/xfs/xfs_trans_inode.o
>>>      CC [M]  fs/xfs/xfs_trans_refcount.o
>>>      CC [M]  fs/xfs/xfs_trans_rmap.o
>>>      CC [M]  fs/xfs/xfs_dquot.o
>>>      CC [M]  fs/xfs/xfs_dquot_item.o
>>>      fs/xfs/.tmp_xfs_trans_inode.o: warning: objtool: missing symbol for section .text
>>>      CC [M]  fs/xfs/xfs_trans_dquot.o
>>>      CC [M]  fs/xfs/xfs_qm_syscalls.o
>>>      CC [M]  fs/xfs/xfs_qm_bhv.o
>>>      fs/xfs/.tmp_xfs_trans_dquot.o: warning: objtool: missing symbol for section .text
>>>      CC [M]  fs/xfs/xfs_qm.o
>>>      CC [M]  fs/xfs/xfs_quotaops.o
>>>      fs/xfs/.tmp_xfs_qm_bhv.o: warning: objtool: missing symbol for section .text
>>>      CC [M]  fs/xfs/xfs_rtalloc.o
>>>      fs/xfs/.tmp_xfs_dquot.o: warning: objtool: missing symbol for section .init.text
>>>      CC [M]  fs/xfs/xfs_acl.o
>>>      CC [M]  fs/xfs/xfs_sysctl.o
>>>      CC [M]  fs/xfs/xfs_ioctl32.o
>>>      LD [M]  fs/xfs/xfs.o
>>>      AR      fs/built-in.o
>>>      make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>>      make: *** [linux:149: /usr/src/log/linux-4.14.212-ipfire] Error 2
>> Unfortunately, ~/devel/ipfire-2.x/log/_build.ipfire.log does not contain further information regarding
>> the problem. Having had some issues with a too old kernel on my workstation, this should now be fine again:
>>
>>> user(a)machine:~/devel/ipfire-2.x> uname -a
>>> Linux machine 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712) x86_64 x86_64 x86_64 GNU/Linux
>> Am I missing something? If yes, could somebody please enlighten my tired brain? :-)
>>
>> Thanks, and best regards,
>> Peter Müller
>>
>>> Hello *,
>>>
>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>
>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>> not checked that, yet. :-)
>>>
>>> Thanks, and best regards,
>>> Peter Müller
>>>

Re: Pending patches for upcoming Core Update 154

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 4398 bytes --]

Hi there Peter,

On 27/01/2021 20:58, Peter Müller wrote:
> Good evening Adolf,
> 
> thanks for your reply.
> 
> The problem is at my end, then. Would you mind working on sudo anyways, so we definitely have
> a patch ready for Core Update 154? I would skip it then - but are of course willing to review
> your patch and/or help, if any help is needed (and I got my environment ready until then). :-)

No problem. I had left the build going anyway as arping was also being built and it has just finished with no issues and no change to the rootfile. I will send in the patch for review.

Regards,
Adolf
> 
> Thanks, and best regards,
> Peter Müller
> 
> 
>> Hi Peter,
>>
>>
>> On 27/01/2021 20:04, Peter Müller wrote:
>>> Hello development folks,
>>>
>>> Man proposes, God disposes... *sigh*
>>>
>>> Is anyone aware about current kernel in next being un-compilable or am I bumping into some
>>> personal side-effects again?
>>
>> I started a build about two hours ago after a git pull from next and Linux built without any problems on my system.
>>
>> I was updating sudo and arping but after starting I saw that you are also working on sudo so I will just send in the patch for arping.
>>
>> Regards,
>>
>> Adolf.
>>
>>>> linux (4.14.212)                                                                                                                                                                                                    KCFG=[     3:48 ][ FAIL ]
>>>>
>>>>       CC [M]  fs/xfs/xfs_inode_item.o
>>>>       CC [M]  fs/xfs/xfs_refcount_item.o
>>>>       CC [M]  fs/xfs/xfs_rmap_item.o
>>>>       CC [M]  fs/xfs/xfs_log_recover.o
>>>>       CC [M]  fs/xfs/xfs_trans_ail.o
>>>>       CC [M]  fs/xfs/xfs_trans_bmap.o
>>>>       CC [M]  fs/xfs/xfs_trans_buf.o
>>>>       CC [M]  fs/xfs/xfs_trans_extfree.o
>>>>       CC [M]  fs/xfs/xfs_trans_inode.o
>>>>       CC [M]  fs/xfs/xfs_trans_refcount.o
>>>>       CC [M]  fs/xfs/xfs_trans_rmap.o
>>>>       CC [M]  fs/xfs/xfs_dquot.o
>>>>       CC [M]  fs/xfs/xfs_dquot_item.o
>>>>       fs/xfs/.tmp_xfs_trans_inode.o: warning: objtool: missing symbol for section .text
>>>>       CC [M]  fs/xfs/xfs_trans_dquot.o
>>>>       CC [M]  fs/xfs/xfs_qm_syscalls.o
>>>>       CC [M]  fs/xfs/xfs_qm_bhv.o
>>>>       fs/xfs/.tmp_xfs_trans_dquot.o: warning: objtool: missing symbol for section .text
>>>>       CC [M]  fs/xfs/xfs_qm.o
>>>>       CC [M]  fs/xfs/xfs_quotaops.o
>>>>       fs/xfs/.tmp_xfs_qm_bhv.o: warning: objtool: missing symbol for section .text
>>>>       CC [M]  fs/xfs/xfs_rtalloc.o
>>>>       fs/xfs/.tmp_xfs_dquot.o: warning: objtool: missing symbol for section .init.text
>>>>       CC [M]  fs/xfs/xfs_acl.o
>>>>       CC [M]  fs/xfs/xfs_sysctl.o
>>>>       CC [M]  fs/xfs/xfs_ioctl32.o
>>>>       LD [M]  fs/xfs/xfs.o
>>>>       AR      fs/built-in.o
>>>>       make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>>>       make: *** [linux:149: /usr/src/log/linux-4.14.212-ipfire] Error 2
>>> Unfortunately, ~/devel/ipfire-2.x/log/_build.ipfire.log does not contain further information regarding
>>> the problem. Having had some issues with a too old kernel on my workstation, this should now be fine again:
>>>
>>>> user(a)machine:~/devel/ipfire-2.x> uname -a
>>>> Linux machine 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712) x86_64 x86_64 x86_64 GNU/Linux
>>> Am I missing something? If yes, could somebody please enlighten my tired brain? :-)
>>>
>>> Thanks, and best regards,
>>> Peter Müller
>>>
>>>> Hello *,
>>>>
>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>
>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>> not checked that, yet. :-)
>>>>
>>>> Thanks, and best regards,
>>>> Peter Müller
>>>>

Re: Pending patches for upcoming Core Update 154

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 4421 bytes --]

Hello *,

to keep everyone updated: The root cause for this seems to be a quirk somewhere in the vicinity
of objtools (part of the binutils):

> arch/x86/crypto/sha512-mb/.tmp_sha512_mb_mgr_flush_avx2.o: warning: objtool: missing symbol for section .text
>   CC [M]  arch/x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.o
>   AS [M]  arch/x86/crypto/sha512-mb/sha512_mb_mgr_submit_avx2.o
> arch/x86/crypto/sha512-mb/.tmp_sha512_mb_mgr_submit_avx2.o: warning: objtool: missing symbol for section .text
>   AS [M]  arch/x86/crypto/sha512-mb/sha512_x4_avx2.o
> arch/x86/crypto/sha512-mb/.tmp_sha512_x4_avx2.o: warning: objtool: missing symbol for section .text
>   LD [M]  arch/x86/crypto/sha512-mb/sha512-mb.o
>   AS      arch/x86/entry/entry_64.o
> arch/x86/entry/entry_64.S: Assembler messages:
> arch/x86/entry/entry_64.S:1642: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret'
>   AS      arch/x86/entry/thunk_64.o
> arch/x86/entry/.tmp_thunk_64.o: warning: objtool: missing symbol table
> make[3]: *** [scripts/Makefile.build:427: arch/x86/entry/thunk_64.o] Error 1
> make[2]: *** [scripts/Makefile.build:585: arch/x86/entry] Error 2
> make[1]: *** [Makefile:1053: arch/x86] Error 2
> make[1]: Leaving directory '/usr/src/linux-4.14.212'
> make: *** [linux:150: /usr/src/log/linux-4.14.212-ipfire] Error 2

