- Update from version 8.10.0 to 8.11.0 - Update of rootfile - Changelog 8.11.0 Changes: curl: --create-dirs works for --dump-header as well gtls: Add P12 format support ipfs: add options to disable TLS: TLSv1.3 earlydata support for curl WebSockets: make support official (non-experimental) Bugfixes: alt-svc: honor data->state.httpwant altsvc: avoid using local buffer and memcpy asyn-ares: remove typecast, fix expire autotools: add support for 'unity' builds, enable in CI bearssl: avoid strpcy() when generating TLS version log message bearssl: improved session handling, test exceptions bufq: unwrite fix build: add `ldap` to `libcurl.pc` `Requires:` build: add pytest targets build: clarify CA embed is for curl tool, mark default, improve summary build: detect and use `_setmode()` with Cygwin/MSYS, also use on Windows build: disable warning `-Wunreachable-code-break` build: fix clang-cl builds, add CI job build: fix cross-compile check for poll with bionic build: fix possible `-Wformat-overflow` in lib557 build: limit arc4random detection to no-SSL configs build: show if CA bundle to embed was found build: tidy up and improve versioned-symbols options build: tidy up deprecation suppression, enable warnings for clang certs: add missing `-CAcreateserial` option for LibreSSL checksrc: add check for spaces around logical AND operators checksrc: Added checks for colon operator in ternary expressions checksrc: check for spaces around '?', '>' and '<' ci: dump `curl_config.h` to log in all jobs CI: run with standard mod_http2 cmake, Makefile.mk: use -isystem for headers, silence BearSSL issues cmake/FindCares: fix version detection for c-ares 1.34.1 cmake/FindNGTCP2: use library path as hint for finding crypto module cmake: add missed variable to comment cmake: add native `pkg-config` detection for mbedTLS, MSH3, Quiche, Rustls, wolfSSL cmake: allow building tests in unity mode cmake: apply `WIN32_LEAN_AND_MEAN` to all feature checks cmake: avoid setting `BUILD_TESTING` cmake: clear package version after `pkg-config` detection cmake: delete unused NEED_LBER_H, HAVE_LDAP_H cmake: detect `HAVE_NETINET_IN6_H`, `HAVE_CLOSESOCKET_CAMEL`, `HAVE_PROTO_BSDSOCKET_H` cmake: detect GNU GSS cmake: disable default OpenSSL if BearSSL, GnuTLS or Rustls is enabled cmake: do not propagate unused `HAVE_GSSAPI_GSSAPI_KRB5_H` to C cmake: document `-D` and env build options cmake: drop obsolete items from `TODO` and `INSTALL-CMAKE` cmake: drop redundant assignments cmake: drop redundant zlib var, rename function (internals) cmake: expand CURL_USE_PKGCONFIG to non-cross MINGW cmake: fix broken dependency chain for cmdline-opts, tidy-ups cmake: fix compile warnings for clang-cl cmake: fix missing spacing in log message cmake: limit `CURL_STATIC_CRT` to MSVC cmake: make `test-ci` target skip building dependencies cmake: mark as advanced some internal Find* variables cmake: readd `generate-curl.1` dependency for `src` just in case cmake: rename LDAP dependency config variables to match Find modules cmake: replace `check_include_file_concat()` for LDAP and GSS detection cmake: replace `CURL_*_DIR` with `{PROJECT,CMAKE_CURRENT}_*_DIR` cmake: require quictls (or fork) when using msh3 on non-Windows cmake: separate target for examples, optimize CI, fix fallouts cmake: set version for `project()` and add CPack support cmake: stop adding dependency headers to global `CMAKE_REQUIRED_INCLUDES` cmake: sync torture test parallelism with autotools cmake: tidy up `CURL_DISABLE_FORM_API` initialization cmake: tidy up and shorten symbol hiding initialization cmake: tidy up line order cmake: tidy up picky warning initialization cmake: tidy-ups and rebase fixups cmake: tweaks around debug mode and hidden symbols cmake: untangle feature detection interdependencies cmake: use `list(APPEND)` on `CURL_INCLUDES` cmake: use OpenSSL for LDAP detection only if available cmake: use the `BSD` variable config: rename the OS define to CURL_OS to reduce collision risk configure: add GSS to `libcurl.pc` `Depends:` configure: catch Apple in more target triplets configure: drop duplicate feature checks for `poll()`, `if_nametoindex()` configure: drop unused bare `socket.h` detection configure: improve help string for some options conncache: find bundle again in case it is removed conncache: more efficient implementation of cpool_remove_bundle cookie: overhaul and cleanup curl-rustls.m4: set linker flags to allow rustls build on macos curl.h: remove the struct pointer for CURL/CURLSH/CURLM typedefs curl: add build options for safe/no CA bundle search (Windows) curl: detect ECH support dynamically, not at build time curl_addrinfo: support operating systems with only getaddrinfo(3) curl_multi_perform.md: fix typo curl_trc: fix build with verbose messages disabled curl_url_set.md: document HOST handling when URL is parsed curl_ws_recv.md: the 'meta' pointer is only returned on success curl_ws_recv: return recv 0 and point meta to NULL on all errors CURLMOPT_PIPELINING.md: clarify that CURLPIPE_NOTHING is not default CURLOPT_APPEND.md: goes for SFTP as well CURLOPT_HEADERFUNCTION.md: do not modify the passed in buffer DISABLED: disable test 1060 with hyper DISTROS: avoid use of "very" Dockerfile: update Docker digest to d830561 docs/cmdline-opts: GnuTLS supports PKCS#11 URI in --cert option docs: clarify FTP over HTTP proxy functionality somewhat docs: fix a typo in some cipher options ech: spelling, whitespace, say `--ech` default config ftp: fix 0-length last write on upload from stdin ftp: move listen handling to socket filter GHA: optimize test prereq steps gnutls: use session cache for QUIC hsts: avoid the local buffer and memcpy on lookup hsts: improve subdomain handling hsts: support "implied LWS" properly around max-age http2: auto reset stream on server eos http_aws_sigv4: avoid local buffer and strcpy INSTALL-CMAKE.md: mention focus on shared libraries INSTALL-CMAKE: fix punctuation and a typo INSTALL.md: fix a typo that slipped in to RISC OS json.md: cli-option `--json` is an alias of `--data-binary` lib, src, tests: added space around ternary expressions lib/cw-out: initialize 'flush_all' directly lib/src: white space edits to comply better with code style lib: avoid assigning 'result' temporarily lib: fix disabled-verbose-strings + enable-debug build warnings lib: fix unity builds with BearSSL, MSH3, Quiche, OmniOS lib: move curl_path.[ch] into vssh/ lib: msnprintf tidy-ups lib: remove Curl_ prefix from static functions lib: remove function pointer typecasts for hmac/sha256/md5 lib: use bool/TRUE/FALSE properly libcurl/opts: improve phrasing for connection cap related options libssh.c: handle EGAINS during proto-connect correctly libssh2: delete duplicate `break` libssh2: put the readdir buffers into struct libssh2: use the Curl_* memory functions to avoid memdebug libssh2: use the filename buffer when getting the homedir libtests: generate the lib1521 atomically mbedTLS: fix handling of TLSv1.3 sessions mbedtls: handle session as blobs mbedtls: remove failf() use from mbedtls_random mk-lib1521: fix the long return code check mprintf: do not ignore length modifiers of `%o`, `%x`, `%X` mprintf: treat `%o` as unsigned, add tests for `%o`, `%x`, `%X` mqtt: fix mqtt.md wording and add clearer explanation multi.c: make stronger check for paused transfer before asserting multi.c: warn/assert on stall only without timer multi: avoid reading whole struct pointer from pointer multi: convert Curl_follow to static multi_follow multi: make curl_multi_cleanup invalidate magic latter multi: make multi_handle_timeout use the connect timeout multi: split multi_runsingle into sub functions negotiate: conditional check around GSS & SSL specific code netrc: cache the netrc file in memory ngtcp2: do not loop on recv ngtcp2: set max window size to 10x of initial (128KB) openssl quic: populate x509 store before handshake openssl: convert a memcpy to dynbuf use openssl: extend the OpenSSL error messages openssl: improve retries on shutdown openssl: remove two strcpy() calls OS400: don't delete source files when building with debug packages/OS400/curlmain: remove the strncpy calls processhelp.pm: improve taskkill calls (Windows) pytest: fix run against multissl curl pytest: improve pytest_07_42a reliability pytest: include `buildinfo.txt` in the output pytest: include curl version string and python platform in log pytest: show curl features and