- Update from version 7.86.0 to 7.87.0 - Update of rootfile - version 7.87.0 changed hoiw it deals with deprecated typecheck expressions. This caused zabbix_agentd build to fail. Curl developers created a commit to fix this in next version release. Added as patch here. Should be able to be removed with next curl update. - Changelog curl and libcurl 7.87.0 This release includes the following changes: o curl: add --url-query [52] o CURLOPT_QUICK_EXIT: don't wait for DNS thread on exit [75] o lib: add CURL_WRITEFUNC_ERROR to signal write callback error [47] o openssl: reduce CA certificate bundle reparsing by caching [11] o version: add a feature names array to curl_version_info_data [67] This release includes the following bugfixes: o altsvc: fix rejection of negative port numbers [144] o aws_sigv4: consult x-%s-content-sha256 for payload hash [102] o aws_sigv4: fix typos in aws_sigv4.c [101] o base64: better alloc size [124] o base64: encode without using snprintf [123] o base64: faster base64 decoding [120] o build: assume assert.h is always available [111] o build: assume errno.h is always available [110] o c-hyper: CONNECT respones are not server responses [137] o c-hyper: fix multi-request mechanism [115] o CI: Change FreeBSD image from 12.3 to 12.4 [108] o CI: LGTM.com will be shut down in December 2022 [112] o ci: Remove zuul fuzzing job as it's superseded by CIFuzz o cmake: check for cross-compile, not for toolchain [54] o CMake: fix build with `CURL_USE_GSSAPI` [78] o cmake: really enable warnings with clang [25] o cmake: set the soname on the shared library [140] o cmdline-opts/gen.pl: fix the linkifier [64] o cmdline-opts/page-footer: remove long option nroff formatting o config-mac: define HAVE_SYS_IOCTL_H [107] o config-mac: fix typo: size_T -> size_t [125] o config-mac: remove HAVE_SYS_SELECT_H [116] o config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW [41] o configure: require fork for NTLM-WB [36] o contributors.sh: actually use $CURLWWW instead of just setting it [129] o cookie: compare cookie prefixes case insensitively [14] o cookie: expire cookies at once when max-age is negative [45] o cookie: open cookie jar as a binary file [89] o curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS [90] o curl-rustls.m4: on macOS, rustls also needs the Security framework [44] o curl.h: include <sys/select.h> on SerenityOS [104] o curl.h: name all public function parameters [118] o curl.h: reword comment to not use deprecated option [132] o curl: override the numeric locale and set "C" by force [60] o curl: timeout in the read callback [15] o curl_endian: remove Curl_write64_le from header [81] o curl_get_line: allow last line without newline char [88] o curl_path: do not add '/' if homedir ends with one [4] o curl_url_get.3: remove spurious backtick [127] o curl_url_set.3: document CURLU_DISALLOW_USER [139] o curl_url_set.3: fix typo [148] o CURLMOPT_SOCKETFUNCTION.3: clarify CURL_POLL_REMOVE [1] o CURLOPT_COOKIEFILE.3: advice => advise [131] o CURLOPT_DEBUGFUNCTION.3: do not assume nul-termination in example [31] o CURLOPT_DEBUGFUNCTION.3: emphasize that incoming data is "raw" [130] o CURLOPT_POST.3: Explain setting to 0 changes request type [61] o docs/curl_ws_send: Fixed typo in websocket docs [114] o docs/EARLY-RELEASE.md: how to determine an early release [37] o docs/examples: spell correction ('Retrieve') [119] o docs/INSTALL.md: expand on static builds [62] o docs/WEBSOCKET.md: explain the URL use [71] o docs: add missing parameters for --retry flag [2] o docs: add more "SEE ALSO" links to CA related pages [82] o docs: explain the noproxy CIDR notation support [17] o docs: extend the dump-header documentation [150] o docs: remove performance note in CURLOPT_SSL_VERIFYPEER [13] o examples/10-at-a-time: fix possible skipped final transfers [85] o examples: update descriptions [83] o ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH [96] o gen.pl: do not generate CURLHELP bitmask lines > 79 characters [10] o GHA: clarify workflows permissions, set least possible privilege [79] o GHA: NSS use clang instead of clang-9 [103] o gnutls: use common gnutls init and verify code for ngtcp2 [98] o headers: add endif comments [51] o HTTP-COOKIES.md: mention that http://localhost is a secure context [76] o HTTP-COOKIES.md: update the 6265bis link to draft-11 [70] o http: do not send PROXY more than once [46] o http: fix the ::1 comparison for IPv6 localhost for cookies [155] o http: set 'this_is_a_follow' in the Location: logic [40] o http: use the IDN decoded name in HSTS checks [154] o hyper: classify headers as CONNECT and 1XX [56] o hyper: fix handling of hyper_task's when reusing the same address [33] o idn: remove Curl_win32_ascii_to_idn [153] o INSTALL: update operating systems and CPU archs [91] o KNOWN_BUGS: remove eight entries [50] o lib1560: add some basic IDN host name tests [151] o lib: connection filters (cfilter) addition to curl: [43] o lib: feature deprecation warnings in gcc >= 4.3 [58] o lib: fix some type mismatches and remove unneeded typecasts [12] o lib: parse numbers with fixed known base 10 [77] o lib: remove bad set.opt_no_body assignments [42] o lib: rewind BEFORE request instead of AFTER previous [65] o lib: sync guard for Curl_getaddrinfo_ex() definition and use [6] o lib: use size_t or int etc instead of longs [145] o libcurl-errors.3: remove duplicate word [3] o libssh2: return error when ssh_hostkeyfunc returns error [121] o limit-rate.d: see also --rate o log2changes.pl: wrap long lines at 80 columns [59] o Makefile.mk: address minor issues [87] o Makefile.mk: improve a GNU Make hack [122] o Makefile.mk: portable Makefile.m32 [86] o maketgz: set the right version in lib/libcurl.plist [53] o mime: relax easy/mime structures binding [94] o misc: Fix incorrect spelling [113] o misc: remove duplicated include files [28] o misc: typo and grammar fixes [23] o negtelnetserver.py: have it call its close() method [68] o netrc.d: provide mutext info [63] o netware: remove leftover traces [80] o noproxy: also match with adjacent comma [19] o noproxy: guard against empty hostnames in noproxy check [136] o noproxy: tailmatch like in 7.85.0 and earlier [35] o nroff-scan.pl: detect double highlights o ntlm: improve comment for encrypt_des [55] o ntlm: silence ubsan warning about copying from null target_info pointer [69] o openssl/mbedtls: use %d for outputing port with failf (int) [72] o openssl: prefix errors with '[lib]/[version]: ' [105] o os400: use platform socklen_t in Curl_getnameinfo_a [18] o page-header: grammar improvement (display transfer rate) [126] o proxy: refactor haproxy protocol handling as connection filter [57] o README.md: remove badges and xmas-tree garnish [9] o rtsp: fix RTSP auth [49] o runtests: --no-debuginfod now disables DEBUGINFOD_URLS [100] o runtests: do CRLF replacements per section only [97] o scripts/checksrc.pl: detect duplicated include files [29] o sendf: change Curl_read_plain to wrap Curl_recv_plain [48] o sendf: remove unnecessary if condition [26] o setup: do not require __MRC__ defined for Mac OS 9 builds [117] o smb/telnet: do not free the protocol struct in *_done() [152] o socks: fix username max size is 255 (0xFF) [146] o spellcheck.words: remove 'github' as an accepted word [22] o ssl-reqd.d: clarify that this is for upgrading connections only [138] o strcase: use curl_str(n)equal for case insensitive matches [8] o styled-output.d: this option does not work on Windows [93] o system.h: fix socklen_t, curl_off_t, long long for Classic Mac OS [133] o system.h: support 64-bit curl_off_t for NonStop 32-bit [21] o test1421: fix typo [109] o test3026: reduce runtime in legacy mingw builds [73] o tests/sshserver.pl: re-enable ssh-rsa while using openssh 8.8+ o tests: add authorityInfoAccess to generated certs [99] o tests: add HTTP/3 test case, custom location for proper nghttpx [106] o tls: backends use connection filters for IO, enabling HTTPS-proxy [92] o tool: determine the correct fopen option for -D [95] o tool_cfgable: free the ssl_ec_curves on exit [142] o tool_cfgable: make socks5_gssapi_nec a boolean [128] o tool_formparse: avoid clobbering on function params [135] o tool_getparam: make --no-get work as the opposite of --get [39] o tool_operate: provide better errmsg for -G with bad URL [16] o tool_operate: when aborting, make sure there is a non-NULL error buffer [20] o tool_paramhlp: free the proto strings on exit [141] o url: move back the IDN conversion of proxy names [74] o urlapi: reject more bad letters from the host name: &+() [143] o urldata: change port num storage to int and unsigned short [66] o vms: remove SIZEOF_SHORT [134] o vtls: fix build without proxy support [38] o vtls: localization of state data in filters [84] o WEBSOCKET.md: fix broken link [30] o Websocket: fixes for partial frames and buffer updates [7] o websockets: fix handling of partial frames [32] o windows: fail early with a missing windres in autotools [5] o windows: fix linking .rc to shared curl with autotools [24] o winidn: drop WANT_IDN_PROTOTYPES [27] o ws: if no connection is around, return error [149] o ws: return CURLE_NOT_BUILT_IN when websockets not built in [34] o x509asn1: avoid freeing unallocated pointers [147]
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/curl | 1 + lfs/curl | 6 ++- ...pressions_for_option_info_parameters.patch | 42 +++++++++++++++++++ 3 files changed, 47 insertions(+), 2 deletions(-) create mode 100644 src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index 01a5fd792..82e3988d6 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -119,6 +119,7 @@ usr/lib/libcurl.so.4.8.0 #usr/share/man/man3/CURLOPT_CAINFO.3 #usr/share/man/man3/CURLOPT_CAINFO_BLOB.3 #usr/share/man/man3/CURLOPT_CAPATH.3 +#usr/share/man/man3/CURLOPT_CA_CACHE_TIMEOUT.3 #usr/share/man/man3/CURLOPT_CERTINFO.3 #usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3 #usr/share/man/man3/CURLOPT_CHUNK_DATA.3 diff --git a/lfs/curl b/lfs/curl index 33678f795..b76c33410 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@
include Config
-VER = 7.86.0 +VER = 7.87.0
THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = a1de7feb229de42bf1deeb5017f97df3b1c10c75fac99bcd0cd21a5dc69b6d8b62520744106d6a113c7a86bd6731dba536a263aabfa22be50d520c43e894acce +$(DL_FILE)_BLAKE2 = b272ec928c5ef1728434630d8910f58834327a30570913df9d47921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13
install : $(TARGET)
@@ -70,6 +70,8 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xf $(DIR_DL)/$(DL_FILE) + # Add upstream patche. + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch cd $(DIR_APP) && ./configure \ --prefix=/usr \ --disable-ipv6 \ diff --git a/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch b/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch new file mode 100644 index 000000000..63b23e309 --- /dev/null +++ b/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch @@ -0,0 +1,42 @@ +From curl commit e2aed00 + +As expressions can have side effects, evaluate only once. + +To enable deprecation reporting only once, get rid of the __typeof__ +use to define the local temporary variable and use the target type +(CURLoption/CURLINFO). This also avoids multiple reports on type +conflicts (if some) by the curlcheck_* macros. + +Note that CURLOPT_* and CURLINFO_* symbols may be deprecated, but not +their values: a curl_easy_setopt call with an integer constant as option +will never report a deprecation. + +Reported-by: Thomas Klausner +Fixes #10148 +Closes #10149 + + +--- curl-7.87.0/include/curl/typecheck-gcc.h.orig 2022-12-19 08:48:23.000000000 +0100 ++++ curl-7.87.0/include/curl/typecheck-gcc.h 2022-12-26 20:39:29.243819395 +0100 +@@ -42,9 +42,8 @@ + */ + #define curl_easy_setopt(handle, option, value) \ + __extension__({ \ +- CURL_IGNORE_DEPRECATION(__typeof__(option) _curl_opt = option;) \ ++ CURLoption _curl_opt = (option); \ + if(__builtin_constant_p(_curl_opt)) { \ +- (void) option; \ + CURL_IGNORE_DEPRECATION( \ + if(curlcheck_long_option(_curl_opt)) \ + if(!curlcheck_long(value)) \ +@@ -120,9 +119,8 @@ + /* wraps curl_easy_getinfo() with typechecking */ + #define curl_easy_getinfo(handle, info, arg) \ + __extension__({ \ +- CURL_IGNORE_DEPRECATION(__typeof__(info) _curl_info = info;) \ ++ CURLINFO _curl_info = (info); \ + if(__builtin_constant_p(_curl_info)) { \ +- (void) info; \ + CURL_IGNORE_DEPRECATION( \ + if(curlcheck_string_info(_curl_info)) \ + if(!curlcheck_arr((arg), char *)) \
- Update from version 4.4.1 to 6.0.0 - Update of rootfile - Changelog Overview of changes leading to 6.0.0 - A new API have been added to pre-process the face and speed up future subsetting operations on that face. Provides up to a 95% reduction in subsetting times when the same face is subset more than once. For more details and benchmarks, see: https://github.com/harfbuzz/harfbuzz/blob/main/docs/subset-preprocessing.md - Shaping have been speedup by skipping entire lookups when the buffer contents don't intersect with the lookup. Shows up to a 10% speedup in shaping some fonts. (Behdad Esfahbod) - A new experimental feature, “Variable Composites” (enabled by passing -Dexperimental_api=true to meson), is also featured in this release. This technology enables drastic compression of fonts in the Chinese, Japanese, Korean, and other writing systems, by reusing the OpenType Font Variations technology for encoding “smart components” into the font. The specification for these extensions to the font format can be found in: https://github.com/harfbuzz/boring-expansion-spec/blob/glyf1/glyf1.md A test variable-font with ~7160 Hangul syllables derived from the NotoSerifKR-VF font has been built, with existing OpenType technology, as well as with the new Variable Composites (VarComposites) technology. The VarComposites font is over 90% smaller than the OpenType version of the font! Both fonts can be obtained from the “smarties” repository: https://github.com/behdad/smarties/tree/3.0/fonts/hangul/serif When building HarfBuzz with experimental features enabled, you can test the “smarties” font with a sample character like this: $ hb-view butchered-hangul-serif-smarties-variable.ttf -u AE01 --variations=wght=700 - The HarfBuzz subsetter can now drop axes by pinning them to specific values (also referred to as instancing). There are a couple of restrictions currently: - Only works with TrueType (“glyf”) based fonts. “CFF2” fonts are not yet supported. - Only supports the case where all axes in a font are pinned. - Miscellaneous fixes and improvements. - New API +hb_subset_input_pin_axis_location() +hb_subset_input_pin_axis_to_default() +hb_subset_preprocess() Overview of changes leading to 5.3.1 - Subsetter repacker fixes. (Garret Rieger) - Adjust Grapheme clusters for Katakana voiced sound marks. (Behdad Esfahbod) - New “hb-subset” option “--preprocess-face”. (Garret Rieger) Overview of changes leading to 5.3.0 - Don’t add glyphs from dropped MATH or COLR tables to the subset glyphs. (Khaled Hosny) - Map “rlig” to appropriate AAT feature selectors. (Jonathan Kew) - Update USE data files to latest version. (David Corbett) - Check “CBDT” extents first before outline tables, to help with fonts that also include an empty “glyf” table. (Khaled Hosny) - More work towards variable font instancing in the subsetter. (Qunxin Liu) - Subsetter repacker improvements. (Garret Rieger) - New API: +hb_ot_layout_lookup_get_optical_bound() +hb_face_builder_sort_tables() Overview of changes leading to 5.2.0 - Fix regressions in hb-ft font functions for FT_Face’s with transformation matrix. (Behdad Esfahbod) - The experimental hb-repacker API now supports splitting several GPOS subtable types when needed. (Garret Rieger) - The HarfBuzz extensions to OpenType font format are now opt-in behind build-time flags. (Behdad Esfahbod) - The experimental hb-subset variable fonts instantiation API can now instantiate more font tables and arbitrary axis locations. (Qunxin Liu) - Unicode 15 support. (David Corbett) - Various documentation improvements. (Behdad Esfahbod, Matthias Clasen) - The hb-view command line tool now detects WezTerm inline images support. (Wez Furlong) - Fix FreeType and ICU dependency lookup with meson. (Xavier Claessens) - New API: +HB_SCRIPT_KAWI +HB_SCRIPT_NAG_MUNDARI Overview of changes leading to 5.1.0 - More extensive buffer tracing messages. (Behdad Esfahbod) - Fix hb-ft regression in bitmap fonts rendering. (Behdad Esfahbod) - Support extension promotion of lookups in hb-subset-repacker. (Garret Rieger) - A new HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL for scripts that use elongation (e.g. Arabic) to signify where it is safe to insert tatweel glyph without interrupting shaping. (Behdad Esfahbod) - Add “--safe-to-insert-tatweel” to “hb-shape” tool. (Behdad Esfahbod) - New API +HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL +HB_BUFFER_FLAG_PRODUCE_SAFE_TO_INSERT_TATWEEL Overview of changes leading to 5.0.1 - Fix version 2 “avar” table with hb-ft. (Behdad Esfahbod) Overview of changes leading to 5.0.0 - Support fonts with more than 65535 glyphs in “GDEF”, “GSUB”, and “GPOS” tables. This is part of https://github.com/be-fonts/boring-expansion-spec to extend OpenType in a backward-compatible way. (Behdad Esfahbod, Garret Rieger) - Complete support for more than 65535 glyphs in “glyf” table that started in 4.0.0 release. Part of boring-expansion-spec. (Behdad Esfahbod) - Support version 2 of “avar” table. Part of boring-expansion-spec. (Behdad Esfahbod) - Fix mark attachment on multiple substitutions in some cases. (Behdad Esfahbod) - Fix application of “calt”, “rclt”, and “ccmp” features to better match Uniscribe behaviour with some Arabic fonts. (Behdad Esfahbod) - Improvement to interaction between multiple cursive attachments. (Behdad Esfahbod) - Improve multiple mark interactions in Hebrew. (Behdad Esfahbod) - Implement language-specific forms in AAT shaping. (Behdad Esfahbod) - Fix variation of “VORG” table. (Behdad Esfahbod) - Support for specific script tags to be retained in the subsetter, and add “--layout-scripts” option to “hb-subset” tool. (Garret Rieger) - Accept space as delimiter for --features/--variations in command line tools. - Improve subsetting of “COLR” table. (Qunxin Liu) - Improved fuzzing coverage for ot-math API. (Frédéric Wang) - Fix “kern” table version 2 (AAT) sanitization on 32-bit systems. (Behdad Esfahbod) - Allow negative glyph advances from “graphite2” shaper. (Stephan Bergmann) - Implement loading (color) bitmap fonts with hb-ft. (Behdad Esfahbod) - Fix regression in hb-ft when changing font size. (Behdad Esfahbod) - Fix build on GCC < 7. (Kleis Auke Wolthuizen) - Dynamically load dwrite.dll on windows if “directwrite” shaper is enabled. (Luca Bacci) - Provide a single-file harfbuzz-subset.cc file for easier alternate building of hb-subset library, similar to harfbuzz.cc. (Khaled Hosny) - New API +HB_SUBSET_SETS_LAYOUT_SCRIPT_TAG +hb_language_matches()
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/harfbuzz | 8 +++++--- lfs/harfbuzz | 6 +++--- 2 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/common/harfbuzz b/config/rootfiles/common/harfbuzz index bb4bb2ee9..7da247be0 100644 --- a/config/rootfiles/common/harfbuzz +++ b/config/rootfiles/common/harfbuzz @@ -41,11 +41,11 @@ #usr/lib/libharfbuzz-subset.la #usr/lib/libharfbuzz-subset.so usr/lib/libharfbuzz-subset.so.0 -usr/lib/libharfbuzz-subset.so.0.40401.0 +usr/lib/libharfbuzz-subset.so.0.60000.0 #usr/lib/libharfbuzz.la #usr/lib/libharfbuzz.so usr/lib/libharfbuzz.so.0 -usr/lib/libharfbuzz.so.0.40401.0 +usr/lib/libharfbuzz.so.0.60000.0 #usr/lib/pkgconfig/harfbuzz-subset.pc #usr/lib/pkgconfig/harfbuzz.pc #usr/share/gtk-doc/html/harfbuzz @@ -115,6 +115,9 @@ usr/lib/libharfbuzz.so.0.40401.0 #usr/share/gtk-doc/html/harfbuzz/api-index-4-2-0.html #usr/share/gtk-doc/html/harfbuzz/api-index-4-3-0.html #usr/share/gtk-doc/html/harfbuzz/api-index-4-4-0.html +#usr/share/gtk-doc/html/harfbuzz/api-index-5-0-0.html +#usr/share/gtk-doc/html/harfbuzz/api-index-5-3-0.html +#usr/share/gtk-doc/html/harfbuzz/api-index-6-0-0.html #usr/share/gtk-doc/html/harfbuzz/api-index-full.html #usr/share/gtk-doc/html/harfbuzz/apple-advanced-typography-api.html #usr/share/gtk-doc/html/harfbuzz/buffers-language-script-and-direction.html @@ -213,4 +216,3 @@ usr/lib/libharfbuzz.so.0.40401.0 #usr/share/gtk-doc/html/harfbuzz/why-do-i-need-a-shaping-engine.html #usr/share/gtk-doc/html/harfbuzz/why-is-it-called-harfbuzz.html #usr/share/gtk-doc/html/harfbuzz/working-with-harfbuzz-clusters.html - diff --git a/lfs/harfbuzz b/lfs/harfbuzz index 558c794de..c547b203c 100644 --- a/lfs/harfbuzz +++ b/lfs/harfbuzz @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 4.4.1 +VER = 6.0.0
THISAPP = harfbuzz-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = a1c87e48228312b24bfa41a323fb4a4f6e2cb125c4a86df2a536a8c09f9e76bbaf18cb9b8b46452b949a9c01e31756925187c8c619fb9fb11f8ae29f36a250f0 +$(DL_FILE)_BLAKE2 = bb08f90cf9540a076ec2fe5498658a0e5f963537ebd98fce271af9070d0fc7178346bf56c600720d433c9e3a403f67ec3ac898abeb1da12697ad22980ecf5204
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 4.4.1 to 6.0.0
- Update of rootfile
- Changelog Overview of changes leading to 6.0.0
+hb_subset_input_pin_axis_location() +hb_subset_input_pin_axis_to_default() +hb_subset_preprocess() Overview of changes leading to 5.3.1
- A new API have been added to pre-process the face and speed up future subsetting operations on that face. Provides up to a 95% reduction in subsetting times when the same face is subset more than once. For more details and benchmarks, see: https://github.com/harfbuzz/harfbuzz/blob/main/docs/subset-preprocessing.md
- Shaping have been speedup by skipping entire lookups when the buffer contents don't intersect with the lookup. Shows up to a 10% speedup in shaping some fonts. (Behdad Esfahbod)
- A new experimental feature, “Variable Composites” (enabled by passing -Dexperimental_api=true to meson), is also featured in this release. This technology enables drastic compression of fonts in the Chinese, Japanese, Korean, and other writing systems, by reusing the OpenType Font Variations technology for encoding “smart components” into the font. The specification for these extensions to the font format can be found in: https://github.com/harfbuzz/boring-expansion-spec/blob/glyf1/glyf1.md A test variable-font with ~7160 Hangul syllables derived from the NotoSerifKR-VF font has been built, with existing OpenType technology, as well as with the new Variable Composites (VarComposites) technology. The VarComposites font is over 90% smaller than the OpenType version of the font! Both fonts can be obtained from the “smarties” repository: https://github.com/behdad/smarties/tree/3.0/fonts/hangul/serif When building HarfBuzz with experimental features enabled, you can test the “smarties” font with a sample character like this: $ hb-view butchered-hangul-serif-smarties-variable.ttf -u AE01 --variations=wght=700
- The HarfBuzz subsetter can now drop axes by pinning them to specific values (also referred to as instancing). There are a couple of restrictions currently:
- Only works with TrueType (“glyf”) based fonts. “CFF2” fonts are not yet supported.
- Only supports the case where all axes in a font are pinned.
- Miscellaneous fixes and improvements.
- New API
Overview of changes leading to 5.3.0
- Subsetter repacker fixes. (Garret Rieger)
- Adjust Grapheme clusters for Katakana voiced sound marks. (Behdad Esfahbod)
- New “hb-subset” option “--preprocess-face”. (Garret Rieger)
+hb_ot_layout_lookup_get_optical_bound() +hb_face_builder_sort_tables() Overview of changes leading to 5.2.0
- Don’t add glyphs from dropped MATH or COLR tables to the subset glyphs. (Khaled Hosny)
- Map “rlig” to appropriate AAT feature selectors. (Jonathan Kew)
- Update USE data files to latest version. (David Corbett)
- Check “CBDT” extents first before outline tables, to help with fonts that also include an empty “glyf” table. (Khaled Hosny)
- More work towards variable font instancing in the subsetter. (Qunxin Liu)
- Subsetter repacker improvements. (Garret Rieger)
- New API:
+HB_SCRIPT_KAWI +HB_SCRIPT_NAG_MUNDARI Overview of changes leading to 5.1.0
- Fix regressions in hb-ft font functions for FT_Face’s with transformation matrix. (Behdad Esfahbod)
- The experimental hb-repacker API now supports splitting several GPOS subtable types when needed. (Garret Rieger)
- The HarfBuzz extensions to OpenType font format are now opt-in behind build-time flags. (Behdad Esfahbod)
- The experimental hb-subset variable fonts instantiation API can now instantiate more font tables and arbitrary axis locations. (Qunxin Liu)
- Unicode 15 support. (David Corbett)
- Various documentation improvements. (Behdad Esfahbod, Matthias Clasen)
- The hb-view command line tool now detects WezTerm inline images support. (Wez Furlong)
- Fix FreeType and ICU dependency lookup with meson. (Xavier Claessens)
- New API:
+HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL +HB_BUFFER_FLAG_PRODUCE_SAFE_TO_INSERT_TATWEEL Overview of changes leading to 5.0.1
- More extensive buffer tracing messages. (Behdad Esfahbod)
- Fix hb-ft regression in bitmap fonts rendering. (Behdad Esfahbod)
- Support extension promotion of lookups in hb-subset-repacker. (Garret Rieger)
- A new HB_GLYPH_FLAG_SAFE_TO_INSERT_TATWEEL for scripts that use elongation (e.g. Arabic) to signify where it is safe to insert tatweel glyph without interrupting shaping. (Behdad Esfahbod)
- Add “--safe-to-insert-tatweel” to “hb-shape” tool. (Behdad Esfahbod)
- New API
Overview of changes leading to 5.0.0
- Fix version 2 “avar” table with hb-ft. (Behdad Esfahbod)
+HB_SUBSET_SETS_LAYOUT_SCRIPT_TAG +hb_language_matches()
- Support fonts with more than 65535 glyphs in “GDEF”, “GSUB”, and “GPOS” tables. This is part of https://github.com/be-fonts/boring-expansion-spec to extend OpenType in a backward-compatible way. (Behdad Esfahbod, Garret Rieger)
- Complete support for more than 65535 glyphs in “glyf” table that started in 4.0.0 release. Part of boring-expansion-spec. (Behdad Esfahbod)
- Support version 2 of “avar” table. Part of boring-expansion-spec. (Behdad Esfahbod)
- Fix mark attachment on multiple substitutions in some cases. (Behdad Esfahbod)
- Fix application of “calt”, “rclt”, and “ccmp” features to better match Uniscribe behaviour with some Arabic fonts. (Behdad Esfahbod)
- Improvement to interaction between multiple cursive attachments. (Behdad Esfahbod)
- Improve multiple mark interactions in Hebrew. (Behdad Esfahbod)
- Implement language-specific forms in AAT shaping. (Behdad Esfahbod)
- Fix variation of “VORG” table. (Behdad Esfahbod)
- Support for specific script tags to be retained in the subsetter, and add “--layout-scripts” option to “hb-subset” tool. (Garret Rieger)
- Accept space as delimiter for --features/--variations in command line tools.
- Improve subsetting of “COLR” table. (Qunxin Liu)
- Improved fuzzing coverage for ot-math API. (Frédéric Wang)
- Fix “kern” table version 2 (AAT) sanitization on 32-bit systems. (Behdad Esfahbod)
- Allow negative glyph advances from “graphite2” shaper. (Stephan Bergmann)
- Implement loading (color) bitmap fonts with hb-ft. (Behdad Esfahbod)
- Fix regression in hb-ft when changing font size. (Behdad Esfahbod)
- Fix build on GCC < 7. (Kleis Auke Wolthuizen)
- Dynamically load dwrite.dll on windows if “directwrite” shaper is enabled. (Luca Bacci)
- Provide a single-file harfbuzz-subset.cc file for easier alternate building of hb-subset library, similar to harfbuzz.cc. (Khaled Hosny)
- New API
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/common/harfbuzz | 8 +++++--- lfs/harfbuzz | 6 +++--- 2 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/common/harfbuzz b/config/rootfiles/common/harfbuzz index bb4bb2ee9..7da247be0 100644 --- a/config/rootfiles/common/harfbuzz +++ b/config/rootfiles/common/harfbuzz @@ -41,11 +41,11 @@ #usr/lib/libharfbuzz-subset.la #usr/lib/libharfbuzz-subset.so usr/lib/libharfbuzz-subset.so.0 -usr/lib/libharfbuzz-subset.so.0.40401.0 +usr/lib/libharfbuzz-subset.so.0.60000.0 #usr/lib/libharfbuzz.la #usr/lib/libharfbuzz.so usr/lib/libharfbuzz.so.0 -usr/lib/libharfbuzz.so.0.40401.0 +usr/lib/libharfbuzz.so.0.60000.0 #usr/lib/pkgconfig/harfbuzz-subset.pc #usr/lib/pkgconfig/harfbuzz.pc #usr/share/gtk-doc/html/harfbuzz @@ -115,6 +115,9 @@ usr/lib/libharfbuzz.so.0.40401.0 #usr/share/gtk-doc/html/harfbuzz/api-index-4-2-0.html #usr/share/gtk-doc/html/harfbuzz/api-index-4-3-0.html #usr/share/gtk-doc/html/harfbuzz/api-index-4-4-0.html +#usr/share/gtk-doc/html/harfbuzz/api-index-5-0-0.html +#usr/share/gtk-doc/html/harfbuzz/api-index-5-3-0.html +#usr/share/gtk-doc/html/harfbuzz/api-index-6-0-0.html #usr/share/gtk-doc/html/harfbuzz/api-index-full.html #usr/share/gtk-doc/html/harfbuzz/apple-advanced-typography-api.html #usr/share/gtk-doc/html/harfbuzz/buffers-language-script-and-direction.html @@ -213,4 +216,3 @@ usr/lib/libharfbuzz.so.0.40401.0 #usr/share/gtk-doc/html/harfbuzz/why-do-i-need-a-shaping-engine.html #usr/share/gtk-doc/html/harfbuzz/why-is-it-called-harfbuzz.html #usr/share/gtk-doc/html/harfbuzz/working-with-harfbuzz-clusters.html
diff --git a/lfs/harfbuzz b/lfs/harfbuzz index 558c794de..c547b203c 100644 --- a/lfs/harfbuzz +++ b/lfs/harfbuzz @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 4.4.1 +VER = 6.0.0
THISAPP = harfbuzz-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = a1c87e48228312b24bfa41a323fb4a4f6e2cb125c4a86df2a536a8c09f9e76bbaf18cb9b8b46452b949a9c01e31756925187c8c619fb9fb11f8ae29f36a250f0 +$(DL_FILE)_BLAKE2 = bb08f90cf9540a076ec2fe5498658a0e5f963537ebd98fce271af9070d0fc7178346bf56c600720d433c9e3a403f67ec3ac898abeb1da12697ad22980ecf5204
install : $(TARGET)
- Update from version 2.64 to 2.66 - Update of rootfile - Changelog Release notes for 2.66 Fix documentation typos in cap_from_text.3 (Bug: 216514 reported by Paulo Andrade.) Some getpcaps code clean up and a fix for PID argument parsing from Jakub Wilk. Slightly more robust Makefiles to address an error with make -j48 test observed by Tomasz Kłoczko. Include a simple Go program, captrace, to trace kernel capability validation checks This program can be used to figure out what capabilities a program needs to operate. captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for capability checks and whether or not they succeed for the system, a specific PID or a program's direct execution. Trim down the default file capabilities for contrib/sucap/su to those actually needed and set USER and HOME environment variables so bash doesn't complain about a sourcing error. Release notes for 2.65 Fix syntax error in DEBUG build of protected code in setcap.c. (Bug reported by yixiangzhike.) Prevent bash from reading the wrong startup files when the capsh --user=xxx argument is used to invoke a shell as the user xxx. This is done by capsh now changing the USER and HOME environment variables when --user is specified. The argument --noenv can be used to suppress this behavior to what used to be the problematic default. (Bug: 215926) Improved documentation: Man page info for cap_get_pid() and cap_reset_ambient(). (Bug reports from nomonemo and Tinkerer One.) Improve documentation and help for the captree program. Updated go/Makefile comment about an unfixed Go runtime bug in go1.16 and go1.17 (resolved in go1.18+), and the deadlock behavior of the psx-fd test. Refresh the signatures on the two GPG keys morgan@ uses. The 4096 bit one is preferred, but the older one is also used for continuity reasons. This set of signatures should also be available from the various key servers out there.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/libcap | 4 ++-- lfs/libcap | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/common/libcap b/config/rootfiles/common/libcap index 1e104acf6..f0518d6aa 100644 --- a/config/rootfiles/common/libcap +++ b/config/rootfiles/common/libcap @@ -1,8 +1,8 @@ lib/libcap.so.2 -lib/libcap.so.2.64 +lib/libcap.so.2.66 #lib/libpsx.so #lib/libpsx.so.2 -lib/libpsx.so.2.64 +lib/libpsx.so.2.66 #lib/pkgconfig/libcap.pc #lib/pkgconfig/libpsx.pc lib/security/pam_cap.so diff --git a/lfs/libcap b/lfs/libcap index 21facbe01..f81b13c99 100644 --- a/lfs/libcap +++ b/lfs/libcap @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2021 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.64 +VER = 2.66
THISAPP = libcap-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 078ce2505a79c1bd4ca0a8eaf3444178bc19a566f0505d28c6959f86fbbac2fe2fc88c06fd0d988087a6e20e8ec66a2633146cea957f0f3fd92eaff4f81d7c66 +$(DL_FILE)_BLAKE2 = e79bf10c6a3dbffe96dc97aad0bed67caa0b3805d9dcaff1e4a8a833396ee5c6da4f7f0d321b254e99a00073bc39021b9f3a4b350d93094d0df4d74889b3ca56
install : $(TARGET)
@@ -75,7 +75,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && make GOLANG=no cd $(DIR_APP) && make install GOLANG=no rm -vf /lib/libcap.so - ln -svf /lib/libcap.so.2.64 /usr/lib/libcap.so + ln -svf /lib/libcap.so.2.66 /usr/lib/libcap.so chmod +x /lib/libcap.so.* @rm -rf $(DIR_APP) @$(POSTBUILD)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 2.64 to 2.66
- Update of rootfile
- Changelog Release notes for 2.66 Fix documentation typos in cap_from_text.3 (Bug: 216514 reported by Paulo Andrade.) Some getpcaps code clean up and a fix for PID argument parsing from Jakub Wilk. Slightly more robust Makefiles to address an error with make -j48 test observed by Tomasz Kłoczko. Include a simple Go program, captrace, to trace kernel capability validation checks This program can be used to figure out what capabilities a program needs to operate. captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for capability checks and whether or not they succeed for the system, a specific PID or a program's direct execution. Trim down the default file capabilities for contrib/sucap/su to those actually needed and set USER and HOME environment variables so bash doesn't complain about a sourcing error. Release notes for 2.65 Fix syntax error in DEBUG build of protected code in setcap.c. (Bug reported by yixiangzhike.) Prevent bash from reading the wrong startup files when the capsh --user=xxx argument is used to invoke a shell as the user xxx. This is done by capsh now changing the USER and HOME environment variables when --user is specified. The argument --noenv can be used to suppress this behavior to what used to be the problematic default. (Bug: 215926) Improved documentation: Man page info for cap_get_pid() and cap_reset_ambient(). (Bug reports from nomonemo and Tinkerer One.) Improve documentation and help for the captree program. Updated go/Makefile comment about an unfixed Go runtime bug in go1.16 and go1.17 (resolved in go1.18+), and the deadlock behavior of the psx-fd test. Refresh the signatures on the two GPG keys morgan@ uses. The 4096 bit one is preferred, but the older one is also used for continuity reasons. This set of signatures should also be available from the various key servers out there.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/common/libcap | 4 ++-- lfs/libcap | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/common/libcap b/config/rootfiles/common/libcap index 1e104acf6..f0518d6aa 100644 --- a/config/rootfiles/common/libcap +++ b/config/rootfiles/common/libcap @@ -1,8 +1,8 @@ lib/libcap.so.2 -lib/libcap.so.2.64 +lib/libcap.so.2.66 #lib/libpsx.so #lib/libpsx.so.2 -lib/libpsx.so.2.64 +lib/libpsx.so.2.66 #lib/pkgconfig/libcap.pc #lib/pkgconfig/libpsx.pc lib/security/pam_cap.so diff --git a/lfs/libcap b/lfs/libcap index 21facbe01..f81b13c99 100644 --- a/lfs/libcap +++ b/lfs/libcap @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2021 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.64 +VER = 2.66
THISAPP = libcap-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 078ce2505a79c1bd4ca0a8eaf3444178bc19a566f0505d28c6959f86fbbac2fe2fc88c06fd0d988087a6e20e8ec66a2633146cea957f0f3fd92eaff4f81d7c66 +$(DL_FILE)_BLAKE2 = e79bf10c6a3dbffe96dc97aad0bed67caa0b3805d9dcaff1e4a8a833396ee5c6da4f7f0d321b254e99a00073bc39021b9f3a4b350d93094d0df4d74889b3ca56
install : $(TARGET)
@@ -75,7 +75,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && make GOLANG=no cd $(DIR_APP) && make install GOLANG=no rm -vf /lib/libcap.so
- ln -svf /lib/libcap.so.2.64 /usr/lib/libcap.so
- ln -svf /lib/libcap.so.2.66 /usr/lib/libcap.so chmod +x /lib/libcap.so.* @rm -rf $(DIR_APP) @$(POSTBUILD)
- Update from version 0.3.5 to 0.4.0 - Update of rootfile not required - Update of patch in line with libcdada version - Changelog v0.4.0 (12th March 2022) Add `cdada_map_insert_replace()`
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/libcdada | 10 +++++----- ...-0.3.5-Werror.patch => libcdada-0.4.0-Werror.patch} | 0 2 files changed, 5 insertions(+), 5 deletions(-) rename src/patches/{libcdada-0.3.5-Werror.patch => libcdada-0.4.0-Werror.patch} (100%)
diff --git a/lfs/libcdada b/lfs/libcdada index 71f0bbf34..0095cc35f 100644 --- a/lfs/libcdada +++ b/lfs/libcdada @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2019 IPFire Team info@ipfire.org # +# Copyright (C) 2019-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,7 +26,7 @@ include Config
SUMMARY = Basic data structures in C (libstdc++ wrapper)
-VER = 0.3.5 +VER = 0.4.0
THISAPP = libcdada-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = libcdada -PAK_VER = 2 +PAK_VER = 3
DEPS = @@ -49,7 +49,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 55280e28d2fa6235ac95020b07853748a4551f1c1c2e65b12585064c4fa952dd310b54d5f95f986cea12018d452e1fb086d8bc3c944b169d5aeb280b78f25007 +$(DL_FILE)_BLAKE2 = 26e24fa513ab4a290a7632b4f56c102dc45cd9d34d4a7b7464f58aaee596b5ac3c8172080144d3f3c5cbcf5790f29e74b020f11cea943223e5933c2a7db66f8b
install : $(TARGET)
@@ -82,7 +82,7 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/libcdada-0.3.5-Werror.patch + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/libcdada-0.4.0-Werror.patch cd $(DIR_APP) && ./autogen.sh cd $(DIR_APP) && autoupdate cd $(DIR_APP)/build && ../configure \ diff --git a/src/patches/libcdada-0.3.5-Werror.patch b/src/patches/libcdada-0.4.0-Werror.patch similarity index 100% rename from src/patches/libcdada-0.3.5-Werror.patch rename to src/patches/libcdada-0.4.0-Werror.patch
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 0.3.5 to 0.4.0
- Update of rootfile not required
- Update of patch in line with libcdada version
- Changelog v0.4.0 (12th March 2022) Add `cdada_map_insert_replace()`
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
lfs/libcdada | 10 +++++----- ...-0.3.5-Werror.patch => libcdada-0.4.0-Werror.patch} | 0 2 files changed, 5 insertions(+), 5 deletions(-) rename src/patches/{libcdada-0.3.5-Werror.patch => libcdada-0.4.0-Werror.patch} (100%)
diff --git a/lfs/libcdada b/lfs/libcdada index 71f0bbf34..0095cc35f 100644 --- a/lfs/libcdada +++ b/lfs/libcdada @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2019 IPFire Team info@ipfire.org # +# Copyright (C) 2019-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,7 +26,7 @@ include Config
SUMMARY = Basic data structures in C (libstdc++ wrapper)
-VER = 0.3.5 +VER = 0.4.0
THISAPP = libcdada-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = libcdada -PAK_VER = 2 +PAK_VER = 3
DEPS = @@ -49,7 +49,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 55280e28d2fa6235ac95020b07853748a4551f1c1c2e65b12585064c4fa952dd310b54d5f95f986cea12018d452e1fb086d8bc3c944b169d5aeb280b78f25007 +$(DL_FILE)_BLAKE2 = 26e24fa513ab4a290a7632b4f56c102dc45cd9d34d4a7b7464f58aaee596b5ac3c8172080144d3f3c5cbcf5790f29e74b020f11cea943223e5933c2a7db66f8b
install : $(TARGET)
@@ -82,7 +82,7 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/libcdada-0.3.5-Werror.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/libcdada-0.4.0-Werror.patch cd $(DIR_APP) && ./autogen.sh cd $(DIR_APP) && autoupdate cd $(DIR_APP)/build && ../configure \
diff --git a/src/patches/libcdada-0.3.5-Werror.patch b/src/patches/libcdada-0.4.0-Werror.patch similarity index 100% rename from src/patches/libcdada-0.3.5-Werror.patch rename to src/patches/libcdada-0.4.0-Werror.patch
- Update from version 1.7.2 to 1.7.3 - Update of rootfile - Changelog version 1.7.3 ------ 2021-06-19 Mark Lindner markl@avalon * lib/libconfig.c - Fixed double-free of config->filenames; fixed implementation of config_setting_lookup() to correctly return NULL instead of the passed-in setting if the specified path was not found * configure.ac, lib/Makefile.am - bump version numbers 2021-04-28 Mark Lindner markl@avalon * lib/CMakeLists.txt - misc. fixes 2021-04-22 Mark Lindner markl@avalon * Makefile.am, configure.ac - Added --disable-tests configure option 2021-01-09 Mark Lindner markl@avalon * lib/CMakeLists.txt - misc. fixes 2020-11-12 Mark Lindner markl@avalon * contrib/ls-config/README.md - typo corrections 2020-10-03 Mark Lindner markl@avalon * *.vcxproj, *.sln - Updated for building x64 configuration. 2020-07-02 Mark Lindner markl@avalon * lib/libconfig.h++, doc/libconfig.texi - added isString() convenience method 2019-12-18 Mark Lindner markl@avalon * lib/libconfig.c, lib/libconfig.h, lib/libconfig.h++, tests/testdata/override_setting.cfg, tests/tests.c, doc/libconfig.texi - Added new ALLOW_OVERRIDES option. 2019-12-17 Mark Lindner markl@avalon * CMakeLists.txt, tests/CMakeList.txt - various fixes * lib/libconfig.c, lib/scanctx.c, lib/scanner.h, lib/scanner.l, lib/strvec.c, lib/strvec.h, lib/util.c, lib/util.h - prefix more internal functions with 'libconfig_' * lib/scanner.c, lib/scanner.h - regenerated 2019-12-14 Mark Lindner markl@avalon * lib/grammar.y, lib/scanner.l, lib/libconfig.c, lib/parsectx.h, lib/scanctx.h, lib/scanctx.c, lib/strbuf.c, lib/strbuf.h, lib/strvec.c, lib/strvec.h - prefix all internal functions with 'libconfig_' * lib/grammar.c, lib/grammar.h, lib/scanner.c, lib/scanner.h - regenerated * lib/wincompat.h - Fix #define for snprintf for Visual Studio 2013 * lib/libconfig.h++, lib/libconfigcpp.c++ - Use noexcept in C++17
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/libconfig | 4 ++-- lfs/libconfig | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/common/libconfig b/config/rootfiles/common/libconfig index 633e1baf9..6c1e245ca 100644 --- a/config/rootfiles/common/libconfig +++ b/config/rootfiles/common/libconfig @@ -9,12 +9,12 @@ #usr/lib/libconfig++.la #usr/lib/libconfig++.so usr/lib/libconfig++.so.11 -usr/lib/libconfig++.so.11.0.2 +usr/lib/libconfig++.so.11.1.0 #usr/lib/libconfig.a #usr/lib/libconfig.la #usr/lib/libconfig.so usr/lib/libconfig.so.11 -usr/lib/libconfig.so.11.0.2 +usr/lib/libconfig.so.11.1.0 #usr/lib/pkgconfig/libconfig++.pc #usr/lib/pkgconfig/libconfig.pc #usr/share/info/libconfig.info diff --git a/lfs/libconfig b/lfs/libconfig index 58dbd8bff..4a34a878e 100644 --- a/lfs/libconfig +++ b/lfs/libconfig @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.7.2 +VER = 1.7.3
THISAPP = libconfig-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 1b8bc54857feff506d5cd62312a35f0f8a123380567881bdb8241f2232c5281399e4283687a3254b8f43a92b8f7d5ff3f72ec4fd875bf1b9d5d6c7703014cc3c +$(DL_FILE)_BLAKE2 = 05d43022a937ed5ba35120170eca506051310cd7386b0a6a6c2f30186a079a02803c3d7ecb8dd49b50b5a706b282704605c250a306ada76b5241788eb1c575e6
install : $(TARGET)
- Update from version 0.6.22 to 0.6.24 - Update of rootfile not required - source file no longer provided in xz format - changed to bz2 - Changelog (Two CVE's fixed in 0.6.23) libexif-0.6.24 (2021-11-25): * Translation updates: sr, vi, pl, uk, french * fixed regression in exif_data_load_data which could not load EXIF in JPEG data anymore * Decode lots of Canon tag names * removed empty strings from translation (empty string would translate to the PO info header) * various warning removals and code improvements * added sample "persistent" afl fuzzer (100x faster than normal afl fuzzer) libexif-0.6.23 (2021-09-12): * Translation updates: es, pl, uk, fr * EXIF_TAG_SENSITIVITY_TYPE decoder added, added some more Exif 2.3 tags: - EXIF_TAG_STANDARD_OUTPUT_SENSITIVITY - EXIF_TAG_RECOMMENDED_EXPOSURE_INDEX - EXIF_TAG_ISO_SPEED - EXIF_TAG_ISO_SPEEDLatitudeYYY - EXIF_TAG_ISO_SPEEDLatitudeZZZ - EXIF_TAG_OFFSET_TIME - EXIF_TAG_OFFSET_TIME_ORIGINAL - EXIF_TAG_OFFSET_TIME_DIGITIZED - EXIF_TAG_IMAGE_DEPTH * be more relaxed to out of order JPG / EXIF dataheaders in files generated by some tools * default GPS IFD table added * Decode more Nikon Makernote tag names * Added Apple iOS Makernote * Security fixes: * CVE-2020-0198: unsigned integer overflow in exif_data_load_data_content * CVE-2020-0452: compiler optimization could remove an a bufferoverflow check, making a buffer overflow possible with some EXIF tags * some more denial of service (compute time or stack exhaustion) counter-measures added that avoid minutes of decoding time with malformed files found by OSS-Fuzz
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/libexif | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/lfs/libexif b/lfs/libexif index c23dfd573..c89232b1c 100644 --- a/lfs/libexif +++ b/lfs/libexif @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,15 +26,15 @@ include Config
SUMMARY = An EXIF Tag Parsing Library for Digital Cameras
-VER = 0.6.22 +VER = 0.6.24
THISAPP = libexif-$(VER) -DL_FILE = $(THISAPP).tar.xz +DL_FILE = $(THISAPP).tar.bz2 DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = libexif -PAK_VER = 2 +PAK_VER = 3
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 3771dcf2d6a9d9a63e2d3fcdd49487bec7af45d1d18aef1bf3d427893b0cfc464fab37adfbfa549571a58540c7c1eb402724afe05c36baa51a6b7f19ee17ed2b +$(DL_FILE)_BLAKE2 = 75d3a2b4fefd7b7706226e70d31250ef7e99eeb81a4839ddc36cc9e3180534542d8a02851f8e6fd5034bbc925a616ead8c4bfb0cce8bc5886c3ec54811914a6b
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 0.6.22 to 0.6.24
- Update of rootfile not required
- source file no longer provided in xz format - changed to bz2
- Changelog (Two CVE's fixed in 0.6.23) libexif-0.6.24 (2021-11-25): * Translation updates: sr, vi, pl, uk, french * fixed regression in exif_data_load_data which could not load EXIF in JPEG data anymore * Decode lots of Canon tag names * removed empty strings from translation (empty string would translate to the PO info header) * various warning removals and code improvements * added sample "persistent" afl fuzzer (100x faster than normal afl fuzzer) libexif-0.6.23 (2021-09-12):
- Translation updates: es, pl, uk, fr
- EXIF_TAG_SENSITIVITY_TYPE decoder added, added some more Exif 2.3 tags:
- EXIF_TAG_STANDARD_OUTPUT_SENSITIVITY
- EXIF_TAG_RECOMMENDED_EXPOSURE_INDEX
- EXIF_TAG_ISO_SPEED
- EXIF_TAG_ISO_SPEEDLatitudeYYY
- EXIF_TAG_ISO_SPEEDLatitudeZZZ
- EXIF_TAG_OFFSET_TIME
- EXIF_TAG_OFFSET_TIME_ORIGINAL
- EXIF_TAG_OFFSET_TIME_DIGITIZED
- EXIF_TAG_IMAGE_DEPTH
- be more relaxed to out of order JPG / EXIF dataheaders in files generated by some tools
- default GPS IFD table added
- Decode more Nikon Makernote tag names
- Added Apple iOS Makernote
- Security fixes:
- CVE-2020-0198: unsigned integer overflow in exif_data_load_data_content
- CVE-2020-0452: compiler optimization could remove an a bufferoverflow check, making a buffer overflow possible with some EXIF tags
- some more denial of service (compute time or stack exhaustion) counter-measures added that avoid minutes of decoding time with malformed files found by OSS-Fuzz
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
lfs/libexif | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/lfs/libexif b/lfs/libexif index c23dfd573..c89232b1c 100644 --- a/lfs/libexif +++ b/lfs/libexif @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,15 +26,15 @@ include Config
SUMMARY = An EXIF Tag Parsing Library for Digital Cameras
-VER = 0.6.22 +VER = 0.6.24
THISAPP = libexif-$(VER) -DL_FILE = $(THISAPP).tar.xz +DL_FILE = $(THISAPP).tar.bz2 DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = libexif -PAK_VER = 2 +PAK_VER = 3
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 3771dcf2d6a9d9a63e2d3fcdd49487bec7af45d1d18aef1bf3d427893b0cfc464fab37adfbfa549571a58540c7c1eb402724afe05c36baa51a6b7f19ee17ed2b +$(DL_FILE)_BLAKE2 = 75d3a2b4fefd7b7706226e70d31250ef7e99eeb81a4839ddc36cc9e3180534542d8a02851f8e6fd5034bbc925a616ead8c4bfb0cce8bc5886c3ec54811914a6b
install : $(TARGET)
- Update from version 3.4.2 to 3.4.4 - Update of rootfile - Changelog 3.4.4 Oct-23-2022 Important aarch64 fixes, including support for linux builds with Link Time Optimization (-flto). Fix x86 stdcall stack alignment. Fix x86 Windows msvc assembler compatibility. Fix moxie and or1k small structure args. 3.4.3 Sep-19-22 All struct args are passed by value, regardless of size, as per ABIs. Enable static trampolines for Cygwin. Add support for Loongson's LoongArch64 architecture. Fix x32 static trampolines. Fix 32-bit x86 stdcall stack corruption. Fix ILP32 aarch64 support.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/libffi | 2 +- lfs/libffi | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/common/libffi b/config/rootfiles/common/libffi index 7b5ed1248..02c161e54 100644 --- a/config/rootfiles/common/libffi +++ b/config/rootfiles/common/libffi @@ -4,7 +4,7 @@ #usr/lib/libffi.la #usr/lib/libffi.so usr/lib/libffi.so.8 -usr/lib/libffi.so.8.1.0 +usr/lib/libffi.so.8.1.2 #usr/lib/pkgconfig/libffi.pc #usr/share/info/libffi.info #usr/share/man/man3/ffi.3 diff --git a/lfs/libffi b/lfs/libffi index f34ce36ae..bfd02b57f 100644 --- a/lfs/libffi +++ b/lfs/libffi @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 3.4.2 +VER = 3.4.4
THISAPP = libffi-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = a8137bc895b819f949fd7705e405be627219c6d1fdef280253330f7407d4a548bb057d7bb0e9225d1767d42f9bf5f0ab3c455db1c3470d7cc876bb7b7d55d308 +$(DL_FILE)_BLAKE2 = 189fe1ffe9507f204581b0ab09995dc7e7b761bb4eac7e338e9f5ff81431aebcef6c182c1839c9f9acb2706697a260c67e6d1351cf7e2aed7c4eb5d694f6f8fd
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 3.4.2 to 3.4.4
- Update of rootfile
- Changelog 3.4.4 Oct-23-2022 Important aarch64 fixes, including support for linux builds with Link Time Optimization (-flto). Fix x86 stdcall stack alignment. Fix x86 Windows msvc assembler compatibility. Fix moxie and or1k small structure args. 3.4.3 Sep-19-22 All struct args are passed by value, regardless of size, as per ABIs. Enable static trampolines for Cygwin. Add support for Loongson's LoongArch64 architecture. Fix x32 static trampolines. Fix 32-bit x86 stdcall stack corruption. Fix ILP32 aarch64 support.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/common/libffi | 2 +- lfs/libffi | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/common/libffi b/config/rootfiles/common/libffi index 7b5ed1248..02c161e54 100644 --- a/config/rootfiles/common/libffi +++ b/config/rootfiles/common/libffi @@ -4,7 +4,7 @@ #usr/lib/libffi.la #usr/lib/libffi.so usr/lib/libffi.so.8 -usr/lib/libffi.so.8.1.0 +usr/lib/libffi.so.8.1.2 #usr/lib/pkgconfig/libffi.pc #usr/share/info/libffi.info #usr/share/man/man3/ffi.3 diff --git a/lfs/libffi b/lfs/libffi index f34ce36ae..bfd02b57f 100644 --- a/lfs/libffi +++ b/lfs/libffi @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 3.4.2 +VER = 3.4.4
THISAPP = libffi-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = a8137bc895b819f949fd7705e405be627219c6d1fdef280253330f7407d4a548bb057d7bb0e9225d1767d42f9bf5f0ab3c455db1c3470d7cc876bb7b7d55d308 +$(DL_FILE)_BLAKE2 = 189fe1ffe9507f204581b0ab09995dc7e7b761bb4eac7e338e9f5ff81431aebcef6c182c1839c9f9acb2706697a260c67e6d1351cf7e2aed7c4eb5d694f6f8fd
install : $(TARGET)
- Update from version 1.44 to 1.46 - Update of rootfile - Changelog Noteworthy changes in version 1.46 (2022-10-07) [C33/A33/R1] * Support for bidirectional pipes under Windows. [T6112] * REG_DWORD types are now support in the Windows Registry. [rE745d333cf7] * Added ES_SYSHD_SOCK support for gpgrt_sysopen under Windows. [rE018ea46a30] * Fixed gpgrt_log_get_fd for the file case. [T5922] * Avoids header problem with C11 and "noreturn". [T4002] * The gpg-error-config command is not installed by default, because it is now replaced by use of pkg-config/gpgrt-config with gpg-error.pc. Supply --enable-install-gpg-error-config configure option, if it's really needed. * Fixed support of posix-lock for FreeBSD. [rE6e17e70bb7] * Build fixes for some Mingw tool chain versions. [T5890, T4656] * Removed remaining support for WindowsCE. [T5912] * Updated config.guess, config.sub, and config.rpath. [T6078] * gpg-error-config is now only installed when enabled. [T5683] * System paths are now stripped from --cflags --and --libs. [T6136] Release-info: https://dev.gnupg.org/T5923 Noteworthy changes in version 1.45 (2022-04-07) [C33/A33/R0] * Support the "sysopen" mode parameter for gpgrt_fopen so that file names longer than MAX_PATH can be supported under Windows. * gpgrt_access and gpgrt_mkdir now support file names longer than MAX_PATH. * gpgrt_fopen now maps "/dev/null" to "nul" on Windows. * Published some internal helper functions for Windows. * Interface changes relative to the 1.42 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgrt_free_wchar NEW. gpgrt_fname_to_wchar NEW. gpgrt_utf8_to_wchar NEW. gpgrt_wchar_to_utf8 NEW. Release-info: https://dev.gnupg.org/T5802
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/libgpg-error | 4 +--- lfs/libgpg-error | 6 +++--- 2 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/common/libgpg-error b/config/rootfiles/common/libgpg-error index 1587242d7..77a12be29 100644 --- a/config/rootfiles/common/libgpg-error +++ b/config/rootfiles/common/libgpg-error @@ -1,5 +1,4 @@ usr/bin/gpg-error -#usr/bin/gpg-error-config #usr/bin/gpgrt-config #usr/bin/yat2m #usr/include/gpg-error.h @@ -7,7 +6,7 @@ usr/bin/gpg-error #usr/lib/libgpg-error.la #usr/lib/libgpg-error.so usr/lib/libgpg-error.so.0 -usr/lib/libgpg-error.so.0.32.2 +usr/lib/libgpg-error.so.0.33.1 #usr/lib/pkgconfig/gpg-error.pc #usr/share/aclocal/gpg-error.m4 #usr/share/aclocal/gpgrt.m4 @@ -42,4 +41,3 @@ usr/lib/libgpg-error.so.0.32.2 #usr/share/locale/vi/LC_MESSAGES/libgpg-error.mo #usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo #usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo -#usr/share/man/man1/gpgrt-config.1 diff --git a/lfs/libgpg-error b/lfs/libgpg-error index f1d9afb96..fa7b63f42 100644 --- a/lfs/libgpg-error +++ b/lfs/libgpg-error @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.44 +VER = 1.46
THISAPP = libgpg-error-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = dc101769510bc9edff38048216a961df8b08373a0b6d04b13c882bbcb43c4d0e05ecfdfd7788c89b5799082f4d15386efac5eb1762a48ae1ab70b554d0bfbb36 +$(DL_FILE)_BLAKE2 = 6748c463256b7d0a05fe89a63c5f3abda1975d861c35821248664f2f09cd2273ef619d12408b6107a99519939ca7214f492e705c29f52f7bbdc422237281c1ca
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 1.44 to 1.46
- Update of rootfile
- Changelog Noteworthy changes in version 1.46 (2022-10-07) [C33/A33/R1]
Release-info: https://dev.gnupg.org/T5923 Noteworthy changes in version 1.45 (2022-04-07) [C33/A33/R0]
- Support for bidirectional pipes under Windows. [T6112]
- REG_DWORD types are now support in the Windows Registry. [rE745d333cf7]
- Added ES_SYSHD_SOCK support for gpgrt_sysopen under Windows. [rE018ea46a30]
- Fixed gpgrt_log_get_fd for the file case. [T5922]
- Avoids header problem with C11 and "noreturn". [T4002]
- The gpg-error-config command is not installed by default, because it is now replaced by use of pkg-config/gpgrt-config with gpg-error.pc. Supply --enable-install-gpg-error-config configure option, if it's really needed.
- Fixed support of posix-lock for FreeBSD. [rE6e17e70bb7]
- Build fixes for some Mingw tool chain versions. [T5890, T4656]
- Removed remaining support for WindowsCE. [T5912]
- Updated config.guess, config.sub, and config.rpath. [T6078]
- gpg-error-config is now only installed when enabled. [T5683]
- System paths are now stripped from --cflags --and --libs. [T6136]
- Support the "sysopen" mode parameter for gpgrt_fopen so that file names longer than MAX_PATH can be supported under Windows.
- gpgrt_access and gpgrt_mkdir now support file names longer than MAX_PATH.
- gpgrt_fopen now maps "/dev/null" to "nul" on Windows.
- Published some internal helper functions for Windows.
- Interface changes relative to the 1.42 release:
gpgrt_free_wchar NEW. gpgrt_fname_to_wchar NEW. gpgrt_utf8_to_wchar NEW. gpgrt_wchar_to_utf8 NEW. Release-info: https://dev.gnupg.org/T5802
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/common/libgpg-error | 4 +--- lfs/libgpg-error | 6 +++--- 2 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/config/rootfiles/common/libgpg-error b/config/rootfiles/common/libgpg-error index 1587242d7..77a12be29 100644 --- a/config/rootfiles/common/libgpg-error +++ b/config/rootfiles/common/libgpg-error @@ -1,5 +1,4 @@ usr/bin/gpg-error -#usr/bin/gpg-error-config #usr/bin/gpgrt-config #usr/bin/yat2m #usr/include/gpg-error.h @@ -7,7 +6,7 @@ usr/bin/gpg-error #usr/lib/libgpg-error.la #usr/lib/libgpg-error.so usr/lib/libgpg-error.so.0 -usr/lib/libgpg-error.so.0.32.2 +usr/lib/libgpg-error.so.0.33.1 #usr/lib/pkgconfig/gpg-error.pc #usr/share/aclocal/gpg-error.m4 #usr/share/aclocal/gpgrt.m4 @@ -42,4 +41,3 @@ usr/lib/libgpg-error.so.0.32.2 #usr/share/locale/vi/LC_MESSAGES/libgpg-error.mo #usr/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo #usr/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo -#usr/share/man/man1/gpgrt-config.1 diff --git a/lfs/libgpg-error b/lfs/libgpg-error index f1d9afb96..fa7b63f42 100644 --- a/lfs/libgpg-error +++ b/lfs/libgpg-error @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.44 +VER = 1.46
THISAPP = libgpg-error-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = dc101769510bc9edff38048216a961df8b08373a0b6d04b13c882bbcb43c4d0e05ecfdfd7788c89b5799082f4d15386efac5eb1762a48ae1ab70b554d0bfbb36 +$(DL_FILE)_BLAKE2 = 6748c463256b7d0a05fe89a63c5f3abda1975d861c35821248664f2f09cd2273ef619d12408b6107a99519939ca7214f492e705c29f52f7bbdc422237281c1ca
install : $(TARGET)
- Update from version 1.38 to 1.41 - Update of rootfile - Changelog * Noteworthy changes in release 1.41 (2022-06-25) [stable] ** Bump LT_REVISION for new release. It was mistakenly left at the same value since 1.38. ** Add version number related self-checks. * Noteworthy changes in release 1.40 (2022-06-20) [stable] ** lib: Bump STRINGPREP_VERSION to 1.40. It was mistakenly left at 1.38 in the 1.39 release. * Noteworthy changes in release 1.39 (2022-06-20) [stable] ** lib: Code detecting current locale broken since 1.36. The code always returned ASCII. The precise cause is complicated to track down but likely boils down to the new autotools/gettext bootstrapping sequence introduced in release 1.36. Reported by Богдан Пилипенко bogdan.pylypenko107@gmail.com. ** maint: Java JAR archive no longer included in source tarball. ** Minor fixes: typos, makefiles, indentation, gnulib update, etc.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/libidn | 2 +- lfs/libidn | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/common/libidn b/config/rootfiles/common/libidn index c959f6c65..e2e2cd96a 100644 --- a/config/rootfiles/common/libidn +++ b/config/rootfiles/common/libidn @@ -9,7 +9,7 @@ usr/bin/idn #usr/lib/libidn.la #usr/lib/libidn.so usr/lib/libidn.so.12 -usr/lib/libidn.so.12.6.3 +usr/lib/libidn.so.12.6.4 #usr/lib/pkgconfig/libidn.pc #usr/share/emacs #usr/share/emacs/site-lisp diff --git a/lfs/libidn b/lfs/libidn index 408d74976..4ce55a0a4 100644 --- a/lfs/libidn +++ b/lfs/libidn @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.38 +VER = 1.41
THISAPP = libidn-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 92059e87554338a3565ee4b517fa1ba7bd3e9d57d8be7d71aee377220f50b597e529469c6ddc7c9e7c25b9e83c76f652457256dd32249c3e1cd97df8867723a1 +$(DL_FILE)_BLAKE2 = 6c632c2010f024792fd55d3c8e6f68e81152fa7421a4f65b6835d0dfd788707727381270c57bf46c6e252777e07ead501fdabdc55961c5c1604e81c53be5ab2b
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 1.38 to 1.41
- Update of rootfile
- Changelog
** Bump LT_REVISION for new release. It was mistakenly left at the same value since 1.38. ** Add version number related self-checks.
- Noteworthy changes in release 1.41 (2022-06-25) [stable]
** lib: Bump STRINGPREP_VERSION to 1.40. It was mistakenly left at 1.38 in the 1.39 release.
- Noteworthy changes in release 1.40 (2022-06-20) [stable]
** lib: Code detecting current locale broken since 1.36. The code always returned ASCII. The precise cause is complicated to track down but likely boils down to the new autotools/gettext bootstrapping sequence introduced in release 1.36. Reported by Богдан Пилипенко bogdan.pylypenko107@gmail.com. ** maint: Java JAR archive no longer included in source tarball. ** Minor fixes: typos, makefiles, indentation, gnulib update, etc.
- Noteworthy changes in release 1.39 (2022-06-20) [stable]
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/common/libidn | 2 +- lfs/libidn | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/common/libidn b/config/rootfiles/common/libidn index c959f6c65..e2e2cd96a 100644 --- a/config/rootfiles/common/libidn +++ b/config/rootfiles/common/libidn @@ -9,7 +9,7 @@ usr/bin/idn #usr/lib/libidn.la #usr/lib/libidn.so usr/lib/libidn.so.12 -usr/lib/libidn.so.12.6.3 +usr/lib/libidn.so.12.6.4 #usr/lib/pkgconfig/libidn.pc #usr/share/emacs #usr/share/emacs/site-lisp diff --git a/lfs/libidn b/lfs/libidn index 408d74976..4ce55a0a4 100644 --- a/lfs/libidn +++ b/lfs/libidn @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.38 +VER = 1.41
THISAPP = libidn-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 92059e87554338a3565ee4b517fa1ba7bd3e9d57d8be7d71aee377220f50b597e529469c6ddc7c9e7c25b9e83c76f652457256dd32249c3e1cd97df8867723a1 +$(DL_FILE)_BLAKE2 = 6c632c2010f024792fd55d3c8e6f68e81152fa7421a4f65b6835d0dfd788707727381270c57bf46c6e252777e07ead501fdabdc55961c5c1604e81c53be5ab2b
install : $(TARGET)
- Update from version r55 to r56 - Update of rootfile not required - Changelog version 56 Fix redundant cast-to-int when INI_USE_STACK!=0 Make inline comments work on subsequent lines of multiline values
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/libinih | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lfs/libinih b/lfs/libinih index 0b4793d5d..6cd9d353a 100644 --- a/lfs/libinih +++ b/lfs/libinih @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,9 +24,9 @@
include Config
-VER = r55 +VER = 56
-THISAPP = inih-$(VER) +THISAPP = inih-r$(VER) DL_FILE = $(THISAPP).tar.gz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) @@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 28b5e04e54e31b3e0392b44799a2c2e75c1fe00527491a857480b7e960302f2438d29652b131dae5147487c863d93f577b67aeff3ab5f863546d3661628d8236 +$(DL_FILE)_BLAKE2 = 51935959a9eb4e393b17302f0932a232963883680f10d404c63d5f2ebbd3bf0b740f44edfa1b2541d0e130016eb853ebedf68a1c40797f658496e2a8c966af3d
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version r55 to r56
- Update of rootfile not required
- Changelog version 56 Fix redundant cast-to-int when INI_USE_STACK!=0 Make inline comments work on subsequent lines of multiline values
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
lfs/libinih | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lfs/libinih b/lfs/libinih index 0b4793d5d..6cd9d353a 100644 --- a/lfs/libinih +++ b/lfs/libinih @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,9 +24,9 @@
include Config
-VER = r55 +VER = 56
-THISAPP = inih-$(VER) +THISAPP = inih-r$(VER) DL_FILE = $(THISAPP).tar.gz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) @@ -42,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 28b5e04e54e31b3e0392b44799a2c2e75c1fe00527491a857480b7e960302f2438d29652b131dae5147487c863d93f577b67aeff3ab5f863546d3661628d8236 +$(DL_FILE)_BLAKE2 = 51935959a9eb4e393b17302f0932a232963883680f10d404c63d5f2ebbd3bf0b740f44edfa1b2541d0e130016eb853ebedf68a1c40797f658496e2a8c966af3d
install : $(TARGET)
- Update from version 2.0.4 to 2.1.4 - Update of rootfile - Changelog 2.1.4 ### Significant changes relative to 2.1.3 1. Fixed a regression introduced in 2.1.3 that caused build failures with Visual Studio 2010. 2. The `tjDecompressHeader3()` function in the TurboJPEG C API and the `TJDecompressor.setSourceImage()` method in the TurboJPEG Java API now accept "abbreviated table specification" (AKA "tables-only") datastreams, which can be used to prime the decompressor with quantization and Huffman tables that can be used when decompressing subsequent "abbreviated image" datastreams. 3. libjpeg-turbo now performs run-time detection of AltiVec instructions on OS X/PowerPC systems if AltiVec instructions are not enabled at compile time. This allows both AltiVec-equipped (PowerPC G4 and G5) and non-AltiVec-equipped (PowerPC G3) CPUs to be supported using the same build of libjpeg-turbo. 4. Fixed an error ("Bogus virtual array access") that occurred when attempting to decompress a progressive JPEG image with a height less than or equal to one iMCU (8 * the vertical sampling factor) using buffered-image mode with interblock smoothing enabled. This was a regression introduced by 2.1 beta1[6(b)]. 5. Fixed two issues that prevented partial image decompression from working properly with buffered-image mode: - Attempting to call `jpeg_crop_scanline()` after `jpeg_start_decompress()` but before `jpeg_start_output()` resulted in an error ("Improper call to JPEG library in state 207".) - Attempting to use `jpeg_skip_scanlines()` resulted in an error ("Bogus virtual array access") under certain circumstances. 2.1.3 ### Significant changes relative to 2.1.2 1. Fixed a regression introduced by 2.0 beta1[7] whereby cjpeg compressed PGM input files into full-color JPEG images unless the `-grayscale` option was used. 2. cjpeg now automatically compresses GIF and 8-bit BMP input files into grayscale JPEG images if the input files contain only shades of gray. 3. The build system now enables the intrinsics implementation of the AArch64 (Arm 64-bit) Neon SIMD extensions by default when using GCC 12 or later. 4. Fixed a segfault that occurred while decompressing a 4:2:0 JPEG image using the merged (non-fancy) upsampling algorithms (that is, with `cinfo.do_fancy_upsampling` set to `FALSE`) along with `jpeg_crop_scanline()`. Specifically, the segfault occurred if the number of bytes remaining in the output buffer was less than the number of bytes required to represent one uncropped scanline of the output image. For that reason, the issue could only be reproduced using the libjpeg API, not using djpeg. 2.1.2 ### Significant changes relative to 2.1.1 1. Fixed a regression introduced by 2.1 beta1[13] that caused the remaining GAS implementations of AArch64 (Arm 64-bit) Neon SIMD functions (which are used by default with GCC for performance reasons) to be placed in the `.rodata` section rather than in the `.text` section. This caused the GNU linker to automatically place the `.rodata` section in an executable segment, which prevented libjpeg-turbo from working properly with other linkers and also represented a potential security risk. 2. Fixed an issue whereby the `tjTransform()` function incorrectly computed the MCU block size for 4:4:4 JPEG images with non-unary sampling factors and thus unduly rejected some cropping regions, even though those regions aligned with 8x8 MCU block boundaries. 3. Fixed a regression introduced by 2.1 beta1[13] that caused the build system to enable the Arm Neon SIMD extensions when targetting Armv6 and other legacy architectures that do not support Neon instructions. 4. libjpeg-turbo now performs run-time detection of AltiVec instructions on FreeBSD/PowerPC systems if AltiVec instructions are not enabled at compile time. This allows both AltiVec-equipped and non-AltiVec-equipped CPUs to be supported using the same build of libjpeg-turbo. 5. cjpeg now accepts a `-strict` argument similar to that of djpeg and jpegtran, which causes the compressor to abort if an LZW-compressed GIF input image contains incomplete or corrupt image data. 2.1.1 ### Significant changes relative to 2.1.0 1. Fixed a regression introduced in 2.1.0 that caused build failures with non-GCC-compatible compilers for Un*x/Arm platforms. 2. Fixed a regression introduced by 2.1 beta1[13] that prevented the Arm 32-bit (AArch32) Neon SIMD extensions from building unless the C compiler flags included `-mfloat-abi=softfp` or `-mfloat-abi=hard`. 3. Fixed an issue in the AArch32 Neon SIMD Huffman encoder whereby reliance on undefined C compiler behavior led to crashes ("SIGBUS: illegal alignment") on Android systems when running AArch32/Thumb builds of libjpeg-turbo built with recent versions of Clang. 4. Added a command-line argument (`-copy icc`) to jpegtran that causes it to copy only the ICC profile markers from the source file and discard any other metadata. 5. libjpeg-turbo should now build and run on CHERI-enabled architectures, which use capability pointers that are larger than the size of `size_t`. 6. Fixed a regression (CVE-2021-37972) introduced by 2.1 beta1[5] that caused a segfault in the 64-bit SSE2 Huffman encoder when attempting to losslessly transform a specially-crafted malformed JPEG image. 2.1.0 ### Significant changes relative to 2.1 beta1 1. Fixed a regression introduced by 2.1 beta1[6(b)] whereby attempting to decompress certain progressive JPEG images with one or more component planes of width 8 or less caused a buffer overrun. 2. Fixed a regression introduced by 2.1 beta1[6(b)] whereby attempting to decompress a specially-crafted malformed progressive JPEG image caused the block smoothing algorithm to read from uninitialized memory. 3. Fixed an issue in the Arm Neon SIMD Huffman encoders that caused the encoders to generate incorrect results when using the Clang compiler with Visual Studio. 4. Fixed a floating point exception (CVE-2021-20205) that occurred when attempting to compress a specially-crafted malformed GIF image with a specified image width of 0 using cjpeg. 5. Fixed a regression introduced by 2.0 beta1[15] whereby attempting to generate a progressive JPEG image on an SSE2-capable CPU using a scan script containing one or more scans with lengths divisible by 32 and non-zero successive approximation low bit positions would, under certain circumstances, result in an error ("Missing Huffman code table entry") and an invalid JPEG image. 6. Introduced a new flag (`TJFLAG_LIMITSCANS` in the TurboJPEG C API and `TJ.FLAG_LIMIT_SCANS` in the TurboJPEG Java API) and a corresponding TJBench command-line argument (`-limitscans`) that causes the TurboJPEG decompression and transform functions/operations to return/throw an error if a progressive JPEG image contains an unreasonably large number of scans. This allows applications that use the TurboJPEG API to guard against an exploit of the progressive JPEG format described in the report ["Two Issues with the JPEG Standard"](https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard....). 7. The PPM reader now throws an error, rather than segfaulting (due to a buffer overrun) or generating incorrect pixels, if an application attempts to use the `tjLoadImage()` function to load a 16-bit binary PPM file (a binary PPM file with a maximum value greater than 255) into a grayscale image buffer or to load a 16-bit binary PGM file into an RGB image buffer. 8. Fixed an issue in the PPM reader that caused incorrect pixels to be generated when using the `tjLoadImage()` function to load a 16-bit binary PPM file into an extended RGB image buffer. 9. Fixed an issue whereby, if a JPEG buffer was automatically re-allocated by one of the TurboJPEG compression or transform functions and an error subsequently occurred during compression or transformation, the JPEG buffer pointer passed by the application was not updated when the function returned. 2.0.90 (2.1 beta1) ### Significant changes relative to 2.0.6: 1. The build system, x86-64 SIMD extensions, and accelerated Huffman codec now support the x32 ABI on Linux, which allows for using x86-64 instructions with 32-bit pointers. The x32 ABI is generally enabled by adding `-mx32` to the compiler flags. Caveats: - CMake 3.9.0 or later is required in order for the build system to automatically detect an x32 build. - Java does not support the x32 ABI, and thus the TurboJPEG Java API will automatically be disabled with x32 builds. 2. Added Loongson MMI SIMD implementations of the RGB-to-grayscale, 4:2:2 fancy chroma upsampling, 4:2:2 and 4:2:0 merged chroma upsampling/color conversion, and fast integer DCT/IDCT algorithms. Relative to libjpeg-turbo 2.0.x, this speeds up: - the compression of RGB source images into grayscale JPEG images by approximately 20% - the decompression of 4:2:2 JPEG images by approximately 40-60% when using fancy upsampling - the decompression of 4:2:2 and 4:2:0 JPEG images by approximately 15-20% when using merged upsampling - the compression of RGB source images by approximately 30-45% when using the fast integer DCT - the decompression of JPEG images into RGB destination images by approximately 2x when using the fast integer IDCT The overall decompression speedup for RGB images is now approximately 2.3-3.7x (compared to 2-3.5x with libjpeg-turbo 2.0.x.) 3. 32-bit (Armv7 or Armv7s) iOS builds of libjpeg-turbo are no longer supported, and the libjpeg-turbo build system can no longer be used to package such builds. 32-bit iOS apps cannot run in iOS 11 and later, and the App Store no longer allows them. 4. 32-bit (i386) OS X/macOS builds of libjpeg-turbo are no longer supported, and the libjpeg-turbo build system can no longer be used to package such builds. 32-bit Mac applications cannot run in macOS 10.15 "Catalina" and later, and the App Store no longer allows them. 5. The SSE2 (x86 SIMD) and C Huffman encoding algorithms have been significantly optimized, resulting in a measured average overall compression speedup of 12-28% for 64-bit code and 22-52% for 32-bit code on various Intel and AMD CPUs, as well as a measured average overall compression speedup of 0-23% on platforms that do not have a SIMD-accelerated Huffman encoding implementation. 6. The block smoothing algorithm that is applied by default when decompressing progressive Huffman-encoded JPEG images has been improved in the following ways: - The algorithm is now more fault-tolerant. Previously, if a particular scan was incomplete, then the smoothing parameters for the incomplete scan would be applied to the entire output image, including the parts of the image that were generated by the prior (complete) scan. Visually, this had the effect of removing block smoothing from lower-frequency scans if they were followed by an incomplete higher-frequency scan. libjpeg-turbo now applies block smoothing parameters to each iMCU row based on which scan generated the pixels in that row, rather than always using the block smoothing parameters for the most recent scan. - When applying block smoothing to DC scans, a Gaussian-like kernel with a 5x5 window is used to reduce the "blocky" appearance. 7. Added SIMD acceleration for progressive Huffman encoding on Arm platforms. This speeds up the compression of full-color progressive JPEGs by about 30-40% on average (relative to libjpeg-turbo 2.0.x) when using modern Arm CPUs. 8. Added configure-time and run-time auto-detection of Loongson MMI SIMD instructions, so that the Loongson MMI SIMD extensions can be included in any MIPS64 libjpeg-turbo build. 9. Added fault tolerance features to djpeg and jpegtran, mainly to demonstrate methods by which applications can guard against the exploits of the JPEG format described in the report ["Two Issues with the JPEG Standard"](https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard....). - Both programs now accept a `-maxscans` argument, which can be used to limit the number of allowable scans in the input file. - Both programs now accept a `-strict` argument, which can be used to treat all warnings as fatal. 10. CMake package config files are now included for both the libjpeg and TurboJPEG API libraries. This facilitates using libjpeg-turbo with CMake's `find_package()` function. For example: find_package(libjpeg-turbo CONFIG REQUIRED) add_executable(libjpeg_program libjpeg_program.c) target_link_libraries(libjpeg_program PUBLIC libjpeg-turbo::jpeg) add_executable(libjpeg_program_static libjpeg_program.c) target_link_libraries(libjpeg_program_static PUBLIC libjpeg-turbo::jpeg-static) add_executable(turbojpeg_program turbojpeg_program.c) target_link_libraries(turbojpeg_program PUBLIC libjpeg-turbo::turbojpeg) add_executable(turbojpeg_program_static turbojpeg_program.c) target_link_libraries(turbojpeg_program_static PUBLIC libjpeg-turbo::turbojpeg-static) 11. Since the Unisys LZW patent has long expired, cjpeg and djpeg can now read/write both LZW-compressed and uncompressed GIF files (feature ported from jpeg-6a and jpeg-9d.) 12. jpegtran now includes the `-wipe` and `-drop` options from jpeg-9a and jpeg-9d, as well as the ability to expand the image size using the `-crop` option. Refer to jpegtran.1 or usage.txt for more details. 13. Added a complete intrinsics implementation of the Arm Neon SIMD extensions, thus providing SIMD acceleration on Arm platforms for all of the algorithms that are SIMD-accelerated on x86 platforms. This new implementation is significantly faster in some cases than the old GAS implementation-- depending on the algorithms used, the type of CPU core, and the compiler. GCC, as of this writing, does not provide a full or optimal set of Neon intrinsics, so for performance reasons, the default when building libjpeg-turbo with GCC is to continue using the GAS implementation of the following algorithms: - 32-bit RGB-to-YCbCr color conversion - 32-bit fast and accurate inverse DCT - 64-bit RGB-to-YCbCr and YCbCr-to-RGB color conversion - 64-bit accurate forward and inverse DCT - 64-bit Huffman encoding A new CMake variable (`NEON_INTRINSICS`) can be used to override this default. Since the new intrinsics implementation includes SIMD acceleration for merged upsampling/color conversion, 1.5.1[5] is no longer necessary and has been reverted. 14. The Arm Neon SIMD extensions can now be built using Visual Studio. 15. The build system can now be used to generate a universal x86-64 + Armv8 libjpeg-turbo SDK package for both iOS and macOS. 2.0.6 ### Significant changes relative to 2.0.5: 1. Fixed "using JNI after critical get" errors that occurred on Android platforms when using any of the YUV encoding/compression/decompression/decoding methods in the TurboJPEG Java API. 2. Fixed or worked around multiple issues with `jpeg_skip_scanlines()`: - Fixed segfaults or "Corrupt JPEG data: premature end of data segment" errors in `jpeg_skip_scanlines()` that occurred when decompressing 4:2:2 or 4:2:0 JPEG images using merged (non-fancy) upsampling/color conversion (that is, when setting `cinfo.do_fancy_upsampling` to `FALSE`.) 2.0.0[6] was a similar fix, but it did not cover all cases. - `jpeg_skip_scanlines()` now throws an error if two-pass color quantization is enabled. Two-pass color quantization never worked properly with `jpeg_skip_scanlines()`, and the issues could not readily be fixed. - Fixed an issue whereby `jpeg_skip_scanlines()` always returned 0 when skipping past the end of an image. 3. The Arm 64-bit (Armv8) Neon SIMD extensions can now be built using MinGW toolchains targetting Arm64 (AArch64) Windows binaries. 4. Fixed unexpected visual artifacts that occurred when using `jpeg_crop_scanline()` and interblock smoothing while decompressing only the DC scan of a progressive JPEG image. 5. Fixed an issue whereby libjpeg-turbo would not build if 12-bit-per-component JPEG support (`WITH_12BIT`) was enabled along with libjpeg v7 or libjpeg v8 API/ABI emulation (`WITH_JPEG7` or `WITH_JPEG8`.) 2.0.5 ### Significant changes relative to 2.0.4: 1. Worked around issues in the MIPS DSPr2 SIMD extensions that caused failures in the libjpeg-turbo regression tests. Specifically, the `jsimd_h2v1_downsample_dspr2()` and `jsimd_h2v2_downsample_dspr2()` functions in the MIPS DSPr2 SIMD extensions are now disabled until/unless they can be fixed, and other functions that are incompatible with big endian MIPS CPUs are disabled when building libjpeg-turbo for such CPUs. 2. Fixed an oversight in the `TJCompressor.compress(int)` method in the TurboJPEG Java API that caused an error ("java.lang.IllegalStateException: No source image is associated with this instance") when attempting to use that method to compress a YUV image. 3. Fixed an issue (CVE-2020-13790) in the PPM reader that caused a buffer overrun in cjpeg, TJBench, or the `tjLoadImage()` function if one of the values in a binary PPM/PGM input file exceeded the maximum value defined in the file's header and that maximum value was less than 255. libjpeg-turbo 1.5.0 already included a similar fix for binary PPM/PGM files with maximum values greater than 255. 4. The TurboJPEG API library's global error handler, which is used in functions such as `tjBufSize()` and `tjLoadImage()` that do not require a TurboJPEG instance handle, is now thread-safe on platforms that support thread-local storage.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/libjpeg | 5 +++++ lfs/libjpeg | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/config/rootfiles/common/libjpeg b/config/rootfiles/common/libjpeg index eb74d2c50..74c101854 100644 --- a/config/rootfiles/common/libjpeg +++ b/config/rootfiles/common/libjpeg @@ -9,6 +9,11 @@ #usr/include/jmorecfg.h #usr/include/jpeglib.h #usr/include/turbojpeg.h +#usr/lib/cmake/libjpeg-turbo +#usr/lib/cmake/libjpeg-turbo/libjpeg-turboConfig.cmake +#usr/lib/cmake/libjpeg-turbo/libjpeg-turboConfigVersion.cmake +#usr/lib/cmake/libjpeg-turbo/libjpeg-turboTargets-release.cmake +#usr/lib/cmake/libjpeg-turbo/libjpeg-turboTargets.cmake #usr/lib/libjpeg.so usr/lib/libjpeg.so.8 usr/lib/libjpeg.so.8.2.2 diff --git a/lfs/libjpeg b/lfs/libjpeg index 6808640a4..b9c9d3cd8 100644 --- a/lfs/libjpeg +++ b/lfs/libjpeg @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.0.4 +VER = 2.1.4
THISAPP = libjpeg-turbo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 9be870a5bafaae279646941b848b69fdf7c95ec08a686b01674f473ef33fe5923a04ba8a2d57df84384530308ca46fc3880a404c0eff769129417a553faed3bb +$(DL_FILE)_BLAKE2 = 80ffd77d58a37eae0bdc1868d994f34ea52c13e2624c720b1d0b6ec4d6d14b16911163ccd4009c8d6eda214f31e1fff78bb7eb4739ae6589d0fd8c7008c0e972
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 2.0.4 to 2.1.4
- Update of rootfile
- Changelog 2.1.4 ### Significant changes relative to 2.1.3
Visual Studio 2010. 2. The `tjDecompressHeader3()` function in the TurboJPEG C API and the `TJDecompressor.setSourceImage()` method in the TurboJPEG Java API now accept "abbreviated table specification" (AKA "tables-only") datastreams, which can be used to prime the decompressor with quantization and Huffman tables that can be used when decompressing subsequent "abbreviated image" datastreams. 3. libjpeg-turbo now performs run-time detection of AltiVec instructions on OS X/PowerPC systems if AltiVec instructions are not enabled at compile time. This allows both AltiVec-equipped (PowerPC G4 and G5) and non-AltiVec-equipped (PowerPC G3) CPUs to be supported using the same build of libjpeg-turbo. 4. Fixed an error ("Bogus virtual array access") that occurred when attempting to decompress a progressive JPEG image with a height less than or equal to one iMCU (8 * the vertical sampling factor) using buffered-image mode with interblock smoothing enabled. This was a regression introduced by 2.1 beta1[6(b)]. 5. Fixed two issues that prevented partial image decompression from working properly with buffered-image mode: - Attempting to call `jpeg_crop_scanline()` after `jpeg_start_decompress()` but before `jpeg_start_output()` resulted in an error ("Improper call to JPEG library in state 207".) - Attempting to use `jpeg_skip_scanlines()` resulted in an error ("Bogus virtual array access") under certain circumstances. 2.1.3 ### Significant changes relative to 2.1.2
- Fixed a regression introduced in 2.1.3 that caused build failures with
input files into full-color JPEG images unless the `-grayscale` option was used. 2. cjpeg now automatically compresses GIF and 8-bit BMP input files into grayscale JPEG images if the input files contain only shades of gray. 3. The build system now enables the intrinsics implementation of the AArch64 (Arm 64-bit) Neon SIMD extensions by default when using GCC 12 or later. 4. Fixed a segfault that occurred while decompressing a 4:2:0 JPEG image using the merged (non-fancy) upsampling algorithms (that is, with `cinfo.do_fancy_upsampling` set to `FALSE`) along with `jpeg_crop_scanline()`. Specifically, the segfault occurred if the number of bytes remaining in the output buffer was less than the number of bytes required to represent one uncropped scanline of the output image. For that reason, the issue could only be reproduced using the libjpeg API, not using djpeg. 2.1.2 ### Significant changes relative to 2.1.1
- Fixed a regression introduced by 2.0 beta1[7] whereby cjpeg compressed PGM
GAS implementations of AArch64 (Arm 64-bit) Neon SIMD functions (which are used by default with GCC for performance reasons) to be placed in the `.rodata` section rather than in the `.text` section. This caused the GNU linker to automatically place the `.rodata` section in an executable segment, which prevented libjpeg-turbo from working properly with other linkers and also represented a potential security risk. 2. Fixed an issue whereby the `tjTransform()` function incorrectly computed the MCU block size for 4:4:4 JPEG images with non-unary sampling factors and thus unduly rejected some cropping regions, even though those regions aligned with 8x8 MCU block boundaries. 3. Fixed a regression introduced by 2.1 beta1[13] that caused the build system to enable the Arm Neon SIMD extensions when targetting Armv6 and other legacy architectures that do not support Neon instructions. 4. libjpeg-turbo now performs run-time detection of AltiVec instructions on FreeBSD/PowerPC systems if AltiVec instructions are not enabled at compile time. This allows both AltiVec-equipped and non-AltiVec-equipped CPUs to be supported using the same build of libjpeg-turbo. 5. cjpeg now accepts a `-strict` argument similar to that of djpeg and jpegtran, which causes the compressor to abort if an LZW-compressed GIF input image contains incomplete or corrupt image data. 2.1.1 ### Significant changes relative to 2.1.0
- Fixed a regression introduced by 2.1 beta1[13] that caused the remaining
non-GCC-compatible compilers for Un*x/Arm platforms. 2. Fixed a regression introduced by 2.1 beta1[13] that prevented the Arm 32-bit (AArch32) Neon SIMD extensions from building unless the C compiler flags included `-mfloat-abi=softfp` or `-mfloat-abi=hard`. 3. Fixed an issue in the AArch32 Neon SIMD Huffman encoder whereby reliance on undefined C compiler behavior led to crashes ("SIGBUS: illegal alignment") on Android systems when running AArch32/Thumb builds of libjpeg-turbo built with recent versions of Clang. 4. Added a command-line argument (`-copy icc`) to jpegtran that causes it to copy only the ICC profile markers from the source file and discard any other metadata. 5. libjpeg-turbo should now build and run on CHERI-enabled architectures, which use capability pointers that are larger than the size of `size_t`. 6. Fixed a regression (CVE-2021-37972) introduced by 2.1 beta1[5] that caused a segfault in the 64-bit SSE2 Huffman encoder when attempting to losslessly transform a specially-crafted malformed JPEG image. 2.1.0 ### Significant changes relative to 2.1 beta1
- Fixed a regression introduced in 2.1.0 that caused build failures with
decompress certain progressive JPEG images with one or more component planes of width 8 or less caused a buffer overrun. 2. Fixed a regression introduced by 2.1 beta1[6(b)] whereby attempting to decompress a specially-crafted malformed progressive JPEG image caused the block smoothing algorithm to read from uninitialized memory. 3. Fixed an issue in the Arm Neon SIMD Huffman encoders that caused the encoders to generate incorrect results when using the Clang compiler with Visual Studio. 4. Fixed a floating point exception (CVE-2021-20205) that occurred when attempting to compress a specially-crafted malformed GIF image with a specified image width of 0 using cjpeg. 5. Fixed a regression introduced by 2.0 beta1[15] whereby attempting to generate a progressive JPEG image on an SSE2-capable CPU using a scan script containing one or more scans with lengths divisible by 32 and non-zero successive approximation low bit positions would, under certain circumstances, result in an error ("Missing Huffman code table entry") and an invalid JPEG image. 6. Introduced a new flag (`TJFLAG_LIMITSCANS` in the TurboJPEG C API and `TJ.FLAG_LIMIT_SCANS` in the TurboJPEG Java API) and a corresponding TJBench command-line argument (`-limitscans`) that causes the TurboJPEG decompression and transform functions/operations to return/throw an error if a progressive JPEG image contains an unreasonably large number of scans. This allows applications that use the TurboJPEG API to guard against an exploit of the progressive JPEG format described in the report ["Two Issues with the JPEG Standard"](https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard....). 7. The PPM reader now throws an error, rather than segfaulting (due to a buffer overrun) or generating incorrect pixels, if an application attempts to use the `tjLoadImage()` function to load a 16-bit binary PPM file (a binary PPM file with a maximum value greater than 255) into a grayscale image buffer or to load a 16-bit binary PGM file into an RGB image buffer. 8. Fixed an issue in the PPM reader that caused incorrect pixels to be generated when using the `tjLoadImage()` function to load a 16-bit binary PPM file into an extended RGB image buffer. 9. Fixed an issue whereby, if a JPEG buffer was automatically re-allocated by one of the TurboJPEG compression or transform functions and an error subsequently occurred during compression or transformation, the JPEG buffer pointer passed by the application was not updated when the function returned. 2.0.90 (2.1 beta1) ### Significant changes relative to 2.0.6:
- Fixed a regression introduced by 2.1 beta1[6(b)] whereby attempting to
support the x32 ABI on Linux, which allows for using x86-64 instructions with 32-bit pointers. The x32 ABI is generally enabled by adding `-mx32` to the compiler flags. Caveats: - CMake 3.9.0 or later is required in order for the build system to automatically detect an x32 build. - Java does not support the x32 ABI, and thus the TurboJPEG Java API will automatically be disabled with x32 builds. 2. Added Loongson MMI SIMD implementations of the RGB-to-grayscale, 4:2:2 fancy chroma upsampling, 4:2:2 and 4:2:0 merged chroma upsampling/color conversion, and fast integer DCT/IDCT algorithms. Relative to libjpeg-turbo 2.0.x, this speeds up: - the compression of RGB source images into grayscale JPEG images by approximately 20% - the decompression of 4:2:2 JPEG images by approximately 40-60% when using fancy upsampling - the decompression of 4:2:2 and 4:2:0 JPEG images by approximately 15-20% when using merged upsampling - the compression of RGB source images by approximately 30-45% when using the fast integer DCT - the decompression of JPEG images into RGB destination images by approximately 2x when using the fast integer IDCT The overall decompression speedup for RGB images is now approximately 2.3-3.7x (compared to 2-3.5x with libjpeg-turbo 2.0.x.) 3. 32-bit (Armv7 or Armv7s) iOS builds of libjpeg-turbo are no longer supported, and the libjpeg-turbo build system can no longer be used to package such builds. 32-bit iOS apps cannot run in iOS 11 and later, and the App Store no longer allows them. 4. 32-bit (i386) OS X/macOS builds of libjpeg-turbo are no longer supported, and the libjpeg-turbo build system can no longer be used to package such builds. 32-bit Mac applications cannot run in macOS 10.15 "Catalina" and later, and the App Store no longer allows them. 5. The SSE2 (x86 SIMD) and C Huffman encoding algorithms have been significantly optimized, resulting in a measured average overall compression speedup of 12-28% for 64-bit code and 22-52% for 32-bit code on various Intel and AMD CPUs, as well as a measured average overall compression speedup of 0-23% on platforms that do not have a SIMD-accelerated Huffman encoding implementation. 6. The block smoothing algorithm that is applied by default when decompressing progressive Huffman-encoded JPEG images has been improved in the following ways: - The algorithm is now more fault-tolerant. Previously, if a particular scan was incomplete, then the smoothing parameters for the incomplete scan would be applied to the entire output image, including the parts of the image that were generated by the prior (complete) scan. Visually, this had the effect of removing block smoothing from lower-frequency scans if they were followed by an incomplete higher-frequency scan. libjpeg-turbo now applies block smoothing parameters to each iMCU row based on which scan generated the pixels in that row, rather than always using the block smoothing parameters for the most recent scan. - When applying block smoothing to DC scans, a Gaussian-like kernel with a 5x5 window is used to reduce the "blocky" appearance. 7. Added SIMD acceleration for progressive Huffman encoding on Arm platforms. This speeds up the compression of full-color progressive JPEGs by about 30-40% on average (relative to libjpeg-turbo 2.0.x) when using modern Arm CPUs. 8. Added configure-time and run-time auto-detection of Loongson MMI SIMD instructions, so that the Loongson MMI SIMD extensions can be included in any MIPS64 libjpeg-turbo build. 9. Added fault tolerance features to djpeg and jpegtran, mainly to demonstrate methods by which applications can guard against the exploits of the JPEG format described in the report ["Two Issues with the JPEG Standard"](https://libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard....). - Both programs now accept a `-maxscans` argument, which can be used to limit the number of allowable scans in the input file. - Both programs now accept a `-strict` argument, which can be used to treat all warnings as fatal. 10. CMake package config files are now included for both the libjpeg and TurboJPEG API libraries. This facilitates using libjpeg-turbo with CMake's `find_package()` function. For example: find_package(libjpeg-turbo CONFIG REQUIRED) add_executable(libjpeg_program libjpeg_program.c) target_link_libraries(libjpeg_program PUBLIC libjpeg-turbo::jpeg) add_executable(libjpeg_program_static libjpeg_program.c) target_link_libraries(libjpeg_program_static PUBLIC libjpeg-turbo::jpeg-static) add_executable(turbojpeg_program turbojpeg_program.c) target_link_libraries(turbojpeg_program PUBLIC libjpeg-turbo::turbojpeg) add_executable(turbojpeg_program_static turbojpeg_program.c) target_link_libraries(turbojpeg_program_static PUBLIC libjpeg-turbo::turbojpeg-static) 11. Since the Unisys LZW patent has long expired, cjpeg and djpeg can now read/write both LZW-compressed and uncompressed GIF files (feature ported from jpeg-6a and jpeg-9d.) 12. jpegtran now includes the `-wipe` and `-drop` options from jpeg-9a and jpeg-9d, as well as the ability to expand the image size using the `-crop` option. Refer to jpegtran.1 or usage.txt for more details. 13. Added a complete intrinsics implementation of the Arm Neon SIMD extensions, thus providing SIMD acceleration on Arm platforms for all of the algorithms that are SIMD-accelerated on x86 platforms. This new implementation is significantly faster in some cases than the old GAS implementation-- depending on the algorithms used, the type of CPU core, and the compiler. GCC, as of this writing, does not provide a full or optimal set of Neon intrinsics, so for performance reasons, the default when building libjpeg-turbo with GCC is to continue using the GAS implementation of the following algorithms: - 32-bit RGB-to-YCbCr color conversion - 32-bit fast and accurate inverse DCT - 64-bit RGB-to-YCbCr and YCbCr-to-RGB color conversion - 64-bit accurate forward and inverse DCT - 64-bit Huffman encoding A new CMake variable (`NEON_INTRINSICS`) can be used to override this default. Since the new intrinsics implementation includes SIMD acceleration for merged upsampling/color conversion, 1.5.1[5] is no longer necessary and has been reverted. 14. The Arm Neon SIMD extensions can now be built using Visual Studio. 15. The build system can now be used to generate a universal x86-64 + Armv8 libjpeg-turbo SDK package for both iOS and macOS. 2.0.6 ### Significant changes relative to 2.0.5:
- The build system, x86-64 SIMD extensions, and accelerated Huffman codec now
platforms when using any of the YUV encoding/compression/decompression/decoding methods in the TurboJPEG Java API. 2. Fixed or worked around multiple issues with `jpeg_skip_scanlines()`: - Fixed segfaults or "Corrupt JPEG data: premature end of data segment" errors in `jpeg_skip_scanlines()` that occurred when decompressing 4:2:2 or 4:2:0 JPEG images using merged (non-fancy) upsampling/color conversion (that is, when setting `cinfo.do_fancy_upsampling` to `FALSE`.) 2.0.0[6] was a similar fix, but it did not cover all cases. - `jpeg_skip_scanlines()` now throws an error if two-pass color quantization is enabled. Two-pass color quantization never worked properly with `jpeg_skip_scanlines()`, and the issues could not readily be fixed. - Fixed an issue whereby `jpeg_skip_scanlines()` always returned 0 when skipping past the end of an image. 3. The Arm 64-bit (Armv8) Neon SIMD extensions can now be built using MinGW toolchains targetting Arm64 (AArch64) Windows binaries. 4. Fixed unexpected visual artifacts that occurred when using `jpeg_crop_scanline()` and interblock smoothing while decompressing only the DC scan of a progressive JPEG image. 5. Fixed an issue whereby libjpeg-turbo would not build if 12-bit-per-component JPEG support (`WITH_12BIT`) was enabled along with libjpeg v7 or libjpeg v8 API/ABI emulation (`WITH_JPEG7` or `WITH_JPEG8`.) 2.0.5 ### Significant changes relative to 2.0.4:
- Fixed "using JNI after critical get" errors that occurred on Android
in the libjpeg-turbo regression tests. Specifically, the `jsimd_h2v1_downsample_dspr2()` and `jsimd_h2v2_downsample_dspr2()` functions in the MIPS DSPr2 SIMD extensions are now disabled until/unless they can be fixed, and other functions that are incompatible with big endian MIPS CPUs are disabled when building libjpeg-turbo for such CPUs. 2. Fixed an oversight in the `TJCompressor.compress(int)` method in the TurboJPEG Java API that caused an error ("java.lang.IllegalStateException: No source image is associated with this instance") when attempting to use that method to compress a YUV image. 3. Fixed an issue (CVE-2020-13790) in the PPM reader that caused a buffer overrun in cjpeg, TJBench, or the `tjLoadImage()` function if one of the values in a binary PPM/PGM input file exceeded the maximum value defined in the file's header and that maximum value was less than 255. libjpeg-turbo 1.5.0 already included a similar fix for binary PPM/PGM files with maximum values greater than 255. 4. The TurboJPEG API library's global error handler, which is used in functions such as `tjBufSize()` and `tjLoadImage()` that do not require a TurboJPEG instance handle, is now thread-safe on platforms that support thread-local storage.
- Worked around issues in the MIPS DSPr2 SIMD extensions that caused failures
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/common/libjpeg | 5 +++++ lfs/libjpeg | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/config/rootfiles/common/libjpeg b/config/rootfiles/common/libjpeg index eb74d2c50..74c101854 100644 --- a/config/rootfiles/common/libjpeg +++ b/config/rootfiles/common/libjpeg @@ -9,6 +9,11 @@ #usr/include/jmorecfg.h #usr/include/jpeglib.h #usr/include/turbojpeg.h +#usr/lib/cmake/libjpeg-turbo +#usr/lib/cmake/libjpeg-turbo/libjpeg-turboConfig.cmake +#usr/lib/cmake/libjpeg-turbo/libjpeg-turboConfigVersion.cmake +#usr/lib/cmake/libjpeg-turbo/libjpeg-turboTargets-release.cmake +#usr/lib/cmake/libjpeg-turbo/libjpeg-turboTargets.cmake #usr/lib/libjpeg.so usr/lib/libjpeg.so.8 usr/lib/libjpeg.so.8.2.2 diff --git a/lfs/libjpeg b/lfs/libjpeg index 6808640a4..b9c9d3cd8 100644 --- a/lfs/libjpeg +++ b/lfs/libjpeg @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2020 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.0.4 +VER = 2.1.4
THISAPP = libjpeg-turbo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 9be870a5bafaae279646941b848b69fdf7c95ec08a686b01674f473ef33fe5923a04ba8a2d57df84384530308ca46fc3880a404c0eff769129417a553faed3bb +$(DL_FILE)_BLAKE2 = 80ffd77d58a37eae0bdc1868d994f34ea52c13e2624c720b1d0b6ec4d6d14b16911163ccd4009c8d6eda214f31e1fff78bb7eb4739ae6589d0fd8c7008c0e972
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update from version 7.86.0 to 7.87.0
- Update of rootfile
- version 7.87.0 changed hoiw it deals with deprecated typecheck expressions. This caused zabbix_agentd build to fail. Curl developers created a commit to fix this in next version release. Added as patch here. Should be able to be removed with next curl update.
- Changelog curl and libcurl 7.87.0 This release includes the following changes: o curl: add --url-query [52] o CURLOPT_QUICK_EXIT: don't wait for DNS thread on exit [75] o lib: add CURL_WRITEFUNC_ERROR to signal write callback error [47] o openssl: reduce CA certificate bundle reparsing by caching [11] o version: add a feature names array to curl_version_info_data [67] This release includes the following bugfixes: o altsvc: fix rejection of negative port numbers [144] o aws_sigv4: consult x-%s-content-sha256 for payload hash [102] o aws_sigv4: fix typos in aws_sigv4.c [101] o base64: better alloc size [124] o base64: encode without using snprintf [123] o base64: faster base64 decoding [120] o build: assume assert.h is always available [111] o build: assume errno.h is always available [110] o c-hyper: CONNECT respones are not server responses [137] o c-hyper: fix multi-request mechanism [115] o CI: Change FreeBSD image from 12.3 to 12.4 [108] o CI: LGTM.com will be shut down in December 2022 [112] o ci: Remove zuul fuzzing job as it's superseded by CIFuzz o cmake: check for cross-compile, not for toolchain [54] o CMake: fix build with `CURL_USE_GSSAPI` [78] o cmake: really enable warnings with clang [25] o cmake: set the soname on the shared library [140] o cmdline-opts/gen.pl: fix the linkifier [64] o cmdline-opts/page-footer: remove long option nroff formatting o config-mac: define HAVE_SYS_IOCTL_H [107] o config-mac: fix typo: size_T -> size_t [125] o config-mac: remove HAVE_SYS_SELECT_H [116] o config-win32: fix SIZEOF_OFF_T for MSVC and old MinGW [41] o configure: require fork for NTLM-WB [36] o contributors.sh: actually use $CURLWWW instead of just setting it [129] o cookie: compare cookie prefixes case insensitively [14] o cookie: expire cookies at once when max-age is negative [45] o cookie: open cookie jar as a binary file [89] o curl-openssl.m4: do not add $prefix/include/openssl to CPPFLAGS [90] o curl-rustls.m4: on macOS, rustls also needs the Security framework [44] o curl.h: include <sys/select.h> on SerenityOS [104] o curl.h: name all public function parameters [118] o curl.h: reword comment to not use deprecated option [132] o curl: override the numeric locale and set "C" by force [60] o curl: timeout in the read callback [15] o curl_endian: remove Curl_write64_le from header [81] o curl_get_line: allow last line without newline char [88] o curl_path: do not add '/' if homedir ends with one [4] o curl_url_get.3: remove spurious backtick [127] o curl_url_set.3: document CURLU_DISALLOW_USER [139] o curl_url_set.3: fix typo [148] o CURLMOPT_SOCKETFUNCTION.3: clarify CURL_POLL_REMOVE [1] o CURLOPT_COOKIEFILE.3: advice => advise [131] o CURLOPT_DEBUGFUNCTION.3: do not assume nul-termination in example [31] o CURLOPT_DEBUGFUNCTION.3: emphasize that incoming data is "raw" [130] o CURLOPT_POST.3: Explain setting to 0 changes request type [61] o docs/curl_ws_send: Fixed typo in websocket docs [114] o docs/EARLY-RELEASE.md: how to determine an early release [37] o docs/examples: spell correction ('Retrieve') [119] o docs/INSTALL.md: expand on static builds [62] o docs/WEBSOCKET.md: explain the URL use [71] o docs: add missing parameters for --retry flag [2] o docs: add more "SEE ALSO" links to CA related pages [82] o docs: explain the noproxy CIDR notation support [17] o docs: extend the dump-header documentation [150] o docs: remove performance note in CURLOPT_SSL_VERIFYPEER [13] o examples/10-at-a-time: fix possible skipped final transfers [85] o examples: update descriptions [83] o ftp: support growing files with CURLOPT_IGNORE_CONTENT_LENGTH [96] o gen.pl: do not generate CURLHELP bitmask lines > 79 characters [10] o GHA: clarify workflows permissions, set least possible privilege [79] o GHA: NSS use clang instead of clang-9 [103] o gnutls: use common gnutls init and verify code for ngtcp2 [98] o headers: add endif comments [51] o HTTP-COOKIES.md: mention that http://localhost is a secure context [76] o HTTP-COOKIES.md: update the 6265bis link to draft-11 [70] o http: do not send PROXY more than once [46] o http: fix the ::1 comparison for IPv6 localhost for cookies [155] o http: set 'this_is_a_follow' in the Location: logic [40] o http: use the IDN decoded name in HSTS checks [154] o hyper: classify headers as CONNECT and 1XX [56] o hyper: fix handling of hyper_task's when reusing the same address [33] o idn: remove Curl_win32_ascii_to_idn [153] o INSTALL: update operating systems and CPU archs [91] o KNOWN_BUGS: remove eight entries [50] o lib1560: add some basic IDN host name tests [151] o lib: connection filters (cfilter) addition to curl: [43] o lib: feature deprecation warnings in gcc >= 4.3 [58] o lib: fix some type mismatches and remove unneeded typecasts [12] o lib: parse numbers with fixed known base 10 [77] o lib: remove bad set.opt_no_body assignments [42] o lib: rewind BEFORE request instead of AFTER previous [65] o lib: sync guard for Curl_getaddrinfo_ex() definition and use [6] o lib: use size_t or int etc instead of longs [145] o libcurl-errors.3: remove duplicate word [3] o libssh2: return error when ssh_hostkeyfunc returns error [121] o limit-rate.d: see also --rate o log2changes.pl: wrap long lines at 80 columns [59] o Makefile.mk: address minor issues [87] o Makefile.mk: improve a GNU Make hack [122] o Makefile.mk: portable Makefile.m32 [86] o maketgz: set the right version in lib/libcurl.plist [53] o mime: relax easy/mime structures binding [94] o misc: Fix incorrect spelling [113] o misc: remove duplicated include files [28] o misc: typo and grammar fixes [23] o negtelnetserver.py: have it call its close() method [68] o netrc.d: provide mutext info [63] o netware: remove leftover traces [80] o noproxy: also match with adjacent comma [19] o noproxy: guard against empty hostnames in noproxy check [136] o noproxy: tailmatch like in 7.85.0 and earlier [35] o nroff-scan.pl: detect double highlights o ntlm: improve comment for encrypt_des [55] o ntlm: silence ubsan warning about copying from null target_info pointer [69] o openssl/mbedtls: use %d for outputing port with failf (int) [72] o openssl: prefix errors with '[lib]/[version]: ' [105] o os400: use platform socklen_t in Curl_getnameinfo_a [18] o page-header: grammar improvement (display transfer rate) [126] o proxy: refactor haproxy protocol handling as connection filter [57] o README.md: remove badges and xmas-tree garnish [9] o rtsp: fix RTSP auth [49] o runtests: --no-debuginfod now disables DEBUGINFOD_URLS [100] o runtests: do CRLF replacements per section only [97] o scripts/checksrc.pl: detect duplicated include files [29] o sendf: change Curl_read_plain to wrap Curl_recv_plain [48] o sendf: remove unnecessary if condition [26] o setup: do not require __MRC__ defined for Mac OS 9 builds [117] o smb/telnet: do not free the protocol struct in *_done() [152] o socks: fix username max size is 255 (0xFF) [146] o spellcheck.words: remove 'github' as an accepted word [22] o ssl-reqd.d: clarify that this is for upgrading connections only [138] o strcase: use curl_str(n)equal for case insensitive matches [8] o styled-output.d: this option does not work on Windows [93] o system.h: fix socklen_t, curl_off_t, long long for Classic Mac OS [133] o system.h: support 64-bit curl_off_t for NonStop 32-bit [21] o test1421: fix typo [109] o test3026: reduce runtime in legacy mingw builds [73] o tests/sshserver.pl: re-enable ssh-rsa while using openssh 8.8+ o tests: add authorityInfoAccess to generated certs [99] o tests: add HTTP/3 test case, custom location for proper nghttpx [106] o tls: backends use connection filters for IO, enabling HTTPS-proxy [92] o tool: determine the correct fopen option for -D [95] o tool_cfgable: free the ssl_ec_curves on exit [142] o tool_cfgable: make socks5_gssapi_nec a boolean [128] o tool_formparse: avoid clobbering on function params [135] o tool_getparam: make --no-get work as the opposite of --get [39] o tool_operate: provide better errmsg for -G with bad URL [16] o tool_operate: when aborting, make sure there is a non-NULL error buffer [20] o tool_paramhlp: free the proto strings on exit [141] o url: move back the IDN conversion of proxy names [74] o urlapi: reject more bad letters from the host name: &+() [143] o urldata: change port num storage to int and unsigned short [66] o vms: remove SIZEOF_SHORT [134] o vtls: fix build without proxy support [38] o vtls: localization of state data in filters [84] o WEBSOCKET.md: fix broken link [30] o Websocket: fixes for partial frames and buffer updates [7] o websockets: fix handling of partial frames [32] o windows: fail early with a missing windres in autotools [5] o windows: fix linking .rc to shared curl with autotools [24] o winidn: drop WANT_IDN_PROTOTYPES [27] o ws: if no connection is around, return error [149] o ws: return CURLE_NOT_BUILT_IN when websockets not built in [34] o x509asn1: avoid freeing unallocated pointers [147]
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/common/curl | 1 + lfs/curl | 6 ++- ...pressions_for_option_info_parameters.patch | 42 +++++++++++++++++++ 3 files changed, 47 insertions(+), 2 deletions(-) create mode 100644 src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch
diff --git a/config/rootfiles/common/curl b/config/rootfiles/common/curl index 01a5fd792..82e3988d6 100644 --- a/config/rootfiles/common/curl +++ b/config/rootfiles/common/curl @@ -119,6 +119,7 @@ usr/lib/libcurl.so.4.8.0 #usr/share/man/man3/CURLOPT_CAINFO.3 #usr/share/man/man3/CURLOPT_CAINFO_BLOB.3 #usr/share/man/man3/CURLOPT_CAPATH.3 +#usr/share/man/man3/CURLOPT_CA_CACHE_TIMEOUT.3 #usr/share/man/man3/CURLOPT_CERTINFO.3 #usr/share/man/man3/CURLOPT_CHUNK_BGN_FUNCTION.3 #usr/share/man/man3/CURLOPT_CHUNK_DATA.3 diff --git a/lfs/curl b/lfs/curl index 33678f795..b76c33410 100644 --- a/lfs/curl +++ b/lfs/curl @@ -24,7 +24,7 @@
include Config
-VER = 7.86.0 +VER = 7.87.0
THISAPP = curl-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = a1de7feb229de42bf1deeb5017f97df3b1c10c75fac99bcd0cd21a5dc69b6d8b62520744106d6a113c7a86bd6731dba536a263aabfa22be50d520c43e894acce +$(DL_FILE)_BLAKE2 = b272ec928c5ef1728434630d8910f58834327a30570913df9d47921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13
install : $(TARGET)
@@ -70,6 +70,8 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xf $(DIR_DL)/$(DL_FILE)
- # Add upstream patche.
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch cd $(DIR_APP) && ./configure \ --prefix=/usr \ --disable-ipv6 \
diff --git a/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch b/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch new file mode 100644 index 000000000..63b23e309 --- /dev/null +++ b/src/patches/curl-7.87.0_typecheck_accept_expressions_for_option_info_parameters.patch @@ -0,0 +1,42 @@ +From curl commit e2aed00
+As expressions can have side effects, evaluate only once.
+To enable deprecation reporting only once, get rid of the __typeof__ +use to define the local temporary variable and use the target type +(CURLoption/CURLINFO). This also avoids multiple reports on type +conflicts (if some) by the curlcheck_* macros.
+Note that CURLOPT_* and CURLINFO_* symbols may be deprecated, but not +their values: a curl_easy_setopt call with an integer constant as option +will never report a deprecation.
+Reported-by: Thomas Klausner +Fixes #10148 +Closes #10149
+--- curl-7.87.0/include/curl/typecheck-gcc.h.orig 2022-12-19 08:48:23.000000000 +0100 ++++ curl-7.87.0/include/curl/typecheck-gcc.h 2022-12-26 20:39:29.243819395 +0100 +@@ -42,9 +42,8 @@
- */
- #define curl_easy_setopt(handle, option, value) \
- __extension__({ \
+- CURL_IGNORE_DEPRECATION(__typeof__(option) _curl_opt = option;) \ ++ CURLoption _curl_opt = (option); \
if(__builtin_constant_p(_curl_opt)) { \
+- (void) option; \
CURL_IGNORE_DEPRECATION( \
if(curlcheck_long_option(_curl_opt)) \
if(!curlcheck_long(value)) \
+@@ -120,9 +119,8 @@
- /* wraps curl_easy_getinfo() with typechecking */
- #define curl_easy_getinfo(handle, info, arg) \
- __extension__({ \
+- CURL_IGNORE_DEPRECATION(__typeof__(info) _curl_info = info;) \ ++ CURLINFO _curl_info = (info); \
if(__builtin_constant_p(_curl_info)) { \
+- (void) info; \
CURL_IGNORE_DEPRECATION( \
if(curlcheck_string_info(_curl_info)) \
if(!curlcheck_arr((arg), char *)) \