commit bfcc82ecc1e201116b140db006248ccb4519e877 Author: Michael Tremer Date: Thu May 29 10:23:33 2025 +0000 core196: Ship vim Signed-off-by: Michael Tremer commit a6380ebea7900c231abec294d8783e8750ddeb3b Author: Adolf Belka Date: Sat May 24 16:36:54 2025 +0200 vim: Update to version 9.1.1406 - Update from version 9.1.1153 to 9.1.1406 - Update of rootfile - Changelog is not available. Generally each patch version number update is related to a commit entry in the git repository. The details for all the commit changes can be found at https://github.com/vim/vim/commits/master/ Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit f3338972a1a30f9fe9fc60db170c3b17d021f383 Author: Michael Tremer Date: Wed May 28 16:27:10 2025 +0000 core196: Ship dracut Signed-off-by: Michael Tremer commit 084533638e69c7cf94da43fb5d99d3c1a5741b66 Author: Adolf Belka Date: Wed May 28 17:57:40 2025 +0200 ipfire.conf: Fixes bug13836 - Change dracut default to no binary strip Fixes: #13836 Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit b2bd76188198b0d4fd4ee85c55a6ccb5cc38a427 Author: Michael Tremer Date: Wed May 28 14:14:54 2025 +0000 core196: Ship backup.pl Signed-off-by: Michael Tremer commit 5d0b4d3b9df0d93aeb3d2400550c5ee355ba7146 Author: Michael Tremer Date: Wed May 28 14:14:04 2025 +0000 backup: Also update MLKEM configuration if a backup is being restored Signed-off-by: Michael Tremer commit 6ed4634be943fe125b61f0348063016fcacb89ee Author: Michael Tremer Date: Wed May 28 14:11:07 2025 +0000 core196: Don't break IPsec tunnels that use MLKEM The previous patch was changing the string regardless of it having been changed before. The CGI script also has to be called as nobody. Signed-off-by: Michael Tremer commit cb95115f5af2002830cb2bda255133ebb3619f64 Author: Peter Müller Date: Mon May 26 18:28:00 2025 +0000 Core Update 196: Adjust existing IPsec connections using ML-KEM This causes existing IPsec connections using ML-KEM to always use it in conjunction with Curve 25519, in line with the changes dfa7cd2bbac3c746569368d70fefaf1ff4e1fed2 implements for newly configured IPsec connections. Again, we can reasonably assume an IPsec peer supporting ML-KEM also supports Curve 25519. In case such a peer does not support RFC 9370, and the IPsec connection was created using our default ciphers, it will fall back to Curve 448, Curve 25519, or any other traditional algorithm. This patch will break existing IPsec connections only if they are exclusively using ML-KEM (which means the IPFire user reconfigured them manually using the "advanced connection settings" section in the WebUI), and the IPsec peer is configured in the same manner, and/or is an IPFire machine not yet updated to Core Update 196. Any other IPFire-to-IPFire IPsec connection will continue working, potentially falling back to Curve 448 or 25519 until both peers are updated to Core Update 196, after which ML-KEM in conjunction with Curve 25519 will be used again. The second version of this patch modifies IPFire's own configuration file for IPsec connections, rather than applying these changes directly to /etc/ipsec.conf, where they would have been overwritten by the next WebUI change. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 5ed68a18b06ac84e994b1065398370533f59eea0 Author: Peter Müller Date: Mon May 26 18:27:00 2025 +0000 vpnmain.cgi: Use ML-KEM only as a hybrid with Curve 25519 In commit 887778e0888d51eb9942ae310a43f6d2813efad3, the post-quantum key exchange algorithm ML-KEM was introduced, due to its support being added in strongSwan 6.0. However, using PQC key exchanges is commonly recommended only in conjunction with a traditional one, to avoid encrypted traffic becoming subject to trivial decryption in case a PQC algorithm proves weak, broken, or backdoored. OpenSSH, for instance, combines ML-KEM 768 with Curve 25519 (mlkem768x25519-sha256), rather than using ML-KEM alone. This patch changes the cipher suites offered for IPsec connections to always use ML-KEM as a hybrid with Curve 25519. This is possible due to strongSwan 6.0 having added support for IKE intermediary key exchanges (RFC 9370); see https://docs.strongswan.org/docs/latest/config/proposals.html#_key_exchange_methods for additional information. We can reasonably assume an IPsec peer supporting ML-KEM will also support Curve 25519, as this has been around for much longer, and