Alas, this is currently reproducible on OpenSuSE Leap 15.2 machines trying to build an untouched
version of IPFire 2.x (both "next" and "master"). :-/

Thanks, and best regards,
Peter Müller


> Hello development folks,
> 
> Man proposes, God disposes... *sigh*
> 
> Is anyone aware about current kernel in next being un-compilable or am I bumping into some
> personal side-effects again?
> 
>> linux (4.14.212)                                                                                                                                                                                                    KCFG=[     3:48 ][ FAIL ]
>>
>>     CC [M]  fs/xfs/xfs_inode_item.o
>>     CC [M]  fs/xfs/xfs_refcount_item.o
>>     CC [M]  fs/xfs/xfs_rmap_item.o
>>     CC [M]  fs/xfs/xfs_log_recover.o
>>     CC [M]  fs/xfs/xfs_trans_ail.o
>>     CC [M]  fs/xfs/xfs_trans_bmap.o
>>     CC [M]  fs/xfs/xfs_trans_buf.o
>>     CC [M]  fs/xfs/xfs_trans_extfree.o
>>     CC [M]  fs/xfs/xfs_trans_inode.o
>>     CC [M]  fs/xfs/xfs_trans_refcount.o
>>     CC [M]  fs/xfs/xfs_trans_rmap.o
>>     CC [M]  fs/xfs/xfs_dquot.o
>>     CC [M]  fs/xfs/xfs_dquot_item.o
>>     fs/xfs/.tmp_xfs_trans_inode.o: warning: objtool: missing symbol for section .text
>>     CC [M]  fs/xfs/xfs_trans_dquot.o
>>     CC [M]  fs/xfs/xfs_qm_syscalls.o
>>     CC [M]  fs/xfs/xfs_qm_bhv.o
>>     fs/xfs/.tmp_xfs_trans_dquot.o: warning: objtool: missing symbol for section .text
>>     CC [M]  fs/xfs/xfs_qm.o
>>     CC [M]  fs/xfs/xfs_quotaops.o
>>     fs/xfs/.tmp_xfs_qm_bhv.o: warning: objtool: missing symbol for section .text
>>     CC [M]  fs/xfs/xfs_rtalloc.o
>>     fs/xfs/.tmp_xfs_dquot.o: warning: objtool: missing symbol for section .init.text
>>     CC [M]  fs/xfs/xfs_acl.o
>>     CC [M]  fs/xfs/xfs_sysctl.o
>>     CC [M]  fs/xfs/xfs_ioctl32.o
>>     LD [M]  fs/xfs/xfs.o
>>     AR      fs/built-in.o
>>     make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>     make: *** [linux:149: /usr/src/log/linux-4.14.212-ipfire] Error 2
> 
> Unfortunately, ~/devel/ipfire-2.x/log/_build.ipfire.log does not contain further information regarding
> the problem. Having had some issues with a too old kernel on my workstation, this should now be fine again:
> 
>> user(a)machine:~/devel/ipfire-2.x> uname -a
>> Linux machine 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712) x86_64 x86_64 x86_64 GNU/Linux
> 
> Am I missing something? If yes, could somebody please enlighten my tired brain? :-)
> 
> Thanks, and best regards,
> Peter Müller
> 
>> Hello *,
>>
>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>> have heard of CVE-2021-3156 affecting the latter by now.
>>
>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>> not checked that, yet. :-)
>>
>> Thanks, and best regards,
>> Peter Müller
>>

Re: Pending patches for upcoming Core Update 154

[Matthias Fischer]

[-- Attachment #1: Type: text/plain, Size: 648 bytes --]

On 27.01.2021 18:15, Peter Müller wrote:
> Hello *,

Hi,

> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
> have heard of CVE-2021-3156 affecting the latter by now.
> 
> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
> not checked that, yet. :-)

My two cents - working ('Devel' does it, I'm only watching ;-) ) on:

libgcrypt => 1.9.1
libgpg-error => 1.41
libassuan => 2.5.4

Best,
Matthias

> 
> Thanks, and best regards,
> Peter Müller
> 

Re: Pending patches for upcoming Core Update 154

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 1380 bytes --]

Hello Matthias, hello *,

thanks for your reply.

Glad you mention and take care of libgcrypt, that one is important. :-)

Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on

- binutils 2.36, which requires patching the kernel and hyperscan
- hyperscan 5.4.0
- libseccomp 2.5.1
- Postfix 3.5.9

for Core Update 154.

freetype unfortunately continues to break most recent ghostscript, and I have not yet found
out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
I have not found a suitable source for some more current RPMs flying around at OpenSuSE.

Thanks, and best regards,
Peter Müller

> On 27.01.2021 18:15, Peter Müller wrote:
>> Hello *,
> 
> Hi,
> 
>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>> have heard of CVE-2021-3156 affecting the latter by now.
>>
>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>> not checked that, yet. :-)
> 
> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
> 
> libgcrypt => 1.9.1
> libgpg-error => 1.41
> libassuan => 2.5.4
> 
> Best,
> Matthias
> 
>>
>> Thanks, and best regards,
>> Peter Müller
>>
> 

Re: Pending patches for upcoming Core Update 154

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 1998 bytes --]

Hallo all,

I am currently working on screen-4.8.0


My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.

If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.

Have a great weekend.

Adolf.

Sent from my Desktop Computer

On 30/01/2021 14:08, Peter Müller wrote:
> Hello Matthias, hello *,
>
> thanks for your reply.
>
> Glad you mention and take care of libgcrypt, that one is important. :-)
>
> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>
> - binutils 2.36, which requires patching the kernel and hyperscan
> - hyperscan 5.4.0
> - libseccomp 2.5.1
> - Postfix 3.5.9
>
> for Core Update 154.
>
> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>
> Thanks, and best regards,
> Peter Müller
>
>> On 27.01.2021 18:15, Peter Müller wrote:
>>> Hello *,
>>
>> Hi,
>>
>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>
>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>> not checked that, yet. :-)
>>
>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>
>> libgcrypt => 1.9.1
>> libgpg-error => 1.41
>> libassuan => 2.5.4
>>
>> Best,
>> Matthias
>>
>>>
>>> Thanks, and best regards,
>>> Peter Müller
>>>
>>

Re: Pending patches for upcoming Core Update 154

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 4842 bytes --]

Hi,

I installed a virtual machine with OpenSuSE Leap and I am past the kernel now with my build.

Could you simply remove the ccache directory from your build environment and run your build again?

It does not seem to be the distribution.

