* [PATCH] ddrescue: Update to version 1.29
@ 2025-01-22 12:43 Adolf Belka
2025-01-22 12:43 ` [PATCH] fontconfig: Update to version 2.16.0 Adolf Belka
` (10 more replies)
0 siblings, 11 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 2988 bytes --]
- Update from version 1.28 to 1.29
- Update of rootfile not required
- Changelog
1.29
The new option '--continue-on-errno' has been added.
If ddrescue exits because of a fatal read error, it now prints the value of
the variable 'errno' so that it can be used as argument to
'--continue-on-errno'.
When using '--ask' and '--verbose', print rescue options before asking user.
Option '--log-reads' now records the value of errno if different from EIO.
(The four changes above suggested by Christian Franke).
The effect of option '-O, --reopen-on-error' has been extended to all phases.
It has been documented in the manual that '--reopen-on-error' may be needed
when using '--continue-on-errno'.
A compilation error on FiwixOS 3.3 about an ambiguous call to std::abs has
been fixed. (Reported by Jordi Sanfeliu).
The chapter 'Syntax of command-line arguments' has been added to the manual.
Two examples of combined use with lziprecover have been added to the manual.
(One of them uses the new Forward Error Correction (FEC) feature of
lziprecover).
It has been documented in the manual that option '-b' of ddrescuelog is
position dependent. (Reported by Winston B. E.).
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
lfs/ddrescue | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lfs/ddrescue b/lfs/ddrescue
index 9d1c08fe2..8320751ae 100644
--- a/lfs/ddrescue
+++ b/lfs/ddrescue
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -26,7 +26,7 @@ include Config
SUMMARY = Data Copying in the Presence of I/O Errors
-VER = 1.28
+VER = 1.29
THISAPP = ddrescue-$(VER)
DL_FILE = $(THISAPP).tar.lz
@@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = ddrescue
-PAK_VER = 4
+PAK_VER = 5
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 8c212f0d495e0df8e0398b97730c812ea9ccb77bd42e730198222e9918e3652fc52d932449b1e0dc9bdd453a123e2450c962e33e98d9845ce81b9a934a5bbdaa
+$(DL_FILE)_BLAKE2 = 88eab69f2296464859dc8720930f28f6bc32aa694649e15a99dcd9dfd63ed8ba845d7af347e8b1ee90e954f8317888ec0f2cd90ec98994a7d2b4d654a31adbfc
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] fontconfig: Update to version 2.16.0
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] gdb: Update to version 16.1 Adolf Belka
` (9 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 7557 bytes --]
- Update from version 2.15.0 to 2.16.0
- Update of rootfile
- Changelog
2.16.0
Publish docs to GitLab pages
doc: default index for fontconfig-devel to index.html
Update URLs for docs
doc: Fix a typo of the summary for FcFontSetSort
Clean up .uuid files with fc-cache -f too
Fix undesired unref of FcConfig on Win32
meson.build: Fix a typo in POT names
meson.build: Add missing --msgid-bugs-address
Sort out bitmap related config files
Add test cases for 70-no-bitmap-and-emoji.conf and 70-no-bitmap-except-emoji.conf
meson: Add missing checkup
Add a missing dependency for CI on FreeBSD
meson: try to figure out libintl dependency
ci: Fix a typo in build script
ci: Add config.log for artifacts
ci: Add missing dependencies
ci: Disable cache update
meson: Fix build fail with NLS enabled on BSD
meson: Add libxml2 support
ci: Add libxml2 build for meson
meson: Workaround an exception
ci: Workaround an error with libxml2 on Android
meson: Add iconv checkup for all platforms
Fix incompatible pointer type on MinGW
meson: Use c_shared_args to take care of --default-library=both on Win32
ci: Fix a typo
ci: disable iconv for MSVC
ci: build with expat on MSVC
doc: Use sans-serif instead of sans
Do not add merge commits into NEWS file
doc: Fix a typo
meson: Enable run-test.sh for non-Win32
test/wrapper-script.sh: don't add a path when executable already has a path name.
meson: Add missing the unit testing with json-c
test-conf: Fix compiler warnings
Fix test case for reproducible builds
ci: Use md5 if md5sum isn't available.
ci: normalize path to avoid miscalculation of cache name
ci: Add Fedora 40 and remove Fedora 38
More information when no writable cache directories
Fix a memory leak in _get_real_paths_from_prefix
Set FcTypeVoid if no valid types to convert
Add FcConfigSetFontSetFilter
Improve hinting detection for fonthashint object
Accept integer for pixelsize
Fix a memory leak in fc-list/fc-query/fc-scan
Add got.orth for Gothic language
Add cop.orth for Coptic language
Add foreign automake option to avoid an error on autotools bootstrap
ci: rebase ci-templates
ci: Add Fedora 41 and drop 39
ci: run check-merge-request on merge request pipelines only
ci: Add FreeBSD 14.1 and drop 13.2
ci: build mingw on f40 only
meson: Add install_tag for install targets
meson: Add docs into dist
meson: Add autotools files into dist
doc: generate fontconfig-devel.html as one big file
ci: Fix a fail on pages deployment
ci: Fix pages deployment again
fc-case: Correct the license header of fccase.h
Use proper postscriptname for named instance if any
Replace hardcoded path in man pages to url link
Allow comma as a delimiter in postscriptname and ignore it on matching
Deal with glob string properly
Another fix of glob string for Win32
ci: Enable meson dist
Fix misleading-indentation warning
Bump the libtool version
Do not prefix cache_base with a "/". Doing so will lead to FcStrBuildFilename()
composing paths that contain double slashes, e.g. in FcDirCacheProcess(). If
FcDirCacheBasenameMD5() returns a cache_base that is prefixed with a "/", the
call to FcStrBuildFilename() in FcDirCacheProcess() will compose a path that
contains double slashes and this double-slashed path will then be passed to
FcDirCacheOpenFile(). This won't cause any harm on Linux because Linux just
ignores multiple slashes in paths but on other operating systems multiple
slashes in paths are not allowed so FcDirCacheOpenFile() will fail on those
platforms because of the double slash in the path.
Fix qsort nullpointer issue
Fix FcSerialize null pointer usage
meson: fix config relocation on Windows
Fix invalid escape character \s
Remove redundant leaf assignment in fcfreetype.c
Move Mac OS image to an up-to-date Mac OS 15 Sequoia image on ARM
Update Windows image to gstreamer image from stable
Allow building Rust targets in CI
[Fontations] Build bindgen targets, basic Rust test
Refactor exclusive language logic into separate file
meson: added default font dirs for android
Unlock on allocation failure in FcCacheInsert
Ensure config is locked during retry in FcConfigReference
Fix wording in README.md
build: detect-and-use `-lm` for `fabs` in fcmatch
fontconfig: mark _FcPatternIter as may_alias
Meson: Fix build with clang-cl by using cc.preprocess()
meson: Add missing dep on generated header
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/common/fontconfig | 4 +++-
lfs/fontconfig | 6 +++---
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/common/fontconfig b/config/rootfiles/common/fontconfig
index 50d503ed8..713fda601 100644
--- a/config/rootfiles/common/fontconfig
+++ b/config/rootfiles/common/fontconfig
@@ -39,7 +39,7 @@ usr/bin/fc-validate
#usr/lib/libfontconfig.la
#usr/lib/libfontconfig.so
usr/lib/libfontconfig.so.1
-usr/lib/libfontconfig.so.1.12.1
+usr/lib/libfontconfig.so.1.15.0
#usr/lib/pkgconfig/fontconfig.pc
#usr/share/fontconfig
#usr/share/fontconfig/conf.avail
@@ -80,6 +80,8 @@ usr/lib/libfontconfig.so.1.12.1
#usr/share/fontconfig/conf.avail/65-khmer.conf
#usr/share/fontconfig/conf.avail/65-nonlatin.conf
#usr/share/fontconfig/conf.avail/69-unifont.conf
+#usr/share/fontconfig/conf.avail/70-no-bitmaps-and-emoji.conf
+#usr/share/fontconfig/conf.avail/70-no-bitmaps-except-emoji.conf
#usr/share/fontconfig/conf.avail/70-no-bitmaps.conf
#usr/share/fontconfig/conf.avail/70-yes-bitmaps.conf
#usr/share/fontconfig/conf.avail/80-delicious.conf
diff --git a/lfs/fontconfig b/lfs/fontconfig
index 318d643b0..6b7af145a 100644
--- a/lfs/fontconfig
+++ b/lfs/fontconfig
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 2.15.0
+VER = 2.16.0
SUMMARY = Library for configuring and customizing font access
THISAPP = fontconfig-$(VER)
@@ -41,7 +41,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 17c85fddc4ab84111c4f50afb89ecd8792c3aeaa2690b38fd39fca6f6cece69e9ce0cd3af8a2e54968c79ad1f9bee1e444699a13c068d9dfd3dfe1212ff37533
+$(DL_FILE)_BLAKE2 = 48d6fcbfe83f0a4c026a4f90d864a4195805e04cc6dd486bd18d68caa8b55fd51fc37822781298152d363b70dc103c9f8b216f6dc0193b2b192eb35565482ec4
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] gdb: Update to version 16.1
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
2025-01-22 12:43 ` [PATCH] fontconfig: Update to version 2.16.0 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] git: Update to version 2.48.1 Adolf Belka
` (8 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 11835 bytes --]
- Update from version 15.2 to 16.1
- Update of rootfile
- Changelog
16.1
* Support for Nios II targets has been removed as this architecture
has been EOL'ed by Intel.
* GDB now supports watchpoints for tagged data pointers (see
https://en.wikipedia.org/wiki/Tagged_pointer) on amd64, such as the
one used by the Linear Address Masking (LAM) feature provided by
Intel.
* Debugging support for Intel MPX has been removed. This includes the
removal of
** MPX register support
** the commands "show/set mpx bound" (deprecated since GDB 15)
** i386 and amd64 implementation of the hooks report_signal_info and
get_siginfo_type.
* GDB now supports printing of asynchronous events from the Intel Processor
Trace during 'record instruction-history', 'record function-call-history'
and all stepping commands. This can be controlled with the new
"set record btrace pt event-tracing" command.
* GDB now supports printing of ptwrite payloads from the Intel Processor
Trace during 'record instruction-history', 'record function-call-history'
and all stepping commands. The payload is also accessible in Python as a
RecordAuxiliary object. Printing is customizable via a ptwrite filter
function in Python. By default, the raw ptwrite payload is printed for
each ptwrite that is encountered.
* For breakpoints that are created in the 'pending' state, any
'thread' or 'task' keywords are parsed at the time the breakpoint is
created, rather than at the time the breakpoint becomes non-pending.
* Thread-specific breakpoints are only inserted into the program space
in which the thread of interest is running. In most cases program
spaces are unique for each inferior, so this means that
thread-specific breakpoints will usually only be inserted for the
inferior containing the thread of interest. The breakpoint will
be hit no less than before.
* For ARM targets, the offset of the pc in the jmp_buf has been fixed to match
glibc 2.20 and later. This should only matter when not using libc probes.
This may cause breakage when using an incompatible libc, like uclibc or
newlib, or an older glibc.
* MTE (Memory Tagging Extension) debugging is now supported on AArch64 baremetal
targets.
* Remove support (native and remote) for QNX Neutrino (triplet
`i[3456]86-*-nto*`).
* In a record session, when a forward emulation reaches the end of the reverse
history, the warning message has been changed to indicate that the end of the
history has been reached. It also specifies that the forward execution can
continue, and the recording will also continue.
* The Ada 'Object_Size attribute is now supported.
* Support for process record/replay and reverse debugging on loongarch*-linux*
targets has been added.
* New bash script gstack uses GDB to print stack traces of running processes.
* Python API
** Added gdb.record.clear. Clears the trace data of the current recording.
This forces re-decoding of the trace for successive commands.
** Added the new event source gdb.tui_enabled.
** New module gdb.missing_objfile that facilitates dealing with
missing objfiles when opening a core-file.