is used quite commonly. Even if this is not the case, or if the IPsec peer does not implement RFC 9370, any IPsec connection using our default cipher selection will fall back to Curve 448, Curve 25519, or other, hence continue working. IPsec connections already created will need their ciphers to be changed once during the Core Update routine where this patch will be incorporated. Tested-by: Peter Müller Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 23026ecc8531dfc41bd4cd7ca909b023f6fdc9a7 Author: Michael Tremer Date: Wed May 28 09:27:44 2025 +0000 core196: Ship header.pl Signed-off-by: Michael Tremer commit 1a89896a79d0060e08df287f9c4536dba12927d3 Author: Stephen Cuka Date: Wed May 28 00:42:23 2025 -0600 header.pl: Fixbug13857 - Disable Blue Access submenu if no BLUE network - Fix reference to BlueAccess menu item so that it is disabled when BLUE network is not in use. Signed-off-by: Stephen Cuka Signed-off-by: Michael Tremer commit 313b34669c2d67635a473b6e3fa2ed5c593fc4c4 Author: Michael Tremer Date: Tue May 27 16:42:52 2025 +0000 core196: Ship boost Signed-off-by: Michael Tremer commit fc06f52f68902906b8e5efbff3b5a82545515d61 Author: Adolf Belka Date: Tue May 27 16:25:10 2025 +0200 boost: Update to version 1.88.0 - Update from version 1.83.0 to 1.88.0 - Update of rootfiles for all architectures - Changelogs are very large so urls provided for each release changelog 1.88.0 https://www.boost.org/releases/1.88.0/ 1.87.0 https://www.boost.org/releases/1.87.0/ 1.86.0 https://www.boost.org/releases/1.86.0/ 1.85.0 https://www.boost.org/releases/1.85.0/ 1.84.0 https://www.boost.org/releases/1.84.0/ Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 9bb052e28681b38dff98eb0567062352c2df74c4 Author: Adolf Belka Date: Tue May 27 10:28:32 2025 +0200 collectd: Remove old version patches no longer used Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit b3ca9cff8c939ae48e0036cda2203014917fb1cf Merge: f40e60082 333174d19 Author: Michael Tremer Date: Mon May 26 10:00:23 2025 +0000 Merge branch 'master' into next commit 333174d19fefb7262b0a8bd6359c9f14f767b392 Author: Roberto Peña Date: Mon May 26 09:56:42 2025 +0000 langs: Update Spanish translation https://community.ipfire.org/t/es-pl-updated-with-new-changes-wireguard-and-other/14107 Signed-off-by: Michael Tremer commit f40e600822ce836e82e8a46adba94cf3695eb72d Author: Michael Tremer Date: Mon May 26 11:47:21 2025 +0200 core196: Ship index.cgi and WireGuard changes Signed-off-by: Michael Tremer commit e35e6588673396fdaa3f33b25cd3075c0da9d577 Author: Michael Tremer Date: Mon May 26 11:46:35 2025 +0200 core196: Sort filelist alphanumerically Signed-off-by: Michael Tremer commit c00e6e49c3cd0ba0fa3826539c251d757f41bc9a Author: Michael Tremer Date: Mon May 26 11:45:34 2025 +0200 index.cgi: Use correct string for "WireGuard" Signed-off-by: Michael Tremer commit 8277dec16614df36ed0bd6f687ce244c2d243c62 Author: Michael Tremer Date: Mon May 26 11:44:30 2025 +0200 index.cgi: Translate "Online" Signed-off-by: Michael Tremer commit 9f1f3da8f5866098177edd68ef50b238a3dadf6a Author: Michael Tremer Date: Mon May 26 11:39:28 2025 +0200 index.cgi: Show the WireGuard client pool This is in line with the other Roadwarrior pools. Signed-off-by: Michael Tremer commit c29a07b2ee505811a6cd78ca643bf816beb77375 Author: Michael Tremer Date: Mon May 26 11:38:57 2025 +0200 index.cgi: Show WireGuard status using the function library The settings file is also loaded all the time and we don't need to load it again. Signed-off-by: Michael Tremer commit 5d14f5c10e43c3440e97f6ecc28d4b10709a0e07 Author: Adolf Belka Date: Sun May 25 13:35:01 2025 +0200 index.cgi: Add wireguard status to home screen - This fix adds a wireguard line to show when it is enabled. - This fix does not show a table for any net2net connections that are enabled. I have started working on that but as I only have an OpenVPN n2n connection in place, I can't test out the copy of the ipsec n2n code section that I have made. I need to get ipsec and wireguard n2n connections working first. - If someone else wants to provide a patch for the wireguard n2n connections tables I have no problems with that. If not then I will submit one when I have been able to test it. Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit fbbaa19d13a828a98170fb3b23330189e9eed1d5 Author: Michael Tremer Date: Mon May 26 11:31:54 2025 +0200 wireguard-functions.pl: Add a simple function to check if enabled Signed-off-by: Michael Tremer commit 08511b2750fd664970015f3a9bf5ffb81cdcfae9 Merge: f263d9e25 be068416c Author: Michael Tremer Date: Mon May 26 09:19:54 2025 +0000 Merge branch 'master' into next commit be068416ca90777a9bf8a473f2b89d994d8d69f5 Author: Michael Tremer Date: Mon May 26 09:12:52 2025 +0000 core195: Ship manual pages for the web UI Signed-off-by: Michael Tremer commit 36112ab9b8c127d529bf205edf19cb0d4f202e3d Author: Adolf Belka Date: Sat May 17 14:12:17 2025 +0200 manualpages: Fixes bug13849 - adds manual link to wireguard page Fixes: bug13849 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit f263d9e25d5c0ea75fc9ebf933b8145de8a796b3 Author: Michael Tremer Date: Mon May 26 09:10:34 2025 +0000 core196: Ship texinfo Signed-off-by: Michael Tremer commit e0151f9d178d649eeea3d7ac0667c6f2d2c4e63c Author: Adolf Belka Date: Sat May 24 16:36:53 2025 +0200 texinfo: Update to version 7.2 - Update from version 7.1.1 to 7.2 - Update of rootfile - Changelog 7.2 * Build . "make install" installs files for texi2any under $datadir/texi2any, not $datadir/texinfo. * texinfo.tex . use @ as the escape character in all index files. this requires new enough texi2dvi (Texinfo 6.7, 2019) for index files to be properly processed. . a bug has been fixed where a mangled PDF outline could be produced for a document using @unnumberedsec . you can call @unmacro with an undefined macro name, matching the behavior of texi2any * texi2any . set CHECK_NORMAL_MENU_STRUCTURE by default. this means texi2any again checks menu structure by default (changed in 6.8 release, 2021). . only allow @definfoenclose to be used to redefine highlighting commands . sorting of indices is now independent of the input or output encodings . new customization variable COLLATION_LANGUAGE to allow linguistic tailoring of index sorting . new variable DOCUMENTLANGUAGE_COLLATION to use @documentlanguage for linguistic tailoring of index sorting . new variable USE_UNICODE_COLLATION to allow turning off the slower use of Unicode collation when sorting indices . rename BODYTEXT customization variable to BODY_ELEMENT_ATTRIBUTES . rename COMPLEX_FORMAT_IN_TABLE customization variable to INDENTED_BLOCK_COMMANDS_IN_TABLE . remove the following variables: AVOID_MENU_REDUNDANCY, FRAMES, FRAMESET_DOCTYPE, NO_USE_SETFILENAME, SILENT, USE_UP_NODE_FOR_ELEMENT_UP . remove SIMPLE_MENU variable and tree transformation . the use of the directories ~/.texinfo and ~/.texi2any for configuration files is deprecated, and should be replaced by texinfo or texi2any directories under XDG_CONFIG_HOME (usually ~/.config/). the new locations are compatible with the XDG Base Directory Specification. in future versions, the ~/.texinfo and ~/.texi2any directories will not be in search paths. . do not try the us-ascii encoding anymore as a locale for translated document strings. . some unused translation files have been removed for the `texinfo_document' domain . Info output: . output Info-documentlanguage in Local Variables section of output file if @documentlanguage is given . HTML, Texinfo and raw text output: . an implementation of the conversion in C has been included, which is much faster than the code in Perl. set the `TEXINFO_XS_CONVERT' environment variable to 1 to use. . HTML output: . CHECK_HTMLXREF set by default for warnings about links to unknown external manuals . you can use the MATHJAX_CONFIGURATION customization variable to add data to the MathJax configuration object . warn if there is a .inf or .info suffix for cross-reference manual . use 
 instead of 
 for output of @displaymath
                  . remove border, cellpadding, cellspacing and align attributes.  add
                    classes and use CSS when needed.
              . EPUB output:
                  . stricter conformance for conformance checkers
            * info
              . check for init file under XDG_CONFIG_HOME/texinfo/infokey after
                checking ~/.infokey, in accordance with the XDG Base Directory
                Specification
            * Distribution
              . automake 1.17, autoconf 2.72, gettext 0.22.5, libtool 2.5.3
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 80de694468867ef5d16aaa71a0c75179921079c9
Author: Michael Tremer 
Date:   Mon May 26 09:09:54 2025 +0000

    core196: Ship gperf
    
    Signed-off-by: Michael Tremer 

commit f6e011f7a1b237ab7f34867c112d64fa26b89c59
Author: Adolf Belka 
Date:   Sat May 24 16:36:48 2025 +0200

    gperf: Update to version 3.3
    
    - Update from version 3.1 to 3.3
    - Update of rootfile not required
    - Changelog
        3.3
            * Speedup: gperf is now between 2x and 2.5x faster.
        3.2.1
            * The generated code avoids -Wundef warnings in C++ mode.
        3.2
            * The input file may now use Windows line terminators (CR/LF) instead of
              Unix line terminators (LF).
              Note: This is an incompatible change. If you want to use a keyword that
              ends in a CR byte, such as xyz, write it as "xyz\r".
            * The generated code avoids several types of warnings:
              - "implicit fallthrough" warnings in 'switch' statements.
              - "unused parameter" warnings regarding 'str' or 'len'.
              - "missing initializer for field ..." warnings.
              - "zero as null pointer constant" warnings.
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit dd1b1a5a6bde8421de9f03d701700418c6c23a6c
Author: Michael Tremer 
Date:   Mon May 26 09:09:26 2025 +0000

    core196: Ship elfutils
    
    Signed-off-by: Michael Tremer 

commit c20770f0c4eb02ef5d04e81bc9133aaff684c3ed
Author: Adolf Belka 
Date:   Sat May 24 16:36:47 2025 +0200

    elfutils: Update to version 0.193
    
    - Update from version 0.192 to 0.193
    - Update of rootfile
    - Changelog
        0.193
            debuginfod: Add CORS (webapp access) support to webapi and --cors option.
                        Add --listen-address option for binding the HTTP listen socket
                         to a specific IPv4 or IPv6 address.
                        debuginfod client now caches x-debuginfod-* HTTP headers
                         alongside downloaded files.
            libdw: Add dwarf_language and dwarf_language_lower_bound functions.
                   Improved support for DWARF6 language metadata as well as DWARF
                    language constants for Nim, Dylan, Algol68, V and Mojo.
                   dwarf_srclang is now forward-compatible with DWARF6 language
                    constants.
            libdwfl_stacktrace: Experimental new library interface for unwinding
                                stack samples into call chains, and tracking and
                                caching Elf data for multiple processes, building
                                on libdwfl.  Initially supports perf_events stack
                                sample data.
            libelf: elf_scnshndx has been rewritten to be more robust, particularily
                    for ELF files with more than 64K sections.
            readelf: Improved handling of corrupt ELF data.
                     --section-headers output now includes a "Key to Flags" explaining
                     section flag meanings.
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 6d9b3ab61e491c65469d2dbf1eb1212ba9fd8268
Author: Michael Tremer 
Date:   Mon May 26 09:07:14 2025 +0000

    Revert "libgcrypt: Update to version 1.11.1"
    
    This reverts commit 9b163cfe595d0215957e6ef06ea34780c207d1a6.
    
    This package FTBFS on riscv64. A header file with special SIMD functions
    has not been shipped with the release tarball. This has been fixed
    upstream, but a new tarball has not been released. yet:
    
      https://github.com/gpg/libgcrypt/commit/b100dd25eb6821d58851c2b802bfe9ef2f441228
    
    Signed-off-by: Michael Tremer 

commit 6351c81763fa3c4b198a1751b0b6cbea6e6d1e25
Author: Adolf Belka 
Date:   Fri May 23 18:03:44 2025 +0200

    screen: Update to version 5.0.1
    
    - This v2 version is with the correct tarball, without the binary object files.
    - Update from version 5.0.0 to 5.0.1
    - Update of rootfile
    - 5 CVE fixes included in this version
    - Changelog
        5.0.1
            Security fix
                CVE-2025-46805: do NOT send signals with root privileges
                CVE-2025-46804: avoid file existence test information leaks
                CVE-2025-46803: apply safe PTY default mode of 0620
                CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
                CVE-2025-23395: reintroduce lf_secreopen() for logfile
                buffer overflow due bad strncpy()
                uninitialized variables warnings
                typos
                combining char handling that could lead to a segfault
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 50ce4246c034fe21ddf2ff49597bcbb07473f34d
Author: Michael Tremer 
Date:   Sun May 25 11:54:54 2025 +0000

    core196: Ship whois
    
    Signed-off-by: Michael Tremer 

commit b30a24ead88befb8f2604e1edb1d3f62a536eadb
Author: Adolf Belka 
Date:   Sat May 24 16:36:55 2025 +0200

    whois: Update to version 5.6.1
    
    - Update from version 5.5.23 to 5.6.1
    - Update of rootfile not required
    - Changelog
        5.6.1
              * Added the .pg TLD server.
              * Updated the .gov, .mu, .中国 (.xn--fiqs8s) and .中國 (.xn--fiqz9s)
                TLD servers.
              * Removed the .jobs TLD server.
              * Added the encodings for whois.afrinic.net and whois.apnic.net.
              * Enabled the UTF-8 encoding for whois.ripe.net.
              * Use the last ReferralServer returned by the ARIN server instead of
                the first, because we want to follow the referral for the most
                specific record returned.
              * Make sure to avoid trivial referral loops.
        5.6.0
              * Fixed the mangling of RADB queries with commands.
              * Implemented the parsing of more variants of ARIN's ReferralServer
                field.
              * Implemented following the APNIC pseudo-referrals.
              * Added the .ad and .za TLD servers.
              * Updated the .ao, .bz, .gi, .gq, .gr, .gw, .lc, .md, .pn, .pr, .uy, .vc,
                .info, .mobi, .ελ (.xn--qxam, Greece) and .გე (.xn--node, Georgia) TLD
                servers.
              * Added 2410::/12.
              * Removed 7 new gTLDs which are no longer active.
              * Cleaned up the markup of the man pages, courtesy of Bjarni Ingi
                Gislason. (Closes: #1036826, #1094208)
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit ae7baa15abd118c975e26291864b9eb69964f46b
Author: Michael Tremer 
Date:   Sun May 25 11:54:36 2025 +0000

    core196: Ship meson
    
    Signed-off-by: Michael Tremer 

commit fb3374d22e7d7ab0a790245a7b71ff5eaf2bb916
Author: Adolf Belka 
Date:   Sat May 24 16:36:52 2025 +0200

    meson: Update to version 1.8.0
    
    - Update from version 1.6.0 to 1.8.0
    - Update of rootfile
    - Changelog
        1.8.0
            https://mesonbuild.com/Release-notes-for-1-8-0.html
        1.7.0
            https://mesonbuild.com/Release-notes-for-1-7-0.html
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 01c46944656652c8560a88526884ffb9aaf687de
Author: Michael Tremer 
Date:   Sun May 25 11:54:13 2025 +0000

    core196: Ship man
    
    Signed-off-by: Michael Tremer 

commit 185bd11debd6d32042f29a50e51ed132fb5724cc
Author: Adolf Belka 
Date:   Sat May 24 16:36:51 2025 +0200

    man: Update to version 2.13.1
    
    - Update from version 2.13.0 to 2.13.1
    - Update of rootfile
    - Changelog
        2.13.1
            Fixes:
             * Fix various minor formatting issues in manual pages.
             * Tolerate additional spaces in preprocessor strings.
             * Fix check for generated source files in out-of-tree builds.
             * Fix building with the `musl` C library.
            Improvements:
             * Recognize another Ukrainian translation of the `NAME` section.
             * Increase the maximum size of the `NAME` section from 8192 to 16384 bytes.
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit fe58fcee44b1aefb8340a89917653272a736e4e1
Author: Michael Tremer 
Date:   Sun May 25 11:53:54 2025 +0000

    core196: Ship libconfig
    
    Signed-off-by: Michael Tremer 

commit 8962704ad172f44fda8b25ec581dd7110821f4fc
Author: Adolf Belka 
Date:   Sat May 24 16:36:50 2025 +0200

    libconfig: Update to version 1.8
    
    - Update from version 1.7.3 to 1.8
    - Update of rootfile
    - Changelog
        1.8
              - Added support for binary integer values
              - Miscellaneous code cleanup
        1.7.4
              - Handle malloc failures by calling a fatal error handler
              - New API to provide alternative fatal error handler
              - Bugfixes to lookup (by name or path) routines
              - Bugfixes to APIs with inconsistent const-ness
              - Bugfixes to APIs with inconsistent use of short/unsigned short
              - Bugfixes to int/int64 auto-conversion
              - Various cleanup/fixes to build files
              - Added some unit tests
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 999b263bfd0f76b82732dd07ab6edea908ecab33
Author: Michael Tremer 
Date:   Sun May 25 11:53:30 2025 +0000

    core196: Ship less
    
    Signed-off-by: Michael Tremer 

commit 5dd84ae0ffef528a2e497a90effcf61b465c2d68
Author: Adolf Belka 
Date:   Sat May 24 16:36:49 2025 +0200

    less: Update to version 678
    
    - Update from version 668 to 678
    - Update of rootfile not required
    - Changelog
        678
            * Treat -r in LESS environment variable as -R.
            * Add ESC-j and ESC-k commands (github #560).
            * Add --no-paste option (github #523).
            * Add --no-edit-warn option (github #513).
            * Add --form-feed option (github #496).
            * Add ESC-b command (github #615).
            * Make TAB complete option name in -- command (github #531).
            * Update the file size on an attempt to go past end of file.
            * Make -R able to pass through any OSC escape sequences,
              not just OSC 8 (github #504).
            * Setting LESS_IS_MORE=0 now disables "more" compatibility even
              if invoked via a file link named "more" (github #500).
            * Pass through escape sequences in prompts even if -R is not set.
            * Add LESS_SHELL_LINES to support shell prompts which use more than
              one line (github #514).
            * Add LESSANSIOSCALLOW to define OSC types which may be passed through.
            * Add LESSANSIOSCCHARS to define non-standard OSC intro chars.
            * Add LESS_SIGUSR1 to define user signal handler (github #582).
            * Add mouse and mouse6 commands to lesskey (github #569).
            * Improve behavior of ^O^N and ^O^P commands.
            * Leave stty tabs setting unchanged (github #620).
            * Fix unexpected behavior when entering a partial command followed by
              a valid command (github #543).
            * Fix bug when coloring prompt string with SGR sequences (github #516).
            * Fix bug when searching for text near an invalid UTF-8 sequence (github #542).
            * Fix display bug when file contains ESC followed by NUL (github #550).
            * Fix bug when using +:n +:p +:x or +:d on the command line (github #552).
            * Fix bug with --no-number-headers when header is not at start of file
              (github #566).
            * Fix bug where lesstest fails if window is resized (github #570).
            * Fix bug using "configure --with-secure=no" (github #584).
            * Fix bug using multibyte command chars (github #595).
            * Fix auto_wrap setting on Windows (github #497).
            * Fix two bugs using ^S search modifier (github #605).
            * Fix bug searching for UTF-8 strings with the PCRE2 library (github #610).
            * Fix bug highlighting OSC 8 links when opening a new file.
            * Fix bug when & filtering is active (github #618).
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit 09756a89b5b524a5a74224c894decdc48a19b9f9
Author: Michael Tremer 
Date:   Sun May 25 11:53:12 2025 +0000

    core196: Ship bc
    
    Signed-off-by: Michael Tremer 

commit e3e6e0833389e44a8a3d42ed1582c087329c2ca1
Author: Adolf Belka 
Date:   Sat May 24 16:36:46 2025 +0200

    bc: Update to version 1.08.1
    
    - Update from version 1.07.1 to 1.08.1
    - Update of rootfile not required
    - Changelog
        1.08.1
                Fix a formatting botch in doc/bc.1 (which was rendered as blank lines at
                the top of the page).
        1.08.0
                Streamlined the build process; should now be better behaved for those
                  doing cross-compilation builds.
                Made some minor improvements to the documentation.
    
    Signed-off-by: Adolf Belka 
    Signed-off-by: Michael Tremer 

commit d7a8188d38ba40cd091754533a44612729081240
Author: Michael Tremer 
Date:   Sun May 25 11:52:14 2025 +0000

    core196: Ship ipblocklist-functions.pl
    
    Signed-off-by: Michael Tremer 

commit 476277d0febf510489c314bc950f91ec6efb717b
Author: Stefan Schantl 
Date:   Sat May 24 10:14:36 2025 +0200

    ipblocklist-functions.pl: Allow downloading empty blocklists
    
    Some blocklist providers does serve blocklists for current events or
    with very limited updates. Therefore there is a chance such a blocklist
    could be empty for a certain time.
    
    This patch allows to replace an existing filled blocklist by an empty
    one and vice versa.
    
    Fixes #13804.
    
    Signed-off-by: Stefan Schantl 
    Signed-off-by: Michael Tremer 

commit d58f2de9efd78285b82940ab516dfbbe3d152e3b
Author: Michael Tremer 
Date:   Fri May 23 15:23:25 2025 +0000

    dnsdist: Update to 1.9.10
    
    We released PowerDNS DNSdist 1.9.10 today, fixing several bugs including a security issue tracked as CVE-2025-30193 where a remote, unauthenticated attacker can cause a denial of service via a crafted TCP connection. The issue was reported to us via our public IRC channel so once it was clear that the issue had a security impact we prepared to release a new version as soon as possible.
    
    While we advise upgrading to a fixed version, a work-around is to temporarily restrict the number of queries that DNSdist is willing to accept over a single incoming TCP connection, via the setMaxTCPQueriesPerConnection directive. Setting it to 50 is a safe choice that does not impact performance in our tests.
    
    https://www.dnsdist.org/changelog.html#change-1.9.10
    
    Signed-off-by: Michael Tremer