* [PATCH 1/2] rsync: Update to version 3.4.1
@ 2025-01-16 17:19 Adolf Belka
2025-01-16 17:19 ` [PATCH 2/2] libxxhash: Update to version 0.8.3 and make available to rsync Adolf Belka
0 siblings, 1 reply; 2+ messages in thread
From: Adolf Belka @ 2025-01-16 17:19 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4688 bytes --]
- Update from version 3.3.0 to 3.4.1 as the previous patch which went from 3.3.0 to 3.4.0
has only been merged into CU190 and not into next where this patch is being done.
Not sure if this will cause problems or not. I updated the PAK_VER of rsynce from
19 to 21 so that it went over the PAK_VER of the version merged into CU190.
- If how I have done it is not the best or not correct just let me know how I should do
it and I will re-do it.
- Update of rootfile not required.
- Added in enabling xxhash as we have that available in IPFire as another addon.
- Ran rsync -V and confirmed that xxhash is now available to rsync.
- Changelog
3.4.1
Release 3.4.1 is a fix for regressions introduced in 3.4.0
BUG FIXES:
- fixed handling of -H flag with conflict in internal flag values
- fixed a user after free in logging of failed rename
- fixed build on systems without openat()
- removed dependency on alloca() in bundled popt
DEVELOPER RELATED:
- fix to permissions handling in the developer release script
3.4.0 (This was already in the previous patch that went from 3.3.0 to 3.4.0
Release 3.4.0 is a security release that fixes a number of important
vulnerabilities. For more details on the vulnerabilities please see the CERT
report https://kb.cert.org/vuls/id/952657
PROTOCOL NUMBER:
- The protocol number was changed to 32 to make it easier for
administrators to check their servers have been updated
SECURITY FIXES:
Many thanks to Simon Scannell, Pedro Gallegos, and Jasiel Spelman at
Google Cloud Vulnerability Research and Aleksei Gorban (Loqpa) for
discovering these vulnerabilities and working with the rsync project
to develop and test fixes.
- CVE-2024-12084 - Heap Buffer Overflow in Checksum Parsing.
- CVE-2024-12085 - Info Leak via uninitialized Stack contents defeats ASLR.
- CVE-2024-12086 - Server leaks arbitrary client files.
- CVE-2024-12087 - Server can make client write files outside of destination directory using symbolic links.
- CVE-2024-12088 - --safe-links Bypass.
- CVE-2024-12747 - symlink race condition.
BUG FIXES:
- Fixed the included popt to avoid a memory error on modern gcc versions.
- Fixed an incorrect extern variable's type that caused an ACL issue on macOS.
- Fixed IPv6 configure check
INTERNAL:
- Updated included popt to version 1.19.
DEVELOPER RELATED:
- Various improvements to the release scripts and git setup.
- Improved packaging/var-checker to identify variable type issues.
- added FreeBSD and Solaris CI builds
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
lfs/rsync | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lfs/rsync b/lfs/rsync
index fcbcd0ab9..789b100bd 100644
--- a/lfs/rsync
+++ b/lfs/rsync
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -26,7 +26,7 @@ include Config
SUMMARY = Versatile tool for fast incremental file transfer
-VER = 3.3.0
+VER = 3.4.1
THISAPP = rsync-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -34,9 +34,9 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = rsync
-PAK_VER = 19
+PAK_VER = 21
-DEPS =
+DEPS = libxxhash
SERVICES =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 75a3cc50452086aebd16f42d7a309c173cbc1ea156227afb10d2106d0b9043e973676995b8199d22840775ae3df8db97d1c0de5f3aa58afa130c5b1348c3f825
+$(DL_FILE)_BLAKE2 = 79c1cad697547059ee241e20c26d7f97bed3ad062deb856d31a617fead333a2d9f62c7c47c1efaf70033dbc358fe547d034c35e8181abb51a1fc893557882bc7
install : $(TARGET)
@@ -89,7 +89,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--prefix=/usr \
--without-included-popt \
--without-included-zlib \
- --disable-xxhash
+ --enable-xxhash
cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
cd $(DIR_APP) && make install
--
2.48.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [PATCH 2/2] libxxhash: Update to version 0.8.3 and make available to rsync
2025-01-16 17:19 [PATCH 1/2] rsync: Update to version 3.4.1 Adolf Belka
@ 2025-01-16 17:19 ` Adolf Belka
0 siblings, 0 replies; 2+ messages in thread
From: Adolf Belka @ 2025-01-16 17:19 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3733 bytes --]
- Update from version 0.8.2 to 0.8.3
- Update of rootfile
- Move libxxhash to before rsync in make.sh
- Changelog
0.8.3
- fix : variant `XXH3_128bits_withSecretandSeed()` could produce an invalid
result in some specific set of conditions, #894 by @hltj
- cli : vector extension detected at runtime on x86/x64, enabled by default
- cli : new commands `--filelist` and `--files-from`, by @Ian-Clowes
- cli : XXH3 64-bits GNU format can now be generated and checked (command `-H3`)
- portability: LoongArch SX SIMD extension, by @lrzlin
- portability: can build on AIX, suggested by @likema
- portability: validated for SPARC cpus
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/packages/libxxhash | 4 +++-
lfs/libxxhash | 8 ++++----
make.sh | 2 +-
3 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/packages/libxxhash b/config/rootfiles/packages/libxxhash
index d49d52154..a50cae5ff 100644
--- a/config/rootfiles/packages/libxxhash
+++ b/config/rootfiles/packages/libxxhash
@@ -1,5 +1,6 @@
usr/bin/xxh128sum
usr/bin/xxh32sum
+usr/bin/xxh3sum
usr/bin/xxh64sum
usr/bin/xxhsum
#usr/include/xxh3.h
@@ -7,9 +8,10 @@ usr/bin/xxhsum
#usr/lib/libxxhash.a
#usr/lib/libxxhash.so
usr/lib/libxxhash.so.0
-usr/lib/libxxhash.so.0.8.2
+usr/lib/libxxhash.so.0.8.3
#usr/lib/pkgconfig/libxxhash.pc
#usr/share/man/man1/xxh128sum.1
#usr/share/man/man1/xxh32sum.1
+#usr/share/man/man1/xxh3sum.1
#usr/share/man/man1/xxh64sum.1
#usr/share/man/man1/xxhsum.1
diff --git a/lfs/libxxhash b/lfs/libxxhash
index 40aeb2e98..024a88f89 100644
--- a/lfs/libxxhash
+++ b/lfs/libxxhash
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 0.8.2
+VER = 0.8.3
SUMMARY = Extremely fast non-cryptographic hash algorithm, working at RAM speed limit
THISAPP = xxHash-$(VER)
@@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = libxxhash
-PAK_VER = 1
+PAK_VER = 2
DEPS =
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 735408256240760778fa516e01bed428f04837eb4e059c512e924f13e4a96db6cacbbefb04dea65a37b0f25b52cf13c4927a6e7870dc8c0d45b1b955d4ba3da1
+$(DL_FILE)_BLAKE2 = 75923c7c5df3490062791fa02ccddfb7281b3646e2b3e4b4a0c0d611c339e07c8d9cb656777fd0fcec9cda484f7b33edf080116bb011f70d6b8299cda63afa4e
install : $(TARGET)
diff --git a/make.sh b/make.sh
index 84b00f9ad..97af7c91d 100755
--- a/make.sh
+++ b/make.sh
@@ -1834,6 +1834,7 @@ build_system() {
lfsmake2 xvid
lfsmake2 libmpeg2
lfsmake2 gnump3d
+ lfsmake2 libxxhash
lfsmake2 rsync
lfsmake2 rpcbind
lfsmake2 keyutils
@@ -2047,7 +2048,6 @@ build_system() {
lfsmake2 libplist
lfsmake2 nqptp
lfsmake2 shairport-sync
- lfsmake2 libxxhash
lfsmake2 borgbackup
lfsmake2 knot
lfsmake2 spectre-meltdown-checker
--
2.48.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-01-16 17:19 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-01-16 17:19 [PATCH 1/2] rsync: Update to version 3.4.1 Adolf Belka
2025-01-16 17:19 ` [PATCH 2/2] libxxhash: Update to version 0.8.3 and make available to rsync Adolf Belka
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox