From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4ZGWN86vwqz30rt for ; Mon, 17 Mar 2025 10:26:16 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4ZGWN86fk9z2yn7 for ; Mon, 17 Mar 2025 10:26:16 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "people01.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4ZGWN826bMz4mH for ; Mon, 17 Mar 2025 10:26:16 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1742207176; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=iXx8NUCmZ3qLaZXl/8hrp2pmqcWL34nLK/ZBcSczjRU=; b=zih2A3NH6Jjut6z9U5cV3uA1PlqmUfovTh7Z/kg/PFfl9QqDqbVA3Lv0u8PQcTOCG//AqL 9k4QO2AXWvsYYBCg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1742207176; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=iXx8NUCmZ3qLaZXl/8hrp2pmqcWL34nLK/ZBcSczjRU=; b=vGl9sYULTdMfoMlyf4YRl44Dv223rEiprgSuuo4zSwpkKAd7KaCkk03NQCQghkh3pBg9Gb nBR9f+qY557cmx+DwBlmAmoyvFpLjbn6zhLh7uSH7zCS6Z9R/2Et8WQojtjJCAIM6PoFd+ /miGFIPHQzmXWvSPotgzhz9c+bIxpxsSycYfjbxigdCVGviJaTP2ebks1NeapoFTvEVBBO krrpGQcDGTF44jc16/+aTmiZKNTWT+BComO8BPoPqALx3rm/TxaiMGi9eAgipi2TTz2Pak nO6y806EKV0gW3rG5jRiRiFV0QWBukvwbbpdMGygPEivBoh16UaYPuORL/kKEA== Received: by people01.haj.ipfire.org (Postfix, from userid 1000) id 4ZGWN80yRVz2xn3; Mon, 17 Mar 2025 10:26:16 +0000 (UTC) To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 64f50cf5f089caa2e1cb0de9cf4fa4cf26d4796f X-Git-Refname: refs/heads/next X-Git-Reftype: branch X-Git-Oldrev: 9ea9c5354824324fd31be12873c2eb7287d39fea X-Git-Newrev: 64f50cf5f089caa2e1cb0de9cf4fa4cf26d4796f Message-Id: <4ZGWN80yRVz2xn3@people01.haj.ipfire.org> Date: Mon, 17 Mar 2025 10:26:16 +0000 (UTC) From: Michael Tremer Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 64f50cf5f089caa2e1cb0de9cf4fa4cf26d4796f (commit) via b4a7fb2574e81c290a05dfc8d1254bf98d4c9bb5 (commit) via 7b573778ab6d835d1c486a6a47044ebc628dbe73 (commit) via e02a2170e245fe5c8d01a5d93a11295278a03698 (commit) from 9ea9c5354824324fd31be12873c2eb7287d39fea (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 64f50cf5f089caa2e1cb0de9cf4fa4cf26d4796f Author: Michael Tremer Date: Mon Mar 17 10:25:26 2025 +0000 core193: Ship perl(JSON::PP) Signed-off-by: Michael Tremer commit b4a7fb2574e81c290a05dfc8d1254bf98d4c9bb5 Author: Adolf Belka Date: Sat Mar 15 21:45:31 2025 +0100 perl: uncomment the json entrries in the rootfile - Back in Sept 2024 I supplied a patch to remove certain perl modules as they were now available in the core perl package. - The perl-json was one of these modules but unfortunately I missed to uncomment the json entries in the perl rootfile so they have been unavailable to samba since then. - This patch corrects that situation. Suggested-by: ummeegge Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 7b573778ab6d835d1c486a6a47044ebc628dbe73 Author: Michael Tremer Date: Mon Mar 17 10:24:32 2025 +0000 core193: Ship expat Signed-off-by: Michael Tremer commit e02a2170e245fe5c8d01a5d93a11295278a03698 Author: Adolf Belka Date: Sat Mar 15 13:29:26 2025 +0100 expat: Update to version 2.7.0 - Update from version 2.6.4 to 2.7.0 - Update of rootfile - Fix for CVE-2024-8176 - Changelog 2.7.0 Security fixes: #893 #973 CVE-2024-8176 -- Fix crash from chaining a large number of entities caused by stack overflow by resolving use of recursion, for all three uses of entities: - general entities in character data ("&g1;") - general entities in attribute values ("") - parameter entities ("%p1;") Known impact is (reliable and easy) denial of service: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C (Base Score: 7.5, Temporal Score: 7.2) Please note that a layer of compression around XML can significantly reduce the minimum attack payload size. Other changes: #935 #937 Autotools: Make generated CMake files look for libexpat.@SO_MAJOR@.dylib on macOS #925 Autotools: Sync CMake templates with CMake 3.29 #945 #962 #966 CMake: Drop support for CMake <3.13 #942 CMake: Small fuzzing related improvements #921 docs: Add missing documentation of error code XML_ERROR_NOT_STARTED that was introduced with 2.6.4 #941 docs: Document need for C++11 compiler for use from C++ #959 tests/benchmark: Fix a (harmless) TOCTTOU #944 Windows: Fix installer target location of file xmlwf.xml for CMake #953 Windows: Address warning -Wunknown-warning-option about -Wno-pedantic-ms-format from LLVM MinGW #971 Address Cppcheck warnings #969 #970 Mass-migrate links from http:// to https:// #947 #958 .. #974 #975 Document changes since the previous release #974 #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0) to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/ for what these numbers do Infrastructure: #926 tests: Increase robustness #927 #932 .. #930 #933 tests: Increase test coverage #617 #950 .. #951 #952 .. #954 #955 .. Fuzzing: Add new fuzzer "xml_lpm_fuzzer" based on #961 Google's libprotobuf-mutator ("LPM") #957 Fuzzing|CI: Start producing fuzzing code coverage reports #936 CI: Pass -q -q for LCOV >=2.1 in coverage.sh #942 CI: Small fuzzing related improvements #139 #203 .. #791 #946 CI: Make GitHub Actions build using MSVC on Windows and produce 32bit and 64bit Windows binaries #956 CI: Get off of about-to-be-removed Ubuntu 20.04 #960 #964 CI: Start uploading to Coverity Scan for static analysis #972 CI: Stop loading DTD from the internet to address flaky CI #971 CI: Adapt to breaking changes in Cppcheck Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/expat | 20 ++++++++++---------- config/rootfiles/common/perl | 6 +++--- .../{oldcore/106 => core/193}/filelists/expat | 0 config/rootfiles/core/193/filelists/files | 3 +++ lfs/expat | 6 +++--- 5 files changed, 19 insertions(+), 16 deletions(-) copy config/rootfiles/{oldcore/106 => core/193}/filelists/expat (100%) Difference in files: diff --git a/config/rootfiles/common/expat b/config/rootfiles/common/expat index 0f8af4b70..012300f07 100644 --- a/config/rootfiles/common/expat +++ b/config/rootfiles/common/expat @@ -2,21 +2,21 @@ #usr/include/expat.h #usr/include/expat_config.h #usr/include/expat_external.h -#usr/lib/cmake/expat-2.6.4 -#usr/lib/cmake/expat-2.6.4/expat-config-version.cmake -#usr/lib/cmake/expat-2.6.4/expat-config.cmake -#usr/lib/cmake/expat-2.6.4/expat-noconfig.cmake -#usr/lib/cmake/expat-2.6.4/expat.cmake +#usr/lib/cmake/expat-2.7.0 +#usr/lib/cmake/expat-2.7.0/expat-config-version.cmake +#usr/lib/cmake/expat-2.7.0/expat-config.cmake +#usr/lib/cmake/expat-2.7.0/expat-noconfig.cmake +#usr/lib/cmake/expat-2.7.0/expat.cmake #usr/lib/libexpat.la #usr/lib/libexpat.so usr/lib/libexpat.so.1 -usr/lib/libexpat.so.1.10.0 +usr/lib/libexpat.so.1.10.1 #usr/lib/pkgconfig/expat.pc #usr/share/doc/expat -#usr/share/doc/expat-2.6.4 -#usr/share/doc/expat-2.6.4/ok.min.css -#usr/share/doc/expat-2.6.4/reference.html -#usr/share/doc/expat-2.6.4/style.css +#usr/share/doc/expat-2.7.0 +#usr/share/doc/expat-2.7.0/ok.min.css +#usr/share/doc/expat-2.7.0/reference.html +#usr/share/doc/expat-2.7.0/style.css #usr/share/doc/expat/AUTHORS #usr/share/doc/expat/changelog #usr/share/man/man1/xmlwf.1 diff --git a/config/rootfiles/common/perl b/config/rootfiles/common/perl index d4ceb7083..91517941c 100644 --- a/config/rootfiles/common/perl +++ b/config/rootfiles/common/perl @@ -313,9 +313,9 @@ usr/lib/perl5/5.36.0/IPC/Open2.pm usr/lib/perl5/5.36.0/IPC/Open3.pm #usr/lib/perl5/5.36.0/Internals.pod #usr/lib/perl5/5.36.0/JSON -#usr/lib/perl5/5.36.0/JSON/PP -#usr/lib/perl5/5.36.0/JSON/PP.pm -#usr/lib/perl5/5.36.0/JSON/PP/Boolean.pm +usr/lib/perl5/5.36.0/JSON/PP +usr/lib/perl5/5.36.0/JSON/PP.pm +usr/lib/perl5/5.36.0/JSON/PP/Boolean.pm #usr/lib/perl5/5.36.0/Locale #usr/lib/perl5/5.36.0/Locale/Maketext #usr/lib/perl5/5.36.0/Locale/Maketext.pm diff --git a/config/rootfiles/core/193/filelists/expat b/config/rootfiles/core/193/filelists/expat new file mode 120000 index 000000000..e1923cf63 --- /dev/null +++ b/config/rootfiles/core/193/filelists/expat @@ -0,0 +1 @@ +../../../common/expat \ No newline at end of file diff --git a/config/rootfiles/core/193/filelists/files b/config/rootfiles/core/193/filelists/files index ada775c14..0d5c189b9 100644 --- a/config/rootfiles/core/193/filelists/files +++ b/config/rootfiles/core/193/filelists/files @@ -1,4 +1,7 @@ srv/web/ipfire/cgi-bin/fwhosts.cgi srv/web/ipfire/cgi-bin/logs.cgi/firewalllog.dat srv/web/ipfire/cgi-bin/vpnmain.cgi +usr/lib/perl5/5.36.0/JSON/PP +usr/lib/perl5/5.36.0/JSON/PP.pm +usr/lib/perl5/5.36.0/JSON/PP/Boolean.pm var/ipfire/backup/exclude diff --git a/lfs/expat b/lfs/expat index eec344491..8bbda330e 100644 --- a/lfs/expat +++ b/lfs/expat @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2024 IPFire Team # +# Copyright (C) 2007-2025 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 2.6.4 +VER = 2.7.0 THISAPP = expat-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 70d716722358db8d0acb2c74dbbc9d2362d04a0b856eab6b6d723614b656cf6aad9f6646339e0a32b4151db2e9541439bcb81ec87791e5e6ec0bd36a3ca067cc +$(DL_FILE)_BLAKE2 = 44567e955b8cf2053665140b3557897c6e0e66c7e2ba5919970d91d55a05bb8db604afa37a441ff0a7abf4472b24b0e1e6c3964c56b4bb55358c000ccdc1459d install : $(TARGET) hooks/post-receive -- IPFire 2.x development tree