commit 313b34669c2d67635a473b6e3fa2ed5c593fc4c4 Author: Michael Tremer Date: Tue May 27 16:42:52 2025 +0000 core196: Ship boost Signed-off-by: Michael Tremer commit fc06f52f68902906b8e5efbff3b5a82545515d61 Author: Adolf Belka Date: Tue May 27 16:25:10 2025 +0200 boost: Update to version 1.88.0 - Update from version 1.83.0 to 1.88.0 - Update of rootfiles for all architectures - Changelogs are very large so urls provided for each release changelog 1.88.0 https://www.boost.org/releases/1.88.0/ 1.87.0 https://www.boost.org/releases/1.87.0/ 1.86.0 https://www.boost.org/releases/1.86.0/ 1.85.0 https://www.boost.org/releases/1.85.0/ 1.84.0 https://www.boost.org/releases/1.84.0/ Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 9bb052e28681b38dff98eb0567062352c2df74c4 Author: Adolf Belka Date: Tue May 27 10:28:32 2025 +0200 collectd: Remove old version patches no longer used Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit b3ca9cff8c939ae48e0036cda2203014917fb1cf Merge: f40e60082 333174d19 Author: Michael Tremer Date: Mon May 26 10:00:23 2025 +0000 Merge branch 'master' into next commit 333174d19fefb7262b0a8bd6359c9f14f767b392 Author: Roberto Peña Date: Mon May 26 09:56:42 2025 +0000 langs: Update Spanish translation https://community.ipfire.org/t/es-pl-updated-with-new-changes-wireguard-and-other/14107 Signed-off-by: Michael Tremer commit f40e600822ce836e82e8a46adba94cf3695eb72d Author: Michael Tremer Date: Mon May 26 11:47:21 2025 +0200 core196: Ship index.cgi and WireGuard changes Signed-off-by: Michael Tremer commit e35e6588673396fdaa3f33b25cd3075c0da9d577 Author: Michael Tremer Date: Mon May 26 11:46:35 2025 +0200 core196: Sort filelist alphanumerically Signed-off-by: Michael Tremer commit c00e6e49c3cd0ba0fa3826539c251d757f41bc9a Author: Michael Tremer Date: Mon May 26 11:45:34 2025 +0200 index.cgi: Use correct string for "WireGuard" Signed-off-by: Michael Tremer commit 8277dec16614df36ed0bd6f687ce244c2d243c62 Author: Michael Tremer Date: Mon May 26 11:44:30 2025 +0200 index.cgi: Translate "Online" Signed-off-by: Michael Tremer commit 9f1f3da8f5866098177edd68ef50b238a3dadf6a Author: Michael Tremer Date: Mon May 26 11:39:28 2025 +0200 index.cgi: Show the WireGuard client pool This is in line with the other Roadwarrior pools. Signed-off-by: Michael Tremer commit c29a07b2ee505811a6cd78ca643bf816beb77375 Author: Michael Tremer Date: Mon May 26 11:38:57 2025 +0200 index.cgi: Show WireGuard status using the function library The settings file is also loaded all the time and we don't need to load it again. Signed-off-by: Michael Tremer commit 5d14f5c10e43c3440e97f6ecc28d4b10709a0e07 Author: Adolf Belka Date: Sun May 25 13:35:01 2025 +0200 index.cgi: Add wireguard status to home screen - This fix adds a wireguard line to show when it is enabled. - This fix does not show a table for any net2net connections that are enabled. I have started working on that but as I only have an OpenVPN n2n connection in place, I can't test out the copy of the ipsec n2n code section that I have made. I need to get ipsec and wireguard n2n connections working first. - If someone else wants to provide a patch for the wireguard n2n connections tables I have no problems with that. If not then I will submit one when I have been able to test it. Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit fbbaa19d13a828a98170fb3b23330189e9eed1d5 Author: Michael Tremer Date: Mon May 26 11:31:54 2025 +0200 wireguard-functions.pl: Add a simple function to check if enabled Signed-off-by: Michael Tremer commit 08511b2750fd664970015f3a9bf5ffb81cdcfae9 Merge: f263d9e25 be068416c Author: Michael Tremer Date: Mon May 26 09:19:54 2025 +0000 Merge branch 'master' into next commit be068416ca90777a9bf8a473f2b89d994d8d69f5 Author: Michael Tremer Date: Mon May 26 09:12:52 2025 +0000 core195: Ship manual pages for the web UI Signed-off-by: Michael Tremer commit 