** New function gdb.missing_objfile.register_handler that can
register an instance of a sub-class of
gdb.missing_debug.MissingObjfileHandler as a handler for missing
objfiles.
** New class gdb.missing_objfile.MissingObjfileHandler which can be
sub-classed to create handlers for missing objfiles.
** The 'signed' argument to gdb.Architecture.integer_type() will no
longer accept non-bool types.
** The gdb.MICommand.installed property can only be set to True or
False.
** The 'qualified' argument to gdb.Breakpoint constructor will no
longer accept non-bool types.
** Added the gdb.Symbol.is_artificial attribute.
* Debugger Adapter Protocol changes
** The "scopes" request will now return a scope holding global
variables from the stack frame's compilation unit.
** The "scopes" request will return a "returnValue" scope holding
the return value from the latest "stepOut" command, when
appropriate.
** The "launch" and "attach" requests were rewritten in accordance
with some clarifications to the spec. Now they can be sent at
any time after the "initialized" event, but will not take effect
(or send a response) until after the "configurationDone" request
has been sent.
** The "variables" request will not return artificial symbols.
* New commands
show jit-reader-directory
Show the name of the directory that "jit-reader-load" uses for
relative file names.
set style line-number foreground COLOR
set style line-number background COLOR
set style line-number intensity VALUE
Control the styling of line numbers printed by GDB.
set style command foreground COLOR
set style command background COLOR
set style command intensity VALUE
Control the styling of GDB commands when displayed by GDB.
set style title foreground COLOR
set style title background COLOR
set style title intensity VALUE
This style now applies to the header line of lists, for example the
first line of the output of "info breakpoints". Previous uses of
this style have been replaced with the new "command" style.
set warn-language-frame-mismatch [on|off]
show warn-language-frame-mismatch
Control the warning that is emitted when specifying a language that
does not match the current frame's language.
maintenance info inline-frames [ADDRESS]
New command which displays GDB's inline-frame information for the
current address, or for ADDRESS if specified. The output identifies
inlined frames which start at the specified address.
maintenance info blocks [ADDRESS]
New command which displays information about all of the blocks at
ADDRESS, or at the current address if ADDRESS is not given. Blocks
are listed starting at the inner global block out to the most inner
block.
info missing-objfile-handlers
List all the registered missing-objfile handlers.
enable missing-objfile-handler LOCUS HANDLER
disable missing-objfile-handler LOCUS HANDLER
Enable or disable a missing-objfile handler with a name matching the
regular expression HANDLER, in LOCUS.
LOCUS can be 'global' to operate on global missing-objfile handler,
'progspace' to operate on handlers within the current program space,
or can be a regular expression which is matched against the filename
of the primary executable in each program space.
* Changed commands
remove-symbol-file
This command now supports file-name completion.
remove-symbol-file -a ADDRESS
The ADDRESS expression can now be a full expression consisting of
multiple terms, e.g. 'function + 0x1000' (without quotes),
previously only a single term could be given.
target core
target exec
target tfile
target ctf
compile file
maint print c-tdesc
save gdb-index
These commands now require their filename argument to be quoted if
it contains white space or quote characters. If the argument
contains no such special characters then quoting is not required.
maintenance print remote-registers
Add an "Expedited" column to the output of the command. It indicates
which registers were included in the last stop reply packet received by
GDB.
show configuration
Now includes the version of GNU Readline library that GDB is using.
* New remote packets
vFile:stat
Return information about files on the remote system. Like
vFile:fstat but takes a filename rather than an open file
descriptor.
x addr,length
Given ADDR and LENGTH, fetch LENGTH units from the memory at address
ADDR and send the fetched data in binary format. This packet is
equivalent to 'm', except that the data in the response are in
binary format.
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/common/gdb | 13 +++++++------
lfs/gdb | 6 +++---
2 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/config/rootfiles/common/gdb b/config/rootfiles/common/gdb
index d74a65b71..dc189b90e 100644
--- a/config/rootfiles/common/gdb
+++ b/config/rootfiles/common/gdb
@@ -2,14 +2,11 @@
#usr/bin/gdb
#usr/bin/gdb-add-index
#usr/bin/gdbserver
-#usr/bin/run
+#usr/bin/gstack
#usr/include/gdb
#usr/include/gdb/jit-reader.h
#usr/include/sim
#usr/lib/libinproctrace.so
-#usr/include/sim/callback.h
-#usr/include/sim/sim.h
-#usr/lib/libsim.a
#usr/share/gdb/python
#usr/share/gdb/python/gdb
#usr/share/gdb/python/gdb/FrameDecorator.py
@@ -19,7 +16,7 @@
#usr/share/gdb/python/gdb/command/__init__.py
#usr/share/gdb/python/gdb/command/explore.py
#usr/share/gdb/python/gdb/command/frame_filters.py
-#usr/share/gdb/python/gdb/command/missing_debug.py
+#usr/share/gdb/python/gdb/command/missing_files.py
#usr/share/gdb/python/gdb/command/pretty_printers.py
#usr/share/gdb/python/gdb/command/prompt.py
#usr/share/gdb/python/gdb/command/type_printers.py
@@ -33,6 +30,7 @@
#usr/share/gdb/python/gdb/dap/evaluate.py
#usr/share/gdb/python/gdb/dap/events.py
#usr/share/gdb/python/gdb/dap/frames.py
+#usr/share/gdb/python/gdb/dap/globalvars.py
#usr/share/gdb/python/gdb/dap/io.py
#usr/share/gdb/python/gdb/dap/launch.py
#usr/share/gdb/python/gdb/dap/locations.py
@@ -56,11 +54,13 @@
#usr/share/gdb/python/gdb/function/caller_is.py
#usr/share/gdb/python/gdb/function/strfns.py
#usr/share/gdb/python/gdb/missing_debug.py
+#usr/share/gdb/python/gdb/missing_files.py
+#usr/share/gdb/python/gdb/missing_objfile.py
#usr/share/gdb/python/gdb/printer
#usr/share/gdb/python/gdb/printer/__init__.py
-#usr/share/gdb/python/gdb/printer/bound_registers.py
#usr/share/gdb/python/gdb/printing.py
#usr/share/gdb/python/gdb/prompt.py
+#usr/share/gdb/python/gdb/ptwrite.py
#usr/share/gdb/python/gdb/styling.py
#usr/share/gdb/python/gdb/types.py
#usr/share/gdb/python/gdb/unwinder.py
@@ -102,4 +102,5 @@
#usr/share/man/man1/gdb-add-index.1
#usr/share/man/man1/gdb.1
#usr/share/man/man1/gdbserver.1
+#usr/share/man/man1/gstack.1
#usr/share/man/man5/gdbinit.5
diff --git a/lfs/gdb b/lfs/gdb
index ab16e3db5..8518ae6af 100644
--- a/lfs/gdb
+++ b/lfs/gdb
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 15.2
+VER = 16.1
THISAPP = gdb-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 073668c21b41f12bf40160c6d3df808056453cc9df3b5b86374abe38e955d208f86467458b7e64b3c3e93d70b7f87425619778173fdb375256cd85be15419f14
+$(DL_FILE)_BLAKE2 = d1907a4abffda663e3d383959ee18e1ef91fe913c378cf9681bdf5810bf7e7f065236f722564fd77eebf15700751fed1cef58c25cd0c0c44d1d9a416809f6a66
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] git: Update to version 2.48.1
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
2025-01-22 12:43 ` [PATCH] fontconfig: Update to version 2.16.0 Adolf Belka
2025-01-22 12:43 ` [PATCH] gdb: Update to version 16.1 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] harfbuzz: Update to version 10.2.0 Adolf Belka
` (7 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 27829 bytes --]
- Update from version 2.46.0 to 2.48.1
- Update of rootfile
- Changelog
2.48.1
This release merges up the fix that appears in v2.40.4, v2.41.3,
v2.42.4, v2.43.6, v2.44.3, v2.45.3, v2.46.3, and v2.47.2 to address
the security issues CVE-2024-50349 and CVE-2024-52006; see the release
notes for these versions for details.
2.48.0
UI, Workflows & Features
* A new configuration variable remote.<name>.serverOption makes the
transport layer act as if the --serverOption=<value> option is
given from the command line.
* "git rebase --rebase-merges" now uses branch names as labels when
able.
* Describe the policy to introduce breaking changes.
* Teach 'git notes add' and 'git notes append' a new '-e' flag,
instructing them to open the note in $GIT_EDITOR before saving.
* Documentation for "git bundle" saw improvements to more prominently
call out the use of '--all' when creating bundles.
* Drop support for older libcURL and Perl.
* End-user experience of "git mergetool" when the command errors out
has been improved.
* "git bundle --unbundle" and "git clone" running on a bundle file
both learned to trigger fsck over the new objects with configurable
fck check levels.
* When "git fetch $remote" notices that refs/remotes/$remote/HEAD is
missing and discovers what branch the other side points with its
HEAD, refs/remotes/$remote/HEAD is updated to point to it.
* "git fetch" honors "remote.<remote>.followRemoteHEAD" settings to
tweak the remote-tracking HEAD in "refs/remotes/<remote>/HEAD".
* "git range-diff" learned to optionally show and compare merge
commits in the ranges being compared, with the --diff-merges
option.
Performance, Internal Implementation, Development Support etc.
* Document "amlog" notes.
* The way AsciiDoc is used for SYNOPSIS part of the manual pages has
been revamped. The sources, at least for the simple cases, got
vastly more pleasant to work with.
* The reftable library is now prepared to expect that the memory
allocation function given to it may fail to allocate and to deal
with such an error.
* An extra worktree attached to a repository points at each other to
allow finding the repository from the worktree (and vice versa)
possible. Use relative paths for this linkage.
* Enable Windows-based CI in GitLab.
* Commands that can also work outside Git have learned to take the
repository instance "repo" when we know we are in a repository, and
NULL when we are not, in a parameter. The uses of the_repository
variable in a few of them have been removed using the new calling
convention.
* The reftable sub-system grew a new reftable-specific strbuf
replacement to reduce its dependency on Git-specific data
structures.
* The ref-filter machinery learns to recognize and avoid cases where
sorting would be redundant.
* Various platform compatibility fixes split out of the larger effort
to use Meson as the primary build tool.
* Treat ECONNABORTED the same as ECONNRESET in 'git credential-cache'
to work around a possible Cygwin regression. This resolves a race
condition caused by changes in Cygwin's handling of socket
closures, allowing the client to exit cleanly when encountering
ECONNABORTED.
* Demonstrate an assertion failure in 'git mv'.
* Documentation update to clarify that 'uploadpack.allowAnySHA1InWant'
implies both 'allowTipSHA1InWant' and 'allowReachableSHA1InWant'.
* Replace various calls to atoi() with strtol_i() and strtoul_ui(),
and add improved error handling.
* Documentation updates to 'git-update-ref(1)'.
* Update the project's CodingGuidelines to discourage naming functions
with a "_1()" suffix.
* Update '.clang-format' to match project conventions.
* Centralize documentation for repository extensions into a single place.
* Buildfix and upgrade of Clar to a newer version.
* Documentation mark-up updates.
* Renaming a handful of variables and structure fields.
* Fix for clar unit tests to support CMake build.
* C23 compatibility updates.
* GCC 15 compatibility updates.
* We now ensure "index-pack" is used with the "--promisor" option
only during a "git fetch".
* The migration procedure between two ref backends has been optimized.
* "git fsck" learned to issue warnings on "curiously formatted" ref
contents that have always been treated as valid but that Git
wouldn't have written itself (e.g., missing terminating end-of-line
after the full object name).
* Work around Coverity warning that would not trigger in practice.
* Built-in Git subcommands are supplied the repository object to work
with; they learned to do the same when they invoke sub-subcommands.
* Drop support for ancient environments in various CI jobs.
* Isolate the reftable subsystem from the rest of Git's codebase by
using fewer pieces of Git's infrastructure.
* Optimize reading random references out of the reftable backend by
allowing reuse of iterator objects.