-Michael

> On 28 Jan 2021, at 20:20, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> Hello *,
> 
> to keep everyone updated: The root cause for this seems to be a quirk somewhere in the vicinity
> of objtools (part of the binutils):
> 
>> arch/x86/crypto/sha512-mb/.tmp_sha512_mb_mgr_flush_avx2.o: warning: objtool: missing symbol for section .text
>>  CC [M]  arch/x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.o
>>  AS [M]  arch/x86/crypto/sha512-mb/sha512_mb_mgr_submit_avx2.o
>> arch/x86/crypto/sha512-mb/.tmp_sha512_mb_mgr_submit_avx2.o: warning: objtool: missing symbol for section .text
>>  AS [M]  arch/x86/crypto/sha512-mb/sha512_x4_avx2.o
>> arch/x86/crypto/sha512-mb/.tmp_sha512_x4_avx2.o: warning: objtool: missing symbol for section .text
>>  LD [M]  arch/x86/crypto/sha512-mb/sha512-mb.o
>>  AS      arch/x86/entry/entry_64.o
>> arch/x86/entry/entry_64.S: Assembler messages:
>> arch/x86/entry/entry_64.S:1642: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret'
>>  AS      arch/x86/entry/thunk_64.o
>> arch/x86/entry/.tmp_thunk_64.o: warning: objtool: missing symbol table
>> make[3]: *** [scripts/Makefile.build:427: arch/x86/entry/thunk_64.o] Error 1
>> make[2]: *** [scripts/Makefile.build:585: arch/x86/entry] Error 2
>> make[1]: *** [Makefile:1053: arch/x86] Error 2
>> make[1]: Leaving directory '/usr/src/linux-4.14.212'
>> make: *** [linux:150: /usr/src/log/linux-4.14.212-ipfire] Error 2
> 
> Alas, this is currently reproducible on OpenSuSE Leap 15.2 machines trying to build an untouched
> version of IPFire 2.x (both "next" and "master"). :-/
> 
> Thanks, and best regards,
> Peter Müller
> 
> 
>> Hello development folks,
>> 
>> Man proposes, God disposes... *sigh*
>> 
>> Is anyone aware about current kernel in next being un-compilable or am I bumping into some
>> personal side-effects again?
>> 
>>> linux (4.14.212)                                                                                                                                                                                                    KCFG=[     3:48 ][ FAIL ]
>>> 
>>>    CC [M]  fs/xfs/xfs_inode_item.o
>>>    CC [M]  fs/xfs/xfs_refcount_item.o
>>>    CC [M]  fs/xfs/xfs_rmap_item.o
>>>    CC [M]  fs/xfs/xfs_log_recover.o
>>>    CC [M]  fs/xfs/xfs_trans_ail.o
>>>    CC [M]  fs/xfs/xfs_trans_bmap.o
>>>    CC [M]  fs/xfs/xfs_trans_buf.o
>>>    CC [M]  fs/xfs/xfs_trans_extfree.o
>>>    CC [M]  fs/xfs/xfs_trans_inode.o
>>>    CC [M]  fs/xfs/xfs_trans_refcount.o
>>>    CC [M]  fs/xfs/xfs_trans_rmap.o
>>>    CC [M]  fs/xfs/xfs_dquot.o
>>>    CC [M]  fs/xfs/xfs_dquot_item.o
>>>    fs/xfs/.tmp_xfs_trans_inode.o: warning: objtool: missing symbol for section .text
>>>    CC [M]  fs/xfs/xfs_trans_dquot.o
>>>    CC [M]  fs/xfs/xfs_qm_syscalls.o
>>>    CC [M]  fs/xfs/xfs_qm_bhv.o
>>>    fs/xfs/.tmp_xfs_trans_dquot.o: warning: objtool: missing symbol for section .text
>>>    CC [M]  fs/xfs/xfs_qm.o
>>>    CC [M]  fs/xfs/xfs_quotaops.o
>>>    fs/xfs/.tmp_xfs_qm_bhv.o: warning: objtool: missing symbol for section .text
>>>    CC [M]  fs/xfs/xfs_rtalloc.o
>>>    fs/xfs/.tmp_xfs_dquot.o: warning: objtool: missing symbol for section .init.text
>>>    CC [M]  fs/xfs/xfs_acl.o
>>>    CC [M]  fs/xfs/xfs_sysctl.o
>>>    CC [M]  fs/xfs/xfs_ioctl32.o
>>>    LD [M]  fs/xfs/xfs.o
>>>    AR      fs/built-in.o
>>>    make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>>    make: *** [linux:149: /usr/src/log/linux-4.14.212-ipfire] Error 2
>> 
>> Unfortunately, ~/devel/ipfire-2.x/log/_build.ipfire.log does not contain further information regarding
>> the problem. Having had some issues with a too old kernel on my workstation, this should now be fine again:
>> 
>>> user(a)machine:~/devel/ipfire-2.x> uname -a
>>> Linux machine 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712) x86_64 x86_64 x86_64 GNU/Linux
>> 
>> Am I missing something? If yes, could somebody please enlighten my tired brain? :-)
>> 
>> Thanks, and best regards,
>> Peter Müller
>> 
>>> Hello *,
>>> 
>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>> have heard of CVE-2021-3156 affecting the latter by now.
>>> 
>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>> not checked that, yet. :-)
>>> 
>>> Thanks, and best regards,
>>> Peter Müller
>>> 

Re: Pending patches for upcoming Core Update 154

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 2194 bytes --]

Also working on

cifs-utils-6.12

cups-filters-1.28.7

Regards,

Adolf.

On 30/01/2021 14:51, Adolf Belka wrote:
> Hallo all,
>
> I am currently working on screen-4.8.0
>
>
> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>
> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>
> Have a great weekend.
>
> Adolf.
>
> Sent from my Desktop Computer
>
> On 30/01/2021 14:08, Peter Müller wrote:
>> Hello Matthias, hello *,
>>
>> thanks for your reply.
>>
>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>
>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>
>> - binutils 2.36, which requires patching the kernel and hyperscan
>> - hyperscan 5.4.0
>> - libseccomp 2.5.1
>> - Postfix 3.5.9
>>
>> for Core Update 154.
>>
>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>
>> Thanks, and best regards,
>> Peter Müller
>>
>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>> Hello *,
>>>
>>> Hi,
>>>
>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>
>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>> not checked that, yet. :-)
>>>
>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>
>>> libgcrypt => 1.9.1
>>> libgpg-error => 1.41
>>> libassuan => 2.5.4
>>>
>>> Best,
>>> Matthias
>>>
>>>>
>>>> Thanks, and best regards,
>>>> Peter Müller
>>>>
>>>

Re: Pending patches for upcoming Core Update 154

[Peter Müller]

[-- Attachment #1: Type: text/plain, Size: 5374 bytes --]

Hello Michael,

thank you for trying to reproduce this.

I am currently building current IPFire 2.x "next" with ccache deleted and will report my findings/
progress here. (binutils 2.36 turns out to break so much stuff that I am currently considering not
to send in a patch for it and wait for linux/hyperscan/... to adapt by themselves. Hrmpf.)

Thanks, and best regards,
Peter Müller

> Hi,
> 
> I installed a virtual machine with OpenSuSE Leap and I am past the kernel now with my build.
> 
> Could you simply remove the ccache directory from your build environment and run your build again?
> 
> It does not seem to be the distribution.
> 
> -Michael
> 
>> On 28 Jan 2021, at 20:20, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>
>> Hello *,
>>
>> to keep everyone updated: The root cause for this seems to be a quirk somewhere in the vicinity
>> of objtools (part of the binutils):
>>
>>> arch/x86/crypto/sha512-mb/.tmp_sha512_mb_mgr_flush_avx2.o: warning: objtool: missing symbol for section .text
>>>   CC [M]  arch/x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.o
>>>   AS [M]  arch/x86/crypto/sha512-mb/sha512_mb_mgr_submit_avx2.o
>>> arch/x86/crypto/sha512-mb/.tmp_sha512_mb_mgr_submit_avx2.o: warning: objtool: missing symbol for section .text
>>>   AS [M]  arch/x86/crypto/sha512-mb/sha512_x4_avx2.o
>>> arch/x86/crypto/sha512-mb/.tmp_sha512_x4_avx2.o: warning: objtool: missing symbol for section .text
>>>   LD [M]  arch/x86/crypto/sha512-mb/sha512-mb.o
>>>   AS      arch/x86/entry/entry_64.o
>>> arch/x86/entry/entry_64.S: Assembler messages:
>>> arch/x86/entry/entry_64.S:1642: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret'
>>>   AS      arch/x86/entry/thunk_64.o
>>> arch/x86/entry/.tmp_thunk_64.o: warning: objtool: missing symbol table
>>> make[3]: *** [scripts/Makefile.build:427: arch/x86/entry/thunk_64.o] Error 1
>>> make[2]: *** [scripts/Makefile.build:585: arch/x86/entry] Error 2
>>> make[1]: *** [Makefile:1053: arch/x86] Error 2
>>> make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>> make: *** [linux:150: /usr/src/log/linux-4.14.212-ipfire] Error 2
>>
>> Alas, this is currently reproducible on OpenSuSE Leap 15.2 machines trying to build an untouched
>> version of IPFire 2.x (both "next" and "master"). :-/
>>
>> Thanks, and best regards,
>> Peter Müller
>>
>>
>>> Hello development folks,
>>>
>>> Man proposes, God disposes... *sigh*
>>>
>>> Is anyone aware about current kernel in next being un-compilable or am I bumping into some
>>> personal side-effects again?
>>>
>>>> linux (4.14.212)                                                                                                                                                                                                    KCFG=[     3:48 ][ FAIL ]
>>>>
>>>>     CC [M]  fs/xfs/xfs_inode_item.o
>>>>     CC [M]  fs/xfs/xfs_refcount_item.o
>>>>     CC [M]  fs/xfs/xfs_rmap_item.o
>>>>     CC [M]  fs/xfs/xfs_log_recover.o
>>>>     CC [M]  fs/xfs/xfs_trans_ail.o
>>>>     CC [M]  fs/xfs/xfs_trans_bmap.o
>>>>     CC [M]  fs/xfs/xfs_trans_buf.o
>>>>     CC [M]  fs/xfs/xfs_trans_extfree.o
>>>>     CC [M]  fs/xfs/xfs_trans_inode.o
>>>>     CC [M]  fs/xfs/xfs_trans_refcount.o
>>>>     CC [M]  fs/xfs/xfs_trans_rmap.o
>>>>     CC [M]  fs/xfs/xfs_dquot.o
>>>>     CC [M]  fs/xfs/xfs_dquot_item.o
>>>>     fs/xfs/.tmp_xfs_trans_inode.o: warning: objtool: missing symbol for section .text
>>>>     CC [M]  fs/xfs/xfs_trans_dquot.o
>>>>     CC [M]  fs/xfs/xfs_qm_syscalls.o
>>>>     CC [M]  fs/xfs/xfs_qm_bhv.o
>>>>     fs/xfs/.tmp_xfs_trans_dquot.o: warning: objtool: missing symbol for section .text
>>>>     CC [M]  fs/xfs/xfs_qm.o
>>>>     CC [M]  fs/xfs/xfs_quotaops.o
>>>>     fs/xfs/.tmp_xfs_qm_bhv.o: warning: objtool: missing symbol for section .text
>>>>     CC [M]  fs/xfs/xfs_rtalloc.o
>>>>     fs/xfs/.tmp_xfs_dquot.o: warning: objtool: missing symbol for section .init.text
>>>>     CC [M]  fs/xfs/xfs_acl.o
>>>>     CC [M]  fs/xfs/xfs_sysctl.o
>>>>     CC [M]  fs/xfs/xfs_ioctl32.o
>>>>     LD [M]  fs/xfs/xfs.o
>>>>     AR      fs/built-in.o
>>>>     make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>>>     make: *** [linux:149: /usr/src/log/linux-4.14.212-ipfire] Error 2
>>>
>>> Unfortunately, ~/devel/ipfire-2.x/log/_build.ipfire.log does not contain further information regarding
>>> the problem. Having had some issues with a too old kernel on my workstation, this should now be fine again:
>>>
>>>> user(a)machine:~/devel/ipfire-2.x> uname -a
>>>> Linux machine 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712) x86_64 x86_64 x86_64 GNU/Linux
>>>
>>> Am I missing something? If yes, could somebody please enlighten my tired brain? :-)
>>>
>>> Thanks, and best regards,
>>> Peter Müller
>>>
>>>> Hello *,
>>>>
>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>
>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>> not checked that, yet. :-)
>>>>
>>>> Thanks, and best regards,
>>>> Peter Müller
>>>>
> 

Re: Pending patches for upcoming Core Update 154

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 5778 bytes --]

Hi,

> On 30 Jan 2021, at 17:26, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> Hello Michael,
> 
> thank you for trying to reproduce this.
> 
> I am currently building current IPFire 2.x "next" with ccache deleted and will report my findings/
> progress here. (binutils 2.36 turns out to break so much stuff that I am currently considering not
> to send in a patch for it and wait for linux/hyperscan/... to adapt by themselves. Hrmpf.)

I do not see anything in the change log that sounds potentially dangerous and would break things.

It simply sounds like there has something gone wrong with your compiler cache (it also caches linked objects, too).

-Michael

> Thanks, and best regards,
> Peter Müller
> 
>> Hi,
>> I installed a virtual machine with OpenSuSE Leap and I am past the kernel now with my build.
>> Could you simply remove the ccache directory from your build environment and run your build again?
>> It does not seem to be the distribution.
>> -Michael
>>> On 28 Jan 2021, at 20:20, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>> 
>>> Hello *,
>>> 
>>> to keep everyone updated: The root cause for this seems to be a quirk somewhere in the vicinity
>>> of objtools (part of the binutils):
>>> 
>>>> arch/x86/crypto/sha512-mb/.tmp_sha512_mb_mgr_flush_avx2.o: warning: objtool: missing symbol for section .text
>>>>  CC [M]  arch/x86/crypto/sha512-mb/sha512_mb_mgr_init_avx2.o
>>>>  AS [M]  arch/x86/crypto/sha512-mb/sha512_mb_mgr_submit_avx2.o
>>>> arch/x86/crypto/sha512-mb/.tmp_sha512_mb_mgr_submit_avx2.o: warning: objtool: missing symbol for section .text
>>>>  AS [M]  arch/x86/crypto/sha512-mb/sha512_x4_avx2.o
>>>> arch/x86/crypto/sha512-mb/.tmp_sha512_x4_avx2.o: warning: objtool: missing symbol for section .text
>>>>  LD [M]  arch/x86/crypto/sha512-mb/sha512-mb.o
>>>>  AS      arch/x86/entry/entry_64.o
>>>> arch/x86/entry/entry_64.S: Assembler messages:
>>>> arch/x86/entry/entry_64.S:1642: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret'
>>>>  AS      arch/x86/entry/thunk_64.o
>>>> arch/x86/entry/.tmp_thunk_64.o: warning: objtool: missing symbol table
>>>> make[3]: *** [scripts/Makefile.build:427: arch/x86/entry/thunk_64.o] Error 1
>>>> make[2]: *** [scripts/Makefile.build:585: arch/x86/entry] Error 2
>>>> make[1]: *** [Makefile:1053: arch/x86] Error 2
>>>> make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>>> make: *** [linux:150: /usr/src/log/linux-4.14.212-ipfire] Error 2
>>> 
>>> Alas, this is currently reproducible on OpenSuSE Leap 15.2 machines trying to build an untouched
>>> version of IPFire 2.x (both "next" and "master"). :-/
>>> 
>>> Thanks, and best regards,
>>> Peter Müller
>>> 
>>> 
>>>> Hello development folks,
>>>> 
>>>> Man proposes, God disposes... *sigh*
>>>> 
>>>> Is anyone aware about current kernel in next being un-compilable or am I bumping into some
>>>> personal side-effects again?
>>>> 
>>>>> linux (4.14.212)                                                                                                                                                                                                    KCFG=[     3:48 ][ FAIL ]
>>>>> 
>>>>>    CC [M]  fs/xfs/xfs_inode_item.o
>>>>>    CC [M]  fs/xfs/xfs_refcount_item.o
>>>>>    CC [M]  fs/xfs/xfs_rmap_item.o
>>>>>    CC [M]  fs/xfs/xfs_log_recover.o
>>>>>    CC [M]  fs/xfs/xfs_trans_ail.o
>>>>>    CC [M]  fs/xfs/xfs_trans_bmap.o
>>>>>    CC [M]  fs/xfs/xfs_trans_buf.o
>>>>>    CC [M]  fs/xfs/xfs_trans_extfree.o
>>>>>    CC [M]  fs/xfs/xfs_trans_inode.o
>>>>>    CC [M]  fs/xfs/xfs_trans_refcount.o
>>>>>    CC [M]  fs/xfs/xfs_trans_rmap.o
>>>>>    CC [M]  fs/xfs/xfs_dquot.o
>>>>>    CC [M]  fs/xfs/xfs_dquot_item.o
>>>>>    fs/xfs/.tmp_xfs_trans_inode.o: warning: objtool: missing symbol for section .text
>>>>>    CC [M]  fs/xfs/xfs_trans_dquot.o
>>>>>    CC [M]  fs/xfs/xfs_qm_syscalls.o
>>>>>    CC [M]  fs/xfs/xfs_qm_bhv.o
>>>>>    fs/xfs/.tmp_xfs_trans_dquot.o: warning: objtool: missing symbol for section .text
>>>>>    CC [M]  fs/xfs/xfs_qm.o
>>>>>    CC [M]  fs/xfs/xfs_quotaops.o
>>>>>    fs/xfs/.tmp_xfs_qm_bhv.o: warning: objtool: missing symbol for section .text
>>>>>    CC [M]  fs/xfs/xfs_rtalloc.o
>>>>>    fs/xfs/.tmp_xfs_dquot.o: warning: objtool: missing symbol for section .init.text
>>>>>    CC [M]  fs/xfs/xfs_acl.o
>>>>>    CC [M]  fs/xfs/xfs_sysctl.o
>>>>>    CC [M]  fs/xfs/xfs_ioctl32.o
>>>>>    LD [M]  fs/xfs/xfs.o
>>>>>    AR      fs/built-in.o
>>>>>    make[1]: Leaving directory '/usr/src/linux-4.14.212'
>>>>>    make: *** [linux:149: /usr/src/log/linux-4.14.212-ipfire] Error 2
>>>> 
>>>> Unfortunately, ~/devel/ipfire-2.x/log/_build.ipfire.log does not contain further information regarding
>>>> the problem. Having had some issues with a too old kernel on my workstation, this should now be fine again:
>>>> 
>>>>> user(a)machine:~/devel/ipfire-2.x> uname -a
>>>>> Linux machine 5.3.18-lp152.60-default #1 SMP Tue Jan 12 23:10:31 UTC 2021 (9898712) x86_64 x86_64 x86_64 GNU/Linux
>>>> 
>>>> Am I missing something? If yes, could somebody please enlighten my tired brain? :-)
>>>> 
>>>> Thanks, and best regards,
>>>> Peter Müller
>>>> 
>>>>> Hello *,
>>>>> 
>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>> 
>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>> not checked that, yet. :-)
>>>>> 
>>>>> Thanks, and best regards,
>>>>> Peter Müller
>>>>> 