36112ab9b8c127d529bf205edf19cb0d4f202e3d Author: Adolf Belka Date: Sat May 17 14:12:17 2025 +0200 manualpages: Fixes bug13849 - adds manual link to wireguard page Fixes: bug13849 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit f263d9e25d5c0ea75fc9ebf933b8145de8a796b3 Author: Michael Tremer Date: Mon May 26 09:10:34 2025 +0000 core196: Ship texinfo Signed-off-by: Michael Tremer commit e0151f9d178d649eeea3d7ac0667c6f2d2c4e63c Author: Adolf Belka Date: Sat May 24 16:36:53 2025 +0200 texinfo: Update to version 7.2 - Update from version 7.1.1 to 7.2 - Update of rootfile - Changelog 7.2 * Build . "make install" installs files for texi2any under $datadir/texi2any, not $datadir/texinfo. * texinfo.tex . use @ as the escape character in all index files. this requires new enough texi2dvi (Texinfo 6.7, 2019) for index files to be properly processed. . a bug has been fixed where a mangled PDF outline could be produced for a document using @unnumberedsec . you can call @unmacro with an undefined macro name, matching the behavior of texi2any * texi2any . set CHECK_NORMAL_MENU_STRUCTURE by default. this means texi2any again checks menu structure by default (changed in 6.8 release, 2021). . only allow @definfoenclose to be used to redefine highlighting commands . sorting of indices is now independent of the input or output encodings . new customization variable COLLATION_LANGUAGE to allow linguistic tailoring of index sorting . new variable DOCUMENTLANGUAGE_COLLATION to use @documentlanguage for linguistic tailoring of index sorting . new variable USE_UNICODE_COLLATION to allow turning off the slower use of Unicode collation when sorting indices . rename BODYTEXT customization variable to BODY_ELEMENT_ATTRIBUTES . rename COMPLEX_FORMAT_IN_TABLE customization variable to INDENTED_BLOCK_COMMANDS_IN_TABLE . remove the following variables: AVOID_MENU_REDUNDANCY, FRAMES, FRAMESET_DOCTYPE, NO_USE_SETFILENAME, SILENT, USE_UP_NODE_FOR_ELEMENT_UP . remove SIMPLE_MENU variable and tree transformation . the use of the directories ~/.texinfo and ~/.texi2any for configuration files is deprecated, and should be replaced by texinfo or texi2any directories under XDG_CONFIG_HOME (usually ~/.config/). the new locations are compatible with the XDG Base Directory Specification. in future versions, the ~/.texinfo and ~/.texi2any directories will not be in search paths. . do not try the us-ascii encoding anymore as a locale for translated document strings. . some unused translation files have been removed for the `texinfo_document' domain . Info output: . output Info-documentlanguage in Local Variables section of output file if @documentlanguage is given . HTML, Texinfo and raw text output: . an implementation of the conversion in C has been included, which is much faster than the code in Perl. set the `TEXINFO_XS_CONVERT' environment variable to 1 to use. . HTML output: . CHECK_HTMLXREF set by default for warnings about links to unknown external manuals . you can use the MATHJAX_CONFIGURATION customization variable to add data to the MathJax configuration object . warn if there is a .inf or .info suffix for cross-reference manual . use 
 instead of 
 for output of @displaymath
                  . remove border, cellpadding, cellspacing and align attributes.  add
                    classes and use CSS when needed.
              . EPUB output:
                  . stricter conformance for conformance checkers
            * info
              . check for init file under XDG_CONFIG_HOME/texinfo/infokey after
                checking ~/.infokey, in accordance with the XDG Base Directory
                Specification
            * Distribution
              . automake 1.17, autoconf 2.72, gettext 0.22.5, libtool 2.5.3
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 80de694468867ef5d16aaa71a0c75179921079c9
Author: Michael Tremer 
Date:   Mon May 26 09:09:54 2025 +0000