* Backport oss-fuzz tests to our codebase.
* Introduce a new repository extension to prevent older Git versions
from mis-interpreting worktrees created with relative paths.
* Yet another "pass the repository through the callchain" topic.
* "git describe" learned to stop digging the history needlessly
deeper.
* Build procedure update plus introduction of Meson based builds.
* Recent reftable updates mistook a NULL return from a request for
0-byte allocation as OOM and died unnecessarily, which has been
corrected.
* Reftable backend adds check for upper limit of log's update_index.
* Start working to make the codebase buildable with -Wsign-compare.
* Regression fix for 'show-index' when run outside of a repository.
* The meson-build procedure is integrated into CI to catch and
prevent bitrotting.
* "git refs migrate" learned to also migrate the reflog data across
backends.
* The developer documentation has been updated to give the latest
info on gitk and git-gui maintainer.
* CI jobs that run threaded programs under LSan has been giving false
positives from time to time, which has been worked around.
* Doc update to clarify how periodical maintenance are scheduled,
spread across time to avoid thundering herds.
* Use after free and double freeing at the end in "git log -L... -p"
had been identified and fixed.
* On macOS, fsmonitor can fall into a race condition that results in
a client waiting forever to be notified about an event that has
already happened. This problem has been corrected.
* "git maintenance start" crashed due to an uninitialized variable
reference, which has been corrected.
* Fail gracefully instead of crashing when attempting to write the
contents of a corrupt in-core index as a tree object.
* A "git fetch" from the superproject going down to a submodule used
a wrong remote when the default remote names are set differently
between them.
* Fixes compile time warnings with 64-bit MSVC.
* Teaches 'shortlog' to explicitly use SHA-1 when operating outside
of a repository.
* Fix 'git grep' regression on macOS by disabling lookahead when
encountering invalid UTF-8 byte sequences.
* The dumb-http code regressed when the result of re-indexing a pack
yielded an *.idx file that differs in content from the *.idx file
it downloaded from the remote. This has been corrected by no longer
relying on the *.idx file we got from the remote.
* When called with '--left-right' and '--use-bitmap-index', 'rev-list'
will produce output without any left/right markers, which has been
corrected.
* More leakfixes.
* Test modernization.
* The "--shallow-exclude=<ref>" option to various history transfer
commands takes a ref, not an arbitrary revision.
* A regression where commit objects missing from a commit-graph can
cause an infinite loop when doing a fetch in a partial clone has
been fixed.
* The MinGW compatibility layer has been taught to support POSIX
semantics for atomic renames when other process(es) have a file
opened at the destination path.
* "git gc" discards any objects that are outside promisor packs that
are referred to by an object in a promisor pack, and we do not
refetch them from the promisor at runtime, resulting an unusable
repository. Work around it by including these objects in the
referring promisor pack at the receiving end of the fetch.
* Avoid build/test breakage on a system without working malloc debug
support dynamic library.
(merge 72ad6dc368 jk/test-malloc-debug-check later to maint).
* Double-free fix.
(merge fe17a25905 jk/fetch-prefetch-double-free-fix later to maint).
* Use of some uninitialized variables in "git difftool" has been
corrected.
* Object reuse code based on multi-pack-index sent an unwanted copy
of object.
(merge e199290592 tb/multi-pack-reuse-dupfix later to maint).
* "git fast-import" can be tricked into a replace ref that maps an
object to itself, which is a useless thing to do.
(merge 5e904f1a4a en/fast-import-avoid-self-replace later to maint).
* The ref-transaction hook triggered for reflog updates, which has
been corrected.
(merge b886db48c6 kn/ref-transaction-hook-with-reflog later to maint).
* Give a bit of advice/hint message when "git maintenance" stops finding a
lock file left by another instance that still is potentially running.
(merge ba874d1dac ps/gc-stale-lock-warning later to maint).
* Use the right helper program to measure file size in performance tests.
(merge 3f97f1bce6 tb/use-test-file-size-more later to maint).
* A double-free that may not trigger in practice by luck has been
corrected in the reference resolution code.
(merge b6318cf23a sj/refs-symref-referent-fix later to maint).
* The sequencer failed to honor core.commentString in some places.
* Describe a case where an option value needs to be spelled as a
separate argument, i.e. "--opt val", not "--opt=val".
(merge 1bc1e94091 jc/doc-opt-tilde-expand later to maint).
* Loosen overly strict ownership check introduced in the recent past,
to keep the promise "cloning a suspicious repository is a safe
first step to inspect it".
(merge 0ffb5a6bf1 bc/allow-upload-pack-from-other-people later to maint).
* "git fast-import" learned to reject paths with ".." and "." as
their components to avoid creating invalid tree objects.
(merge 8cb4c6e62f en/fast-import-verify-path later to maint).
* The --ancestry-path option is designed to be given a commit that is
on the path, which was not documented, which has been corrected.
(merge bc1a980759 kk/doc-ancestry-path later to maint).
* "git tag" has been taught to refuse to create refs/tags/HEAD
since such a tag will be confusing in the context of the UI provided by
the Git Porcelain commands.
(merge bbd445d5ef jc/forbid-head-as-tagname later to maint).
* The advice messages now tell the newer 'git config set' command to
set the advice.token configuration variable to squelch a message.
(merge 6c397d0104 bf/explicit-config-set-in-advice-messages later to maint).
* The syntax ":/<text>" to name the latest commit with the matching
text was broken with a recent change, which has been corrected.
(merge 0ff919e87a ps/commit-with-message-syntax-fix later to maint).
* Fix performance regression of a recent "fatten promisor pack with
local objects" protection against an unwanted gc.
* "git log -p --remerge-diff --reverse" was completely broken.
(merge f94bfa1516 js/log-remerge-keep-ancestry later to maint).
* "git bundle create" with an annotated tag on the positive end of
the revision range had a workaround code for older limitation in
the revision walker, which has become unnecessary.
(merge dd1072dfa8 tc/bundle-with-tag-remove-workaround later to maint).
* GitLab CI updates.
(merge c6b43f663e ps/ci-gitlab-update later to maint).
* Code to reuse objects based on bitmap contents have been tightened
to avoid race condition even when multiple packs are involved.
(merge 62b3ec8a3f tb/bitmap-fix-pack-reuse later to maint).
* An earlier "csum-file checksum does not have to be computed with
sha1dc" topic had a few code paths that had initialized an
implementation of a hash function to be used by an unmatching hash
by mistake, which have been corrected.
(merge 599a63409b ps/weak-sha1-for-tail-sum-fix later to maint).
* Other code cleanup, docfix, build fix, etc.
(merge 77af53f56f aa/t7300-modernize later to maint).
(merge dcd590a39d bf/t-readme-mention-reftable later to maint).
(merge 68e3c69efa kh/trailer-in-glossary later to maint).
(merge 91f88f76e6 tb/boundary-traversal-fix later to maint).
(merge 168ebb7159 jc/doc-error-message-guidelines later to maint).
(merge 18693d7d65 kh/doc-bundle-typofix later to maint).
(merge e2f5d3b491 kh/doc-update-ref-grammofix later to maint).
(merge 8525e92886 mh/doc-windows-home-env later to maint).
2.47.2
This release merges up the fix that appears in v2.40.4, v2.41.3,
v2.42.4, v2.43.6, v2.44.3, v2.45.3 and v2.46.3 to address the
security issues CVE-2024-50349 and CVE-2024-52006; see the release
notes for these versions for details.
2.47.1
This is to flush accumulated fixes since 2.47.0 on the 'master'
front down to the maintenance track.
Fixes since Git 2.47
* Use after free and double freeing at the end in "git log -L... -p"
had been identified and fixed.
* On macOS, fsmonitor can fall into a race condition that results in
a client waiting forever to be notified for an event that have
already happened. This problem has been corrected.
* "git maintenance start" crashed due to an uninitialized variable
reference, which has been corrected.
* Fail gracefully instead of crashing when attempting to write the
contents of a corrupt in-core index as a tree object.
* A "git fetch" from the superproject going down to a submodule used
a wrong remote when the default remote names are set differently
between them.
* The "gitk" project tree has been synchronized again with its new
maintainer, Johannes Sixt.
Also contains minor documentation updates and code clean-ups.
2.47.0
UI, Workflows & Features
* Many Porcelain commands that internally use the merge machinery
were taught to consistently honor the diff.algorithm configuration.
* A few descriptions in "git show-ref -h" have been clarified.
* A 'P' command to "git add -p" that passes the patch hunk to the
pager has been added.
* "git grep -W" omits blank lines that follow the found function at
the end of the file, just like it omits blank lines before the next
function.
* The value of http.proxy can have "path" at the end for a socks
proxy that listens to a unix-domain socket, but we started to
discard it when we taught proxy auth code path to use the
credential helpers, which has been corrected.
* The code paths to compact multiple reftable files have been updated
to correctly deal with multiple compaction triggering at the same
time.
* Support to specify ref backend for submodules has been enhanced.
* "git svn" has been taught about svn:global-ignores property
recent versions of Subversion has.
* The default object hash and ref backend format used to be settable
only with explicit command line option to "git init" and
environment variables, but now they can be configured in the user's
global and system wide configuration.
* "git send-email" learned "--translate-aliases" option that reads
addresses from the standard input and emits the result of applying
aliases on them to the standard output.
* 'git for-each-ref' learned a new "--format" atom to find the branch
that the history leading to a given commit "%(is-base:<commit>)" is
likely based on.
* The command line prompt support used to be littered with bash-isms,
which has been corrected to work with more shells.
* Support for the RUNTIME_PREFIX feature has been added to z/OS port.
* "git send-email" learned "--mailmap" option to allow rewriting the
recipient addresses.
* "git mergetool" learned to use VSCode as a merge backend.
* "git pack-redundant" has been marked for removal in Git 3.0.
* One-line messages to "die" and other helper functions will get LF
added by these helper functions, but many existing messages had an
unnecessary LF at the end, which have been corrected.
* The "scalar clone" command learned the "--no-tags" option.
* The environment GIT_ADVICE has been intentionally kept undocumented
to discourage its use by interactive users. Add documentation to
help tool writers.
* "git apply --3way" learned to take "--ours" and other options.
Performance, Internal Implementation, Development Support etc.
* A build tweak knob has been simplified by not setting the value
that is already the default; another unused one has been removed.
* A CI job that use clang-format to check coding style issues in new
code has been added.
* The reviewing guidelines document now explicitly encourages people
to give positive reviews and how.
* Test script linter has been updated to catch an attempt to use
one-shot export construct "VAR=VAL func" for shell functions (which
does not work for some shells) better.
* Some project conventions have been added to CodingGuidelines.
* In the refs subsystem, implicit reliance of the_repository has been
eliminated; the repository associated with the ref store object is
used instead.
* Various tests in reftable library have been rewritten using the unit test
framework.
* A test that fails on an unusually slow machine was found, and made
less likely to cause trouble by lengthening the expiry value it
uses.
* An existing test of hashmap API has been rewritten with the
unit-test framework.
* A policy document that describes platform support levels and
expectation on platform stakeholders has been introduced.
* The refs API has been taught to give symref target information to
the users of ref iterators, allowing for-each-ref and friends to
avoid an extra ref_resolve_* API call per a symbolic ref.
* Unit-test framework has learned a simple control structure to allow
embedding test statements in-line instead of having to create a new
function to contain them.
* Incremental updates of multi-pack index files is getting worked on.
* Use of API functions that implicitly depend on the_repository
object in the config subsystem has been rewritten to pass a
repository object through the callchain.
* Unused parameters have been either marked as UNUSED to squelch
-Wunused warnings or dropped from many functions..
* The code in the reftable library has been cleaned up by discarding
unused "generic" interface.
* The underlying machinery for "git diff-index" has long been made to
expand the sparse index as needed, but the command fully expanded
the sparse index upfront, which now has been taught not to do.
* More trace2 events at key points on push and fetch code paths have
been added.
* Make our codebase compilable with the -Werror=unused-parameter
option.
* "git cat-file" works well with the sparse-index, and gets marked as
such.
* CI started failing completely for linux32 jobs, as the step to
upload failed test directory uses GitHub actions that is deprecated
and is now disabled.
* Import clar unit tests framework libgit2 folks invented for our
use.
* The error messages from the test script checker have been improved.
* The convention to calling into built-in command implementation has
been updated to pass the repository, if known, together with the
prefix value.
* "git apply" had custom buffer management code that predated before
use of strbuf got widespread, which has been updated to use strbuf,
which also plugged some memory leaks.
* The reftable backend learned to more efficiently handle exclude
patterns while enumerating the refs.
* CI updates. FreeBSD image has been updated to 13.4.
(merge 2eeb29702e cb/ci-freebsd-13-4 later to maint).
* Give timeout to the locking code to write to reftable, instead of
failing on the first failure without retrying.
* The checksum at the tail of files are now computed without
collision detection protection. This is safe as the consumer of
the information to protect itself from replay attacks checks for
hash collisions independently.
2.46.3
This release merges up the fix that appears in v2.40.4, v2.41.3, v2.42.4,
v2.43.6, v2.44.3 and v2.45.3 to address the security issues CVE-2024-50349 and
CVE-2024-52006; see the release notes for these versions for details.
2.46.2
This release is primarily to merge changes to unbreak the 32-bit
GitHub actions jobs we use for CI testing, so that we can release
real fixes for the 2.46.x track after they pass CI.
It also reverts the "git patch-id" change that went into 2.46.1,
as it seems to have got a regression reported (I haven't verified,
but it is better to keep a known breakage than adding an unintended
regression).
Other than that, a handful of minor bugfixes are included.
* In a few corner cases "git diff --exit-code" failed to report
"changes" (e.g., renamed without any content change), which has
been corrected.
* Cygwin does have /dev/tty support that is needed by things like
single-key input mode.
* The interpret-trailers command failed to recognise the end of the
message when the commit log ends in an incomplete line.
2.46.1
This release is primarily to merge fixes accumulated on the 'master'
front to prepare for 2.47 release that are still relevant to 2.46.x
maintenance track.
* "git checkout --ours" (no other arguments) complained that the
option is incompatible with branch switching, which is technically
correct, but found confusing by some users. It now says that the
user needs to give pathspec to specify what paths to checkout.
* It has been documented that we avoid "VAR=VAL shell_func" and why.
* "git add -p" by users with diff.suppressBlankEmpty set to true
failed to parse the patch that represents an unmodified empty line
with an empty line (not a line with a single space on it), which
has been corrected.
* "git rebase --help" referred to "offset" (the difference between
the location a change was taken from and the change gets replaced)
incorrectly and called it "fuzz", which has been corrected.
* "git notes add -m '' --allow-empty" and friends that take prepared
data to create notes should not invoke an editor, but it started
doing so since Git 2.42, which has been corrected.
* An expensive operation to prepare tracing was done in re-encoding
code path even when the tracing was not requested, which has been
corrected.
* Perforce tests have been updated.
* The credential helper to talk to OSX keychain sometimes sent
garbage bytes after the username, which has been corrected.
* A recent update broke "git ls-remote" used outside a repository,
which has been corrected.
* "git config --value=foo --fixed-value section.key newvalue" barfed
when the existing value in the configuration file used the
valueless true syntax, which has been corrected.
* "git reflog expire" failed to honor annotated tags when computing
reachable commits.
* A flakey test and incorrect calls to strtoX() functions have been
fixed.
* Follow-up on 2.45.1 regression fix.
* "git rev-list ... | git diff-tree -p --remerge-diff --stdin" should
behave more or less like "git log -p --remerge-diff" but instead it
crashed, forgetting to prepare a temporary object store needed.
* The patch parser in "git patch-id" has been tightened to avoid
getting confused by lines that look like a patch header in the log
message.
* "git bundle unbundle" outside a repository triggered a BUG()
unnecessarily, which has been corrected.
* The code forgot to discard unnecessary in-core commit buffer data
for commits that "git log --skip=<number>" traversed but omitted
from the output, which has been corrected.
* "git verify-pack" and "git index-pack" started dying outside a
repository, which has been corrected.
* A corner case bug in "git stash" was fixed.
Also contains minor documentation updates and code clean-ups.
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/packages/git | 2 +-
lfs/git | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/packages/git b/config/rootfiles/packages/git
index 4422f01ac..6dad7e0a8 100644
--- a/config/rootfiles/packages/git
+++ b/config/rootfiles/packages/git
@@ -203,12 +203,12 @@ usr/libexec/git-core/mergetools/smerge
usr/libexec/git-core/mergetools/tkdiff
usr/libexec/git-core/mergetools/tortoisemerge
usr/libexec/git-core/mergetools/vimdiff
+usr/libexec/git-core/mergetools/vscode
usr/libexec/git-core/mergetools/winmerge
usr/libexec/git-core/mergetools/xxdiff
usr/libexec/git-core/scalar
#usr/share/git-core
#usr/share/git-core/templates
-usr/share/git-core/templates/branches
usr/share/git-core/templates/description
#usr/share/git-core/templates/hooks
usr/share/git-core/templates/hooks/applypatch-msg.sample
diff --git a/lfs/git b/lfs/git
index e209fb568..185029b17 100644
--- a/lfs/git
+++ b/lfs/git
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 2.46.0
+VER = 2.48.1
SUMMARY = Fast, scalable, distributed revision control system
THISAPP = git-$(VER)
@@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = git
-PAK_VER = 35
+PAK_VER = 36
DEPS = perl-Authen-SASL perl-Net-SMTP-SSL
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 11fd88faea8cca0982945320c0a1ff949d2abedca9ffde34d40a739349e2a7ae6ceb51a23e8c21f7985cd494d9d17abcec4769e766c3c5188162b906eb1b96bc
+$(DL_FILE)_BLAKE2 = 092ed16fab3b3e56c81cb91db48e4db1f41b6d91d4855a7c73fb642f1fd0272823a92b8963644ef33517c61956bca89a95e4b4dc3e9237cb0520aa37c0770966
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] harfbuzz: Update to version 10.2.0
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
` (2 preceding siblings ...)
2025-01-22 12:43 ` [PATCH] git: Update to version 2.48.1 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] libexif: Update to version 0.6.25 Adolf Belka
` (6 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4189 bytes --]
- Update from version 10.1.0 to 10.2.0
- Update of rootfile
- Changelog
10.2.0
- Consider Unicode Variation Selectors when subsetting “cmap” table.
- Guard hb_cairo_glyphs_from_buffer() against malformed UTF-8 strings.
- Fix incorrect “COLR” v1 glyph scaling in hb-cairo.
- Use locale-independent parsing of double numbers is “hb-subset” command line
tool.
- Fix incorrect zeroing of advance width of base glyphs in various “Courier New”
font versions due to incorrect “GDEF” glyph classes.
- Fix handling of long language codes with “HB_LEAN” configuration.
- Update OpenType language system registry.
- Allow all Myanmar tone marks (including visarga) in any order
- Don’t insert U+25CC DOTTED CIRCLE before superscript/subscript digits
- Handle Garay script as right to left script.
- New API for serializing font tables and potentially repacking them in optimal
way. This was a previously experimental-only API.
- New API for converting font variation setting from and to strings.
- Various build fixes
- Various subsetter and instancer fixes.
- New API:
+hb_subset_serialize_link_t
+hb_subset_serialize_object_t
+hb_subset_serialize_or_fail()
+hb_subset_axis_range_from_string()
+hb_subset_axis_range_to_string()
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/common/harfbuzz | 10 +++++-----
lfs/harfbuzz | 6 +++---
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/config/rootfiles/common/harfbuzz b/config/rootfiles/common/harfbuzz
index 4fb716d84..c951a4507 100644
--- a/config/rootfiles/common/harfbuzz
+++ b/config/rootfiles/common/harfbuzz
@@ -38,7 +38,7 @@
#usr/include/harfbuzz/hb-shape-plan.h
#usr/include/harfbuzz/hb-shape.h
#usr/include/harfbuzz/hb-style.h
-#usr/include/harfbuzz/hb-subset-repacker.h
+#usr/include/harfbuzz/hb-subset-serialize.h
#usr/include/harfbuzz/hb-subset.h
#usr/include/harfbuzz/hb-unicode.h
#usr/include/harfbuzz/hb-version.h
@@ -47,16 +47,16 @@
#usr/lib/cmake/harfbuzz/harfbuzz-config.cmake
#usr/lib/libharfbuzz-cairo.so
usr/lib/libharfbuzz-cairo.so.0
-usr/lib/libharfbuzz-cairo.so.0.61010.0
+usr/lib/libharfbuzz-cairo.so.0.61020.0
#usr/lib/libharfbuzz-gobject.so
usr/lib/libharfbuzz-gobject.so.0
-usr/lib/libharfbuzz-gobject.so.0.61010.0
+usr/lib/libharfbuzz-gobject.so.0.61020.0
#usr/lib/libharfbuzz-subset.so
usr/lib/libharfbuzz-subset.so.0
-usr/lib/libharfbuzz-subset.so.0.61010.0
+usr/lib/libharfbuzz-subset.so.0.61020.0
#usr/lib/libharfbuzz.so
usr/lib/libharfbuzz.so.0
-usr/lib/libharfbuzz.so.0.61010.0
+usr/lib/libharfbuzz.so.0.61020.0
#usr/lib/pkgconfig/harfbuzz-cairo.pc
#usr/lib/pkgconfig/harfbuzz-gobject.pc
#usr/lib/pkgconfig/harfbuzz-subset.pc
diff --git a/lfs/harfbuzz b/lfs/harfbuzz
index a5a90eec2..71abe2dfc 100644
--- a/lfs/harfbuzz
+++ b/lfs/harfbuzz
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 10.1.0
+VER = 10.2.0
THISAPP = harfbuzz-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 7d78e31d045b984d8d1a8b1d1f8f282ff9b7dc748ffd65355266266e75064b14eb94ec6b1418e208ebb0fffb99ef174d1978ab14f0c318c1112c2d8005285979
+$(DL_FILE)_BLAKE2 = 6711eed94c4cbc7b4d37ec17c3bd4512110f873d0f179bc213773ad89af99cd349f92ea8ce957ddeb5084ad3719e2436cb712a880b02668954c69e0b1c3ceb98
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] libexif: Update to version 0.6.25
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
` (3 preceding siblings ...)