protocols quic: use send/recvmmsg when available quic: use the session cache with wolfSSL as well request: on shutdown send, proceed normally on timeout runtests.md: suggest a value for -j for torture tests runtests: add comment for handle64 pathsep requirement runtests: drop unused code for old/classic-mingw support runtests: pass single backslashes with Windows Perl runtests: use deterministic sort for `TESTINFO` lines schannel: fix TLS cert verification by IP SAN schannel: ignore error on recv beyond close notify schannel: reclassify extra-verbose schannel_recv messages select: use poll() if existing, avoid poll() with no sockets sendf: add condition to max-filesize check server/mqttd: fix two memory leaks setopt: avoid superfluous length checks before strcmp() setopt: return error for bad input to CURLOPT_RTSP_REQUEST setopt_cptr: make overflow check only done when needed singleuse: make `git grep` faster, add Apple `nm` support smb: do not redefine `getpid` on Windows smb: replace use of strcpy() with snprintf() socks_gssapi: switch to dynbuf from buffer with strcpy source: avoid use of 'very' in comments src/lib: remove redundant ternary operators src: guard for double declaration of `curl_ca_embed` in unity builds sws: fix unused static function with `TCP_NODELAY` undefined telnet: avoid two strcpy() by pointing to the strings instead test1035: convert host name back to utf8 as should be test1515: add tracing and more debug info test1540: add debug logging test190: replace %FTPTIME2 with a fixed value test1915: add tracing and connect timeout test1915: remove wrong comment test2502: add libtest debug tracing test504: fix handling on pending connect testrun: explicitly set proper IP address for stunnel listen/connect tests/http: fix ubuntu GnuTLS CI failures tests/scorecard: allow remote server test tests/server/util.c: remove use of strncpy tests/valgrind.pm: fix warnings with no valgrind report to show tests/valgrind.supp: remove a travis suppression, add a Debian tests: add and use `%PERL` variable to refer to the Perl binary tests: add codeset-utf8 as a feature tests: add file: tests with existing files tests: allow pytests to run in out-of-tree builds tests: capture stdin to get the vsftpd version number tests: change Python code style to pass ruff checks tests: check http/2 and http/3 server responsiveness tests: delete duplicate macro check tests: enable additional ruff Python lint options tests: fix `%POSIX_PWD` on native Windows Perl tests: fix callback signatures to please UndefinedBehaviorSanitizer tests: Fix FILEFORMAT <file name=""> directive tests: fix keyword for test1411 tests: fix shell quoting on native Windows Perl tests: fix some Python typing issues tests: fixup `checkcmd` `PATH` on non-unixy platforms tests: improve mqtt server handling tests: introduce %CLIENT6IP-NB tests: let openssl generate random cert serials tests: libtests and unit tests need explicit #include memdebug tests: make precheck for HTTP on 127.0.0.1 into a feature tests: Only log warnings or worse by default in smbserver tests: postcheck is now in verify tests: remove all valgrind disable instructions tests: remove debug requirement on 38 tests tests: remove the %FTPTIME3 variable tests: replace `%PWD` with `%FILE_PWD` for `file://` tests: replace `%PWD` with `%SSH_PWD` in SCP/SFTP tests tests: replace hard-coded `/dev/null` with variable tests: simplify `pathhelp.pm`, avoid using external tools tests: speed up builds with single-binary test bundles tests: testrunner fairness tests: testrunner reliability improvements tests: use '-4' where needed tests: use a set for several of the curl_props tftp: avoid two memcpy/strcpy tidy-up: rename CURL_WINDOWS_APP to CURL_WINDOWS_UWP tls: avoid abusing CURLE_SSL_ENGINE_INITFAILED tool: support --show-headers AND --remote-header-name tool_doswin: simplify; remove unused options and strncpy calls tool_getparam: drop unused time() call tool_getparam: replace two uses of strncpy(), ban strncpy tool_operate: make --skip-existing work for --parallel tool_operate: reuse the schannel backend check tool_xattr: create the user.creator xattr attribute unit1307: tidy up Apple OS detection unit1660: fix unreachable code warning in no-SSL builds url: connection reuse on h3 connections url: use same credentials on redirect urlapi: drop unused header urlapi: normalize the IPv6 address version: minor cleanups version: say quictls in MSH3 builds vquic: fix compiler warning with gcc + MUSL vquic: recv_mmsg, use fewer, but larger buffers vtls: convert Curl_pin_peer_pubkey to use dynbuf vtls: convert pubkey_pem_to_der to use dynbuf warnless: remove curlx_sktosi and curlx_sitosk winbuild/README: consolidate command prompt section winbuild/README: document how to clean a build winbuild: add initial wolfSSL support winbuild: drop `gen_resp_file.bat` wolfssl: convert malloc + memcpys to dynbuf for cipher string wolfSSL: fix handling of TLSv1.3 sessions wolfssl: no more use of the OpenSSL API wolfssl: use old version API without openssl extra 8.10.1 Bugfixes: autotools: fix `--with-ca-embed` build rule cmake: ensure `CURL_USE_OPENSSL`/`USE_OPENSSL_QUIC` are set in sync cmake: fix MSH3 to appear on the feature list connect: store connection info when really done CURLMOPT_TIMERFUNCTION.md: emphasize that only a single timer should run FTP: partly revert eeb7c1280742f5c8fa48a4340fc1e1a1a2c7075a http2: when uploading data from stdin, fix eos forwarding http: make max-filesize check not count ignored bodies lib: fix AF_INET6 use outside of USE_IPV6 libcurl-docs: CURLINFO_LOCAL_* work for QUIC as well as TCP multi: check that the multi handle is valid in curl_multi_assign QUIC: on connect, keep on trying on draining server request: correctly reset the eos_sent flag runtests: accecpt 'quictls' as OpenSSL compatible rustls: fixed minor logic bug in default cipher selection rustls: rustls-ffi 0.14.0 update rustls: support strong CSRNG data setopt: remove superfluous use of ternary expressions singleuse: drop `Curl_memrchr()` for no-HTTP builds test537: cap the rlimit max this test runs tests: tweak lock file handling and timers tool_cb_wrt: use "curl_response" if no file name in URL transfer: fix sendrecv() without interim poll vtls: fix `Curl_ssl_conn_config_match` doc param
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/curl | 1 + lfs/curl | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index be5ba351d..7d0f47756 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -37,6 +37,7 @@ usr/lib/libcurl.so.4.8.0 #usr/share/man/man3/CURLINFO_CONTENT_LENGTH_UPLOAD_T.3 #usr/share/man/man3/CURLINFO_CONTENT_TYPE.3 #usr/share/man/man3/CURLINFO_COOKIELIST.3 +#usr/share/man/man3/CURLINFO_EARLYDATA_SENT_T.3 #usr/share/man/man3/CURLINFO_EFFECTIVE_METHOD.3 #usr/share/man/man3/CURLINFO_EFFECTIVE_URL.3 #usr/share/man/man3/CURLINFO_FILETIME.3 diff --git a/lfs/curl b/lfs/curl index 4b901cad7..c3d5d2762 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@
include Config
-VER = 8.10.0 +VER = 8.11.0
THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 18b438c0e4e7b0b698a1fee16406c611124e3d137349869dd8dbb43b5ba45163c6a053e02f665e627424c96e18f8499c13ebe1eeb4c1441936d0183d28696ae6 +$(DL_FILE)_BLAKE2 = 3db13ed558bee332e07e1eab878b5ecae14cd049c115eea3a25fcb78cf28aadfe577dc224df75b62844529994ec478a9a74fed5c9bae338f809d231420ae5d0a
install : $(TARGET)
- Update from version 2.6.3 to 2.6.4 - Update of rootfile - Changelog 2.6.4 Security fixes: #915 CVE-2024-50602 -- Fix crash within function XML_ResumeParser from a NULL pointer dereference by disallowing function XML_StopParser to (stop or) suspend an unstarted parser. A new error code XML_ERROR_NOT_STARTED was introduced to properly communicate this situation. // CWE-476 CWE-754 Other changes: #903 CMake: Add alias target "expat::expat" #905 docs: Document use via CMake >=3.18 with FetchContent and SOURCE_SUBDIR and its consequences #902 tests: Reduce use of global parser instance #904 tests: Resolve duplicate handler #317 #918 tests: Improve tests on doctype closing (ex CVE-2019-15903) #914 Fix signedness of format strings #919 #920 Version info bumped from 10:3:9 (libexpat*.so.1.9.3) to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/ for what these numbers do Infrastructure: #907 CI: Upgrade Clang from 18 to 19 #913 CI: Drop macos-12 and add macos-15 #910 CI: Adapt to breaking changes in GitHub Actions #898 Add missing entries to .gitignore
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/expat | 20 ++++++++++---------- lfs/expat | 4 ++-- 2 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/config/rootfiles/common/expat b/config/rootfiles/common/expat index 51a4de2f7..0f8af4b70 100644 --- a/config/rootfiles/common/expat +++ b/config/rootfiles/common/expat @@ -2,21 +2,21 @@ #usr/include/expat.h #usr/include/expat_config.h #usr/include/expat_external.h -#usr/lib/cmake/expat-2.6.3 -#usr/lib/cmake/expat-2.6.3/expat-config-version.cmake -#usr/lib/cmake/expat-2.6.3/expat-config.cmake -#usr/lib/cmake/expat-2.6.3/expat-noconfig.cmake -#usr/lib/cmake/expat-2.6.3/expat.cmake +#usr/lib/cmake/expat-2.6.4 +#usr/lib/cmake/expat-2.6.4/expat-config-version.cmake +#usr/lib/cmake/expat-2.6.4/expat-config.cmake +#usr/lib/cmake/expat-2.6.4/expat-noconfig.cmake +#usr/lib/cmake/expat-2.6.4/expat.cmake #usr/lib/libexpat.la #usr/lib/libexpat.so usr/lib/libexpat.so.1 -usr/lib/libexpat.so.1.9.3 +usr/lib/libexpat.so.1.10.0 #usr/lib/pkgconfig/expat.pc #usr/share/doc/expat -#usr/share/doc/expat-2.6.3 -#usr/share/doc/expat-2.6.3/ok.min.css -#usr/share/doc/expat-2.6.3/reference.html -#usr/share/doc/expat-2.6.3/style.css +#usr/share/doc/expat-2.6.4 +#usr/share/doc/expat-2.6.4/ok.min.css +#usr/share/doc/expat-2.6.4/reference.html +#usr/share/doc/expat-2.6.4/style.css #usr/share/doc/expat/AUTHORS #usr/share/doc/expat/changelog #usr/share/man/man1/xmlwf.1 diff --git a/lfs/expat b/lfs/expat index 91e4f32af..eec344491 100644 --- a/lfs/expat +++ b/lfs/expat @@ -24,7 +24,7 @@
include Config
-VER = 2.6.3 +VER = 2.6.4
THISAPP = expat-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = b8e0a0e779f0f136eaca91115cbbcf5a5cca457cab1cca6f8d6141151d19f8ef2dccb41b0e9134459c1e7d99cb2e0b4ce3922d2bd9221002ec43fe9d53a0084a +$(DL_FILE)_BLAKE2 = 70d716722358db8d0acb2c74dbbc9d2362d04a0b856eab6b6d723614b656cf6aad9f6646339e0a32b4151db2e9541439bcb81ec87791e5e6ec0bd36a3ca067cc
install : $(TARGET)
- Update from version 7.0.2 to 7.1 - Update of rootfile - Changelog 7.1 - Raw Captions with Time (RCWT) closed caption demuxer - LC3/LC3plus decoding/encoding using external library liblc3 - ffmpeg CLI filtergraph chaining - LC3/LC3plus demuxer and muxer - pad_vaapi, drawbox_vaapi filters - vf_scale supports secondary ref input and framesync options - vf_scale2ref deprecated - qsv_params option added for QSV encoders - VVC decoder compatible with DVB test content - xHE-AAC decoder - removed DEC Alpha DSP and support code - VVC encoding support via libvvenc - perlin video source - D3D12VA HEVC encoder - Cropping metadata parsing and writing in Matroska and MP4/MOV de/muxers - Intel QSV-accelerated VVC decoding - MediaCodec AAC/AMR-NB/AMR-WB/MP3 decoding - YUV colorspace negotiation for codecs and filters, obsoleting the YUVJ pixel format - Vulkan H.264 encoder - Vulkan H.265 encoder - stream specifiers in fftools can now match by stream disposition - LCEVC enhancement data exporting in H.26x and MP4/ISOBMFF - LCEVC filter - MV-HEVC decoding
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/packages/ffmpeg | 16 ++++++++-------- lfs/ffmpeg | 6 +++--- 2 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/config/rootfiles/packages/ffmpeg b/config/rootfiles/packages/ffmpeg index d6b7985f6..990f43b86 100644 --- a/config/rootfiles/packages/ffmpeg +++ b/config/rootfiles/packages/ffmpeg @@ -152,28 +152,28 @@ usr/bin/ffprobe #usr/include/libswscale/version_major.h #usr/lib/libavcodec.so usr/lib/libavcodec.so.61 -usr/lib/libavcodec.so.61.3.100 +usr/lib/libavcodec.so.61.19.100 #usr/lib/libavdevice.so usr/lib/libavdevice.so.61 -usr/lib/libavdevice.so.61.1.100 +usr/lib/libavdevice.so.61.3.100 #usr/lib/libavfilter.so usr/lib/libavfilter.so.10 -usr/lib/libavfilter.so.10.1.100 +usr/lib/libavfilter.so.10.4.100 #usr/lib/libavformat.so usr/lib/libavformat.so.61 -usr/lib/libavformat.so.61.1.100 +usr/lib/libavformat.so.61.7.100 #usr/lib/libavutil.so usr/lib/libavutil.so.59 -usr/lib/libavutil.so.59.8.100 +usr/lib/libavutil.so.59.39.100 #usr/lib/libpostproc.so usr/lib/libpostproc.so.58 -usr/lib/libpostproc.so.58.1.100 +usr/lib/libpostproc.so.58.3.100 #usr/lib/libswresample.so usr/lib/libswresample.so.5 -usr/lib/libswresample.so.5.1.100 +usr/lib/libswresample.so.5.3.100 #usr/lib/libswscale.so usr/lib/libswscale.so.8 -usr/lib/libswscale.so.8.1.100 +usr/lib/libswscale.so.8.3.100 #usr/lib/pkgconfig/libavcodec.pc #usr/lib/pkgconfig/libavdevice.pc #usr/lib/pkgconfig/libavfilter.pc diff --git a/lfs/ffmpeg b/lfs/ffmpeg index 0431de125..8b5be7702 100644 --- a/lfs/ffmpeg +++ b/lfs/ffmpeg @@ -26,7 +26,7 @@ include Config
SUMMARY = Library for working with various multimedia formats
-VER = 7.0.2 +VER = 7.1
THISAPP = ffmpeg-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = ffmpeg -PAK_VER = 17 +PAK_VER = 18
DEPS = sdl2 lame libvorbis xvid
@@ -52,7 +52,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = f6536f41f784f1b49ed0728d80a522676dfe1facbeb7fec3f7796683ce28c73e41508f9a5dd1e5cd18d3ff787d562bb1e6a5085ee0660076b84a76040587e5a8 +$(DL_FILE)_BLAKE2 = 91b012d12a0f2bc1742d7d2e634e358d5d10976ad1fd0c44f40fa7a0fd102bc11e3b51237c2e3b0baa4b4d7d505e21d4336baa3293b20a7c4e3a0433dfc53362
install : $(TARGET)
- Update from version 3.8.7 to 3.8.8 - Update of rootfile - Changelog 3.8.8 ** libgnutls: Experimental support for X25519MLKEM768 and SecP256r1MLKEM768 key exchange in TLS 1.3 The support for post-quantum key exchanges has been extended to cover the final standard of ML-KEM, following draft-kwiatkowski-tls-ecdhe-mlkem. The minimum supported version of liboqs is bumped to 0.11.0. ** libgnutls: All records included in an OCSP response are now checked in TLS Previously, when multiple records are provided in a single OCSP response, only the first record was considered; now all those records are examined until the server certificate matches. ** libgnutls: Handling of malformed compress_certificate extension is now more standard compliant The server behavior of receiving a malformed compress_certificate extension now more strictly follows RFC 8879; return illegal_parameter alert instead of bad_certificate, as well as overlong extension data is properly rejected. ** build: More flexible library linking options for compression libraries, TPM, and liboqs support The configure options, --with-zstd, --with-brotli, --with-zlib, --with-tpm2, and --with-liboqs now take 4 states: yes/link/dlopen/no, to specify how the libraries are linked or loaded.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/gnutls | 20 +++++++++++++++++++- lfs/gnutls | 4 ++-- 2 files changed, 21 insertions(+), 3 deletions(-)
diff --git a/config/rootfiles/common/gnutls b/config/rootfiles/common/gnutls index 6707e8290..4f496435f 100644 --- a/config/rootfiles/common/gnutls +++ b/config/rootfiles/common/gnutls @@ -32,7 +32,7 @@ usr/lib/libgnutls-dane.so.0.4.1 #usr/lib/libgnutls.la #usr/lib/libgnutls.so usr/lib/libgnutls.so.30 -usr/lib/libgnutls.so.30.40.1 +usr/lib/libgnutls.so.30.40.2 #usr/lib/libgnutlsxx.la #usr/lib/libgnutlsxx.so usr/lib/libgnutlsxx.so.30 @@ -68,6 +68,24 @@ usr/lib/libgnutlsxx.so.30.0.0 #usr/share/info/gnutls.info-6 #usr/share/info/gnutls.info-7 #usr/share/info/pkcs11-vision.png +#usr/share/locale/cs/LC_MESSAGES/gnutls.mo +#usr/share/locale/de/LC_MESSAGES/gnutls.mo +#usr/share/locale/eo/LC_MESSAGES/gnutls.mo +#usr/share/locale/es/LC_MESSAGES/gnutls.mo +#usr/share/locale/fi/LC_MESSAGES/gnutls.mo +#usr/share/locale/fr/LC_MESSAGES/gnutls.mo +#usr/share/locale/it/LC_MESSAGES/gnutls.mo +#usr/share/locale/ka/LC_MESSAGES/gnutls.mo +#usr/share/locale/ms/LC_MESSAGES/gnutls.mo +#usr/share/locale/nl/LC_MESSAGES/gnutls.mo +#usr/share/locale/pl/LC_MESSAGES/gnutls.mo +#usr/share/locale/pt_BR/LC_MESSAGES/gnutls.mo +#usr/share/locale/ro/LC_MESSAGES/gnutls.mo +#usr/share/locale/sr/LC_MESSAGES/gnutls.mo +#usr/share/locale/sv/LC_MESSAGES/gnutls.mo +#usr/share/locale/uk/LC_MESSAGES/gnutls.mo +#usr/share/locale/vi/LC_MESSAGES/gnutls.mo +#usr/share/locale/zh_CN/LC_MESSAGES/gnutls.mo #usr/share/man/man1/certtool.1 #usr/share/man/man1/danetool.1 #usr/share/man/man1/gnutls-cli-debug.1 diff --git a/lfs/gnutls b/lfs/gnutls index 596350c3d..ad8269338 100644 --- a/lfs/gnutls +++ b/lfs/gnutls @@ -24,7 +24,7 @@
include Config
-VER = 3.8.7 +VER = 3.8.8
THISAPP = gnutls-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 900019c5f53d6c81c2761d02008a1bd7651bf4e70043d2a74f1fca0c3cda3c3c8c87a1f9dfc090517e875e9861b6ad9dd251f8121135aeaee209b54c2538ade0 +$(DL_FILE)_BLAKE2 = d1498b0b9f14789599fd5b984d5370b632611f2702e9f4fc504ddba2a3e0dd4137bec858eb6150d031f9f50e6b3a3a7d905864f0a9f50a1f01e5ea8f37a44ba8
install : $(TARGET)
- Update from version 2.03.26 to 2.03.28 - Update of rootfile not required - Changelog 2.03.28 Use radix_tree to lookup for UUID within committed metadata. Use radix_tree to lookup LV list entry within VG struct. Introduce setting config/validate_metadata = full | none. Restore fs resize call for lvresize -r on the same size LV (2.03.17). Correct off-by-one devicesfile backup counting. Replace use of dm_hash with radix_tree for lv names and uuids. Refactor vg_validate with uniq_insert and better use of CPU caches. Add radix_tree_uniq_insert. Update DM cache when taking next VG lock instead of dropping it. Generate json string id only for json reporting. For vgsummary use new API call dm_config_parse_only_section(). Use radix_tree for PV names mapping. Split check_lv_segment into separate _in/complete_vg variant. Use find_lv instead of find_lv_in_vg when possible. Do a mirror fixup only when mirrors with logs are imported. Add faster crc32 calculation from zlib code for x86_64. Fall back to direct zeroing if BLKZEROOUT fails during new LV initialization. 2.03.27 Fix swap device size detection using blkid for lvresize/lvreduce/lvextend. Detect GPT partition table and pass partition filter if no partitions defined. Add global/sanlock_align_size option to configure sanlock lease size. Disable mem locking when activation/reserved_stack or reserved_memory is 0. Fix locking issues in lvmlockd leaving thin pool locked. Deprecate vdo settings vdo_write_policy and vdo_write_policy. Lots of typo fixes across lvm2 code base (codespell). Corrected integrity parameter interleave_sectors for DM table line. Ignore -i|--stripes, -I|--stripesize for lvextend on raid0 LV, like raid10. Do not accept duplicate device names for pvcreate.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/lvm2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/lvm2 b/lfs/lvm2 index a3570bfd0..8992ecf16 100644 --- a/lfs/lvm2 +++ b/lfs/lvm2 @@ -24,7 +24,7 @@
include Config
-VER = 2.03.26 +VER = 2.03.28
THISAPP = LVM2.$(VER) DL_FILE = $(THISAPP).tgz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = bf7abb8cea32336d8e4c695111fa73fffb242925b2276ddbffcc74c5547a6338a8c7e0dab6a6f77efa31fb9a3f4fad59792b36dedd5c03baeef4dfff5fbf545d +$(DL_FILE)_BLAKE2 = c4c64975d39b9f5c8def0ec6a405b6aa158b6646fcc010724dc500cec7645a2f97b089665615c5fb0b03cd3c528c95f59122900b4f1d08d16364729c38acc10b
install : $(TARGET)
- Update from version 0.43.4 to 0.44.0 - Update of rootfile - Disabling iwmmxt no longer required as support for it in pixman has been dropped. - Changelog not provided. Review of changes only available by review of commits. https://gitlab.freedesktop.org/pixman/pixman/-/commits/master?ref_type=heads
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/pixman | 2 +- lfs/pixman | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/common/pixman b/config/rootfiles/common/pixman index d6ed58f3c..3f81a4b12 100644 --- a/config/rootfiles/common/pixman +++ b/config/rootfiles/common/pixman @@ -3,5 +3,5 @@ #usr/include/pixman-1/pixman.h #usr/lib/libpixman-1.so usr/lib/libpixman-1.so.0 -usr/lib/libpixman-1.so.0.43.4 +usr/lib/libpixman-1.so.0.44.0 #usr/lib/pkgconfig/pixman-1.pc diff --git a/lfs/pixman b/lfs/pixman index 8b4644757..858939c99 100644 --- a/lfs/pixman +++ b/lfs/pixman @@ -24,7 +24,7 @@
include Config
-VER = 0.43.4 +VER = 0.44.0
THISAPP = pixman-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = c31e5700bfadcd72f522af50509a4a6cd7bbf90c918c75b108e50246f1c76e858125138902a222040ada192710ec788deb43eb65085416f3eff88e3ed970933e +$(DL_FILE)_BLAKE2 = ea3f5fc5e6febfd3e6acf89b9bb7ce2d7c82d42ede2b3f7df69ce6d65ec2d75d3402523a1a3227135caac34633556dec3010a435ace23f2c8255ea210c03d5db
install : $(TARGET)
@@ -73,7 +73,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) $(UPDATE_AUTOMAKE) cd $(DIR_APP) && meson \ --prefix=/usr \ - -D iwmmxt=disabled \ builddir/ cd $(DIR_APP) && ninja -C builddir/ $(MAKETUNING) cd $(DIR_APP) && ninja -C builddir/ install
- Update from version 3460100 to 3470000 - Update of rootfile not required - Changelog 3470000 Allow arbitrary expressions in the second argument to the RAISE function. If the RHS of the ->> operator is negative, then access array elements counting from the right. Fix a problem with rolling back hot journal files in the seldom-used unix-dotfile VFS. FTS5 tables can now be dropped even if they use a non-standard tokenizer that has not been registered. Fix the group_concat() aggregate function so that it returns an empty string, not a NULL, if it receives a single input value which is an empty string. Enhance the generate_series() table-valued function so that it is able to recognize and use constraints on its output value. Preupdate hooks now recognize when a column added by ALTER TABLE ADD COLUMN has a non-null default value. Performance optimizations: Improved reuse of subqueries associated with the IN operator, especially when the IN operator has been duplicated due to predicate push-down. Use a Bloom filter on subqueries on the right-hand side of the IN operator, in cases where that seems likely to improve performance. Ensure that queries like "SELECT func(a) FROM tab GROUP BY 1" only invoke the func() function once per row. No attempt is made to create automatic indexes on a column that is known to be non-selective because of its use in other indexes that have been analyzed. Adjustments to the query planner so that it produces better plans for star queries with a large number of dimension tables. Add the "order-by-subquery" optimization, that seeks to disable sort operations in outer queries if the desired order is obtained naturally due to ORDER BY clauses in subqueries. The "indexed-subtype-expr" optimization strives to use expressions that are part of an index rather than recomputing the expression based on table values, as long as the query planner can prove that the subtype of the expression will never be used. Miscellaneous coding tweaks for faster runtimes. Enhancements to SQLite-related command-line programs: Add the experimental sqlite3_rsync program. Add extension functions median(), percentile(), percentile_cont(), and percentile_disc() to the CLI. Add the .www dot-command to the CLI. The sqlite3_analyzer utility now provides a break-out of statistics for WITHOUT ROWID tables. The sqldiff utility avoids creating an empty database if its second argument does not exist. Enhance the sqlite_dbpage table-valued function such that INSERT can be used to increase or decrease the size of the database file. SQLite no longer makes any use of the "long double" data type, as hardware support for long double is becoming less common and long double creates challenges for some compiler tool chains. Instead, SQLite uses Dekker's algorithm when extended precision is needed. The TCL Interface for SQLite supports TCL9. Everything probably still works for TCL 8.5 and later, though this is not guaranteed. Users are encouraged to upgrade to TCL9. JavaScript/WASM: Fix a corruption-causing bug in the JavaScript "opfs" VFS. Correct "mode=ro" handling for the "opfs" VFS. Work around a couple of browser-specific OPFS quirks. FTS5 Changes: Add the fts5_tokenizer_v2 API and the locale=1 option, for creating custom locale-aware tokenizers and fts5 tables that may take advantage of them. Add the contentless_unindexed=1 option, for creating contentless fts5 tables that store the values of any UNINDEXED columns persistently in the database. Allow an FTS5 table to be dropped even if it uses a custom tokenizer whose implementation is not available.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/sqlite | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/sqlite b/lfs/sqlite index 6998ae087..c02288298 100644 --- a/lfs/sqlite +++ b/lfs/sqlite @@ -24,7 +24,7 @@
include Config
-VER = 3460100 +VER = 3470000
THISAPP = sqlite-autoconf-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = b84bc7f6cbe2f1a4894b725d68ebdc58eebc312581fd27e74a75086e834b2b2f4ff09b907e193d8eaf78d9829149de8d9ea587cf650849fe4d3fc84db64ddfad +$(DL_FILE)_BLAKE2 = 8b4f990f5cdb1975d167fe2b77b421a9ce20ea200ed21f7d5f335f991ff2c68f69ff91325a8afa9dafa5d3975001d3cf39d8b27c1791382e940774872117d5a6
install : $(TARGET)
-
Adolf Belka