    core196: Ship gperf
    
    Signed-off-by: Michael Tremer 

commit f6e011f7a1b237ab7f34867c112d64fa26b89c59
Author: Adolf Belka 
Date:   Sat May 24 16:36:48 2025 +0200

    gperf: Update to version 3.3
    
    - Update from version 3.1 to 3.3
    - Update of rootfile not required
    - Changelog
        3.3
            * Speedup: gperf is now between 2x and 2.5x faster.
        3.2.1
            * The generated code avoids -Wundef warnings in C++ mode.
        3.2
            * The input file may now use Windows line terminators (CR/LF) instead of
              Unix line terminators (LF).
              Note: This is an incompatible change. If you want to use a keyword that
              ends in a CR byte, such as xyz, write it as "xyz\r".
            * The generated code avoids several types of warnings:
              - "implicit fallthrough" warnings in 'switch' statements.
              - "unused parameter" warnings regarding 'str' or 'len'.
              - "missing initializer for field ..." warnings.
              - "zero as null pointer constant" warnings.
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit dd1b1a5a6bde8421de9f03d701700418c6c23a6c
Author: Michael Tremer 
Date:   Mon May 26 09:09:26 2025 +0000

    core196: Ship elfutils
    
    Signed-off-by: Michael Tremer 

commit c20770f0c4eb02ef5d04e81bc9133aaff684c3ed
Author: Adolf Belka 
Date:   Sat May 24 16:36:47 2025 +0200

    elfutils: Update to version 0.193
    
    - Update from version 0.192 to 0.193
    - Update of rootfile
    - Changelog
        0.193
            debuginfod: Add CORS (webapp access) support to webapi and --cors option.
                        Add --listen-address option for binding the HTTP listen socket
                         to a specific IPv4 or IPv6 address.
                        debuginfod client now caches x-debuginfod-* HTTP headers
                         alongside downloaded files.
            libdw: Add dwarf_language and dwarf_language_lower_bound functions.
                   Improved support for DWARF6 language metadata as well as DWARF
                    language constants for Nim, Dylan, Algol68, V and Mojo.
                   dwarf_srclang is now forward-compatible with DWARF6 language
                    constants.
            libdwfl_stacktrace: Experimental new library interface for unwinding
                                stack samples into call chains, and tracking and
                                caching Elf data for multiple processes, building
                                on libdwfl.  Initially supports perf_events stack
                                sample data.
            libelf: elf_scnshndx has been rewritten to be more robust, particularily
                    for ELF files with more than 64K sections.
            readelf: Improved handling of corrupt ELF data.
                     --section-headers output now includes a "Key to Flags" explaining
                     section flag meanings.
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 6d9b3ab61e491c65469d2dbf1eb1212ba9fd8268
Author: Michael Tremer 
Date:   Mon May 26 09:07:14 2025 +0000

    Revert "libgcrypt: Update to version 1.11.1"
    
    This reverts commit 9b163cfe595d0215957e6ef06ea34780c207d1a6.
    