2025-01-22 12:43 ` [PATCH] harfbuzz: Update to version 10.2.0 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] libxcrypt: Update to version 4.4.38 Adolf Belka
` (5 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4761 bytes --]
- Update from version 0.6.24 to 0.6.25
- Update of rootfile
- Changelog
0.6.25
* REUSE compatibility (all files declare their license)
* Translation updates: ro, de, es, ka, pl, sr, sv, uk, vi, zh_CN,
* Disabled Apple Makernote support, as its not complete
* various bugfixes
* handle JPEG APP10
* EXIF_TAG_COMPOSITE_IMAGE, EXIF_TAG_STANDARD_OUTPUT_SENSITIVITY,
EXIF_TAG_RECOMMENDED_EXPOSURE_INDEX, EXIF_TAG_ISO_SPEED,
EXIF_TAG_ISO_SPEEDLatitudeYYY, EXIF_TAG_ISO_SPEEDLatitudeZZZ,
EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE,
EXIF_TAG_LENS_SPECIFICATION, EXIF_TAG_GAMMA, EXIF_TAG_OFFSET_TIME,
EXIF_TAG_OFFSET_TIME_ORIGINAL, EXIF_TAG_OFFSET_TIME_DIGITIZED,
EXIF_TAG_CAMERA_OWNER_NAME, EXIF_TAG_BODY_SERIAL_NUMBER,
EXIF_TAG_LENS_MAKE, EXIF_TAG_LENS_MODEL, EXIF_TAG_LENS_SERIAL_NUMBER:
better decoding
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/packages/libexif | 6 ++----
lfs/libexif | 12 +++++++-----
2 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/config/rootfiles/packages/libexif b/config/rootfiles/packages/libexif
index 985a7af74..ae0db7bad 100644
--- a/config/rootfiles/packages/libexif
+++ b/config/rootfiles/packages/libexif
@@ -27,8 +27,6 @@ usr/lib/libexif.so.12.3.4
#usr/share/doc/libexif/README
#usr/share/doc/libexif/SECURITY.md
#usr/share/locale/be/LC_MESSAGES/libexif-12.mo
-#usr/share/locale/bs
-#usr/share/locale/bs/LC_MESSAGES
#usr/share/locale/bs/LC_MESSAGES/libexif-12.mo
#usr/share/locale/cs/LC_MESSAGES/libexif-12.mo
#usr/share/locale/da/LC_MESSAGES/libexif-12.mo
@@ -36,19 +34,19 @@ usr/lib/libexif.so.12.3.4
#usr/share/locale/en_AU
#usr/share/locale/en_AU/LC_MESSAGES
#usr/share/locale/en_AU/LC_MESSAGES/libexif-12.mo
-#usr/share/locale/en_CA
-#usr/share/locale/en_CA/LC_MESSAGES
#usr/share/locale/en_CA/LC_MESSAGES/libexif-12.mo
#usr/share/locale/en_GB/LC_MESSAGES/libexif-12.mo
#usr/share/locale/es/LC_MESSAGES/libexif-12.mo
#usr/share/locale/fr/LC_MESSAGES/libexif-12.mo
#usr/share/locale/it/LC_MESSAGES/libexif-12.mo
#usr/share/locale/ja/LC_MESSAGES/libexif-12.mo
+#usr/share/locale/ka/LC_MESSAGES/libexif-12.mo
#usr/share/locale/ms/LC_MESSAGES/libexif-12.mo
#usr/share/locale/nl/LC_MESSAGES/libexif-12.mo
#usr/share/locale/pl/LC_MESSAGES/libexif-12.mo
#usr/share/locale/pt/LC_MESSAGES/libexif-12.mo
#usr/share/locale/pt_BR/LC_MESSAGES/libexif-12.mo
+#usr/share/locale/ro/LC_MESSAGES/libexif-12.mo
#usr/share/locale/ru/LC_MESSAGES/libexif-12.mo
#usr/share/locale/sk/LC_MESSAGES/libexif-12.mo
#usr/share/locale/sq/LC_MESSAGES/libexif-12.mo
diff --git a/lfs/libexif b/lfs/libexif
index c89232b1c..c9a6eb69b 100644
--- a/lfs/libexif
+++ b/lfs/libexif
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -26,7 +26,7 @@ include Config
SUMMARY = An EXIF Tag Parsing Library for Digital Cameras
-VER = 0.6.24
+VER = 0.6.25
THISAPP = libexif-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = libexif
-PAK_VER = 3
+PAK_VER = 4
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 75d3a2b4fefd7b7706226e70d31250ef7e99eeb81a4839ddc36cc9e3180534542d8a02851f8e6fd5034bbc925a616ead8c4bfb0cce8bc5886c3ec54811914a6b
+$(DL_FILE)_BLAKE2 = a0f8a80194694fab295dcd9c72088055b83534b281cb5bdac67a781dfb56fab0e354e32a520eb31d9f4dd604524355d69ba62012056f5706051e8382e4d898b8
install : $(TARGET)
@@ -82,7 +82,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
$(UPDATE_AUTOMAKE)
- cd $(DIR_APP) && ./configure --prefix=/usr --disable-static
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --disable-static
cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] libxcrypt: Update to version 4.4.38
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
` (4 preceding siblings ...)
2025-01-22 12:43 ` [PATCH] libexif: Update to version 0.6.25 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-02-22 13:40 ` Michael Tremer
2025-01-22 12:43 ` [PATCH] lvm2: Update to version 2.03.30 Adolf Belka
` (4 subsequent siblings)
10 siblings, 1 reply; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 2878 bytes --]
- Update from version 4.4.36 to 4.4.38
- Update of rootfile
- Changelog
4.4.38
* Fix several "-Wunterminated-string-initialization", which are seen by
upcoming GCC 15.x (issue #194).
* Fix "-Wmaybe-uninitialized" in crypt.c, which is seen by GCC 13.3.0.
* Skip test/explicit-bzero if compiling with ASAN.
* Drop hard requirement for the pkg-config binary (issue #198).
4.4.37
* Several fixes to the manpages (issue #185).
* Add binary compatibility for x86_64 GNU/Hurd (issue #189).
* Only test the needed makecontext signature during configure (issue #178).
* Fix -Werror=strict-overflow in lib/crypt-bcrypt.c, which is seen
by GCC 4.8.5 (issue #197).
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/common/libxcrypt | 3 +--
lfs/libxcrypt | 6 +++---
2 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/common/libxcrypt b/config/rootfiles/common/libxcrypt
index 1cbb05816..7febd9254 100644
--- a/config/rootfiles/common/libxcrypt
+++ b/config/rootfiles/common/libxcrypt
@@ -1,3 +1,4 @@
+#root/libcrypt.pc
#usr/include/crypt.h
#usr/include/xcrypt.h
#usr/lib/libcrypt.la
@@ -7,8 +8,6 @@ usr/lib/libcrypt.so.1.1.0
#usr/lib/libowcrypt.so
#usr/lib/libowcrypt.so.1
#usr/lib/libxcrypt.so
-#usr/lib/pkgconfig/libcrypt.pc
-#usr/lib/pkgconfig/libxcrypt.pc
#usr/share/man/man3/crypt.3
#usr/share/man/man3/crypt_checksalt.3
#usr/share/man/man3/crypt_gensalt.3
diff --git a/lfs/libxcrypt b/lfs/libxcrypt
index 4ec63516a..2f40385ca 100644
--- a/lfs/libxcrypt
+++ b/lfs/libxcrypt
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 4.4.36
+VER = 4.4.38
THISAPP = libxcrypt-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 9f028e0fe2cb7bb4273f3f6d1e579e0fe93cd71eba21286aa7dc078c904ea3cdce38b2955bdcd618853f7657b01aea7e28c4d898680e69fdf75f812b5a304c1d
+$(DL_FILE)_BLAKE2 = 42d594fe36f61a1b5343d9fda22541b09373fe74c587537db8203f9c92120b6c73edef2e1b3d7febda14ae979845405b5fdaeb31dd2b89eedc423b0924ea7cff
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] lvm2: Update to version 2.03.30
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
` (5 preceding siblings ...)
2025-01-22 12:43 ` [PATCH] libxcrypt: Update to version 4.4.38 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] lynis: Update to version 3.1.3 Adolf Belka
` (3 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 2712 bytes --]
- Update from version 2.03.28 to 2.03.30
- Update of rootfile not required
- Changelog
2.03.30
Lvresize reports origin vdo volume cannot be resized.
Support setting reserved_memory|stack of --config cmdline.
Fix support for disabling memory locking (2.03.27).
Do not extend an LV if FS resize unsupported and '--fs resize' used.
Prevent leftover temporary device when converting in use volume to a pool.
lvconvert detects early volume in use when converting it to a pool.
Handle NVMe with quirk changed WWID not matching WWID in devices file.
2.03.29
Configure --enable/disable-sd-notify to control lvmlockd build with sd-notify.
Allow test mode when lvmlockd is built without dlm support.
Add a note about RAID + integrity synchronization to lvmraid(7) man page.
Add a function for running lvconvert --repair on RAID LVs to lvmdbusd.
Improve option section of man pages for listing commands ({pv,lv,vg}{s,display}).
Fix renaming of raid sub LVs when converting a volume to raid (2.03.28).
Fix segfault/VG write error for raid LV lvextend -i|--stripes -I|--stripesize.
Revert ignore -i|--stripes, -I|--stripesize for lvextend on raid0 LV (2.03.27).
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
lfs/lvm2 | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/lvm2 b/lfs/lvm2
index 8992ecf16..355691a43 100644
--- a/lfs/lvm2
+++ b/lfs/lvm2
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 2.03.28
+VER = 2.03.30
THISAPP = LVM2.$(VER)
DL_FILE = $(THISAPP).tgz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = c4c64975d39b9f5c8def0ec6a405b6aa158b6646fcc010724dc500cec7645a2f97b089665615c5fb0b03cd3c528c95f59122900b4f1d08d16364729c38acc10b
+$(DL_FILE)_BLAKE2 = 4175f09235cb68064be2da073a499b6a022e98722bae47d63088d8ee8b8a3f644695cd7de636ffd93c5e66f9cdce33b2a43d29ea527f5015172c6516ecf94e4c
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] lynis: Update to version 3.1.3
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
` (6 preceding siblings ...)
2025-01-22 12:43 ` [PATCH] lvm2: Update to version 2.03.30 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] monit: Update to version 5.34.4 Adolf Belka
` (2 subsequent siblings)
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 5745 bytes --]
- Update from version 3.1.1 to 3.1.3
- Update of rootfile
- Changelog
3.1.3
This release introduces additional documentation in the form of blog articles
to support the (missing) control information on the website.
Added
- Detection of Buildroot, Fedora Linux Asahi Remix, Garden Linux,
Peppermint OS
- Support for blog posts and articles to enhance suggestions
Changed
- BOOT-5264 - Changed output of systemd-analyze test and added link
- FILE-6398 - Test temporarily disabled as on modern kernels JDB
support is built-in
- FIRE-4508 - Several changes to expand the test, make it more generic,
resolve minor issues
- KRNL-5622 - Test if systemctl binary is set
- Several improvements for busybox
- Update of translations: Italian, Russian, Spanish
3.1.2
Added
- Detection of ALT Linux
- Detection of Athena OS
- Detection of Container-Optimized OS from Google
- Detection of Koozali SME Server
- Detection of Nobara Linux
- Detection of Open Source Media Center (OSMC)
- Detection of PostmarketOS
- CRYP-7932 - macOS FileVault encryption test
- FILE-6398 - Check if JBD (Journal Block Device) driver is loaded
- FINT-4344 - Wazuh system running state
- PKGS-7305 - Query macOS Apps in /Applications and CoreServices
- File added: .editorconfig, which is used by editors to standardize
formatting
Changed
- Correction of software EOL database and inclusion of AIX entries
- Support sysctl value perf_event_paranoid -> 2|3
- Update of translations: German, Portuguese, Turkish
- Grammar and spell improvements
- Improved package detection on Alpine Linux
- Slackware support to check installed packges
(functionPackageIsInstalled())
- Added words prosecute/report to LEGAL_BANNER_STRINGS
- Busybox support: Replace newer tr command syntax with older ascii
specific operations
- Added Wazuh as a malware scanner/antivirus and rootkit detection tool
- Updated PHP versions and removed PHP 5 (deprecated)
- AUTH-9262 - Corrected message with advised PAM libary (libpam-passwdqc)
- CONT-8104 - Checking for errors, not only warning in docker info output
- DBS-1826 - PostgreSQL detection improved for AlmaLinux, Rocky Linux,
and FreeBSD
- FILE-6344 - Test kernel version (major/minor)
- INSE-8000 - Added inetd package and service name used in ubuntu 24.04
- KRNL-5622 - Use systemctl get-default instead of following link
- KRNL-5820 - Accept ulimit with -H parameter also
- LOGG-2144 - Check for wazuh-agent presence on Linux systems
- MACF-6234 - Test if semanage binary is available
- MALW-3200 - ESET Endpoint Antivirus added
- MALW-3280 - McAfee Antivirus for Linux deprecated
- MALW-3291 - Check if Microsoft Defender Antivirus is installe
- NETW-3200 - Added regex to allow both /bin/true as /bin/false
- PKGS-7303 - Added version numbers to brew packages
- PKGS-7370 - Cron job check for debsums improved
- PKGS-7392 - Improved filtering of apt-check output (Ubuntu 24.04 may
give an error)
- PKGS-7410 - Added kernel name for Hardkernel odroid XU4
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/packages/lynis | 3 ++-
lfs/lynis | 6 +++---
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/packages/lynis b/config/rootfiles/packages/lynis
index 34b07ff32..9c0157ddb 100644
--- a/config/rootfiles/packages/lynis
+++ b/config/rootfiles/packages/lynis
@@ -1,6 +1,7 @@
var/ipfire/lynis
#var/ipfire/lynis/LICENSE
#var/ipfire/lynis/db
+var/ipfire/lynis/db/control-links.db
var/ipfire/lynis/db/fileperms.db
var/ipfire/lynis/db/hints.db
var/ipfire/lynis/db/integrity.db
@@ -87,6 +88,7 @@ var/ipfire/lynis/include/tests_firewalls
var/ipfire/lynis/include/tests_hardening
var/ipfire/lynis/include/tests_homedirs
var/ipfire/lynis/include/tests_insecure_services
+var/ipfire/lynis/include/tests_kerberos
var/ipfire/lynis/include/tests_kernel
var/ipfire/lynis/include/tests_kernel_hardening
var/ipfire/lynis/include/tests_ldap
@@ -118,4 +120,3 @@ var/ipfire/lynis/lynis
#var/ipfire/lynis/plugins
#var/ipfire/lynis/plugins/README
var/ipfire/lynis/plugins/custom_plugin.template
-var/ipfire/lynis/software-eol.db
diff --git a/lfs/lynis b/lfs/lynis
index 38ebac9c6..b95ace3f4 100644
--- a/lfs/lynis
+++ b/lfs/lynis
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -26,7 +26,7 @@ include Config
SUMMARY = Security and System auditing tool
-VER = 3.1.1
+VER = 3.1.3
THISAPP = lynis-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -49,7 +49,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 056e689f00ac0fa74bd1a6dc3915cbd70f28cdb5461e0749b68ce2cf84e425c295425f7bb6d5aeb0208693a0e38290cb90925e392928257c79bc5887f6e58498
+$(DL_FILE)_BLAKE2 = 68483c194b3202befe3d45386d30c51399a7e9e413509fec982a120a5ab6ae22609c0e975d6fab33658decb0f2cf1c8dfb75434c68bfa76ad4f6602d10ad5a84
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] monit: Update to version 5.34.4
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
` (7 preceding siblings ...)
2025-01-22 12:43 ` [PATCH] lynis: Update to version 3.1.3 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] openvmtools: Update to version 12.5.0 Adolf Belka
2025-01-22 12:43 ` [PATCH] pango: Update to version 1.56.1 Adolf Belka
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3393 bytes --]
- Update from version 5.34.3 to 5.34.4
- Update of rootfile not required
- Changelog
5.34.4
Fixed: If the Monit configuration file contains a string with unbalanced
escape sequences, Monit may crash upon startup.
Fixed: If the password in the set mmonit URL contains only binary
characters, syntax check passed (-t), but Monit aborts after start and
reports following error:
AssertException: n >= 0
raised in Str_ndup at src/util/Str.c:315
Aborted
Fixed: If the every <cron> statement contained a syntax error, syntax check
passed (-t), but Monit aborts after start and reports following error:
AssertException: n < 5 && n >= 0
raised in Time_incron at src/system/Time.c:1566
Aborted
Fixed: If the timeout option value was set to 0, the syntax check was
successful (-t), but Monit aborts after starting and reports the
following error:
AssertException: timeout > 0
raised in Socket_create at src/net/socket.c:319
Aborted
Fixed: The set syslog statement's facility option did not permit the
specification of the log_user. Thanks to Lutz Mader for report.
Fixed: Double interpretation of format strings during RETHROW
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
lfs/monit | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/lfs/monit b/lfs/monit
index b31a6ad0e..82de4137b 100644
--- a/lfs/monit
+++ b/lfs/monit
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 5.34.3
+VER = 5.34.4
SUMMARY = Utility for monitoring services on a Unix system
THISAPP = monit-$(VER)
@@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = monit
-PAK_VER = 26
+PAK_VER = 27
DEPS =
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 444bc0918fefc59214f9513fa134d4abea9cb0bbfc3e71fa4c3d76d9134821a54e1949bf89a4dc483593862a629a03ac347df9c12f07476c1fcbf2c2e2d4d507
+$(DL_FILE)_BLAKE2 = a61a63eab320cb39d9d90a877fa6d2f9c326e9629847c235cb44061ad69d9ae561d1c05c5ca0b50e263d3539ed39db64602741e88aa20697209c62bdb53f7516
install : $(TARGET)
@@ -81,10 +81,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && ./configure \
- --prefix=/usr \
- --sysconfdir=/etc \
- --localstatedir=/var
-
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] openvmtools: Update to version 12.5.0
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
` (8 preceding siblings ...)
2025-01-22 12:43 ` [PATCH] monit: Update to version 5.34.4 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
2025-01-22 12:43 ` [PATCH] pango: Update to version 1.56.1 Adolf Belka
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 13792 bytes --]
- Update from version 12.0.5 to 12.5.0
- Update of rootfile not required
- Several CVE's in various updates between 12.0.5 and 12.5.0
- Changelog
12.5.0
The following github.com/vmware/open-vm-tools pull request has been addressed.
Revise settings for vmware-user.desktop
Pull request #668
Accomodate newer releases of libxml2 and xmlsec1.
The configure.ac and VGAuth code updated to avoid deprecated functions
and build options based on OSS product version.
12.4.5
A number of issues flagged by Coverity and ShellCheck have been addressed.
The changes include code fixes and Coverity escapes for reported
false positives. See the details in the open-vm-tools ChangeLog
for specific fix or false positive escape.
Nested logging from RPCChannel error may hang the vmtoolsd process.
This issue has been fixed in this release.
vmtoolsd child processes invoke parent's atexit handler.**
Fixed in this release by terminating child processes with _exit().
Mutexes in lib/libvmtools/vmtoolsLog.c and glib could have been locked at
fork time. The vmtoolsLog.c Debug(), Warning() and Panic() functions
are not safe for child processes.
Fixed in this release by directing child processes' logging to
stdout.
Permission on the vmware-network.log file incorrectly defaults to (0644).
Fixed in this release. The correct default is set to (0600).
The NetworkManager calls in the Linux "network" script have been updated.
Defaults to using the "Sleep" method over the "Enabled" method
used to work around a bug in NetworkManager version 0.9.0.
Resolves:
Pull request #699
Issue #426
Unused header files have been dropped from the current open-vm-tools source.
Accomodate newer releases of libxml2 and xmlsec1.
The configure.ac and VGAuth code updated to avoid deprecated
functions and build options based on OSS product version.
12.4.0
The following github.com/vmware/open-vm-tools pull request has been addressed
Power Ops: Attempt to execute file path only
Pull request #689
A number of issues flagged by Coverity have been addressed.
Add aliasing code to identify Miracle Linux by its former name of "asianux".
The Asianux Linux distribution rebranded itself as Miracle Linux.
Since vSphere infrastructure recognizes "asianux" but not
Miracle Linux, aliasing code was added to open-vm-tools to
continue to identify Miracle Linux systems as "asianux".
12.3.5
This release resolves CVE-2023-34058.
For more information on this vulnerability and its impact on
VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0024.html.
open-vm-tools contains a SAML token signature bypass vulnerability.
VMware has evaluated the severity of this issue to be in the
Important severity range with a maximum CVSSv3 base score of
7.5 - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
A malicious actor that has been granted Guest Operation Privileges
in a target virtual machine may be able to elevate their
privileges if that target virtual machine has been assigned a
more privileged Guest Alias.
Note: While the description and known attack vectors are very
similar to CVE-2023-20900, CVE-2023-34058 has a different root
cause that must be addressed.
A patch for earlier versions of open-vm-tools is available at
CVE-2023-34058.patch.
This release resolves CVE-2023-34059.
open-vm-tools contains a file descriptor hijack vulnerability in
the vmware-user-suid-wrapper. VMware has evaluated the
severity of this issue to be in the Important severity range
with a maximum CVSSv3 base score of 7.4. -
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
A malicious actor with non-root privileges may be able to hijack
the /dev/uinput file descriptor allowing them to simulate user
inputs.
A patch for earlier versions of open-vm-tools is available at
CVE-2023-34059.patch.
The following github.com/vmware/open-vm-tools issue have been addressed
Better cooperation between deployPkg plugin and cloud-init concerning
location of 'disable_vmware_customization' flag.
Issue #310
12.3.0
This release resolves CVE-2023-20900.
For more information on this vulnerability and its impact on VMware
products, see https://www.vmware.com/security/advisories/VMSA-2023-0019.html.
Linux quiesced snapshot: "SyncDriver: failed to freeze 'filesystem'"
The open-vm-tools 12.2.0 release had an update to the Linux quiesced
snapshot operation that would avoid starting a quiesced snapshot if a
filesystem had already been frozen by another process. See the
Resolved Issues section in the open-vm-tools 12.2.0 Release Notes.
That fix may have been backported into earlier versions of
open-vm-tools by Linux vendors.
It is possible that filesystems are being frozen in custom pre-freeze
scripts to control the order in which those specific filesystems are
to be frozen. The vmtoolsd process must be informed of all such
filesystems with the help of "excludedFileSystems" setting of
tools.conf.
[vmbackup]
excludedFileSystems=/opt/data,/opt/app/project-*,...
A temporary workaround is available (starting from open-vm-tools 12.3.0)
for system administrators to quickly allow a quiescing operation to
succeed until the "excludedFileSystems" list can be configured. Note,
if another process thaws the file system while a quiescing snapshot
operation is ongoing, the snapshot may be compromised. Once the
"excludedFileSystems" list is configured this setting MUST be unset
(or set to false).
[vmbackup]
ignoreFrozenFileSystems = true
This workaround is provided in the source file changes in
https://github.com/vmware/open-vm-tools/commit/60c3a80ddc2b400366ed05169e16a6bed6501da2
and at Linux vendors' discretion, may be backported to earlier versions
of open-vm-tools.
A number of Coverity reported issues have been addressed.
Component Manager / salt-minion: New InstallStatus "UNMANAGED".
Salt-minion added support for "ExternalInstall" (106) to indicate an
older version of salt-minion is installed on the vm and cannot be
managed by the svtminion.* scripts. The Component Manager will track
that as "UNMANAGED" and take no action.
The following pull requests and issues have been addressed
Add antrea and calico interface pattern to GUESTINFO_DEFAULT_IFACE_EXCLUDES
Issue #638
Pull request #639
Invalid argument with "\" in Linux username (Active Directory user)
Issue #641
Improve POSIX guest identification
Issue #647
Issue #648
Remove appUtil library which depends on deprecated "gdk-pixbuf-xlib"
Issue #658
Fix build problems with grpc
Pull request #664
Issue #676
12.2.5
This release resolves CVE-2023-20867.
For more information on this vulnerability and its impact on VMware
products, see https://www.vmware.com/security/advisories/VMSA-2023-0013.html.
12.2.0
A number of Coverity reported issues have been addressed.
The vmtoolsd task is blocked in the uninterruptible state while doing a
quiesced snapshot.
As the ioctl FIFREEZE is done during a quiesced snapshot operation, an
EBUSY could be seen because of an attempt to freeze the same
superblock more than once depending on the OS configuration (e.g.
usage of bind mounts). An EBUSY could also mean another process has
locked or frozen that filesystem. That later could lead to the
vmtoolsd process being blocked and ultimately other processes on the
system could be blocked.
The Linux quiesced snapshot procedure has been updated that when an
EBUSY is received, the filesystem FSID is checked against the list of
filesystems that have already been quiesced. If not previously seen,
a warning that the filesystem is controlled by another process is
logged and the quiesced snapshot request will be rejected.
This fix to lib/syncDriver/syncDriverLinux.c is directly applicable to
previous releases of open-vm-tools and is available at:
https://github.com/vmware/open-vm-tools/commit/9d458c53a7a656d4d1ba3a28d090cce82ac4af0e
Updated the guestOps to handle some edge cases.
When File_GetSize() fails or returns a -1 indicating the user does not
have access permissions:
Skip the file in the output of the ListFiles() request.
Fail an InitiateFileTransferFromGuest operation.
The following pull requests and issues have been addressed.
Detect the proto files for the containerd grpc client in alternate locations.
Pull request #626
FreeBSD: Support newer releases and code clean-up for earlier versions.
Pull request #584
12.1.5
A number of Coverity reported issues have been addressed.
The deployPkg plugin may prematurely reboot the guest VM before cloud-init
has completed user data setup.
If both the Perl based Linux customization script and cloud-init
run when the guest VM boots, the deployPkg plugin may reboot
the guest before cloud-init has finished. The deployPkg plugin
has been updated to wait for a running cloud-init process to
finish before the guest VM reboot is initiated.
This issue is fixed in this release.
A SIGSEGV may be encountered when a non-quiesing snapshot times out.
This issue is fixed in this release.
Unwanted vmtoolsd service error message if not on a VMware hypervisor.
When open-vm-tools comes preinstalled in a base Linux release, the
vmtoolsd services are started automatically at system start
and desktop login. If running on physical hardware or in a
non-VMware hypervisor, the services will emit an error message
to the Systemd's logging service before stopping.
This issue is fixed in this release.
12.1.0
This release resolves CVE-2022-31676. For more information on this
vulnerability and its impact on VMware products, see
https://www.vmware.com/security/advisories/VMSA-2022-0024.html.
A patch for existing open-vm-tools releases is provided in the
CVE-2022-31676 README file.
A number of Coverity reported issues have been addressed.
[FTBFS] Fix the build of the ContainerInfo plugin for a 32-bit Linux release
Reported in open-vm-tools pull request #588, the fix did not make the
code freeze date for open-vm-tools 12.0.5.
This issue is fixed in this release.
Make HgfsConvertFromNtTimeNsec aware of 64-bit time_t on i386 (32-bit)
Reported in open-vm-tools pull request #387, this change incorporates
the support of 64 bit time epoch conversion from Windows NT time to
Unix Epoch time on i386.
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
lfs/openvmtools | 35 +++++++++++++++++------------------
1 file changed, 17 insertions(+), 18 deletions(-)
diff --git a/lfs/openvmtools b/lfs/openvmtools
index b91c89d26..6e277f080 100644
--- a/lfs/openvmtools
+++ b/lfs/openvmtools
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -26,7 +26,7 @@ include Config
SUMMARY = Open Virtual Machine Tools
-VER = stable-12.0.5
+VER = stable-12.5.0
THISAPP = open-vm-tools-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -35,7 +35,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP)/open-vm-tools
TARGET = $(DIR_INFO)/$(THISAPP)
SUP_ARCH = x86_64
PROG = openvmtools
-PAK_VER = 12
+PAK_VER = 13
DEPS =
@@ -51,7 +51,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 298a28bfdcb5791851392a0a8d1c301c528fa7f5eb239dfd9c5b6434c10ed90196fa1583d228ab0ef22e7b342cb9b1b65639b303b44b228ddca0d16bda54b437
+$(DL_FILE)_BLAKE2 = 3ad8b820d75fe82f0111a3042a5f26697c56a10b06c77abb55ce84ebd9c8c9867283a7682131633f67ea86a7a85f95f35b3eecc255a3b8de44ee0e242f4da44e
install : $(TARGET)
@@ -85,20 +85,19 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && autoreconf -vfi
cd $(DIR_APP) && ./configure \
- --prefix=/usr \
- --sysconfdir=/etc \
- --with-kernel-release=$(KVER)-ipfire \
- --without-ssl \
- --without-pam \
- --without-gtk2 \
- --without-gtkmm \
- --without-icu \
- --without-x \
- --with-linuxdir=/usr/src/linux \
- --without-kernel-modules \
- --disable-deploypkg \
- --without-xerces
-
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --with-kernel-release=$(KVER)-ipfire \
+ --without-ssl \
+ --without-pam \
+ --without-gtk2 \
+ --without-gtkmm \
+ --without-icu \
+ --without-x \
+ --with-linuxdir=/usr/src/linux \
+ --without-kernel-modules \
+ --disable-deploypkg \
+ --without-xerces
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* [PATCH] pango: Update to version 1.56.1
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
` (9 preceding siblings ...)
2025-01-22 12:43 ` [PATCH] openvmtools: Update to version 12.5.0 Adolf Belka
@ 2025-01-22 12:43 ` Adolf Belka
10 siblings, 0 replies; 15+ messages in thread
From: Adolf Belka @ 2025-01-22 12:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3507 bytes --]
- Update from version 1.54.0 to 1.56.1
- Update of rootfile
- Changelog
1.56.1
- Avoid criticals when there are no fonts
- fontconfig: Handle lack of FC_FONT_WRAPPER in font cache
- fontconfig: Prefer application fonts even if they are older
1.56.0
- Support setting font features in font descriptions
- serialization: Document the tab array format
- serialization: Accept attributes without range
- win32: Improve the pango_font_map_reload_implementation
- win32: Take variations into account for caching
- layout: Fix measuring ellipsis runs with shapes
- build: Require C11
- build: Require GLib 2.80
- build: Require cairo 1.18
1.55
- Support Unicode 16
- Add pango_font_map_add_font_file
- fontconfig: Reject patterns without FC_FILE
- coretext: Actually use .AppleSystemUIFont
- coretext: Keep track of variations
- win32: Use font options for caching
- win32: Keep variations in PangoWin32Font
- build: Require harfbuzz 8.4.0
- build: Require fontconfig 2.15
- build: Require meson 1.2.0
- build: Require Window 10
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/common/pango | 7 +++----
lfs/pango | 6 +++---
2 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/config/rootfiles/common/pango b/config/rootfiles/common/pango
index 26f46eeea..54d838a77 100644
--- a/config/rootfiles/common/pango
+++ b/config/rootfiles/common/pango
@@ -41,16 +41,15 @@ usr/bin/pango-view
#usr/include/pango-1.0/pango/pangoft2.h
#usr/lib/libpango-1.0.so
usr/lib/libpango-1.0.so.0
-usr/lib/libpango-1.0.so.0.5400.0
+usr/lib/libpango-1.0.so.0.5600.1
#usr/lib/libpangocairo-1.0.so
usr/lib/libpangocairo-1.0.so.0
-usr/lib/libpangocairo-1.0.so.0.5400.0
+usr/lib/libpangocairo-1.0.so.0.5600.1
#usr/lib/libpangoft2-1.0.so
usr/lib/libpangoft2-1.0.so.0
-usr/lib/libpangoft2-1.0.so.0.5400.0
+usr/lib/libpangoft2-1.0.so.0.5600.1
#usr/lib/pkgconfig/pango.pc
#usr/lib/pkgconfig/pangocairo.pc
#usr/lib/pkgconfig/pangofc.pc
#usr/lib/pkgconfig/pangoft2.pc
#usr/lib/pkgconfig/pangoot.pc
-#usr/share/man/man1/pango-view.1
diff --git a/lfs/pango b/lfs/pango
index cf0573515..7bf2a1026 100644
--- a/lfs/pango
+++ b/lfs/pango
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 1.54.0
+VER = 1.56.1
# https://download.gnome.org/sources/pango/
@@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 92c389ab3f21631c245575e30804ffee6fef7b60bc6acdf08159aa325d878cf335203267720aec9143ea2a4e590578424cd64011f73da22e1b0beca85e85a276
+$(DL_FILE)_BLAKE2 = a22d8113ecbe1f076ff15ea9fa231897bc1275c45c8c9ba74635ec0b030d7e59acbdd25d52ff9d5a9ef83e1e4d8a56cf84ae3fdc19b028ff6ef1017eb82924c3
install : $(TARGET)
--
2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH] libxcrypt: Update to version 4.4.38
2025-01-22 12:43 ` [PATCH] libxcrypt: Update to version 4.4.38 Adolf Belka
@ 2025-02-22 13:40 ` Michael Tremer
2025-02-23 18:04 ` Adolf Belka
0 siblings, 1 reply; 15+ messages in thread
From: Michael Tremer @ 2025-02-22 13:40 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3424 bytes --]
Hello Adolf,
> On 22 Jan 2025, at 12:43, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>
> - Update from version 4.4.36 to 4.4.38
> - Update of rootfile
> - Changelog
> 4.4.38
> * Fix several "-Wunterminated-string-initialization", which are seen by
> upcoming GCC 15.x (issue #194).
> * Fix "-Wmaybe-uninitialized" in crypt.c, which is seen by GCC 13.3.0.
> * Skip test/explicit-bzero if compiling with ASAN.
> * Drop hard requirement for the pkg-config binary (issue #198).
> 4.4.37
> * Several fixes to the manpages (issue #185).
> * Add binary compatibility for x86_64 GNU/Hurd (issue #189).
> * Only test the needed makecontext signature during configure (issue #178).
> * Fix -Werror=strict-overflow in lib/crypt-bcrypt.c, which is seen
> by GCC 4.8.5 (issue #197).
>
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> config/rootfiles/common/libxcrypt | 3 +--
> lfs/libxcrypt | 6 +++---
> 2 files changed, 4 insertions(+), 5 deletions(-)
>
> diff --git a/config/rootfiles/common/libxcrypt b/config/rootfiles/common/libxcrypt
> index 1cbb05816..7febd9254 100644
> --- a/config/rootfiles/common/libxcrypt
> +++ b/config/rootfiles/common/libxcrypt
> @@ -1,3 +1,4 @@
> +#root/libcrypt.pc
Can we have a fix for this where the pkg-config files are installed in /usr/lib/pkgconfig again?
I think there is just a configure switch required and auto-detection seems to fail.
If other packages cannot find lib(x)crypt through pkg-config, they might fall back to their own implementation which we don’t want.
Best,
-Michael
> #usr/include/crypt.h
> #usr/include/xcrypt.h
> #usr/lib/libcrypt.la
> @@ -7,8 +8,6 @@ usr/lib/libcrypt.so.1.1.0
> #usr/lib/libowcrypt.so
> #usr/lib/libowcrypt.so.1
> #usr/lib/libxcrypt.so
> -#usr/lib/pkgconfig/libcrypt.pc
> -#usr/lib/pkgconfig/libxcrypt.pc
> #usr/share/man/man3/crypt.3
> #usr/share/man/man3/crypt_checksalt.3
> #usr/share/man/man3/crypt_gensalt.3
> diff --git a/lfs/libxcrypt b/lfs/libxcrypt
> index 4ec63516a..2f40385ca 100644
> --- a/lfs/libxcrypt
> +++ b/lfs/libxcrypt
> @@ -1,7 +1,7 @@
> ###############################################################################
> # #
> # IPFire.org - A linux based firewall #
> -# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> #
> +# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
> # #
> # This program is free software: you can redistribute it and/or modify #
> # it under the terms of the GNU General Public License as published by #
> @@ -24,7 +24,7 @@
>
> include Config
>
> -VER = 4.4.36
> +VER = 4.4.38
>
> THISAPP = libxcrypt-$(VER)
> DL_FILE = $(THISAPP).tar.xz
> @@ -47,7 +47,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_BLAKE2 = 9f028e0fe2cb7bb4273f3f6d1e579e0fe93cd71eba21286aa7dc078c904ea3cdce38b2955bdcd618853f7657b01aea7e28c4d898680e69fdf75f812b5a304c1d
> +$(DL_FILE)_BLAKE2 = 42d594fe36f61a1b5343d9fda22541b09373fe74c587537db8203f9c92120b6c73edef2e1b3d7febda14ae979845405b5fdaeb31dd2b89eedc423b0924ea7cff
>
> install : $(TARGET)
>
> --
> 2.48.1
>
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH] libxcrypt: Update to version 4.4.38
2025-02-22 13:40 ` Michael Tremer
@ 2025-02-23 18:04 ` Adolf Belka
2025-02-24 10:30 ` Michael Tremer
0 siblings, 1 reply; 15+ messages in thread
From: Adolf Belka @ 2025-02-23 18:04 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4742 bytes --]
Hi Michael,
On 22/02/2025 14:40, Michael Tremer wrote:
> Hello Adolf,
>
>> On 22 Jan 2025, at 12:43, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>
>> - Update from version 4.4.36 to 4.4.38
>> - Update of rootfile
>> - Changelog
>> 4.4.38
>> * Fix several "-Wunterminated-string-initialization", which are seen by
>> upcoming GCC 15.x (issue #194).