Re: Pending patches for upcoming Core Update 154

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 5564 bytes --]

Hi,

On 05/02/2021 18:46, Michael Tremer wrote:
> Hi,
> 
>> On 5 Feb 2021, at 17:31, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>
>> Hi all,
>>
>> On 05/02/2021 17:19, Michael Tremer wrote:
>>> Hello,
>>> Okay with me, if someone is happy to maintain it :)
>>
>> I am not sure that there will be a large amount of maintenance. This the the statement from the developer:-
>>
>> "Sipcalc development started back in 2001 and has most of the features I want in an ip calculator. It is no longer under active development, though bugfixes and patches are accepted."
>>
>> The current version was released in Jan 2013 so no bugfixes needed since then.
> 
> Hmm, that isn’t good. But good that you checked.
> 
> Are we leaving it then?

That would be my proposal. Any one who wants to use it can install it on one of their PC's running inside IPFire's protection. It seems that most distributions have a copy of it in their repositories. Only 100% windows users would not be able to use it but as you mentioned there are lots of web based equivalents that cover the basics.

Regards,
Adolf.
> 
> -Michael
> 
>> Regards,
>> Adolf
>>> -Michael
>>>> On 5 Feb 2021, at 11:38, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>>
>>>> Hi all,
>>>>
>>>> On 05/02/2021 12:10, Michael Tremer wrote:
>>>>> Hi,
>>>>> I am not sure if the console is a good place for this.
>>>>> Do people not use stuff on the web for this?
>>>>
>>>> You can do it on the web but this package does give a lot of information but I have it installed on my desktop pc. As I work on IPFire via ssh from my desktop then if I need to use sipcalc I can just open a terminal on my desktop and run it.
>>>>
>>>> Regards,
>>>> Adolf
>>>>> -Michael
>>>>>> On 5 Feb 2021, at 03:58, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>>>>>
>>>>>> Adolf,
>>>>>>
>>>>>> And one more request - very low priority.  Can sipcalc be added as on IPFire Add-on?
>>>>>>
>>>>>> This came up in a thread:
>>>>>> https://community.ipfire.org/t/open-vpn-no-ping-to-192-168-0-240/4089/2?u=jon
>>>>>>
>>>>>> This may already be on Peter's to-do list.
>>>>>>
>>>>>>
>>>>>> Jon
>>>>>>
>>>>>>
>>>>>>> On Feb 4, 2021, at 9:02 PM, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>>>>>>
>>>>>>> Hi Adolf,
>>>>>>>
>>>>>>> Could I add a request for sqlite3?  The current version is about 2 years old.
>>>>>>>
>>>>>>> [root(a)ipfire ~]# sqlite3
>>>>>>> SQLite version 3.26.0 2018-12-01 12:34:55
>>>>>>> Enter ".help" for usage hints.
>>>>>>> Connected to a transient in-memory database.
>>>>>>> Use ".open FILENAME" to reopen on a persistent database.
>>>>>>> sqlite>
>>>>>>>
>>>>>>> And with the blessing and approval of the Devs, can REGEXP be added to sqlite3?  I don't know the security risk of this so if it cannot be done because of security that is fine.
>>>>>>>
>>>>>>> Best regards,
>>>>>>> Jon
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> On Jan 30, 2021, at 7:51 AM, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>>>>>>
>>>>>>>> Hallo all,
>>>>>>>>
>>>>>>>> I am currently working on screen-4.8.0
>>>>>>>>
>>>>>>>>
>>>>>>>> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>>>>>>>>
>>>>>>>> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>>>>>>>>
>>>>>>>> Have a great weekend.
>>>>>>>>
>>>>>>>> Adolf.
>>>>>>>>
>>>>>>>> Sent from my Desktop Computer
>>>>>>>>
>>>>>>>> On 30/01/2021 14:08, Peter Müller wrote:
>>>>>>>>> Hello Matthias, hello *,
>>>>>>>>>
>>>>>>>>> thanks for your reply.
>>>>>>>>>
>>>>>>>>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>>>>>>>>
>>>>>>>>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>>>>>>>>
>>>>>>>>> - binutils 2.36, which requires patching the kernel and hyperscan
>>>>>>>>> - hyperscan 5.4.0
>>>>>>>>> - libseccomp 2.5.1
>>>>>>>>> - Postfix 3.5.9
>>>>>>>>>
>>>>>>>>> for Core Update 154.
>>>>>>>>>
>>>>>>>>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>>>>>>>>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>>>>>>>>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>>>>>>>>
>>>>>>>>> Thanks, and best regards,
>>>>>>>>> Peter Müller
>>>>>>>>>
>>>>>>>>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>>>>>>>>> Hello *,
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>>>>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>>>>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>>>>>>>>
>>>>>>>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>>>>>>>> not checked that, yet. :-)
>>>>>>>>>>
>>>>>>>>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>>>>>>>>
>>>>>>>>>> libgcrypt => 1.9.1
>>>>>>>>>> libgpg-error => 1.41
>>>>>>>>>> libassuan => 2.5.4
>>>>>>>>>>
>>>>>>>>>> Best,
>>>>>>>>>> Matthias
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Thanks, and best regards,
>>>>>>>>>>> Peter Müller
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>
>>>>>>
> 

Re: Pending patches for upcoming Core Update 154

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 5054 bytes --]

Hi,

> On 5 Feb 2021, at 17:31, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
> 
> Hi all,
> 
> On 05/02/2021 17:19, Michael Tremer wrote:
>> Hello,
>> Okay with me, if someone is happy to maintain it :)
> 
> I am not sure that there will be a large amount of maintenance. This the the statement from the developer:-
> 
> "Sipcalc development started back in 2001 and has most of the features I want in an ip calculator. It is no longer under active development, though bugfixes and patches are accepted."
> 
> The current version was released in Jan 2013 so no bugfixes needed since then.

Hmm, that isn’t good. But good that you checked.

Are we leaving it then?

-Michael

> Regards,
> Adolf
>> -Michael
>>> On 5 Feb 2021, at 11:38, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>> 
>>> Hi all,
>>> 
>>> On 05/02/2021 12:10, Michael Tremer wrote:
>>>> Hi,
>>>> I am not sure if the console is a good place for this.
>>>> Do people not use stuff on the web for this?
>>> 
>>> You can do it on the web but this package does give a lot of information but I have it installed on my desktop pc. As I work on IPFire via ssh from my desktop then if I need to use sipcalc I can just open a terminal on my desktop and run it.
>>> 
>>> Regards,
>>> Adolf
>>>> -Michael
>>>>> On 5 Feb 2021, at 03:58, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>>>> 
>>>>> Adolf,
>>>>> 
>>>>> And one more request - very low priority.  Can sipcalc be added as on IPFire Add-on?
>>>>> 
>>>>> This came up in a thread:
>>>>> https://community.ipfire.org/t/open-vpn-no-ping-to-192-168-0-240/4089/2?u=jon
>>>>> 
>>>>> This may already be on Peter's to-do list.
>>>>> 
>>>>> 
>>>>> Jon
>>>>> 
>>>>> 
>>>>>> On Feb 4, 2021, at 9:02 PM, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>>>>> 
>>>>>> Hi Adolf,
>>>>>> 
>>>>>> Could I add a request for sqlite3?  The current version is about 2 years old.
>>>>>> 
>>>>>> [root(a)ipfire ~]# sqlite3
>>>>>> SQLite version 3.26.0 2018-12-01 12:34:55
>>>>>> Enter ".help" for usage hints.
>>>>>> Connected to a transient in-memory database.
>>>>>> Use ".open FILENAME" to reopen on a persistent database.
>>>>>> sqlite>
>>>>>> 
>>>>>> And with the blessing and approval of the Devs, can REGEXP be added to sqlite3?  I don't know the security risk of this so if it cannot be done because of security that is fine.
>>>>>> 
>>>>>> Best regards,
>>>>>> Jon
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>>> On Jan 30, 2021, at 7:51 AM, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>>>>> 
>>>>>>> Hallo all,
>>>>>>> 
>>>>>>> I am currently working on screen-4.8.0
>>>>>>> 
>>>>>>> 
>>>>>>> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>>>>>>> 
>>>>>>> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>>>>>>> 
>>>>>>> Have a great weekend.
>>>>>>> 
>>>>>>> Adolf.
>>>>>>> 
>>>>>>> Sent from my Desktop Computer
>>>>>>> 
>>>>>>> On 30/01/2021 14:08, Peter Müller wrote:
>>>>>>>> Hello Matthias, hello *,
>>>>>>>> 
>>>>>>>> thanks for your reply.
>>>>>>>> 
>>>>>>>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>>>>>>> 
>>>>>>>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>>>>>>> 
>>>>>>>> - binutils 2.36, which requires patching the kernel and hyperscan
>>>>>>>> - hyperscan 5.4.0
>>>>>>>> - libseccomp 2.5.1
>>>>>>>> - Postfix 3.5.9
>>>>>>>> 
>>>>>>>> for Core Update 154.
>>>>>>>> 
>>>>>>>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>>>>>>>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>>>>>>>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>>>>>>> 
>>>>>>>> Thanks, and best regards,
>>>>>>>> Peter Müller
>>>>>>>> 
>>>>>>>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>>>>>>>> Hello *,
>>>>>>>>> 
>>>>>>>>> Hi,
>>>>>>>>> 
>>>>>>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>>>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>>>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>>>>>>> 
>>>>>>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>>>>>>> not checked that, yet. :-)
>>>>>>>>> 
>>>>>>>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>>>>>>> 
>>>>>>>>> libgcrypt => 1.9.1
>>>>>>>>> libgpg-error => 1.41
>>>>>>>>> libassuan => 2.5.4
>>>>>>>>> 
>>>>>>>>> Best,
>>>>>>>>> Matthias
>>>>>>>>> 
>>>>>>>>>> 
>>>>>>>>>> Thanks, and best regards,
>>>>>>>>>> Peter Müller
>>>>>>>>>> 
>>>>>>>>> 
>>>>>> 
>>>>> 

Re: Pending patches for upcoming Core Update 154

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 4699 bytes --]

Hi all,

On 05/02/2021 17:19, Michael Tremer wrote:
> Hello,
> 
> Okay with me, if someone is happy to maintain it :)

I am not sure that there will be a large amount of maintenance. This the the statement from the developer:-

"Sipcalc development started back in 2001 and has most of the features I want in an ip calculator. It is no longer under active development, though bugfixes and patches are accepted."

The current version was released in Jan 2013 so no bugfixes needed since then.

Regards,
Adolf
> 
> -Michael
> 
>> On 5 Feb 2021, at 11:38, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>
>> Hi all,
>>
>> On 05/02/2021 12:10, Michael Tremer wrote:
>>> Hi,
>>> I am not sure if the console is a good place for this.
>>> Do people not use stuff on the web for this?
>>
>> You can do it on the web but this package does give a lot of information but I have it installed on my desktop pc. As I work on IPFire via ssh from my desktop then if I need to use sipcalc I can just open a terminal on my desktop and run it.
>>
>> Regards,
>> Adolf
>>> -Michael
>>>> On 5 Feb 2021, at 03:58, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>>>
>>>> Adolf,
>>>>
>>>> And one more request - very low priority.  Can sipcalc be added as on IPFire Add-on?
>>>>
>>>> This came up in a thread:
>>>> https://community.ipfire.org/t/open-vpn-no-ping-to-192-168-0-240/4089/2?u=jon
>>>>
>>>> This may already be on Peter's to-do list.
>>>>
>>>>
>>>> Jon
>>>>
>>>>
>>>>> On Feb 4, 2021, at 9:02 PM, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>>>>
>>>>> Hi Adolf,
>>>>>
>>>>> Could I add a request for sqlite3?  The current version is about 2 years old.
>>>>>
>>>>> [root(a)ipfire ~]# sqlite3
>>>>> SQLite version 3.26.0 2018-12-01 12:34:55
>>>>> Enter ".help" for usage hints.
>>>>> Connected to a transient in-memory database.
>>>>> Use ".open FILENAME" to reopen on a persistent database.
>>>>> sqlite>
>>>>>
>>>>> And with the blessing and approval of the Devs, can REGEXP be added to sqlite3?  I don't know the security risk of this so if it cannot be done because of security that is fine.
>>>>>
>>>>> Best regards,
>>>>> Jon
>>>>>
>>>>>
>>>>>
>>>>>> On Jan 30, 2021, at 7:51 AM, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>>>>
>>>>>> Hallo all,
>>>>>>
>>>>>> I am currently working on screen-4.8.0
>>>>>>
>>>>>>
>>>>>> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>>>>>>
>>>>>> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>>>>>>
>>>>>> Have a great weekend.
>>>>>>
>>>>>> Adolf.
>>>>>>
>>>>>> Sent from my Desktop Computer
>>>>>>
>>>>>> On 30/01/2021 14:08, Peter Müller wrote:
>>>>>>> Hello Matthias, hello *,
>>>>>>>
>>>>>>> thanks for your reply.
>>>>>>>
>>>>>>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>>>>>>
>>>>>>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>>>>>>
>>>>>>> - binutils 2.36, which requires patching the kernel and hyperscan
>>>>>>> - hyperscan 5.4.0
>>>>>>> - libseccomp 2.5.1
>>>>>>> - Postfix 3.5.9
>>>>>>>
>>>>>>> for Core Update 154.
>>>>>>>
>>>>>>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>>>>>>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>>>>>>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>>>>>>
>>>>>>> Thanks, and best regards,
>>>>>>> Peter Müller
>>>>>>>
>>>>>>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>>>>>>> Hello *,
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>>>>>>
>>>>>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>>>>>> not checked that, yet. :-)
>>>>>>>>
>>>>>>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>>>>>>
>>>>>>>> libgcrypt => 1.9.1
>>>>>>>> libgpg-error => 1.41
>>>>>>>> libassuan => 2.5.4
>>>>>>>>
>>>>>>>> Best,
>>>>>>>> Matthias
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks, and best regards,
>>>>>>>>> Peter Müller
>>>>>>>>>
>>>>>>>>
>>>>>
>>>>
> 

Re: Pending patches for upcoming Core Update 154

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 4163 bytes --]

Hello,

Okay with me, if someone is happy to maintain it :)

-Michael

> On 5 Feb 2021, at 11:38, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
> 
> Hi all,
> 
> On 05/02/2021 12:10, Michael Tremer wrote:
>> Hi,
>> I am not sure if the console is a good place for this.
>> Do people not use stuff on the web for this?
> 
> You can do it on the web but this package does give a lot of information but I have it installed on my desktop pc. As I work on IPFire via ssh from my desktop then if I need to use sipcalc I can just open a terminal on my desktop and run it.
> 
> Regards,
> Adolf
>> -Michael
>>> On 5 Feb 2021, at 03:58, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>> 
>>> Adolf,
>>> 
>>> And one more request - very low priority.  Can sipcalc be added as on IPFire Add-on?
>>> 
>>> This came up in a thread:
>>> https://community.ipfire.org/t/open-vpn-no-ping-to-192-168-0-240/4089/2?u=jon
>>> 
>>> This may already be on Peter's to-do list.
>>> 
>>> 
>>> Jon
>>> 
>>> 
>>>> On Feb 4, 2021, at 9:02 PM, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>>> 
>>>> Hi Adolf,
>>>> 
>>>> Could I add a request for sqlite3?  The current version is about 2 years old.
>>>> 
>>>> [root(a)ipfire ~]# sqlite3
>>>> SQLite version 3.26.0 2018-12-01 12:34:55
>>>> Enter ".help" for usage hints.
>>>> Connected to a transient in-memory database.
>>>> Use ".open FILENAME" to reopen on a persistent database.
>>>> sqlite>
>>>> 
>>>> And with the blessing and approval of the Devs, can REGEXP be added to sqlite3?  I don't know the security risk of this so if it cannot be done because of security that is fine.
>>>> 
>>>> Best regards,
>>>> Jon
>>>> 
>>>> 
>>>> 
>>>>> On Jan 30, 2021, at 7:51 AM, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>>> 
>>>>> Hallo all,
>>>>> 
>>>>> I am currently working on screen-4.8.0
>>>>> 
>>>>> 
>>>>> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>>>>> 
>>>>> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>>>>> 
>>>>> Have a great weekend.
>>>>> 
>>>>> Adolf.
>>>>> 
>>>>> Sent from my Desktop Computer
>>>>> 
>>>>> On 30/01/2021 14:08, Peter Müller wrote:
>>>>>> Hello Matthias, hello *,
>>>>>> 
>>>>>> thanks for your reply.
>>>>>> 
>>>>>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>>>>> 
>>>>>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>>>>> 
>>>>>> - binutils 2.36, which requires patching the kernel and hyperscan
>>>>>> - hyperscan 5.4.0
>>>>>> - libseccomp 2.5.1
>>>>>> - Postfix 3.5.9
>>>>>> 
>>>>>> for Core Update 154.
>>>>>> 
>>>>>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>>>>>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>>>>>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>>>>> 
>>>>>> Thanks, and best regards,
>>>>>> Peter Müller
>>>>>> 
>>>>>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>>>>>> Hello *,
>>>>>>> 
>>>>>>> Hi,
>>>>>>> 
>>>>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>>>>> 
>>>>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>>>>> not checked that, yet. :-)
>>>>>>> 
>>>>>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>>>>> 
>>>>>>> libgcrypt => 1.9.1
>>>>>>> libgpg-error => 1.41
>>>>>>> libassuan => 2.5.4
>>>>>>> 
>>>>>>> Best,
>>>>>>> Matthias
>>>>>>> 
>>>>>>>> 
>>>>>>>> Thanks, and best regards,
>>>>>>>> Peter Müller
>>>>>>>> 
>>>>>>> 
>>>> 
>>> 

Re: Pending patches for upcoming Core Update 154

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 3858 bytes --]

Hi all,

On 05/02/2021 12:10, Michael Tremer wrote:
> Hi,
> 
> I am not sure if the console is a good place for this.
> 
> Do people not use stuff on the web for this?

You can do it on the web but this package does give a lot of information but I have it installed on my desktop pc. As I work on IPFire via ssh from my desktop then if I need to use sipcalc I can just open a terminal on my desktop and run it.

Regards,
Adolf
> 
> -Michael
> 
>> On 5 Feb 2021, at 03:58, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>
>> Adolf,
>>
>> And one more request - very low priority.  Can sipcalc be added as on IPFire Add-on?
>>
>> This came up in a thread:
>> https://community.ipfire.org/t/open-vpn-no-ping-to-192-168-0-240/4089/2?u=jon
>>
>> This may already be on Peter's to-do list.
>>
>>
>> Jon
>>
>>
>>> On Feb 4, 2021, at 9:02 PM, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>>>
>>> Hi Adolf,
>>>
>>> Could I add a request for sqlite3?  The current version is about 2 years old.
>>>
>>> [root(a)ipfire ~]# sqlite3
>>> SQLite version 3.26.0 2018-12-01 12:34:55
>>> Enter ".help" for usage hints.
>>> Connected to a transient in-memory database.
>>> Use ".open FILENAME" to reopen on a persistent database.
>>> sqlite>
>>>
>>> And with the blessing and approval of the Devs, can REGEXP be added to sqlite3?  I don't know the security risk of this so if it cannot be done because of security that is fine.
>>>
>>> Best regards,
>>> Jon
>>>
>>>
>>>
>>>> On Jan 30, 2021, at 7:51 AM, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>>
>>>> Hallo all,
>>>>
>>>> I am currently working on screen-4.8.0
>>>>
>>>>
>>>> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>>>>
>>>> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>>>>
>>>> Have a great weekend.
>>>>
>>>> Adolf.
>>>>
>>>> Sent from my Desktop Computer
>>>>
>>>> On 30/01/2021 14:08, Peter Müller wrote:
>>>>> Hello Matthias, hello *,
>>>>>
>>>>> thanks for your reply.
>>>>>
>>>>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>>>>
>>>>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>>>>
>>>>> - binutils 2.36, which requires patching the kernel and hyperscan
>>>>> - hyperscan 5.4.0
>>>>> - libseccomp 2.5.1
>>>>> - Postfix 3.5.9
>>>>>
>>>>> for Core Update 154.
>>>>>
>>>>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>>>>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>>>>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>>>>
>>>>> Thanks, and best regards,
>>>>> Peter Müller
>>>>>
>>>>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>>>>> Hello *,
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>>>>
>>>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>>>> not checked that, yet. :-)
>>>>>>
>>>>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>>>>
>>>>>> libgcrypt => 1.9.1
>>>>>> libgpg-error => 1.41
>>>>>> libassuan => 2.5.4
>>>>>>
>>>>>> Best,
>>>>>> Matthias
>>>>>>
>>>>>>>
>>>>>>> Thanks, and best regards,
>>>>>>> Peter Müller
>>>>>>>
>>>>>>
>>>
>>
> 

Re: Pending patches for upcoming Core Update 154

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 3063 bytes --]

Hi,

> On 5 Feb 2021, at 03:02, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
> 
> Hi Adolf,
> 
> Could I add a request for sqlite3?  The current version is about 2 years old.
> 
> [root(a)ipfire ~]# sqlite3
> SQLite version 3.26.0 2018-12-01 12:34:55
> Enter ".help" for usage hints.
> Connected to a transient in-memory database.
> Use ".open FILENAME" to reopen on a persistent database.
> sqlite> 
> 
> And with the blessing and approval of the Devs, can REGEXP be added to sqlite3?  I don't know the security risk of this so if it cannot be done because of security that is fine.

Is this already part of the newer releases, or is this something that needs to be explicitly enabled?

I do not see any concerns about regular expressions.

-Michael

> 
> Best regards,
> Jon
> 
> 
> 
>> On Jan 30, 2021, at 7:51 AM, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>> 
>> Hallo all,
>> 
>> I am currently working on screen-4.8.0
>> 
>> 
>> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>> 
>> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>> 
>> Have a great weekend.
>> 
>> Adolf.
>> 
>> Sent from my Desktop Computer
>> 
>> On 30/01/2021 14:08, Peter Müller wrote:
>>> Hello Matthias, hello *,
>>> 
>>> thanks for your reply.
>>> 
>>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>> 
>>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>> 
>>> - binutils 2.36, which requires patching the kernel and hyperscan
>>> - hyperscan 5.4.0
>>> - libseccomp 2.5.1
>>> - Postfix 3.5.9
>>> 
>>> for Core Update 154.
>>> 
>>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>> 
>>> Thanks, and best regards,
>>> Peter Müller
>>> 
>>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>>> Hello *,
>>>> 
>>>> Hi,
>>>> 
>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>> 
>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>> not checked that, yet. :-)
>>>> 
>>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>> 
>>>> libgcrypt => 1.9.1
>>>> libgpg-error => 1.41
>>>> libassuan => 2.5.4
>>>> 
>>>> Best,
>>>> Matthias
>>>> 
>>>>> 
>>>>> Thanks, and best regards,
>>>>> Peter Müller
>>>>> 
>>>> 
> 

Re: Pending patches for upcoming Core Update 154

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 3464 bytes --]

Hi,

I am not sure if the console is a good place for this.

Do people not use stuff on the web for this?

-Michael

> On 5 Feb 2021, at 03:58, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
> 
> Adolf,
> 
> And one more request - very low priority.  Can sipcalc be added as on IPFire Add-on?
> 
> This came up in a thread:
> https://community.ipfire.org/t/open-vpn-no-ping-to-192-168-0-240/4089/2?u=jon
> 
> This may already be on Peter's to-do list.
> 
> 
> Jon
> 
> 
>> On Feb 4, 2021, at 9:02 PM, Jon Murphy <jcmurphy26(a)gmail.com> wrote:
>> 
>> Hi Adolf,
>> 
>> Could I add a request for sqlite3?  The current version is about 2 years old.
>> 
>> [root(a)ipfire ~]# sqlite3
>> SQLite version 3.26.0 2018-12-01 12:34:55
>> Enter ".help" for usage hints.
>> Connected to a transient in-memory database.
>> Use ".open FILENAME" to reopen on a persistent database.
>> sqlite> 
>> 
>> And with the blessing and approval of the Devs, can REGEXP be added to sqlite3?  I don't know the security risk of this so if it cannot be done because of security that is fine.
>> 
>> Best regards,
>> Jon
>> 
>> 
>> 
>>> On Jan 30, 2021, at 7:51 AM, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>> 
>>> Hallo all,
>>> 
>>> I am currently working on screen-4.8.0
>>> 
>>> 
>>> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>>> 
>>> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>>> 
>>> Have a great weekend.
>>> 
>>> Adolf.
>>> 
>>> Sent from my Desktop Computer
>>> 
>>> On 30/01/2021 14:08, Peter Müller wrote:
>>>> Hello Matthias, hello *,
>>>> 
>>>> thanks for your reply.
>>>> 
>>>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>>> 
>>>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>>> 
>>>> - binutils 2.36, which requires patching the kernel and hyperscan
>>>> - hyperscan 5.4.0
>>>> - libseccomp 2.5.1
>>>> - Postfix 3.5.9
>>>> 
>>>> for Core Update 154.
>>>> 
>>>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>>>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>>>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>>> 
>>>> Thanks, and best regards,
>>>> Peter Müller
>>>> 
>>>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>>>> Hello *,
>>>>> 
>>>>> Hi,
>>>>> 
>>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>>> 
>>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>>> not checked that, yet. :-)
>>>>> 
>>>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>>> 
>>>>> libgcrypt => 1.9.1
>>>>> libgpg-error => 1.41
>>>>> libassuan => 2.5.4
>>>>> 
>>>>> Best,
>>>>> Matthias
>>>>> 
>>>>>> 
>>>>>> Thanks, and best regards,
>>>>>> Peter Müller
>>>>>> 
>>>>> 
>> 
> 

Re: Pending patches for upcoming Core Update 154

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 3015 bytes --]

Hi Jon,

On 05/02/2021 04:02, Jon Murphy wrote:
> Hi Adolf,
> 
> Could I add a request for sqlite3?  The current version is about 2 years old.
> 
>     [root(a)ipfire ~]# sqlite3
>     SQLite version 3.26.0 2018-12-01 12:34:55
>     Enter ".help" for usage hints.
>     Connected to a *transient in-memory database*.
>     Use ".open FILENAME" to reopen on a persistent database.
>     sqlite> 
> 
You'll be pleased to hear it is already staged.
> 
> And with the blessing and approval of the Devs, can REGEXP be added to sqlite3?  I don't know the security risk of this so if it cannot be done because of security that is fine.
> 
No change related to REGEXP was done. I just did a standard update.

> Best regards,
> Jon
> 
> 
> 
>> On Jan 30, 2021, at 7:51 AM, Adolf Belka <adolf.belka(a)ipfire.org <mailto:adolf.belka(a)ipfire.org>> wrote:
>>
>> Hallo all,
>>
>> I am currently working on screen-4.8.0
>>
>>
>> My process for the packages I work on is I see an "interesting" package name in the list of programs being built and I check if it is up to date or not. If it is not then I have a go at it.
>>
>> If any of you have packages that you think it would be good/useful for me to work on then let me know and I will have a go. Otherwise I will keep on working on things that look "interesting" to me.
>>
>> Have a great weekend.
>>
>> Adolf.
>>
>> Sent from my Desktop Computer
>>
>> On 30/01/2021 14:08, Peter Müller wrote:
>>> Hello Matthias, hello *,
>>>
>>> thanks for your reply.
>>>
>>> Glad you mention and take care of libgcrypt, that one is important. :-)
>>>
>>> Meanwhile, I am trying to get IPFire 2.x build working on my workstation [sic], working on
>>>
>>> - binutils 2.36, which requires patching the kernel and hyperscan
>>> - hyperscan 5.4.0
>>> - libseccomp 2.5.1
>>> - Postfix 3.5.9
>>>
>>> for Core Update 154.
>>>
>>> freetype unfortunately continues to break most recent ghostscript, and I have not yet found
>>> out why. In addition, ghostscript-fonts-std seems to be heavily outdated (8.11 != 9.x), but
>>> I have not found a suitable source for some more current RPMs flying around at OpenSuSE.
>>>
>>> Thanks, and best regards,
>>> Peter Müller
>>>
>>>> On 27.01.2021 18:15, Peter Müller wrote:
>>>>> Hello *,
>>>>
>>>> Hi,
>>>>
>>>>> to avoid redundancies: I am currently working on Postfix 3.5.9 and (more important) sudo
>>>>> 1.9.5p2 for upcoming Core Update 154. Both fix some security issues; I am pretty sure you
>>>>> have heard of CVE-2021-3156 affecting the latter by now.
>>>>>
>>>>> There might be some minor stuff (USB/PCI database files, etc.) to do as well, but I have
>>>>> not checked that, yet. :-)
>>>>
>>>> My two cents - working ('Devel' does it, I'm only watching ;-) ) on:
>>>>
>>>> libgcrypt => 1.9.1
>>>> libgpg-error => 1.41
>>>> libassuan => 2.5.4
>>>>
>>>> Best,
>>>> Matthias
>>>>
>>>>>
>>>>> Thanks, and best regards,
>>>>> Peter Müller
>>>>>
>>>>
>