commit 9ea9c5354824324fd31be12873c2eb7287d39fea Author: Michael Tremer Date: Wed Mar 12 10:07:40 2025 +0000 Update contributors Signed-off-by: Michael Tremer commit ab2d665ad11fea6805f7241841b5776ab87b60d5 Author: Michael Tremer Date: Wed Mar 12 10:06:54 2025 +0000 core193: Actually ship the firmware files I put the file into the wrong directory. Signed-off-by: Michael Tremer commit e43ff75dad4863619149c2bdd5d34e6d69b34676 Author: Michael Tremer Date: Wed Mar 12 10:06:13 2025 +0000 core193: Ship fwhosts.cgi Signed-off-by: Michael Tremer commit 50b4c402226cda390832d3124a2a46187cc635c3 Author: Stephen Cuka Date: Thu Feb 27 16:34:16 2025 -0700 fwhosts.cgi: Add button spacing on 'Firewall/Firewall Groups' page. Add spacing between showmenu() buttons on Firewall/Firewall Groups page to improve the look of the page. No changes to the functions of the page. Signed-off-by: Stephen Cuka Signed-off-by: Michael Tremer commit 9802d453f0f9c1d691d775c67abbc3b0952f1e5f Author: Adolf Belka Date: Tue Mar 11 17:36:17 2025 +0100 libloc: Update to version 0.9.18 - Update libloc from version 0.9.17 to 0.9.18 - Update of rootfile - Update of patch to revert installing of perl files into perl vendor directory as source file has changed enough. - Changelog 0.9.18 * A new Lua module has been added as announced here: https://www.ipfire.org/blog/ipfire-location-lua-bindings-for-fun-and-profit * The algorithm to detect bogons and duplicates in the tree have massively been improved and should be nearing their theoretical maximum in terms of performance. * A large number of stability and correctness fixes have been rolled out. These mostly affect the code generating the database. * We now have a small Jenkins pipeline which will check if the library still builds for a couple of major Linux distributions and various architectures. Python: * AS and Country objects are now hashable and support rich comparison operations Importer: * Exporting the database is around 200x faster due to eliminating any excessive joins. Instead a new temporary table will be created and a temporary index will be used to apply various updates to the data from various sources inside the database. That allows us to create the export iteratively instead of having one large query that runs for forever. An export that formerly took around 17-20 hrs(!) will now take only ~5 mins. * A new source for human-friendly names for Autonomous Systems registered with ARIN has been added * Importing feeds from AWS and Spamhaus has been split off into separate database tables. This will allow us to import them separately and prioritise our own rewrites over them. * The ARIN parser has been refactored based on csv.DictReader(), parsers for the AWS and Spamhaus feeds have been rewritten, too * Geofeeds are now fetched concurrently with a unified downloader * Certain country codes will be entirely ignored. Currently this is YU for former Yugoslavia and ZZ which is used to say “no country” * Country codes can now be corrected on the fly. This is used to change UK to GB as only the latter is the valid country code for the United Kingdom. * Countries that are not on our list will not be imported any more. * Networks larger than /4 for IPv6, and /10 for IPv4 won’t be imported any more. This avoids that we propagate any issues in the global routing table into the database. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit c3c56b7d634c4b258e16e829eaa10c00cbd1b58c Author: Matthias Fischer Date: Tue Mar 11 16:28:31 2025 +0100 htop: Update to 3.4.0 For details see: https://github.com/htop-dev/htop/blob/main/ChangeLog "What's new in version 3.4.0 * More expressive version tag generated for development versions (htop --version, help screen) * Improve Darwin support for ARM-based systems * Fix static linking with libsystemd * Various build fixes for DragonFlyBSD, Darwin, NetBSD, OpenBSD & Solaris * Fix running task display (count) * Fix sort order handling in tree mode * Add warning when exiting with a signal (not saving .htoprc) * Add Disk I/O and Network I/O meter for DragonFlyBSD * Improve handling of invalid Unicode strings * Disable basename checking for kernel tasks * Updated documentation for pcp-htop * Disable FOCUS_IN/FOCUS_OUT event handling * Add GPU meter for Linux and PCP * Add colum for GPU time per process on Linux and PCP * Avoid glibc FILE API voodoo * Ignore previously unhandled signals USR1 and USR2 * Force locating the config file to only use absolute paths * Prefer reading htoprc from ~/.config/htop/htoprc over legacy ~/.htoprc * Force writing the configuration to a regular file * Use distinct config files for htop and pcp-htop * Link libnl3 at runtime * Gather permitted capabilities via capget(2) * Avoid fetching certain process information for each thread on Linux (speed up) * Improved handling for invalid data in /proc/tty/drivers on Linux * Various changes to avoid memory allocations inside signal handlers * Add single column header layout * Fix DivByZero bug on startup on Darwin * Include thread information on Darwin * Show process state on Darwin * Update compat check for C23 compilers * Improved detail in help screen * Unicode support for CGROUP, CCGROUP, CONTAINER and SECATTR columns * Mark newline characters in the process command line display * Resolve nested derived metrics for PCP * Make supported modes/styles specific to each meter * Refined checks for terminals supporting to redefine keys * Fix handling of the NICE value on FreeBSD * Fix display of CPU utilization on FreeBSD * Honour update interval adjustments properly without restart * Force rebuild of display table after item removals * Reworked handling for various temperature sensors * Fix high CPU load when the strace'd process exits prematurely * Document --drop-capabilities to require a compile time support * Always call PKG_PROG_PKG_CONFIG in configure * Make configure warn when pkg.m4 is absent * Rewrite curses/terminfo detection code in configure * Keep following a process when resuming process updates (Z key) * Normalize Disk I/O usage and allow utilization above 100% * Plug several memory leaks and improve performance for information parsing * Allow to show or hide cache and buffers in memory usage meter * Visibility hint and UX improvements in status bar of display options panel * Remove IOKit / IOMainPort / IOMMasterPort logic for Darwin builds * Replace BCC with metrics from BPF for pcp-htop" Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit f759f35ce1256d146a868609c8bea80e0ef99474 Author: Michael Tremer Date: Tue Mar 11 14:04:48 2025 +0000 sqlite: Ship /usr/lib/libsqlite3.so Some binaries seem to be linking against libsqlite3.so (i.e. vnstatd). Signed-off-by: Michael Tremer commit e18bef46ff6888caa7a7ef52cda032ec2464f8ae Author: Michael Tremer Date: Tue Mar 11 09:50:48 2025 +0000 gdb: Update aarch64 rootfile Signed-off-by: Michael Tremer commit f5b6a32ee2b81acbbfdb9e8a72cdb8f96f5e38e1 Author: Michael Tremer Date: Mon Mar 10 21:06:57 2025 +0000 lm-sensors: Update rootfile Signed-off-by: Michael Tremer commit b35d101fe802efa01677031336fe49448bfd1dcb Author: Michael Tremer Date: Mon Mar 10 21:04:25 2025 +0000 linux-firmware: Update rootfile Signed-off-by: Michael Tremer commit 6a6a8deb721e299f539bc0a4b3b091a8c11e2762 Author: Michael Tremer Date: Mon Mar 10 21:03:08 2025 +0000 alsa: Drop firmware This caused the build to break. Signed-off-by: Michael Tremer commit 2ce296c882984020cb669710cd3bcbcee1e0cdc7 Author: Adolf Belka Date: Mon Mar 10 13:02:37 2025 +0100 logs.cgi: Don't ship anything as executable in the sources Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit fe32e52d27943909e8de96c1e525f8049179dc2f Author: Michael Tremer Date: Mon Mar 10 10:00:46 2025 +0000 cgi-bin: Don't ship anything as executable in the sources Signed-off-by: Michael Tremer commit bfd3c3f0c20be976dab670162d4891c192433f72 Author: Adolf Belka Date: Thu Mar 6 12:32:21 2025 +0100 en.pl: Update the wording for the check on the CA Name for upload - This changes the wording to allowing characters and spaces. Fixes: Bug10595 part 2 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit f82c1bd187d7a3a1001db4bb42b3f989f9c223f7 Author: Adolf Belka Date: Thu Mar 6 12:32:20 2025 +0100 vpnmain.cgi: Fix for 2nd part of bug10595 - Bug10595 had two parts in it and was closed after the first part was fixed. The second part was still unfixed at that time. I cam across it when checking out an open bug on a similar issue with OpenVPN. - I found the section that checks on the CA Name and modified it to also allow spaces. - Having modified that then the subroutines getsubjectfromcert and getCNfromcert required modifications otherwise the openssl statement only got a filename with the first portion of the ca name until the first space was encountered. This v2 version of this patch set has the safe approach suggested by @Michael. This v3 version has been re based to another patch submission that modified lines in a similar place and prevented a merge to work. - I am open to any suggestions for improvements to how I implemented the use of the &General::system_output function - Tested this change out on my vm and it worked fine. I was able to upload a ca certificate into IPSec and use spaces in the CA Name. - Changed the test for the CA_NAME to allow spaces. Change also made to en.pl file Fixes: Bug10595 part 2 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 0c604256205949ce255ac8127e98dcb333ecee04 Author: Adolf Belka Date: Sun Mar 9 15:12:04 2025 +0100 language files: Update to include a message about a double quotation mark Fixes: bug12298 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 00f280fdb1812f5afef1a55e08c1ddc1ba923800 Author: Adolf Belka Date: Sun Mar 9 15:12:03 2025 +0100 vpnmain.cgi: Fixes bug12298 - IPSec password cannot use semicolon - The password for the pkcs12 certificate is passed to the open ssl command via $opt but it is not quoted and so the ; is taken as the end of the command rather than as part of the password. This also means that a pkcs12 file is not created and the .pem intermediate file is what is left in the directory. - This patch makes the -passout option quoted in the same way as the -name and -caname options. - Based on being the same as the name and caname parts in $opt, I believe that this should not give rise to a vulnerability but I am open to being corrected. - By quoting the -passout then the password must not contain double quotation marks, ", so a test for the password containing a " has been added. - The message about the use of the double quotation mark has been added to the english, dutch and german language files. Feel free to correct if what I have used is not correct. Those are in the other patch of this patch set. - Tested out on my testbed system. I was able to create a pkcs12 certificate with a password containing a variety of characters, including the semicolon, and getting a message that the password contains a double quotation mark when I used that. Fixes: bug12298 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 21eb4dcc231fad6eae663e0dd6c9e93643476476 Author: Michael Tremer Date: Wed Mar 5 18:56:32 2025 +0000 core193: Ship linux-firmware Signed-off-by: Michael Tremer commit 274354badf2e7c0238e8684e82d683b166fc86ae Author: Michael Tremer Date: Wed Mar 5 18:54:58 2025 +0000 tools: linux-firmware no longer has "install-nodedup" Signed-off-by: Michael Tremer commit cddd101712dc9a581c7b47d74f83fff150433fa9 Author: Michael Tremer Date: Wed Mar 5 18:54:35 2025 +0000 linux-firmware: Update to 20250211 Signed-off-by: Michael Tremer commit eb4d5fdb1f7b47d19f42ec3dd1057a268eaae9f3 Author: Adolf Belka Date: Sun Mar 2 20:14:31 2025 +0100 vpnmain.cgi: Change the log name from "ipsec" to "charon" - The use of "ipsec" currently means that none of these messages are shown in the system log with IPSec selected as that is looking for charon. - This patch changes all "ipsec" entries in this file to "charon" - This results in the log messages for generation and regeneration of the root/host certificate set being shown in the system log. Without this then the messages log has to be searched from the command line with grep. - Tested out on a physical IPFire system. Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 7d1d7e0bec4c7f991dbbb622ce414e0b91d14d74 Author: Adolf Belka Date: Sun Mar 2 20:14:30 2025 +0100 vpnmain.cgi: Fixes bug13737 - increments the serial number to allow cert regen - When the regeneration is carried out the existing cert, with serial number 01, is revoked but when the new cert is created the serial number is still 01 causing error messages about the new cert being revoked. - This patch increments the serial number from 01 to 02 after the initial root/host certificate set is created. - Then when the olf cert is revoked the new one uses serial number 02 but also automatically increments it again. So all future regenerations work without problems. - Tested out on a physical IPFire system. Fixes: bug13737 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 016a95a527cae0828b5f0c49eecd92e947f8a71f Author: Michael Tremer Date: Wed Mar 5 11:17:54 2025 +0000 core193: Ship updated backup exclude list Signed-off-by: Michael Tremer commit 545f1847e5904b8b66ecc4ea649a7538aa7309b7 Author: Adolf Belka Date: Sat Mar 1 13:46:02 2025 +0100 exclude: Remove the urlfilter pl programs from a backup - When dealing with the qos bug fix for backing up .pl programs I also then searched all the /var/ipfire directory tree looking for any other .pl files that were being backed up and found that there were two for the urlfilter. - This patch adds the .pl files in the urlfilter/bin directory to the exclude list. - In the same way as for the qos change the exclude addition also means that these files will not be restorewd from any earlier backup. - Also tested and confirmed on a physical IPFire system. Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit ad4cc933457b0ad659e0c49ab56451d4b4b7c083 Author: Adolf Belka Date: Sat Mar 1 13:46:01 2025 +0100 exclude: Fix bug13736 - stop backup of qos perl programs - The exclude file only had the qos.pl file from the bin directory excluded from the backup. This meant that 5 other perl programs were being backed up and therefore any restore would overwrite new updated versions such as the makeqosscripts.pl file. - This addition to the backup exclude file now excludes all .pl files from the qos/bin directory. - This also means that any restore from earlier backups that included the other .pl files will not restore thosde files. - Tested out on an IPFire physical system. Fixes: bug13736 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit c20df220fb0feb82c4c935ce011d5c90e00f3538 Author: Adolf Belka Date: Sat Mar 1 13:01:08 2025 +0100 samba: Update to version 4.21.4 - Update from version 4.21.3 to 4.21.4 - Update of rootfiles for x86_64, aarch64 and riscv64 - Changelog 4.21.4 * BUG 15780: Increasing slowness of sharesec performance with high number of registry shares. * BUG 15782: winbindd shows memleak in kerberos_decode_pac. * BUG 15738: Creation of GPOs applicable to more than one group is impossible with Samba 4.20.0 and later. * BUG 15756: Replace `crypt` module in python/samba/netcmd/user/readpasswords/common.py. * BUG 15151: vfs_gpfs silently garbles timestamps > year 2106. * BUG 15796: Spotlight search results don't show file size and creation date. * BUG 15703: General improvements for vfs_ceph_new module. * BUG 15777: net offlinejoin not working correctly. * BUG 15780: Increasing slowness of sharesec performance with high number of registry shares. * BUG 15759: net ads create/join/winbind producing unix dysfunctional keytabs. * BUG 14213: Windows Explorer crashes on S-1-22-* Unix-SIDs when accessing security tab. * BUG 15769: The values from hresult_errstr_const and hresult_errstr are reversed in 4.20 and 4.21. * BUG 15778: Kerberos referral tickets are generated for principals in our domain if we have a trust to a top level domain. * BUG 15783: NETLOGON_NTLMV2_ENABLED is missing in the SamLogon* user_flags field. * BUG 15703: General improvements for vfs_ceph_new module. * BUG 15784: Regression: stack-use-after-return in crypt_as_best_we_can(). * BUG 15788: libreplace:readline: gcc 15 complains about incompatible pointer types. * BUG 15703: General improvements for vfs_ceph_new module. * BUG 15703: General improvements for vfs_ceph_new module. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit f1d3a1891192fc2efd05bca0958fbc063f450ad2 Author: Michael Tremer Date: Wed Mar 5 11:16:51 2025 +0000 core193: Ship tcl Signed-off-by: Michael Tremer commit d18f8eed367b1ad870a28963775113bec94e6c0d Author: Adolf Belka Date: Fri Feb 28 17:59:46 2025 +0100 tcl: Update to version 9.0.1 - Update from version 8.6.14 to 9.0.1 - Update of rootfile - Changelog 9.0.1 # Completed 9.0 Features and Interfaces - [TIP 701 - Tcl_FSTildeExpand C API] (https://core.tcl-lang.org/tips/doc/trunk/tip/701.md) - [TIP 707 - ptrAndSize internal rep in Tcl_Obj] (https://core.tcl-lang.org/tips/doc/trunk/tip/707.md) - [Size modifiers j, q, z, t not implemented] ( https://core.tcl-lang.org/tcl/info/c4f365) # Bug fixes - [regression in tzdata, %z instead of offset TZ-name] (https://core.tcl-lang.org/tcl/tktview/2c237b) - [Tcl will not start properly if there is an init.tcl file in the current dir](https://core.tcl-lang.org/tcl/tktview/43c94f) - [clock scan "24:00", ISO-8601 compatibility] (https://core.tcl-lang.org/tcl/tktview/aee9f2) - [Temporary folder with file "tcl9registry13.dll" remains after "exit"] (https://core.tcl-lang.org/tcl/tktview/6ce3c0) - [Wrong result by "lsearch -stride -subindices -inline -all"] (https://core.tcl-lang.org/tcl/info/5a1aaa) - [TIP 609 - required Tcl_ThreadAlert() skipped with nested event loop] (https://core.tcl-lang.org/tcl/info/c7e4c4) - [buffer overwrite for non-BMP characters in utf-16] (https://core.tcl-lang.org/tcl/tktview/66da4d) - [zipfs info on mountpoint of executable returns zero offset in field 4"] (https://core.tcl-lang.org/tcl/info/aaa84f) - [zlib-8.8, zlib-8.16 fail on Fedora 40, gcc 14.1.1] (https://core.tcl-lang.org/tcl/tktview/73d5cb) - [install registry and dde in $INSTALL_DIR\lib always] (https://core.tcl-lang.org/tcl/tktview/364bd9) - [cannot build .chm help file (Windows)] (https://core.tcl-lang.org/tcl/tktview/bb110c) # Incompatibilities - No known incompatibilities with the Tcl 9.0.0 public interface. # Updated bundled packages, libraries, standards, data - Itcl 4.3.2 - sqlite3 3.47.2 - Thread 3.0.1 - TDBC\* 1.1.10 - tcltest 2.5.9 - tzdata 2024b, corrected 9.0.0 # Major Features ## 64-bit capacity: Data values larger than 2 GB - Strings can be any length (that fits in your available memory) - Lists and dictionaries can have very large numbers of elements ## Internationalization of text - Full Unicode range of codepoints - New encodings: `utf-16`/`utf-32`/`ucs-2`(`le`|`be`), `CESU-8`, etc. - `encoding` options `-profile`, `-failindex` manage encoding of I/O. - `msgcat` supports custom locale search list - `source` defaults to `-encoding utf-8` ## Zip filesystems and attached archives - Packaging of the Tcl script library with the Tcl binary library, meaning that the `TCL_LIBRARY` environment variable is usually not required. - Packaging of an application into a virtual filesystem is now a supported core Tcl feature. ## Unix notifiers available using `epoll()` or `kqueue()` - This relieves limits on file descriptors imposed by legacy `select()` and fixes a performance bottleneck. # Incompatibilities ## Notable incompatibilities - Unqualified varnames resolved in current namespace, not global. Note that in almost all cases where this causes a change, the change is actually the removal of a latent bug. - No `--disable-threads` build option. Always thread-enabled. - I/O malencoding default response: raise error (`-profile strict`) - Windows platform needs Windows 7 or Windows Server 2008 R2 or later - Ended interpretation of `~` as home directory in pathnames. (See `file home` and `file tildeexpand` for replacements when you need them.) - Removed the `identity` encoding. (There were only ever very few valid use cases for this; almost all uses were systematically wrong.) - Removed the encoding alias `binary` to `iso8859-1`. - `$::tcl_precision` no longer controls string generation of doubles. (If you need a particular precision, use `format`.) - Removed pre-Tcl 8 legacies: `case`, `puts` and `read` variant syntaxes. - Removed subcommands [`trace variable`|`vdelete`|`vinfo`] - Removed `-eofchar` option for write channels. - On Windows 10+ (Version 1903 or higher), system encoding is always utf-8. - `%b`/`%d`/`%o`/`%x` format modifiers (without size modifier) for `format` and `scan` always truncate to 32-bits on all platforms. - `%L` size modifier for `scan` no longer truncates to 64-bit. - Removed command `::tcl::unsupported::inject`. (See `coroinject` and `coroprobe` for supported commands with significantly more comprehensible semantics.) ## Incompatibilities in C public interface - Extensions built against Tcl 8.6 and before will not work with Tcl 9.0; ABI compatibility was a non-goal for 9.0. In _most_ cases, rebuilding against Tcl 9.0 should work except when a removed API function is used. - Many arguments expanded type from `int` to `Tcl_Size`, a signed integer type large enough to support 64-bit sized memory objects. The constant `TCL_AUTO_LENGTH` is a value of that type that indicates that the length should be obtained using an appropriate function (typically `strlen()` for `char *` values). - Ended support for `Tcl_ChannelTypeVersion` less than 5 - Introduced versioning of the `Tcl_ObjType` struct - Removed macros `CONST*`: Tcl 9 support means dropping Tcl 8.3 support. (Replaced with standard C `const` keyword going forward.) - Removed registration of several `Tcl_ObjType`s. - Removed API functions: - `Tcl_Backslash()` - `Tcl_*VA()` - `Tcl_*MathFunc*()` - `Tcl_MakeSafe()` - `Tcl_(Save|Restore|Discard|Free)Result()` - `Tcl_EvalTokens()` - `Tcl_(Get|Set)DefaultEncodingDir()` - `Tcl_UniCharN(case)cmp()` - `Tcl_UniCharCaseMatch()` - Revised many internals; beware reliance on undocumented behaviors. # New Features ## New commands - `array default` — Specify default values for arrays (note that this alters the behaviour of `append`, `incr`, `lappend`). - `array for` — Cheap iteration over an array's contents. - `chan isbinary` — Test if a channel is configured to work with binary data. - `coroinject`, `coroprobe` — Interact with paused coroutines. - `clock add weekdays` — Clock arithmetic with week days. - `const`, `info const*` — Commands for defining constants (variables that can't be modified). - `dict getwithdefault` — Define a fallback value to use when `dict get` would otherwise fail. - `file home` — Get the user home directory. - `file tempdir` — Create a temporary directory. - `file tildeexpand` — Expand a file path containing a `~`. - `info commandtype` — Introspection for the kinds of commands. - `ledit` — Equivalent to `lreplace` but on a list in a variable. - `lpop` — Remove an item from a list in a variable. - `lremove` — Remove a sublist from a list in a variable. - `lseq` — Generate a list of numbers in a sequence. - `package files` — Describe the contents of a package. - `string insert` — Insert a string as a substring of another string. - `string is dict` — Test whether a string is a dictionary. - `tcl::process` — Commands for working with subprocesses. - `*::build-info` — Obtain information about the build of Tcl. - `readFile`, `writeFile`, `foreachLine` — Simple procedures for basic working with files. - `tcl::idna::*` — Commands for working with encoded DNS names. ## New command options - `chan configure ... -inputmode ...` — Support for raw terminal input and reading passwords. - `clock scan ... -validate ...` - `info loaded ... ?prefix?` - `lsearch ... -stride ...` — Search a list by groups of items. - `regsub ... -command ...` — Generate the replacement for a regular expression by calling a command. - `socket ... -nodelay ... -keepalive ...` - `vwait` controlled by several new options - `expr` string comparators `lt`, `gt`, `le`, `ge` - `expr` supports comments inside expressions ## Numbers - 0NNN format is no longer octal interpretation. Use 0oNNN. - 0dNNNN format to compel decimal interpretation. - NN_NNN_NNN, underscores in numbers for optional readability - Functions: `isinf()`, `isnan()`, `isnormal()`, `issubnormal()`, `isunordered()` - Command: `fpclassify` - Function `int()` no longer truncates to word size ## TclOO facilities - private variables and methods - class variables and methods - abstract and singleton classes - configurable properties - `method -export`, `method -unexport` 8.6.16 Bug fixes and corrections to erratic behavior * Regression in [clock] timezones due to revised tzdata format * Improper startup if [pwd] contains a file named init.tcl * Fix crashes or hangs in... - TclOO + coroutine, oo-1.25 - lifecycle management of the attributes of a menu entry - [grid] and [pack] handling of half-dead argument - Tk_DeleteErrorHandler() - overwrite of thread data by Tk initialization in second interp * Prevent negative zlib stream checksums, zlib-15.1 * Filesystem path efficiency from skipping unnecessary normalization * Revised [clock scan] consistent with leap second timestamp validation * Updated bundled packages, libraries, standards, data - Itcl 4.3.2 - sqlite3 3.47.2 - Thread 2.8.11 - TDBC* 1.1.10 - tcltest 2.5.9 - tzdata 2024b, corrected 8.6.15 Bug fixes and corrections to erratic behavior * [TIP 692] Deprecate Tcl_GetAlias(). Migrate to Tcl_GetAliasObj() * Invoke binding scripts for events with detail field NotifyInferior *** POTENTIAL INCOMPATIBILITY *** * Tcl_NewObjectInstance() errors on namespace re-use. *** POTENTIAL INCOMPATIBILITY -- breaks Itcl 4.2 *** * TCL_PACKAGE_PATH change from Tcl list to platform path convention *** POTENTIAL INCOMPATIBILITY *** * Make [self] work inside [$obj eval] * Fix [$obj varname] for linked varnames * Restore access to alternate data streams (ADS) in NTFS filesystems. * Fix crashes or hangs in... - TclOO + coroutine, oo-22.[34] - entangled destructor and namespace deletion, oo-35.7.* - destruction of reflected channel, iocmd-32.3.* - select notifier with file descriptor >= FD_SETSIZE - [child invokehidden info frame], info-40.0 - [focus -force], focus-8.1 - [$canvas dchars], canvas-11.4 - [$menubutton destroy] * Appearance improvements for... - focus ring, arrows, and classic theme. - last item in a [ttk::treeview]. - down arrow in [ttk::combobox]. * Repair [$photo read -from] flaws in GIF,PNG formats. imgPhoto-19.* * [$photo copy] coordinate check error. See imgPhoto-12.5 * Detect corrupt GIF file and raise error. See imgPhoto-18.6.1 * Fixes to [ttk::treeview] subcommands 'see' and 'bbox'. * Fix default font detection for high DPI * [treeview identify] now point aware * Fix broken undo/redo in [text] widget. * Fix GENFUNC mode of Tcl_ParseArgsObjv(). See tests indexObj-7.* * Fix removal of oo variable by [info exists]. See oo-19.4 * Fix byte compiled [incr] with wide int increment. See incr-1.31 * Repair encoding flaws in [info hostname] visible for non-ASCII names. * Fix incorrect [string is control] results on some private codepoints * Autoload of [::tcl::tm::path] * Fix missing error message in some [interp limit] failures. * Improved hash performance for some hash tables. * Performance optimizations in several encoding primitives. * Correction to rare failed startup search for system encoding * Add encodings: koi8-ru, koi8-t * Add keycodes ISO_Group_Shift and dead_hamza * Updated bundled packages, libraries, standards, data - Itcl 4.3.0 -- supports multi-thread operations - sqlite3 3.45.3 - Thread 2.8.10 - TDBC* 1.1.9 - tcltest 2.5.8 - libtommath 1.3.0 - Unicode 16 - tzdata 2024b Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit ddb0b84333a38ab3116ae10b617702bf3f3100b0 Author: Adolf Belka Date: Fri Feb 28 15:04:00 2025 +0100 dhcpcd: Update to version 10.2.2 - Update from version 10.2.1 to 10.2.2 - Update of rootfile not required - Changelog is not provided. Details are from the commits from this linlk https://github.com/NetworkConfiguration/dhcpcd/compare/v10.2.1...v10.2.2 Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 1014929e63f395beedc9f4995af73cecfa5b863a Author: Michael Tremer Date: Wed Mar 5 11:16:04 2025 +0000 core193: Ship firewalllog.dat Signed-off-by: Michael Tremer commit 285cacf9cfcf300cf61e7cfe3f19dd318392aff7 Author: Adolf Belka Date: Fri Feb 28 12:27:31 2025 +0100 firewallog.dat: Fix bug13068 - remove blocklist entries from firewall log - The blocklist log entries are also under kernel: and so currently also show up in the firewall logs as well as in the ip blocklist logs menus. If there are a lot of blocklist entries it can make it very difficult to go through the firewall logs. - This bugfix excxludes any kernel: log entries that have a chain starting with BLKLST. - Tested out on physical and vm IPFire systems. Fixes: bug13068 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 6274d7aeb0c59983ddf9df076f7368b6314655d1 Author: Michael Tremer Date: Wed Mar 5 11:14:50 2025 +0000 core193: Ship vim Signed-off-by: Michael Tremer commit 79792afec11e558e6c639b7cfbcdb5e9156ed259 Author: Adolf Belka Date: Thu Feb 27 16:52:48 2025 +0100 vim: Update to version 9.1.1153 - Update from version 9.1.0886 to 9.1.1153 - Update of rootfile - Changelog is not available. Generally each patch version number update is related to a commit entry in the git repository. The details for all the commit changes can be found at https://github.com/vim/vim/commits/master/ Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit f325976269d441a109df1842885f8fe35bd1953f Author: Michael Tremer Date: Wed Mar 5 11:13:39 2025 +0000 core193: Ship kmod Signed-off-by: Michael Tremer commit d6a84b36c737cc514524ec1dd5393331dbb31f07 Author: Adolf Belka Date: Thu Feb 27 14:27:53 2025 +0100 kmod: Update to version 34 - Update from version 33 to 34 - Update of rootfile - build of kmod has been moved to meson. Autotools option is still available in this version but in the next version it will only be meson so it seemed sensible to change it now. - Back in version 32 they decided to automatically make the symlinks for all the tools in the install script but to place those symlinks in /bin defined by $bindir. So the rootfile for version 32 ended up with the tool symlinks both in /bin and /sbin. - In this version (34) they have decided to change it to being /sbin by default. Distros that want to have them in /bin just have to set the sbindir to /bin. So the symlink creation lines are no longer required as the install craetes them for us. The symlinks in /bin have been removed and I don't see any reason to put them back in as they were only introduced in version 32 and previously the symlinks were always in /sbin. - The sbindir location has to be specified otherwise the deafult would end up with /usr/sbin - Changelog 34 - Improvements - Drop pre-built .ko modules from git - distros/packages will need the linux-headers to be able to run the testsuite. There was limited use of the feature, while linters complained about "source-not-included" or "source-contains-prebuilt-binary". - Switch build system to meson: autotools is still supported but slated for removal on next release. This is the transition release to help distros and integrators to move to the new build system. Default options target distros while developers can use the build-dev.ini configuration file. - Allow to load decompression libraries ondemand: liblzma.so, libz.so, libxz.so and libzstd.so can now be loaded ondemand, only when there is such a need. For use during early boot for loading modules, if configured well it means none of these libraries are loaded: the module loading logic via finit_module() will just hand over to kernel the open file descriptor and kernel will use its own decompress routine. If kernel doesn't handle decompression or if the module is compressed with a different algorithm than the one configured in the kernel, libkmod can still open the module by dynamically loading the correspondent library. Tools inspecting the module contents, like modinfo, will load that single decompression library instead all of them. For distros building with meson it's possible to choose the behavior per library. Examples: a) -Ddlopen=all uses dlopen behavior for all the libraries; b) -Ddlopen=xz, will make only xz to be dlopen'ed while other enabled libraries will be linked in at build time. The use of dlopen is annotated in the ELF file by using the ELF Package Metadata spec as documented in https://systemd.io/ELF_PACKAGE_METADATA/. Example: $ dlopen-notes.py libkmod.so # build/libkmod.so [ { "feature": "xz", "description": "Support for uncompressing xz-compressed modules", "priority": "recommended", "soname": [ "liblzma.so.5" ] } ] - Add -m / --moduledir to depmod to override in runtime the module directory that was already possible to set on build time. Document the interaction between the dir options: base, module and output. - Better error propagation in libkmod for its internal APIs and libc functions up to the callers. - Improve libkmod API documentation by adding new sections, documenting functions previously missing, rewording existing ones, adding version information, cross-referencing, etc. - Remove deprecated arguments for depmod: --unresolved-error, --quiet, --root and --map. - Remove deprecated arguments for rmmod: -w. - Remove deprecated arguments for insmod: -p and -s. - Add --syslog and --force for insmod to normalize it with other tools. - Add bash, fish and zsh shell-completion for insmod, rmmod and lsmod. - Remove depmod_module_directory_override from .pc as the kernel side is not making use of it and will likely not need it. - Improve builtin module listing and retrieving information from its modinfo index which reduces the amount of needed syscalls by 90%. - Improve zstd decompression by using streaming bufferless mode which reduces the amount of syscalls by 65%. - Increase use of pread while parsing ELF and indexes in order to reduce syscalls and improve performance. - Improve module sorting in depmod to speedup the use of the modules.order index and support duplicate lines in it. - Avoid misaligned memory access while reading module signature in libkmod. - Add more documentation for contributing to kmod. New developers are welcome to look at the new README.md and CONTRIBUTING.md files for information on process, coding style, build/installation, etc. - Overhaul man pages with multiple clarifications, section rewrites and additional documentation. - Drop --with-rootlibdir as it's seldom used and was partially broken. - Drop strndupa() and alloca() for increased libc compatibility. - Better handling of LFS for increased compatibility with libc. - Protect kmod_get_dirname() and kmod_new() against NULL argument. - Normalize --version / --help output across all tools. - Always include log priority in messages, even when building with debug. - Optimize index reading by lazily reading nodes on demand, reducing FILE overhead and reducing code duplication wrt FILE vs mmap implementations, etc. - Switch index to pre-order to improve performance in both read and write, meaning faster lookup and faster depmod. Some examples: a) traversing all indexes via configuration dump shows a 9% improvement on Raspberry Pi 2. b) writing the indexes takes 90% less lseek() calls, leading to a performance gain of 13%. - Make symlink install locations more similar to what distros are using: by default it installs the kmod binary as bin/kmod and the symlinks are located in e.g. `sbin/depmod -> ../bin/kmod`. Changing the sbin location is sufficient to move the symlinks to the appropriate place, so distros using `--sbin /usr/bin` will have them installed in that directory. This avoids distros having to remove the symlink and add the symlinks by themselves. (meson only) - Install configuration directories, /{etc,usr/lib}/{depmod,modprobe}.d/ as part of installation, matching what several distros do during packaging. (mson only) - Bug fixes - Fix testsuite using when using configurable module dir. - Fix typos on documentation and source code. - Fix out of bound access in multiple places when using long paths, synthetic huge files, or handling memory allocation errors, or inconsistent variable types, particularly on 32b builds. - Fix internal array APIs, with better error checking: improve execution on very memory-constrained scenarios or very long paths. - Fix absolute path handling in depmod. - Fix libkmod memory leaks on error handling when getting builtin module list. - Do not crash on invalid modules.builtin.modinfo file. - Fix link with lld resulting in empty testsuite. - Fix testsuite build/execution with musl. - Others - Adopt clang-format and editorconfig for coding style and setup CI action to keep the codebase consistent. - Adopt codespell in CI. - Adopt CodeQL integration in CI. - Adopt Codecov in CI. - Adopt SPDX copyright and license identifiers throughout the project. - Add more distros to CI, 32b builds, clang as compiler and lld as linker. - Add support for clang sanitizers and squelch warnings. - Add tests for builtin modules from modinfo index file. - Multiple testsuite refactors and fixes to make it simpler to write tests. - Add CI coverage for docs - Improve strbuf implementation with more error checks and generalize it to cover the role of scratchbuf. This allows to remove the scratchbuf implementation. - Use common array and strbuf code in depmod to remove duplication. - Add abstraction and use more compiler builtins for addition and multiplication with overflow checking. - Normalize use of C attributes throughout the project. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 442ac130267e435b12e8930a568c3afca35ba8d6 Author: Michael Tremer Date: Wed Mar 5 11:13:14 2025 +0000 core193: Ship zstd Signed-off-by: Michael Tremer commit 6eb753361199c227e3421e609e86b34428a1cd8a Author: Adolf Belka Date: Wed Feb 26 19:12:50 2025 +0100 zstd: Update to version 1.5.7 - Update from version 1.5.6 to 1.5.7 - Update of rootfile - Changelog 1.5.7 fix: compression bug in 32-bit mode associated with long-lasting sessions api: new method `ZSTD_compressSequencesAndLiterals()` (#4217, #4232) api: `ZSTD_getFrameHeader()` works on skippable frames (#4228) perf: substantial compression speed improvements (up to +30%) on small data, by @TocarIP (#4144) and @cyan4973 (#4165) perf: improved compression speed (~+5%) for dictionary compression at low levels (#4170) perf: much faster speed for `--patch-from` at high compression levels (#4276) perf: higher `--patch-from` compression ratios, notably at high levels (#4288) perf: better speed for binaries on Windows (@pps83) and when compiled with Visual Studio (@MessyHack) perf: slight compression ratio improvement thanks to better block boundaries (#4136, #4176, #4178) perf: slight compression ratio improvement for `dfast`, aka levels 3 and 4 (#4171) perf: runtime bmi2 detection enabled on x86 32-bit mode (#4251) cli: multi-threading as default CLI setting, by @daniellerozenblit cli: new `--max` command (#4290) build: improve `msbuild` version autodetection, support VS2022, by @ManuelBlanc build: fix `meson` build by @artem and @Victor-C-Zhang, and on Windows by @bgilbert build: compatibility with Apple Framework, by @Treata11 build: improve icc/icx compatibility, by @josepho0918 and @luau-project build: improve compatibility with Android NDK, by Adenilson Cavalcanti portability: linux kernel branch, with improved support for Sequence producers (@embg, @gcabiddu, @cyan4973) portability: improved qnx compatibility, suggested by @rainbowball portability: improved install script for FreeBSD, by @sunpoet portability: fixed test suite compatibility with gnu hurd, by @diegonc doc: clarify specification, by @elasota misc: improved tests/decodecorpus validation tool (#4102), by antmicro Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit b44a015cfdf0072b0d4a70057a1309495b2fe24c Author: Michael Tremer Date: Wed Mar 5 11:12:49 2025 +0000 core193: Ship xfsprogs Signed-off-by: Michael Tremer commit 80802476bf14f466ebbaafcff4843de949bef36a Author: Adolf Belka Date: Wed Feb 26 19:12:49 2025 +0100 xfsprogs: Update to version 6.13.0 - Update from version 6.11.0 to 6.13.0 - Update of rootfile - Changelog is not provided in the source tarball. Detasils can be found from the git log https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/log/ Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 90781a6d7d5308c4d6b002f47169d5b2fb309ca8 Author: Michael Tremer Date: Wed Mar 5 11:12:25 2025 +0000 core193: Ship which Signed-off-by: Michael Tremer commit fbc6e2d9677f0a806d991eccda4b3a777ea9db92 Author: Adolf Belka Date: Wed Feb 26 19:12:48 2025 +0100 which: Update to version 2.23 - Update from version 2.21 to 2.23 - Update of rootfile not required - Changelog 2.23 Bug fix; cleaning up a path like "/path/a/../b/foo" before printing was broken in 2.22. 2.22 Improved Windows support (by Mitch Capper). The function that decides if a found path is executable (file_status) was updated to that of bash version 5.2. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 46813cc9aa141536d54ccd8a67019d888feb3368 Author: Adolf Belka Date: Wed Feb 26 19:12:47 2025 +0100 tshark: Update to version 4.4.5 - Update from version 4.4.4 to 4.4.5 - Update of rootfile - Changelog 4.4.5 Bug Fixes GRPC: protobuf_json only displays the truncated string value. Issue 20392. Wireshark crashes when clicking on a column title/header. Issue 20403. Updated Protocol Support GNW, IPv4, NFAPI, and ProtoBuf Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 5404a01fa6325d1fc85801d7811effe7cdac859a Author: Adolf Belka Date: Wed Feb 26 19:12:46 2025 +0100 postfix: Update to version 3.10.1 - Update from version 3.9.1 to 3.10.1 - Update of rootfile not required - Changelog 3.10.1 Bugfix (defect introduced: 20250210): a recent 'fix' for the default smtp_tls_dane_insecure_mx_policy setting resulted in unnecessary 'dnssec_probe' warnings, on systems that disable DNSSEC lookups (which is the default). 3.10.0 Changes that need a restart: Internal protocol change: Postfix needs "postfix reload" (or "postfix stop" and "postfix start") after upgrade, because of a change in the delivery agent protocol. If this step is skipped, Postfix delivery agents will log a warning: unexpected attribute smtputf8 from xxx socket (expecting: sendopts) where xxx is the delivery agent service name. Changes in TLS support: Forward compatibility: Support for OpenSSL 3.5 post-quantum cryptography. To manage algorithm selection, OpenSSL introduces new TLS group syntax that Postfix will not attempt to imitate. Instead, Postfix now allows the tls_eecdh_auto_curves and tls_ffdhe_auto_groups parameter values to have an empty value. When both are set empty, the algorithm selection can be managed through OpenSSL configuration. For more, look for "Post-quantum" in the postconf(5) manpage. Support for the RFC 8689 "TLS-Required: no" message header to request delivery of messages (such as TLSRPT summaries) even if the preferred TLS security policy cannot be enforced. This limits the Postfix SMTP client to "smtp_tls_security_level = may" which does not authenticate server certificates and which allows falling back to plaintext. Support for the REQUIRETLS SMTP service extension will evolve in Postfix 3.11. Support for the TLSRPT protocol (defined in RFC 8460). With this, a domain can publish a policy in DNS that requests daily summary reports for successful and failed SMTP-over-TLS connections to that domain's MX hosts. This supports both DANE (built-in) and MTA-STS (via an smtp_tls_policy_maps plugin). The implementation uses a TLSRPT library and reporting infrastructure that are maintained by sys4. For details, see TLSRPT_README. Miscellaneous changes: Privacy: With "smtpd_hide_client_session = yes", the Postfix SMTP server generates a Received: header without client session info. This setting may be used with the MUA submission services (port 465 and 587). Support for RFC 2047 encoding of non-ASCII "full name" information in Postfix-generated From: message headers. Encoding non-ASCII full names can avoid the need to use SMTPUTF8, and therefore can avoid incompatibility with sites that do not support SMTPUTF8. See the full_name_encoding_charset parameter description for details. Database performance: When mysql: or pgsql: configuration specifies a single host, assume that it is a load balancer and reconnect immediately after a single failure, instead of failing all requests for 60s. Changes in logging: The Postfix Milter implementation now logs the reason for a 'quarantine' action, instead of "milter triggers HOLD action". The SMTP server now logs the queue ID (or "NOQUEUE") when a connection ends abnormally (timeout, lost connection, or too many errors), and the cleanup server now logs "queueid: canceled" when a message transaction is started but not completed. These changes simplify logfile analysis. Dovecot SASL client logging for "Invalid authentication mechanism" now includes the name of that mechanism. Postfix SMTP server 'reject' logging now shows the sasl_method, sasl_username, and sasl_sender if available. 3.9.2 Forward compatibility: Support for OpenSSL 3.5 post-quantum cryptography. To manage algorithm selection, OpenSSL introduces new TLS group syntax that Postfix will not attempt to imitate. Instead, Postfix now allows the tls_eecdh_auto_curves and tls_ffdhe_auto_groups parameter values to have an empty value. When both are set empty, the algorithm selection can be managed through OpenSSL configuration. Viktor Dukhovni. Forward compatibility: ignore new queue file flag bits that may be used with Postfix 3.10 and later. This is a safety in case a Postfix 3.10 upgrade needs to be rolled back, after the new TLS-Required feature has been used. Performance: when a mysql: or pgsql: configuration specifies a single host, assume that it is a load balancer and reconnect immediately after a single failure, instead of failing all requests for 60s. Bugfix (defect introduced: Postfix 3.4, date 20181113): a server with multiple TLS certificates could report, for a resumed TLS session, the wrong server-signature and server-digest names in logging and Received: message headers. Viktor Dukhovni. Bugfix (defect introduced: Postfix 3.3, date 20180107) small memory leak in the cleanup daemon when generating a "From: full-name " message header. The impact is limited because the number of requests is bounded by the "max_use" configuration parameter. Found during code maintenance. Bugfix (defect introduced: Postfix 3.0): the bounce daemon mangled a non-ASCII address localpart in the "X-Postfix-Sender:" field of a delivery status notification. It backslash-escaped each byte in a multi-byte character. This behavior was implemented in Postfix 2.1 (no support for UTF8 local-parts), but it became incorrect after SMTPUTF8 support was implemented in Postfix 3.0. Bugfix (defect introduced: Postfix 3.6): Reverted the default smtp_tls_dane_insecure_mx_policy setting to "dane" as of Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and 3.10.0. By mistake the default was dependent on the smtp_tls_security_level setting. Problem reported by Ömer Güven. Portability: added "include " for a SUNOS5 workaround. Gary R. Schmidt. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit aa5c819cf261bf2503005029ebbdd9f66a58dfbc Author: Michael Tremer Date: Wed Mar 5 11:11:35 2025 +0000 core193: Ship pcre2 Signed-off-by: Michael Tremer commit d6fd315c182b3a0e6289376ab78245cc7f50f6ae Author: Adolf Belka Date: Wed Feb 26 19:12:45 2025 +0100 pcre2: Update to version 10.45 - Update from version 10.44 to 10.45 - Update of rootfile - Changelog 10.45 This is a comparatively large release, incorporating new features, some bugfixes, and a few changes with slight backwards compatibility implications. Please see the ChangeLog and Git log for further details. Only changes to behaviour, changes to the API, and major changes to the pattern syntax are described here. This release is the first to be available as a (signed) Git tag, or alternatively as a (signed) tarball of the Git tag. This is also the first release to be made by the new maintainers of PCRE2, and we would like to thank Philip Hazel, creator and maintainer of PCRE and PCRE2. * (Git change) The sljit project has been split out into a separate Git repository. Git users must now run `git submodule init; git submodule update` after a Git checkout. * (Behaviour change) Update Unicode support to UCD 16. * (Match behaviour change) Case-insensitive matching of Unicode properties Ll, Lt, and Lu has been changed to match Perl. Previously, /\p{Ll}/i would match only lower-case characters (even though case-insensitive matching was specified). This also affects case-insensitive matching of POSIX classes such as [:lower:]. * (Minor match behaviour change) Case-insensitive matching of backreferences now respects the PCRE2_EXTRA_CASELESS_RESTRICT option. * (Minor pattern syntax change) Parsing of the \x escape is stricter, and is no longer parsed as an escape for the NUL character if not followed by '{' or a hexadecimal digit. Use \x00 instead. * (Major new feature) Add a new feature called scan substring. This is a new type of assertion which matches the content of a capturing block to a sub-pattern. Example: to find a word that contains the rare (in English) sequence of letters "rh" not at the start: \b(\w++)(*scan_substring:(1).+rh) The first group captures a word which is then scanned by the (*scan_substring:(1) ... ) assertion, which tests whether the pattern ".+rh" matches the capture group "(1)". * (Major new feature) Add support for UTS#18 compatible character classes, using the new option PCRE2_ALT_EXTENDED_CLASS. This adds '[' as a metacharacter within character classes and the operators '&&', '--' and '~~', allowing subtractions and intersections of character classes to be easily expressed. Example: to match Thai or Greek letters (but not letters or other characters in those scripts), use [\p{L}&&[\p{Thai}||\p{Greek}]]. * (Major new feature) Add support for Perl-style extended character classes, using the syntax (?[...]). This also allows expressing subtractions and intersections of character classes, but using a different syntax to UTS#18. Example: to match Thai or Greek letters (but not letters or other characters in those scripts), use (?[\p{L} & (\p{Thai} + \p{Greek})]). * (Minor feature) Significant improvements to the character class match engine. Compiled character classes are now more compact, and have faster matching for large or complex character sets, using binary search through the set. * JIT compilation now fails with the new error code PCRE2_ERROR_JIT_UNSUPPORTED for patterns which use features not supported by the JIT compiler. * (Minor feature) New options PCRE2_EXTRA_NO_BS0 (disallow \0 as an escape for the NUL character); PCRE2_EXTRA_PYTHON_OCTAL (use Python disambiguation rules for deciding whether \12 is a backreference or an octal escape); PCRE2_EXTRA_NEVER_CALLOUT (disable callout syntax entirely); PCRE2_EXTRA_TURKISH_CASING (use Turkish rules for case-insensitive matching). * (Minor feature) Add new API function pcre2_set_optimize() for controlling which optimizations are enabled. * (Minor new features) A variety of extensions have been made to pcre2_substitute() and its syntax for replacement strings. These now support: \123 octal escapes; titlecasing \u\L; \1 backreferences; \g<1> and $ backreferences; $& $` $' and $_; new function pcre2_set_substitute_case_callout() to allow locale-aware case transformation. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 735b27195b9c2a79ba9522d7713b0eed9d346723 Author: Michael Tremer Date: Wed Mar 5 11:11:10 2025 +0000 core193: Ship libffi Signed-off-by: Michael Tremer commit c939cb0e4cb91fefc73134b9f70f282d8aec0d5d Author: Adolf Belka Date: Wed Feb 26 19:12:44 2025 +0100 libffi: Update to version 3.4.7 - Update from version 3.4.6 to 3.4.7 - Update of rootfile not required - Changelog 3.4.7 Add static trampoline support for Linux on s390x. Fix BTI support for ARM64. Support pointer authentication for ARM64. Fix ASAN compatibility. Fix x86-64 calls with 6 GP registers and some SSE registers. Miscellaneous fixes for ARC and Darwin ARM64. Fix OpenRISC or1k and Solaris 10 builds. Remove nios2 port. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 7ef15c0047dc09f411afc44a9a95b86741a80ffe Author: Michael Tremer Date: Wed Mar 5 11:10:42 2025 +0000 core193: Ship diffutils Signed-off-by: Michael Tremer commit 110d08e7dcb63b55e7d18e917cb135f3958f68ed Author: Adolf Belka Date: Wed Feb 26 19:12:43 2025 +0100 diffutils: Update to version 3.11 - Update from version 3.10 to 3.11 - Update of rootfile not required - Changelog 3.11 Improvements Programs now quote file names more consistently in diagnostics. For example; "cmp 'none of' /etc/passwd" now might output "cmp: EOF on ‘none of’ which is empty" instead of outputting "cmp: EOF on none of which is empty". In diagnostic messages that traditionally omit quotes and where backward compatibility seems to be important, programs continue to omit quotes unless a file name contains shell metacharacters, in which case programs use shell quoting. For example, although diff continues to output "Only in a: b" as before for most file names, it now outputs "Only in 'a: b': 'c: d'" instead of "Only in a: b: c: d" because the file names 'a: b' and 'c: d' contain spaces. For compatibility with previous practice, diff -c and -u headers continue to quote for C rather than for the shell. diff now outputs more information when symbolic links differ, e.g., "Symbolic links ‘d/f’ -> ‘a’ and ‘e/f’ -> ‘b’ differ", not just "Symbolic links d/f and e/f differ". Special files too, e.g., "Character special files ‘d/f’ (1, 3) and ‘e/f’ (5, 0) differ", not "File d/f is a character special file while file e/f is a character special file". diff's --ignore-case (-i) and --ignore-file-name-case options now support multi-byte characters. For example, they treat Greek capital Δ like small δ when input uses UTF-8. diff now supports multi-byte characters when treating white space. In options like --expand-tabs (-t), --ignore-space-change (-b) and --ignore-tab-expansion (-E), diff now recognizes non-ASCII space characters and counts columns for non-ASCII characters. Bug fixes cmp -bl no longer omits "M-" from bytes with the high bit set in single-byte locales like en_US.iso8859-1. This fix causes the behavior to be locale independent, and to be the same as the longstanding behavior in the C locale and in locales using UTF-8. [bug introduced in 2.9] cmp -i N and -n N no longer fail merely because N is enormous. [bug present since "the beginning"] cmp -s no longer mishandles /proc files, for which the Linux kernel reports a zero size even when nonempty. For example, the following shell command now outputs nothing, as it should: cp /proc/cmdline t; cmp -s /proc/cmdline t || echo files differ [bug present since "the beginning"] diff -E no longer mishandles some input lines containing '\a', '\b', '\f', '\r', '\v', or '\0'. [bug present since 2.8] diff -ly no longer mishandles non-ASCII input. [bug#64461 introduced in 2.9] diff - A/B now works correctly when standard input is a directory, by reading a file named B in that directory. [bug present since "the beginning"] diff no longer suffers from race conditions in some cases when comparing files in a mutating file system. [bug present since "the beginning"] Release distribute gzip-compressed tarballs once again Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit d503ea3839cb9e3163cf6b9e74a25fad839a54d4 Author: Michael Tremer Date: Wed Mar 5 11:09:55 2025 +0000 core193: Ship btrfs-progs Signed-off-by: Michael Tremer