>> * Fix "-Wmaybe-uninitialized" in crypt.c, which is seen by GCC 13.3.0.
>> * Skip test/explicit-bzero if compiling with ASAN.
>> * Drop hard requirement for the pkg-config binary (issue #198).
>> 4.4.37
>> * Several fixes to the manpages (issue #185).
>> * Add binary compatibility for x86_64 GNU/Hurd (issue #189).
>> * Only test the needed makecontext signature during configure (issue #178).
>> * Fix -Werror=strict-overflow in lib/crypt-bcrypt.c, which is seen
>> by GCC 4.8.5 (issue #197).
>>
>> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
>> ---
>> config/rootfiles/common/libxcrypt | 3 +--
>> lfs/libxcrypt | 6 +++---
>> 2 files changed, 4 insertions(+), 5 deletions(-)
>>
>> diff --git a/config/rootfiles/common/libxcrypt b/config/rootfiles/common/libxcrypt
>> index 1cbb05816..7febd9254 100644
>> --- a/config/rootfiles/common/libxcrypt
>> +++ b/config/rootfiles/common/libxcrypt
>> @@ -1,3 +1,4 @@
>> +#root/libcrypt.pc
>
> Can we have a fix for this where the pkg-config files are installed in /usr/lib/pkgconfig again?
Sorry that I missed that.
>
> I think there is just a configure switch required and auto-detection seems to fail.
No it turned out that there was no configure switch to use. After a lot of investigating it turned out that in version 4.4.37 they made it a requirement that pkg-config was installed as a dependency.
That caused some users a problem when installing libxcrypt early in a distribution before pkg-config was available and then the libxcrypt build would fail.
So in version 4.4.38 it was changed so that if pkg-config was not found the build continued but then of course the pkg-config files are not installed.
In version 4.4.36 the .pc files were installed whether pkg-config was available already or not. The pkgconfig directory was even created if it was not already present.
The fix was to move pkg-config to before libxcrypt and the files were available again.
The only alternative would have been to patch the Makefile.in to allow the install of the .pc files whether pkg-config was already installed or not but that would have been too complex for me and moving pkg-config to before libxcrypt seems to have worked without any issues.
V2 patch submission will be submitted shortly.
Regards,
Adolf.
>
> If other packages cannot find lib(x)crypt through pkg-config, they might fall back to their own implementation which we don’t want.
>
> Best,
> -Michael
>
>> #usr/include/crypt.h
>> #usr/include/xcrypt.h
>> #usr/lib/libcrypt.la
>> @@ -7,8 +8,6 @@ usr/lib/libcrypt.so.1.1.0
>> #usr/lib/libowcrypt.so
>> #usr/lib/libowcrypt.so.1
>> #usr/lib/libxcrypt.so
>> -#usr/lib/pkgconfig/libcrypt.pc
>> -#usr/lib/pkgconfig/libxcrypt.pc
>> #usr/share/man/man3/crypt.3
>> #usr/share/man/man3/crypt_checksalt.3
>> #usr/share/man/man3/crypt_gensalt.3
>> diff --git a/lfs/libxcrypt b/lfs/libxcrypt
>> index 4ec63516a..2f40385ca 100644
>> --- a/lfs/libxcrypt
>> +++ b/lfs/libxcrypt
>> @@ -1,7 +1,7 @@
>> ###############################################################################
>> # #
>> # IPFire.org - A linux based firewall #
>> -# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> #
>> +# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
>> # #
>> # This program is free software: you can redistribute it and/or modify #
>> # it under the terms of the GNU General Public License as published by #
>> @@ -24,7 +24,7 @@
>>
>> include Config
>>
>> -VER = 4.4.36
>> +VER = 4.4.38
>>
>> THISAPP = libxcrypt-$(VER)
>> DL_FILE = $(THISAPP).tar.xz
>> @@ -47,7 +47,7 @@ objects = $(DL_FILE)
>>
>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>
>> -$(DL_FILE)_BLAKE2 = 9f028e0fe2cb7bb4273f3f6d1e579e0fe93cd71eba21286aa7dc078c904ea3cdce38b2955bdcd618853f7657b01aea7e28c4d898680e69fdf75f812b5a304c1d
>> +$(DL_FILE)_BLAKE2 = 42d594fe36f61a1b5343d9fda22541b09373fe74c587537db8203f9c92120b6c73edef2e1b3d7febda14ae979845405b5fdaeb31dd2b89eedc423b0924ea7cff
>>
>> install : $(TARGET)
>>
>> --
>> 2.48.1
>>
>
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [PATCH] libxcrypt: Update to version 4.4.38
2025-02-23 18:04 ` Adolf Belka
@ 2025-02-24 10:30 ` Michael Tremer
0 siblings, 0 replies; 15+ messages in thread
From: Michael Tremer @ 2025-02-24 10:30 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4978 bytes --]
Hello,
Brilliant fix :) Merged.
-Michael
> On 23 Feb 2025, at 18:04, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>
> Hi Michael,
>
> On 22/02/2025 14:40, Michael Tremer wrote:
>> Hello Adolf,
>>> On 22 Jan 2025, at 12:43, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>>
>>> - Update from version 4.4.36 to 4.4.38
>>> - Update of rootfile
>>> - Changelog
>>> 4.4.38
>>> * Fix several "-Wunterminated-string-initialization", which are seen by
>>> upcoming GCC 15.x (issue #194).
>>> * Fix "-Wmaybe-uninitialized" in crypt.c, which is seen by GCC 13.3.0.
>>> * Skip test/explicit-bzero if compiling with ASAN.
>>> * Drop hard requirement for the pkg-config binary (issue #198).
>>> 4.4.37
>>> * Several fixes to the manpages (issue #185).
>>> * Add binary compatibility for x86_64 GNU/Hurd (issue #189).
>>> * Only test the needed makecontext signature during configure (issue #178).
>>> * Fix -Werror=strict-overflow in lib/crypt-bcrypt.c, which is seen
>>> by GCC 4.8.5 (issue #197).
>>>
>>> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
>>> ---
>>> config/rootfiles/common/libxcrypt | 3 +--
>>> lfs/libxcrypt | 6 +++---
>>> 2 files changed, 4 insertions(+), 5 deletions(-)
>>>
>>> diff --git a/config/rootfiles/common/libxcrypt b/config/rootfiles/common/libxcrypt
>>> index 1cbb05816..7febd9254 100644
>>> --- a/config/rootfiles/common/libxcrypt
>>> +++ b/config/rootfiles/common/libxcrypt
>>> @@ -1,3 +1,4 @@
>>> +#root/libcrypt.pc
>> Can we have a fix for this where the pkg-config files are installed in /usr/lib/pkgconfig again?
>
> Sorry that I missed that.
>
>> I think there is just a configure switch required and auto-detection seems to fail.
>
> No it turned out that there was no configure switch to use. After a lot of investigating it turned out that in version 4.4.37 they made it a requirement that pkg-config was installed as a dependency.
>
> That caused some users a problem when installing libxcrypt early in a distribution before pkg-config was available and then the libxcrypt build would fail.
>
> So in version 4.4.38 it was changed so that if pkg-config was not found the build continued but then of course the pkg-config files are not installed.
>
> In version 4.4.36 the .pc files were installed whether pkg-config was available already or not. The pkgconfig directory was even created if it was not already present.
>
> The fix was to move pkg-config to before libxcrypt and the files were available again.
>
> The only alternative would have been to patch the Makefile.in to allow the install of the .pc files whether pkg-config was already installed or not but that would have been too complex for me and moving pkg-config to before libxcrypt seems to have worked without any issues.
>
> V2 patch submission will be submitted shortly.
>
> Regards,
>
> Adolf.
>
>> If other packages cannot find lib(x)crypt through pkg-config, they might fall back to their own implementation which we don’t want.
>> Best,
>> -Michael
>>> #usr/include/crypt.h
>>> #usr/include/xcrypt.h
>>> #usr/lib/libcrypt.la
>>> @@ -7,8 +8,6 @@ usr/lib/libcrypt.so.1.1.0
>>> #usr/lib/libowcrypt.so
>>> #usr/lib/libowcrypt.so.1
>>> #usr/lib/libxcrypt.so
>>> -#usr/lib/pkgconfig/libcrypt.pc
>>> -#usr/lib/pkgconfig/libxcrypt.pc
>>> #usr/share/man/man3/crypt.3
>>> #usr/share/man/man3/crypt_checksalt.3
>>> #usr/share/man/man3/crypt_gensalt.3
>>> diff --git a/lfs/libxcrypt b/lfs/libxcrypt
>>> index 4ec63516a..2f40385ca 100644
>>> --- a/lfs/libxcrypt
>>> +++ b/lfs/libxcrypt
>>> @@ -1,7 +1,7 @@
>>> ###############################################################################
>>> # #
>>> # IPFire.org - A linux based firewall #
>>> -# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> #
>>> +# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
>>> # #
>>> # This program is free software: you can redistribute it and/or modify #
>>> # it under the terms of the GNU General Public License as published by #
>>> @@ -24,7 +24,7 @@
>>>
>>> include Config
>>>
>>> -VER = 4.4.36
>>> +VER = 4.4.38
>>>
>>> THISAPP = libxcrypt-$(VER)
>>> DL_FILE = $(THISAPP).tar.xz
>>> @@ -47,7 +47,7 @@ objects = $(DL_FILE)
>>>
>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>
>>> -$(DL_FILE)_BLAKE2 = 9f028e0fe2cb7bb4273f3f6d1e579e0fe93cd71eba21286aa7dc078c904ea3cdce38b2955bdcd618853f7657b01aea7e28c4d898680e69fdf75f812b5a304c1d
>>> +$(DL_FILE)_BLAKE2 = 42d594fe36f61a1b5343d9fda22541b09373fe74c587537db8203f9c92120b6c73edef2e1b3d7febda14ae979845405b5fdaeb31dd2b89eedc423b0924ea7cff
>>>
>>> install : $(TARGET)
>>>
>>> --
>>> 2.48.1
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2025-02-24 10:30 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-01-22 12:43 [PATCH] ddrescue: Update to version 1.29 Adolf Belka
2025-01-22 12:43 ` [PATCH] fontconfig: Update to version 2.16.0 Adolf Belka
2025-01-22 12:43 ` [PATCH] gdb: Update to version 16.1 Adolf Belka
2025-01-22 12:43 ` [PATCH] git: Update to version 2.48.1 Adolf Belka
2025-01-22 12:43 ` [PATCH] harfbuzz: Update to version 10.2.0 Adolf Belka
2025-01-22 12:43 ` [PATCH] libexif: Update to version 0.6.25 Adolf Belka
2025-01-22 12:43 ` [PATCH] libxcrypt: Update to version 4.4.38 Adolf Belka
2025-02-22 13:40 ` Michael Tremer
2025-02-23 18:04 ` Adolf Belka
2025-02-24 10:30 ` Michael Tremer
2025-01-22 12:43 ` [PATCH] lvm2: Update to version 2.03.30 Adolf Belka
2025-01-22 12:43 ` [PATCH] lynis: Update to version 3.1.3 Adolf Belka
2025-01-22 12:43 ` [PATCH] monit: Update to version 5.34.4 Adolf Belka
2025-01-22 12:43 ` [PATCH] openvmtools: Update to version 12.5.0 Adolf Belka
2025-01-22 12:43 ` [PATCH] pango: Update to version 1.56.1 Adolf Belka
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox