This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via b8a10c1e8354b0ced70a2ebd6bc0af025c66cf6a (commit) via 973f872c2222d2172a7d49e8bbfaaf93a51378b2 (commit) via c8c90ce226803333774cb8d059929ac7eb7855b9 (commit) via fb5995c2b78c4594b563b6eadf39f883049ce598 (commit) via a1e625a2b9aec45dae20bb27f01790a374680a1a (commit) via 3bf3eac7adfb87022164b79da14b7a13837ec129 (commit) via 01a7ba6ea8319355c6dc9a4b4d233a1dea6dc07c (commit) via a744b4cf602bbb10ea23bf14aaad850cadb4f263 (commit) via ccf88546a2be8e6f5774bec3c46253788676d66f (commit) via fc484aa8d40669ac6dcccb3d779d27a04339df2d (commit) via df80b0d554ea2124426b320ad28ae4c047446cb1 (commit) via c8edf45e3ef612de6a035ec8fd88cb7f2459e19a (commit) via 5fb500cb18380e7924d25d6272a6e0723f405c47 (commit) via e1406badf6e34c231e33f842540a77846a32d4c2 (commit) from 0d7c058c321283ed7bf090b993037b01a9535c69 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit b8a10c1e8354b0ced70a2ebd6bc0af025c66cf6a Author: Robin Roevens robin.roevens@disroot.org Date: Mon Aug 28 00:33:55 2023 +0200
zabbix_agentd: Update to 6.0.21 (LTS)
- Update from version 6.0.19 to 6.0.21 - Update of rootfile not required
Bugs fixed: - ZBX-23097: Fixed use of uninitialised value when verifying subject and issuer with TLS - ZBX-22871: Fixed regular expression crash with invalid utf-8 sequences when pcre2 is used - ZBX-23221: Fixed memory leaks when using certificate-based encryption - ZBX-18168: Added regexp runtime error logging for log*[] items
Full changelogs since 6.0.19: - https://www.zabbix.com/rn/rn6.0.20 - https://www.zabbix.com/rn/rn6.0.21
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 973f872c2222d2172a7d49e8bbfaaf93a51378b2 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Aug 29 09:55:25 2023 +0000
core180: Ship wget
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit c8c90ce226803333774cb8d059929ac7eb7855b9 Author: Adolf Belka adolf.belka@ipfire.org Date: Sun Aug 27 15:43:11 2023 +0200
wget: Update to version 1.21.4
- Update from version 1.21.3 to 1.21.4 - Update of rootfile not required - Changelog Noteworthy changes in release 1.21.4 (2023-05-11) Document --retry-on-host-error in help text Increase read buffer size to 64k. This should speed up downloads on gigabit and faster connections Update deprecated option '--html-extension' to '--adjust-extension' in documentation Update gnulib compatibility layer. Fixes HSTS test failures on i686. (Thanks to Andreas Enge for ponting it out)
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit fb5995c2b78c4594b563b6eadf39f883049ce598 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Aug 29 09:54:57 2023 +0000
core180: Ship krb5
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a1e625a2b9aec45dae20bb27f01790a374680a1a Author: Adolf Belka adolf.belka@ipfire.org Date: Sun Aug 27 15:43:10 2023 +0200
krb5: Update to version 1.21.2
- Update from version 1.20.1 to 1.21.2 - Update of rootfile - Changelog Major changes in 1.21.2 (2023-08-14) This is a bug fix release. * Fix double-free in KDC TGS processing [CVE-2023-39975]. Changes by ticket ID 9101 Fix double-free in KDC TGS processing Major changes in 1.21.1 (2023-07-10) This is a bug fix release. * Fix potential uninitialized pointer free in kadm5 XDR parsing [CVE-2023-36054]. Changes by ticket ID 9099 Ensure array count consistency in kadm5 RPC Major changes in 1.21 (2023-06-05) User experience: * Added a credential cache type providing compatibility with the macOS 11 native credential cache. Developer experience: * libkadm5 will use the provided krb5_context object to read configuration values, instead of creating its own. * Added an interface to retrieve the ticket session key from a GSS context. Protocol evolution: * The KDC will no longer issue tickets with RC4 or triple-DES session keys unless explicitly configured with the new allow_rc4 or allow_des3 variables respectively. * The KDC will assume that all services can handle aes256-sha1 session keys unless the service principal has a session_enctypes string attribute. * Support for PAC full KDC checksums has been added to mitigate an S4U2Proxy privilege escalation attack. * The PKINIT client will advertise a more modern set of supported CMS algorithms. Code quality: * Removed unused code in libkrb5, libkrb5support, and the PKINIT module. * Modernized the KDC code for processing TGS requests, the code for encrypting and decrypting key data, the PAC handling code, and the GSS library packet parsing and composition code. * Improved the test framework's detection of memory errors in daemon processes when used with asan. Changes by ticket ID 9052 Support macOS 11 native credential cache 9053 Make kprop work for dump files larger than 4GB 9054 Replace macros with typedefs in gssrpc types.h 9055 Use SHA-256 instead of SHA-1 for PKINIT CMS digest 9057 Omit LDFLAGS from krb5-config --libs output 9058 Add configure variable for default PKCS#11 module 9059 Use context profile for libkadm5 configuration 9066 Set reasonable supportedCMSTypes in PKINIT 9069 Update error checking for OpenSSL CMS_verify 9071 Add and use ts_interval() helper 9072 Avoid small read overrun in UTF8 normalization 9076 Use memmove() in Unicode functions 9077 Fix aclocal.m4 syntax error for autoconf 2.72 9078 Fix profile crash on memory exhaustion 9079 Fix preauth crash on memory exhaustion 9080 Fix gic_keytab crash on memory exhaustion 9082 Fix policy DB fallback error handling 9083 Fix kpropd crash with unrecognized option 9084 Add PAC full checksums 9085 Fix read overruns in SPNEGO parsing 9086 Fix possible double-free during KDB creation 9087 Fix meridian type in getdate.y 9088 Use control flow guard flag in Windows builds 9089 Add pac_privsvr_enctype string attribute 9090 Convey realm names to certauth modules 9091 Add GSS_C_INQ_ODBC_SESSION_KEY 9092 Fix maintainer-mode build for binutils 2.37 9093 Add PA-REDHAT-PASSKEY padata type
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 3bf3eac7adfb87022164b79da14b7a13837ec129 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Aug 29 09:54:05 2023 +0000
core180: Ship zlib
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 01a7ba6ea8319355c6dc9a4b4d233a1dea6dc07c Author: Adolf Belka adolf.belka@ipfire.org Date: Sun Aug 27 12:17:40 2023 +0200
zlib: Update to version 1.3
- Update from version 1.2.13 to 1.3 - Update of rootfile - Changelog 1.3 (18 Aug 2023) - Remove K&R function definitions and zlib2ansi - Fix bug in deflateBound() for level 0 and memLevel 9 - Fix bug when gzungetc() is used immediately after gzopen() - Fix bug when using gzflush() with a very small buffer - Fix crash when gzsetparams() attempted for transparent write - Fix test/example.c to work with FORCE_STORED - Rewrite of zran in examples (see zran.c version history) - Fix minizip to allow it to open an empty zip file - Fix reading disk number start on zip64 files in minizip - Fix logic error in minizip argument processing - Add minizip testing to Makefile - Read multiple bytes instead of byte-by-byte in minizip unzip.c - Add memory sanitizer to configure (--memory) - Various portability improvements - Various documentation improvements - Various spelling and typo corrections
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a744b4cf602bbb10ea23bf14aaad850cadb4f263 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Aug 29 09:53:03 2023 +0000
core180: Ship OpenSSH
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit ccf88546a2be8e6f5774bec3c46253788676d66f Author: Adolf Belka adolf.belka@ipfire.org Date: Sun Aug 27 12:17:39 2023 +0200
openssh: Update to version 9.4p1
- Update from version 9.3p2 to 9.4p1 - Update of rootfile not required. - The openssh check for zlib version incorrectly identifies version 1.3 as being older than the buggy zlib version. This bug was found on the oipenssh github pull request page but merged after openssh-9.4p1 was issued. Patch implemented to fix zlib version identification. This and the autoconf line can be removed when the next version of openssh is released. - Changelog 9.4p1 This release fixes a number of bugs and adds some small features. Potentially incompatible changes * This release removes support for older versions of libcrypto. OpenSSH now requires LibreSSL >= 3.1.0 or OpenSSL >= 1.1.1. Note that these versions are already deprecated by their upstream vendors. * ssh-agent(1): PKCS#11 modules must now be specified by their full paths. Previously dlopen(3) could search for them in system library directories. New features * ssh(1): allow forwarding Unix Domain sockets via ssh -W. * ssh(1): add support for configuration tags to ssh(1). This adds a ssh_config(5) "Tag" directive and corresponding "Match tag" predicate that may be used to select blocks of configuration similar to the pf.conf(5) keywords of the same name. * ssh(1): add a "match localnetwork" predicate. This allows matching on the addresses of available network interfaces and may be used to vary the effective client configuration based on network location. * ssh(1), sshd(8), ssh-keygen(1): infrastructure support for KRL extensions. This defines wire formats for optional KRL extensions and implements parsing of the new submessages. No actual extensions are supported at this point. * sshd(8): AuthorizedPrincipalsCommand and AuthorizedKeysCommand now accept two additional %-expansion sequences: %D which expands to the routing domain of the connected session and %C which expands to the addresses and port numbers for the source and destination of the connection. * ssh-keygen(1): increase the default work factor (rounds) for the bcrypt KDF used to derive symmetric encryption keys for passphrase protected key files by 50%. Bugfixes * ssh-agent(1): improve isolation between loaded PKCS#11 modules by running separate ssh-pkcs11-helpers for each loaded provider. * ssh(1): make -f (fork after authentication) work correctly with multiplexed connections, including ControlPersist. bz3589 bz3589 * ssh(1): make ConnectTimeout apply to multiplexing sockets and not just to network connections. * ssh-agent(1), ssh(1): improve defences against invalid PKCS#11 modules being loaded by checking that the requested module contains the required symbol before loading it. * sshd(8): fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand appears before it in sshd_config. Since OpenSSH 8.7 the AuthorizedPrincipalsCommand directive was incorrectly ignored in this situation. bz3574 * sshd(8), ssh(1), ssh-keygen(1): remove vestigal support for KRL signatures When the KRL format was originally defined, it included support for signing of KRL objects. However, the code to sign KRLs and verify KRL signatues was never completed in OpenSSH. This release removes the partially-implemented code to verify KRLs. All OpenSSH tools now ignore KRL_SECTION_SIGNATURE sections in KRL files. * All: fix a number of memory leaks and unreachable/harmless integer overflows. * ssh-agent(1), ssh(1): don't truncate strings logged from PKCS#11 modules; GHPR406 * sshd(8), ssh(1): better validate CASignatureAlgorithms in ssh_config and sshd_config. Previously this directive would accept certificate algorithm names, but these were unusable in practice as OpenSSH does not support CA chains. bz3577 * ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature algorithms that are valid for CA signing. Previous behaviour was to list all signing algorithms, including certificate algorithms. * ssh-keyscan(1): gracefully handle systems where rlimits or the maximum number of open files is larger than INT_MAX; bz3581 * ssh-keygen(1): fix "no comment" not showing on when running `ssh-keygen -l` on multiple keys where one has a comment and other following keys do not. bz3580 * scp(1), sftp(1): adjust ftruncate() logic to handle servers that reorder requests. Previously, if the server reordered requests then the resultant file would be erroneously truncated. * ssh(1): don't incorrectly disable hostname canonicalization when CanonicalizeHostname=yes and ProxyJump was expicitly set to "none". bz3567 * scp(1): when copying local->remote, check that the source file exists before opening an SFTP connection to the server. Based on GHPR#370
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit fc484aa8d40669ac6dcccb3d779d27a04339df2d Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Aug 29 09:51:41 2023 +0000
core180: Ship json-c
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit df80b0d554ea2124426b320ad28ae4c047446cb1 Author: Adolf Belka adolf.belka@ipfire.org Date: Sun Aug 27 12:17:38 2023 +0200
json-c: Update to version 0.17
- Update from version 0.16 to 0.17 - Update of rootfile - Changelog 0.17 (up to commit 077661f, 2023-08-08) Deprecated and removed features: * None New features * json_patch: add first implementation only with patch application * Add --disable-static and --disable-dynamic options to the cmake-configure script. * Add -DBUILD_APPS=NO option to disable app build * Minimum cmake version is now 3.9 Significant changes and bug fixes * When serializing with JSON_C_TO_STRING_PRETTY set, keep the opening and closing curly or square braces on same line for empty objects or arrays. * Disable locale handling when targeting a uClibc system due to problems with its duplocale() function. * When parsing with JSON_TOKENER_STRICT set, integer overflow/underflow now result in a json_tokener_error_parse_number. Without that flag values are capped at INT64_MIN/UINT64_MAX. * Fix memory leak with emtpy strings in json_object_set_string * json_object_from_fd_ex: fail if file is too large (>=INT_MAX bytes) * Add back json_number_chars, but only because it's part of the public API. * Entirely drop mode bits from open(O_RDONLY) to avoid warnings on certain platforms. * Specify dependent libraries, including -lbsd, in a more consistent way so linking against a static json-c works better * Fix a variety of build problems and add & improve tests * Update RFC reference to https://www.rfc-editor.org/rfc/rfc8259
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit c8edf45e3ef612de6a035ec8fd88cb7f2459e19a Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Aug 29 09:51:06 2023 +0000
core180: Ship iana-etc
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5fb500cb18380e7924d25d6272a6e0723f405c47 Author: Adolf Belka adolf.belka@ipfire.org Date: Sun Aug 27 12:17:37 2023 +0200
iana-etc: Update to version 20230810
- Update from version 20221226 to 20230810 - Update of rootfile not required. - There is no changelog.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit e1406badf6e34c231e33f842540a77846a32d4c2 Author: Adolf Belka adolf.belka@ipfire.org Date: Sun Aug 27 12:17:35 2023 +0200
git: Update to version 2.42.0
- Update from version 2.41.0 to 2.42.0 - Update of rootfile not required - Changelog is too large to include here. See the contents of Documentation/RelNotes/2.42.0.txt in the source tar ball.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/common/json-c | 3 ++- config/rootfiles/common/krb5 | 1 + config/rootfiles/common/zlib | 2 +- .../{oldcore/123 => core/180}/filelists/iana-etc | 0 .../{oldcore/125 => core/180}/filelists/json-c | 0 .../{oldcore/169 => core/180}/filelists/krb5 | 0 .../{oldcore/100 => core/180}/filelists/openssh | 0 .../{oldcore/104 => core/180}/filelists/wget | 0 .../{oldcore/167 => core/180}/filelists/zlib | 0 config/rootfiles/core/180/update.sh | 1 + lfs/git | 6 +++--- lfs/iana-etc | 5 +++-- lfs/json-c | 4 ++-- lfs/krb5 | 6 +++--- lfs/openssh | 6 ++++-- lfs/wget | 6 +++--- lfs/zabbix_agentd | 6 +++--- lfs/zlib | 8 +++---- ..._version_check_for_1.3_and_future_version.patch | 25 ++++++++++++++++++++++ 19 files changed, 55 insertions(+), 24 deletions(-) copy config/rootfiles/{oldcore/123 => core/180}/filelists/iana-etc (100%) copy config/rootfiles/{oldcore/125 => core/180}/filelists/json-c (100%) copy config/rootfiles/{oldcore/169 => core/180}/filelists/krb5 (100%) copy config/rootfiles/{oldcore/100 => core/180}/filelists/openssh (100%) copy config/rootfiles/{oldcore/104 => core/180}/filelists/wget (100%) copy config/rootfiles/{oldcore/167 => core/180}/filelists/zlib (100%) create mode 100644 src/patches/openssh-9.4p1_Fix_zlib_version_check_for_1.3_and_future_version.patch
Difference in files: diff --git a/config/rootfiles/common/json-c b/config/rootfiles/common/json-c index 58b6916af..f050376cb 100644 --- a/config/rootfiles/common/json-c +++ b/config/rootfiles/common/json-c @@ -7,6 +7,7 @@ #usr/include/json-c/json_inttypes.h #usr/include/json-c/json_object.h #usr/include/json-c/json_object_iterator.h +#usr/include/json-c/json_patch.h #usr/include/json-c/json_pointer.h #usr/include/json-c/json_tokener.h #usr/include/json-c/json_types.h @@ -20,5 +21,5 @@ #usr/lib/cmake/json-c/json-c-targets.cmake #usr/lib/libjson-c.so usr/lib/libjson-c.so.5 -usr/lib/libjson-c.so.5.2.0 +usr/lib/libjson-c.so.5.3.0 #usr/lib/pkgconfig/json-c.pc diff --git a/config/rootfiles/common/krb5 b/config/rootfiles/common/krb5 index 2e6e0285e..e1ec06753 100644 --- a/config/rootfiles/common/krb5 +++ b/config/rootfiles/common/krb5 @@ -137,6 +137,7 @@ usr/lib/libverto.so.0.0 #usr/share/locale/en_US #usr/share/locale/en_US/LC_MESSAGES #usr/share/locale/en_US/LC_MESSAGES/mit-krb5.mo +#usr/share/locale/ka/LC_MESSAGES/mit-krb5.mo #usr/share/man/cat1 #usr/share/man/cat5 #usr/share/man/cat7 diff --git a/config/rootfiles/common/zlib b/config/rootfiles/common/zlib index c1f23ab8a..596b14641 100644 --- a/config/rootfiles/common/zlib +++ b/config/rootfiles/common/zlib @@ -1,6 +1,6 @@ lib/libz.so lib/libz.so.1 -lib/libz.so.1.2.13 +lib/libz.so.1.3 #usr/include/zconf.h #usr/include/zlib.h #usr/lib/libz.a diff --git a/config/rootfiles/core/180/filelists/iana-etc b/config/rootfiles/core/180/filelists/iana-etc new file mode 120000 index 000000000..1f3d54dbd --- /dev/null +++ b/config/rootfiles/core/180/filelists/iana-etc @@ -0,0 +1 @@ +../../../common/iana-etc \ No newline at end of file diff --git a/config/rootfiles/core/180/filelists/json-c b/config/rootfiles/core/180/filelists/json-c new file mode 120000 index 000000000..2da263e3d --- /dev/null +++ b/config/rootfiles/core/180/filelists/json-c @@ -0,0 +1 @@ +../../../common/json-c \ No newline at end of file diff --git a/config/rootfiles/core/180/filelists/krb5 b/config/rootfiles/core/180/filelists/krb5 new file mode 120000 index 000000000..082c3cbcd --- /dev/null +++ b/config/rootfiles/core/180/filelists/krb5 @@ -0,0 +1 @@ +../../../common/krb5 \ No newline at end of file diff --git a/config/rootfiles/core/180/filelists/openssh b/config/rootfiles/core/180/filelists/openssh new file mode 120000 index 000000000..d8c77fd8e --- /dev/null +++ b/config/rootfiles/core/180/filelists/openssh @@ -0,0 +1 @@ +../../../common/openssh \ No newline at end of file diff --git a/config/rootfiles/core/180/filelists/wget b/config/rootfiles/core/180/filelists/wget new file mode 120000 index 000000000..fcb57dfec --- /dev/null +++ b/config/rootfiles/core/180/filelists/wget @@ -0,0 +1 @@ +../../../common/wget \ No newline at end of file diff --git a/config/rootfiles/core/180/filelists/zlib b/config/rootfiles/core/180/filelists/zlib new file mode 120000 index 000000000..e34566322 --- /dev/null +++ b/config/rootfiles/core/180/filelists/zlib @@ -0,0 +1 @@ +../../../common/zlib \ No newline at end of file diff --git a/config/rootfiles/core/180/update.sh b/config/rootfiles/core/180/update.sh index 6574bf975..8a9d3bfd2 100644 --- a/config/rootfiles/core/180/update.sh +++ b/config/rootfiles/core/180/update.sh @@ -49,6 +49,7 @@ ldconfig
# Start services telinit u +/etc/rc.d/init.d/sshd restart /etc/rc.d/init.d/vnstat restart
# This update needs a reboot... diff --git a/lfs/git b/lfs/git index 5b4ed815f..879c1aa3a 100644 --- a/lfs/git +++ b/lfs/git @@ -24,7 +24,7 @@
include Config
-VER = 2.41.0 +VER = 2.42.0 SUMMARY = Fast, scalable, distributed revision control system
THISAPP = git-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = git -PAK_VER = 28 +PAK_VER = 29
DEPS = perl-Authen-SASL perl-MIME-Base64 perl-Net-SMTP-SSL
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 9119e1d1ff0ff332559a6609707846c2af7c61bea6ea728e834e4bd7f1ff6dd636a081c227b32a88fc5de1ea8987951cc56d0e94c90bbaa211ff415c5020d070 +$(DL_FILE)_BLAKE2 = efe8abd42955a7aee32a12067466d1d8dfc3946f40750254ad431bab7debe3398a9fd4833817a93f6496229184e7890034581300d8c94a98f0c0a209f3021bf4
install : $(TARGET)
diff --git a/lfs/iana-etc b/lfs/iana-etc index dc189e6d5..f63198aa7 100644 --- a/lfs/iana-etc +++ b/lfs/iana-etc @@ -24,7 +24,8 @@
include Config
-VER = 20221226 +VER = 20230810 +# https://github.com/Mic92/iana-etc
THISAPP = iana-etc-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +41,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 6977d6f11389ababf89bdc64e70713995c0f368c0b290c01fd72c62b0d887968b3eb7e18c872509c69f00c77b5ff4bf8f9011c4b35a2f46f22898c78c8143a0c +$(DL_FILE)_BLAKE2 = ae259044920089b53fe5f711920e0f6bdc96a4d8a899b543e5a1782949a06ff93d9d5ca43096e0e32d904a9c68f30a688722b726f14a8b0a0d2104fb39e64b9e
install : $(TARGET)
diff --git a/lfs/json-c b/lfs/json-c index 642afd26a..e529eb141 100644 --- a/lfs/json-c +++ b/lfs/json-c @@ -24,7 +24,7 @@
include Config
-VER = 0.16 +VER = 0.17
THISAPP = json-c-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 11457fa39330338c85bfdfb0dd38fc703ad6942e730ba090c9fe017dfb81ef905d7b1bb1c768b9b51f6445a8cf3cf4007d7740be3a9878f8062edc62ba554c66 +$(DL_FILE)_BLAKE2 = 26be25141447f2b652fa09d7096141a8bf7992469bcc53b275c1bc0108fc36a8898a8185c381218d3146d00fa03bdd0b837be073410fc93af943b5f083dbaa69
install : $(TARGET)
diff --git a/lfs/krb5 b/lfs/krb5 index 0b4dae8cc..cf5daa54a 100644 --- a/lfs/krb5 +++ b/lfs/krb5 @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,7 +26,7 @@ include Config
SUMMARY = Kerberos
-VER = 1.20.1 +VER = 1.21.2
THISAPP = krb5-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = ead16f8b1aec8bba3776628b74257c9aec891770c1fa6d5c5e66275db5f078ca59c9944cd2b017453b777ce080f8e5a322f735fab77691479cfad7b881b92830 +$(DL_FILE)_BLAKE2 = 2afb3ff962a343bc07182fdab0c0ffb221632ff38baab74278cfc721ae72deacc260221470de36e420584f00b780e13221d2e511d4831bca8e1270b7f3d9e824
install : $(TARGET)
diff --git a/lfs/openssh b/lfs/openssh index 83c94ffdc..d5d67dd0e 100644 --- a/lfs/openssh +++ b/lfs/openssh @@ -24,7 +24,7 @@
include Config
-VER = 9.3p2 +VER = 9.4p1
THISAPP = openssh-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 38f8d4ada263112b318fafccabf0a33a004d8290a867434004eb3d37127c9bdabe6e0225fca9d6d68fb54338fec81dcc9313ca7c91d3a033311db44174dc9f6f +$(DL_FILE)_BLAKE2 = d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53
install : $(TARGET)
@@ -70,6 +70,8 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssh-9.4p1_Fix_zlib_version_check_for_1.3_and_future_version.patch + cd $(DIR_APP) && autoconf cd $(DIR_APP) && sed -i "s/lkrb5 -ldes/lkrb5/" configure cd $(DIR_APP) && ./configure \ --prefix=/usr \ diff --git a/lfs/wget b/lfs/wget index 183b0bcb6..670a93720 100644 --- a/lfs/wget +++ b/lfs/wget @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.21.3 +VER = 1.21.4
THISAPP = wget-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 4ff40a30cb3be82ea492d0eae324a9d43de30a0169d3b219ce25f3d667915f90c7eb1559760d1605340f112e96e028613265e0be73aaba7935c69cc06a4ae4f6 +$(DL_FILE)_BLAKE2 = ced6fb9a20343d41e4d8e0c8f171c60535847504fa4c32abc81d104a1594dc7b7c97b5b301836e31dacc7a0f2155c0a2e70e42ff60dc3fa471deb1dad33ba736
install : $(TARGET)
diff --git a/lfs/zabbix_agentd b/lfs/zabbix_agentd index 9e72ad977..7c0d01150 100644 --- a/lfs/zabbix_agentd +++ b/lfs/zabbix_agentd @@ -26,7 +26,7 @@ include Config
SUMMARY = Zabbix Agent
-VER = 6.0.19 +VER = 6.0.21
THISAPP = zabbix-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = zabbix_agentd -PAK_VER = 9 +PAK_VER = 10
DEPS = fping
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = b454a3622d3fdeda886ce4722e24116c44c74768bc5dcfe1cd6aa7c90a245121532d24842cfd47538349d08ca5b6577b6f0e75eec165f304a050512eafe608ba +$(DL_FILE)_BLAKE2 = 0928695a5f2729765a5b1fa31df410d585b50ef40a9d8379d6243c256c88234ac916bfaf13f62a8e28bb8fb4be48e83c1aecfd01f66dc45d4e25a20761d8ef82
install : $(TARGET)
diff --git a/lfs/zlib b/lfs/zlib index 858abd0cd..914e1d855 100644 --- a/lfs/zlib +++ b/lfs/zlib @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 1.2.13 +VER = 1.3
THISAPP = zlib-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = cefcd25989ce27e7d339af2a88455fcf64f6f5e647bedb0f05a45e4370a885fe45a60c023aa63e79b8ecf20ed3254d0052245f33f5769aca2838b42242be14a8 +$(DL_FILE)_BLAKE2 = 5fe0f32339267348a313f23a21e9588bdb180b7415be303c85f5f169444d019e5f176ef7322f6e64297c360acc2a6041c50e2f66d1860e5c392d8970990f176a
install : $(TARGET)
@@ -77,7 +77,7 @@ $(subst %,%_BLAKE2,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - + cd $(DIR_APP) && CROSS_PREFIX=$(CROSS_PREFIX) ./configure --prefix=$(PREFIX) --shared cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/src/patches/openssh-9.4p1_Fix_zlib_version_check_for_1.3_and_future_version.patch b/src/patches/openssh-9.4p1_Fix_zlib_version_check_for_1.3_and_future_version.patch new file mode 100644 index 000000000..ef3ff4dca --- /dev/null +++ b/src/patches/openssh-9.4p1_Fix_zlib_version_check_for_1.3_and_future_version.patch @@ -0,0 +1,25 @@ +From cb4ed12ffc332d1f72d054ed92655b5f1c38f621 Mon Sep 17 00:00:00 2001 +From: Darren Tucker dtucker@dtucker.net +Date: Sat, 19 Aug 2023 07:39:08 +1000 +Subject: [PATCH] Fix zlib version check for 1.3 and future version. + +bz#3604. +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 07893e87065..e3128dfcbb4 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1464,7 +1464,7 @@ else + [[ + int a=0, b=0, c=0, d=0, n, v; + n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); +- if (n != 3 && n != 4) ++ if (n < 1) + exit(1); + v = a*1000000 + b*10000 + c*100 + d; + fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); + +
hooks/post-receive -- IPFire 2.x development tree