    This package FTBFS on riscv64. A header file with special SIMD functions
    has not been shipped with the release tarball. This has been fixed
    upstream, but a new tarball has not been released. yet:
    
      https://github.com/gpg/libgcrypt/commit/b100dd25eb6821d58851c2b802bfe9ef2f441228
    
    Signed-off-by: Michael Tremer 

commit 6351c81763fa3c4b198a1751b0b6cbea6e6d1e25
Author: Adolf Belka 
Date:   Fri May 23 18:03:44 2025 +0200

    screen: Update to version 5.0.1
    
    - This v2 version is with the correct tarball, without the binary object files.
    - Update from version 5.0.0 to 5.0.1
    - Update of rootfile
    - 5 CVE fixes included in this version
    - Changelog
        5.0.1
            Security fix
                CVE-2025-46805: do NOT send signals with root privileges
                CVE-2025-46804: avoid file existence test information leaks
                CVE-2025-46803: apply safe PTY default mode of 0620
                CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
                CVE-2025-23395: reintroduce lf_secreopen() for logfile
                buffer overflow due bad strncpy()
                uninitialized variables warnings
                typos
                combining char handling that could lead to a segfault
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 50ce4246c034fe21ddf2ff49597bcbb07473f34d
Author: Michael Tremer 
Date:   Sun May 25 11:54:54 2025 +0000

    core196: Ship whois
    
    Signed-off-by: Michael Tremer 

commit b30a24ead88befb8f2604e1edb1d3f62a536eadb
Author: Adolf Belka 
Date:   Sat May 24 16:36:55 2025 +0200

    whois: Update to version 5.6.1
    
    - Update from version 5.5.23 to 5.6.1
    - Update of rootfile not required
    - Changelog
        5.6.1
              * Added the .pg TLD server.
              * Updated the .gov, .mu, .中国 (.xn--fiqs8s) and .中國 (.xn--fiqz9s)
                TLD servers.
              * Removed the .jobs TLD server.
              * Added the encodings for whois.afrinic.net and whois.apnic.net.
              * Enabled the UTF-8 encoding for whois.ripe.net.
              * Use the last ReferralServer returned by the ARIN server instead of
                the first, because we want to follow the referral for the most
                specific record returned.
              * Make sure to avoid trivial referral loops.
        5.6.0
              * Fixed the mangling of RADB queries with commands.
              * Implemented the parsing of more variants of ARIN's ReferralServer
                field.
              * Implemented following the APNIC pseudo-referrals.
              * Added the .ad and .za TLD servers.
              * Updated the .ao, .bz, .gi, .gq, .gr, .gw, .lc, .md, .pn, .pr, .uy, .vc,
                .info, .mobi, .ελ (.xn--qxam, Greece) and .გე (.xn--node, Georgia) TLD
                servers.
              * Added 2410::/12.
              * Removed 7 new gTLDs which are no longer active.
              * Cleaned up the markup of the man pages, courtesy of Bjarni Ingi
                Gislason. (Closes: #1036826, #1094208)
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit ae7baa15abd118c975e26291864b9eb69964f46b
Author: Michael Tremer 
Date:   Sun May 25 11:54:36 2025 +0000

    core196: Ship meson
    
    Signed-off-by: Michael Tremer 

commit fb3374d22e7d7ab0a790245a7b71ff5eaf2bb916
Author: Adolf Belka 
Date:   Sat May 24 16:36:52 2025 +0200

    meson: Update to version 1.8.0
    
    - Update from version 1.6.0 to 1.8.0
    - Update of rootfile
    - Changelog
        1.8.0
            https://mesonbuild.com/Release-notes-for-1-8-0.html
        1.7.0
            https://mesonbuild.com/Release-notes-for-1-7-0.html
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 01c46944656652c8560a88526884ffb9aaf687de
Author: Michael Tremer 
Date:   Sun May 25 11:54:13 2025 +0000

    core196: Ship man
    
    Signed-off-by: Michael Tremer 

commit 185bd11debd6d32042f29a50e51ed132fb5724cc
Author: Adolf Belka 
Date:   Sat May 24 16:36:51 2025 +0200

    man: Update to version 2.13.1
    
    - Update from version 2.13.0 to 2.13.1
    - Update of rootfile
    - Changelog
        2.13.1
            Fixes:
             * Fix various minor formatting issues in manual pages.
             * Tolerate additional spaces in preprocessor strings.
             * Fix check for generated source files in out-of-tree builds.
             * Fix building with the `musl` C library.
            Improvements:
             * Recognize another Ukrainian translation of the `NAME` section.
             * Increase the maximum size of the `NAME` section from 8192 to 16384 bytes.
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit fe58fcee44b1aefb8340a89917653272a736e4e1
Author: Michael Tremer 
Date:   Sun May 25 11:53:54 2025 +0000

    core196: Ship libconfig
    
    Signed-off-by: Michael Tremer 

commit 8962704ad172f44fda8b25ec581dd7110821f4fc
Author: Adolf Belka 
Date:   Sat May 24 16:36:50 2025 +0200

    libconfig: Update to version 1.8
    
    - Update from version 1.7.3 to 1.8
    - Update of rootfile
    - Changelog
        1.8
              - Added support for binary integer values
              - Miscellaneous code cleanup
        1.7.4
              - Handle malloc failures by calling a fatal error handler
              - New API to provide alternative fatal error handler
              - Bugfixes to lookup (by name or path) routines
              - Bugfixes to APIs with inconsistent const-ness
              - Bugfixes to APIs with inconsistent use of short/unsigned short
              - Bugfixes to int/int64 auto-conversion
              - Various cleanup/fixes to build files
              - Added some unit tests
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 999b263bfd0f76b82732dd07ab6edea908ecab33
Author: Michael Tremer 
Date:   Sun May 25 11:53:30 2025 +0000

    core196: Ship less
    
    Signed-off-by: Michael Tremer 

commit 5dd84ae0ffef528a2e497a90effcf61b465c2d68
Author: Adolf Belka 
Date:   Sat May 24 16:36:49 2025 +0200

    less: Update to version 678
    
    - Update from version 668 to 678
    - Update of rootfile not required
    - Changelog
        678
            * Treat -r in LESS environment variable as -R.
            * Add ESC-j and ESC-k commands (github #560).
            * Add --no-paste option (github #523).
            * Add --no-edit-warn option (github #513).
            * Add --form-feed option (github #496).
            * Add ESC-b command (github #615).
            * Make TAB complete option name in -- command (github #531).
            * Update the file size on an attempt to go past end of file.
            * Make -R able to pass through any OSC escape sequences,
              not just OSC 8 (github #504).
            * Setting LESS_IS_MORE=0 now disables "more" compatibility even
              if invoked via a file link named "more" (github #500).
            * Pass through escape sequences in prompts even if -R is not set.
            * Add LESS_SHELL_LINES to support shell prompts which use more than
              one line (github #514).
            * Add LESSANSIOSCALLOW to define OSC types which may be passed through.
            * Add LESSANSIOSCCHARS to define non-standard OSC intro chars.
            * Add LESS_SIGUSR1 to define user signal handler (github #582).
            * Add mouse and mouse6 commands to lesskey (github #569).
            * Improve behavior of ^O^N and ^O^P commands.
            * Leave stty tabs setting unchanged (github #620).
            * Fix unexpected behavior when entering a partial command followed by
              a valid command (github #543).
            * Fix bug when coloring prompt string with SGR sequences (github #516).
            * Fix bug when searching for text near an invalid UTF-8 sequence (github #542).
            * Fix display bug when file contains ESC followed by NUL (github #550).
            * Fix bug when using +:n +:p +:x or +:d on the command line (github #552).
            * Fix bug with --no-number-headers when header is not at start of file
              (github #566).
            * Fix bug where lesstest fails if window is resized (github #570).
            * Fix bug using "configure --with-secure=no" (github #584).
            * Fix bug using multibyte command chars (github #595).
            * Fix auto_wrap setting on Windows (github #497).
            * Fix two bugs using ^S search modifier (github #605).
            * Fix bug searching for UTF-8 strings with the PCRE2 library (github #610).
            * Fix bug highlighting OSC 8 links when opening a new file.
            * Fix bug when & filtering is active (github #618).
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 09756a89b5b524a5a74224c894decdc48a19b9f9
Author: Michael Tremer 
Date:   Sun May 25 11:53:12 2025 +0000

    core196: Ship bc
    
    Signed-off-by: Michael Tremer 

commit e3e6e0833389e44a8a3d42ed1582c087329c2ca1
Author: Adolf Belka 
Date:   Sat May 24 16:36:46 2025 +0200

    bc: Update to version 1.08.1
    
    - Update from version 1.07.1 to 1.08.1
    - Update of rootfile not required
    - Changelog
        1.08.1
                Fix a formatting botch in doc/bc.1 (which was rendered as blank lines at
                the top of the page).
        1.08.0
                Streamlined the build process; should now be better behaved for those
                  doing cross-compilation builds.
                Made some minor improvements to the documentation.
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit d7a8188d38ba40cd091754533a44612729081240
Author: Michael Tremer 
Date:   Sun May 25 11:52:14 2025 +0000

    core196: Ship ipblocklist-functions.pl
    
    Signed-off-by: Michael Tremer 

commit 476277d0febf510489c314bc950f91ec6efb717b
Author: Stefan Schantl 
Date:   Sat May 24 10:14:36 2025 +0200

    ipblocklist-functions.pl: Allow downloading empty blocklists
    
    Some blocklist providers does serve blocklists for current events or
    with very limited updates. Therefore there is a chance such a blocklist
    could be empty for a certain time.
    
    This patch allows to replace an existing filled blocklist by an empty
    one and vice versa.
    
    Fixes #13804.
    
    Signed-off-by: Stefan Schantl 
    Signed-off-by: Michael Tremer 

commit d58f2de9efd78285b82940ab516dfbbe3d152e3b
Author: Michael Tremer 
Date:   Fri May 23 15:23:25 2025 +0000

    dnsdist: Update to 1.9.10
    
    We released PowerDNS DNSdist 1.9.10 today, fixing several bugs including a security issue tracked as CVE-2025-30193 where a remote, unauthenticated attacker can cause a denial of service via a crafted TCP connection. The issue was reported to us via our public IRC channel so once it was clear that the issue had a security impact we prepared to release a new version as soon as possible.
    
    While we advise upgrading to a fixed version, a work-around is to temporarily restrict the number of queries that DNSdist is willing to accept over a single incoming TCP connection, via the setMaxTCPQueriesPerConnection directive. Setting it to 50 is a safe choice that does not impact performance in our tests.
    
    https://www.dnsdist.org/changelog.html#change-1.9.10
    
    Signed-off-by: Michael Tremer 

commit e6791a9e4a3210201188daa981d3b2d2c092846e
Author: Michael Tremer 
Date:   Fri May 23 09:34:45 2025 +0000

    ruby: Fix build on aarch64
    
    Signed-off-by: Michael Tremer 

commit bfbf3566b6a206cac68c1b36764451f73f89049f
Author: Michael Tremer 
Date:   Thu May 22 15:37:46 2025 +0000

    Revert "screen: Update to version 5.0.1"
    
    This reverts commit de98f72736d8ee27c31226df46403b4e122733e2.
    
    The source tarball contains binaries.
    
    Read more here:
      https://lists.ipfire.org/development/98828B86-5323-4EFA-9278-6BB578AB77E2@ipfire.org/T/#t
    
    Signed-off-by: Michael Tremer 

commit 89bd70bc4054d3c53148374f86e9812e90a26a5a
Merge: c405b9701 1e50e6e79
Author: Michael Tremer 
Date:   Thu May 22 15:18:45 2025 +0000

    Merge branch 'master' into next

commit 1e50e6e79163d3e0ef551044f1cd11807f6e2ba5
Author: Adolf Belka 
Date:   Tue May 20 12:57:39 2025 +0200

    http-client-functions.pl: Fixes bug13852
    
    Suggested-by: Adam G 
    Fixes: bug13852
    Tested-by: Adolf Belka 
    Tested-by: Adam G 
    Signed-off-by: Adolf Belka 
    Acked-by: Stefan Schantl 
    Signed-off-by: Michael Tremer 

commit 186cfa34b580f70f9ccf00aa4503e479df2cd31b
Author: Adolf Belka 
Date:   Wed May 21 20:57:38 2025 +0200

    core195: Ship ntp - fixes bug13855
    
    Fixes: bug13855
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit c405b9701fb86ef1e1b21c08db7c8110a162e70b
Author: Michael Tremer 
Date:   Thu May 22 15:16:45 2025 +0000

    core196: Ship libarchive
    
    Signed-off-by: Michael Tremer 

commit 6f76ad5ffd6d93c5996a33cc42129cabf0d03a36
Author: Adolf Belka 
Date:   Thu May 22 15:08:31 2025 +0200

    libarchive: Update to version 3.8.0
    
    - Update from version 3.7.9 to 3.8.0
    - Update of rootfile
    - Changelog
        3.8.0
            New features:
                    bsdtar: support --mtime and --clamp-mtime (#2601)
                    lib: mbedtls 3.x compatibility (#2602)
                    7-zip reader: improve self-extracting archive detection (#2088)
                    xar: xmllite support for the XAR reader and writer (#2388)
                    zip writer: added XZ, LZMA, ZSTD and BZIP2 support (#2137, #2284, #2391)
                    zip writer: added LZMA + RISCV BCJ filter (#2403)
            Notable security fixes:
                    rar: do not skip past EOF while reading (#2584)
                    rar: fix double free with over 4 billion nodes (#2598)
                    rar: fix heap-buffer-overflow (#2599)
                    warc: prevent signed integer overflow (#2568)
                    tar: fix overflow in build_ustar_entry (#2588)
            Notable bugfixes:
                    bsdtar: don't hardlink negative inode files together (#2587)
                    gz: allow setting the original filename for gzip compressed files (#2544)
                    lib: improve lseek handling (#2564)
                    lib: support @-prefixed Unix epoch timestamps as date strings (#2606)
                    rar: support large headers on 32 bit systems (#2596)
                    tar reader: Improve LFS support on 32 bit systems (#2582)
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 2bb2919a72318e5279ebf07617d36f7a2fb6c8f5
Author: Michael Tremer 
Date:   Thu May 22 15:16:12 2025 +0000

    core196: Ship BIND
    
    Signed-off-by: Michael Tremer 

commit 14c452287d009e080976e67526cf6e088fd3e3dd
Author: Adolf Belka 
Date:   Thu May 22 15:08:30 2025 +0200

    bind: Update to version 9.20.9
    
    - Update from version 9.20.8 to 9.20.9
    - Update of rootfile
    - Changelog
        9.20.9
            Security Fixes
                    - [CVE-2025-40775] Prevent assertion when processing TSIG algorithm.
                      ``b8c198ac5ca``
                      DNS messages that included a Transaction Signature (TSIG) containing
                      an invalid value in the algorithm field caused :iscman:`named` to
                      crash with an assertion failure. This has been fixed.
                      :cve:`2025-40775` :gl:`#5300`
            Feature Changes
                    - Use jinja2 templates in system tests. ``8f545784ff0``
                      `python-jinja2` is now required to run system tests. :gl:`#4938`
                      :gl:`!10396`
            Bug Fixes
                    - Fix EDNS yaml output. ``8c3b226d89b``
                      `dig` was producing invalid YAML when displaying some EDNS options.
                      This has been corrected.
                      Several other improvements have been made to the display of EDNS
                      option data: - We now use the correct name for the UPDATE-LEASE
                      option, which was previously displayed as "UL", and split it into
                      separate LEASE and LEASE-KEY components in YAML mode. - Human-readable
                      durations are now displayed as comments in YAML mode so as not to
                      interfere with machine parsing. - KEY-TAG options are now displayed as
                      an array of integers in YAML mode. - EDNS COOKIE options are displayed
                      as separate CLIENT and SERVER components, and cookie STATUS is a
                      retrievable variable in YAML mode. :gl:`#5014` :gl:`!10414`
                    - Return DNS COOKIE and NSID with BADVERS. ``34b7323bad6``
                      This change allows the client to identify the server that returns the
                      BADVERS and to provide a DNS SERVER COOKIE to be included in the
                      resend of the request. :gl:`#5235` :gl:`!10392`
                    - Disable own memory context for libxml2 on macOS. ``51e51d5ea8f``
                      Apple broke custom memory allocation functions in the system-wide
                      libxml2 starting with macOS Sequoia 15.4.  Usage of the custom memory
                      allocation functions has been disabled on macOS. :gl:`#5268`
                      :gl:`!10411`
                    - `check_private` failed to account for the length byte before the OID.
                      ``2b827380e75``
                      In PRIVATEOID keys, the key data begins with a length byte followed
                      by an ASN.1 object identifier that indicates the cryptographic
                      algorithm  to use. Previously, the length byte was not accounted for
                      when  checking the contents of keys and signatures, which could have
                      led to interoperability problems with any zones signed using
                      PRIVATEOID. This has been fixed. :gl:`#5270` :gl:`!10376`
                    - Fix a serve-stale issue with a delegated zone. ``d839d11bf62``
                      When ``stale-answer-client-timeout 0`` option was enabled, it could be
                      ignored when resolving a zone which is a delegation of an
                      authoritative zone belonging to the resolver. This has been fixed.
                      :gl:`#5275` :gl:`!10420`
                    - Fix the ksr two-tone test. ``3e2b255b5b7``
                      The two-tone ksr subtest (test_ksr_twotone) depended on the
                      dnssec-policy keys algorithm values in named.conf being entered in
                      numerical order.  As the algorithms used in the test can be selected
                      randomly this does not always happen. Sort the dnssec-policy keys by
                      algorithm when adding them to the key list from named.conf.
                      :gl:`#5286` :gl:`!10435`
                    - Revert NSEC3 closest encloser lookup improvements. ``ac41f158fad``
                      The performance improvements for NSEC3 closest encloser lookups that
                      were restored in BIND 9.20.8 turned out to cause incorrect NSEC3
                      records to be returned in nonexistence proofs and were therefore
                      reverted again. :gl:`#5292` :gl:`!10443`
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit add0b84fd6a0b529a71206fac79e7a79cc7572e9
Author: Michael Tremer 
Date:   Thu May 22 15:15:05 2025 +0000

    core196: Ship apr
    
    Signed-off-by: Michael Tremer 

commit 8509b471f3085aebbc596e6addaee5f3b731cb7f
Author: Adolf Belka 
Date:   Thu May 22 15:08:29 2025 +0200

    apr: Update to version 1.7.6
    
    - Update from version 1.7.5 to 1.7.6
    - Update of rootfile
    - Changelog
        1.7.6
              *) test/testsock.c (test_get_addr): Fix test to portably switch
                 the socket to non-blocking mode using apr_socket_timeout_set().
                 Also make the test SKIP for the case where the connect() completes
                 synchronously. [Ivan Zhakov]
              *) network_io/win32/sockets.c: (apr_socket_connect): Copy the remote
                 address by value rather than by reference.  This ensures that the
                 sockaddr object returned by apr_socket_addr_get is allocated from
                 the same pool as the socket object itself, as apr_socket_accept
                 does; avoiding any potential lifetime mismatches. [Ivan Zhakov]
              *) CMake: Install include/apr_encode.h. [Ivan Zhakov]
              *) CMake: Fix installation PDB files with multi-config generators.
                 [Ivan Zhakov]
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer