0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch
removed since it's included in 1.4.64.
with_gdbm, with_memcached
removed since they're not applicable in 1.4.64.
Changelog:
=========
Important changes
remove deprecated modules, bugfixes, CVE-2022-22707 (rare configs)
Behavior Changes
(previously announced and scheduled)
-graceful restart/shutdown timeout changed from 0 (disabled) to 8 seconds
configure an alternative with:
server.feature-flags += ("server.graceful-shutdown-timeout" => 8)
build: lighttpd defaults to -with-pcre2 instead of -with-pcre
pcre2 is current. pcre is no longer maintained.
Explicitly specify -with-pcre in build to use pcre instead of pcre2.
-deprecated modules (previously announced) have been removed
mod_authn_mysql
mod_mysql_vhost
mod_cml
mod_flv_streaming
mod_geoip
mod_trigger_b4_dl
https://wiki.lighttpd.net/Docs_ConfigurationOptions#Deprecated
suggests migration steps for replacements, if needed
Changes from 1.4.63
[core] fix trace issued for loading mod_auth (fixes#3121)
[meson] need -lrt with glibc < 2.17 (fixes#3120)
[core] adjust time jump detection (fixes#3123)
[core] make setrlimit() warn, not fatal
[core] add remote IP to some error msgs (fixes#3122)
[mod_webdav] If-None-Match on non-existent entity
[build] check getxattr before attr_get and -lattr
[doc] SELinux: setsebool -P httpd_setrlimit on
[build] create sha512sum file with release
[build] CI builds now use make -j 2
[core] http_response_send_file() takes const path
[core] use ETag response header to check cachable
[core] add more const to stat_cache_update_entry()
[multiple] remove r->physical.etag
[mod_magnet] interface to http_response_send_file
[build] add headers for sendfile() detect on MacOS
[core] http_response_write_prepare optimization
[core] define static_assert for uClibc (fixes#3127)
[build] -Wno-implicit-fallthrough for ls-hpack
[core] ignore pcre2 "bad JIT option" warning
[build] pcre2: use pkg-config before pcre2-config
[core] http_response_has_error_handler()
[core] consolidate request restart loop check
[core] defer retrieving Last-Modified until needed
[mod_dirlisting] fix logic inversion in cache
[core] mark expect cond in http_response_send_file
[core] connection_handle_read_state() tweak
[core] connection_state_machine_loop() tweaks
[core] connection_state_machine_h2() tweaks
[core] quiet coverity noise
[core] use lower limit for max-fds if !setrlimit
[build] do not check for prctl; HAVE_PRCTL unused
[core] server.core-files support on FreeBSD (fixes#3128)
[mod_extforward] support longer PROXY v2 TLV vec
[mod_webdav] detect truncated copy_file_range()
[mod_webdav] copy_file_range() new in FreeBSD 13
[mod_webdav] copy_file_range() new in FreeBSD 13
[build] feature consistency between build types
[build] cmake build now defaults to C11
[core] CCRandomGenerateBytes() for rand on macOS (fixes#3129)
[multiple] remove long-deprecated modules
[build] default -with-pcre2 unless -with-pcre
[core] "server.graceful-shutdown-timeout" => 8
[build] adjust trace for regex-conditionals
[build] update tests/SConscript
[core] errno_t detection on Illumos
[build] cmake build now defaults to C11
[build] meson: find pcre2 w/o pkg-config
[core] define EXTENSIONS on Illumos
[build] cmake,meson socket libs for win32, Illumos (fixes#3130)
[core] hide bsd_accept_filter code on OpenBSD (fixes#3131)
[core] errno_t and rsize_t detection on Illumos
[mod_webdav] copy acceleration
[mod_webdav] define HAVE_RENAMEAT2 earlier
[build] meson misdetects mempcpy on some platforms
[build] cmake: skip "-Wl,-export-dynamic" Illumos
[build] adjust .gitignore for macOS
[build] meson crypt and dl detection on *BSD (fixes#3133)
[core] /dev/null is a symlink on Illumos (fixes#3132)
[core] server.core-files support for solaris (fixes#3135)
[build] feature consistency between build types
[build] Haiku build fix (fixes#3136)
[lemon] silence coverity warnings
[cmake] raise minimum version to 3.7
[cmake] add address/undefined sanitize compile options
[asan tests] fix memory leaks
[array] use speaking names for array "fn" vtables for better debugging experience
[ci] add cmake-asan build type
[core] buffer_copy_string() use "" if s is NULL
[mod_authn_gssapi] code reuse: fdevent_mkostemp()
[mod_authn_gssapi] reduce KRB5CCNAME mem alloc
[build] adjust help strings for pcre2 default
[core] (const char *) for srvconf.modules_dir
[multiple] remove buffer_init_string()
[multiple] remove buffer_init_buffer()
[mod_extforward] fix out-of-bounds (OOB) write (fixes#3134)
[build] use -fstack-protector-strong w/ extra warn
[build] collect Sun-specific headers and funcs
[build] collect Sun-specific headers and funcs
[build] rm redundant check for -lnetwork on Haiku
[build] check headers before some funcs
[core] allow LISTEN_PID to be ppid if TRACEME (fixes#3137)
[core] allow tests/tmp/bind.conf override (#3137)
[mod_webdav] no sys/ioctl.h on _WIN32
[tests] _WIN32 adjustments in LightyTest.pm
[tests] revert _WIN32 adjustments in LightyTest.pm
[mod_gnutls] lift size check out of DN loop
[mod_mbedtls] lift size check out of DN loop
[mbedtls] save (mbedtls_ssl_config *) in hctx
[multiple] permit UTF-8 in SSL_CLIENT_S_DN_*
[mod_openssl] do not esc UTF-8 in cert subject
[mod_mbedtls] reconstruct SSL_CLIENT_S_DN
[mod_mbedtls] changes to build with mbedtls 3.0.0
[mod_mbedtls] remove use of out_left in mbedtls 3
[mod_mbedtls] mbedtls_ssl_conf_groups for 3.1.0
(From OE-Core rev: 478f5f30bf783fae513dbe6e8be9af9f6ec8a6a8)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
-BREAKING & SECURITY: The archive extraction functions now pass 3 security flags
(SECURE_NODOTDOT, SECURE_NOABSOLUTEPATHS and SECURE_SYMLINKS) to libarchive by
default, unless the current directory is the root.
-BREAKING: The ArchiveEntry properties atime, mtime, ctime, birthtime and size
now have the value None instead of 0 when they're unset.
-BREAKING: The ArchiveEntry.pathname property now attempts to decode bytes using
UTF-8. This breaks reading archives that contain file names which look like
UTF-8 but aren't, if such a thing exists. Proper support of encodings will
probably be added in the next version.
-Multiple entries from the same archive can now be kept in memory, however only
the current entry's content can be read.
-The filetype, linkpath, size, mode, redvmajor, redvminor, uid and gid
attributes of an archive entry can now be modified.
-The four time properties of archive entries now have setters, so for example
entry.set_mtime(0, 0) can be replaced by entry.mtime = 0.
-Archive entries have 4 new properties: perm, rdev, uname and gname.
-When adding files to an archive, a destination path can now be specified.
-The ArchiveRead class now has a bytes_read property.
-The ArchiveWrite class now has a bytes_written property.
-Python 3.6 is no longer tested.
-The documentation has been improved.
(From OE-Core rev: 9adbc075c5a2b396d991144596fd92ebe16d4154)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
v6.4.2
* fix#671 : NoReturn is not avaliable in painfully dead python 3.6
v6.4.1
* fix regression #669: restore get_version signature
* fix#668: harden the selftest for distribution extras
v6.4.0
* compatibility adjustments for setuptools >58
* only put minimal setuptools version into toml extra to warn people with old strict pins
* coorectly handle hg-git self-use
* better mercurial detection
* modernize packaging setup
* python 3.10 support
* better handling of setuptools install command deprecation
* consider pyproject.tomls when running as command
* use list in git describe command to avoid shell expansions while supporting both windows and posix
* add --strip-dev flag to python -m setuptools_scm to print the next guessed version cleanly
* ensure no-guess-dev will fail on bad tags instead of generating invalid versions
* ensure we use utc everywhere to avoid confusion
References:
https://github.com/pypa/setuptools_scm/issues/668https://github.com/pypa/setuptools_scm/issues/669https://github.com/pypa/setuptools_scm/issues/671
(From OE-Core rev: 3ac37c743470ab778bc47110660f3e1b37c534ba)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6.36.0 - 2022-01-19
* This release disallows using typing.Final with from_type() and register_type_strategy().
- Why? Because Final can only be used during class definition. We don’t generate class attributes.
- It also does not make sense as a runtime type on its own.
(From OE-Core rev: 5044bb45748887b01e857554976fe1eeb16921dd)
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ruby's makefiles are rebuilding several items on every invocation,
even if nothing changed, all of which are factored into libruby.so
and cause it to be relinked as well. This does not seem to affect plain
make invocation, but does cause races in make install:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=14695
Rather than figure out how to use make properly and convince upstream
of it, let's just do serial installs and file a bug:
https://bugs.ruby-lang.org/issues/18506
(From OE-Core rev: 1dc5cdf683133d210658eba9a619b737ec95cfe3)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
when using vendor supplied OpenGL stacks no virtual/libgbm may be
provided. An example for this is the Vivante stack for i.MX6.
To get better error message in such cases, add dependency.
(From OE-Core rev: 739b3af0bf1422cdabd13ccac8fbcc60b37d2fa4)
Signed-off-by: Markus Niebel <Markus.Niebel@tq-group.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Appending IMAGE_INSTALL with the kernel and device tree is a bad idea
because it will bring these packages to every images, like a container
image or sysroot image to pivot to, where the kernel artifacts are
not wanted.
Instead use the MACHINE_ESSENTIAL_EXTRA_RDEPENDS which results
in having the kernel artifacts where they should be, part of
packagegroup-core-boot.
(From meta-yocto rev: d4cbe0e43393ec70e98caf006372b5311597d377)
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If BBLAYERS contains a layer providing a package for
virtual/bootloader, building for the beaglebone-yocto machine will
fail. Setting u-boot as the preferred provider for virtual/bootloader
ensures u-boot is choosen and the build succeeds.
(From meta-yocto rev: 2ffbaf54f4d88ba251d282c90755ea964d224ba6)
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some auxiliary u-boot recipes may need u-boot properly configured
(including *.cfg additions via bbappends) but aren't necessarily
building u-boot itself; to support such situations, here we split the
u-boot do_configure() out of u-boot.inc and into its own
u-boot-configure.inc.
(From OE-Core rev: e55e6fb4983a41f74c0e457bf54bd8dfa5608daa)
Signed-off-by: Zev Weiss <zev@bewilderbeest.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-btrfs-tools-include-linux-const.h-to-fix-build-with-.patch
removed since it is included in 5.16
Add 0001-btrfs-progs-kerncompat-add-local-definition-for-alig.patch
to fix "undefined reference to `__ALIGN_KERNEL'".
Changelog:
=========
- rescue: new subcommand clear-uuid-tree to fix failed mount due to bad uuid
subvolume keys, caught by tree-checker
- fi du: skip inaccessible files
- prop: properly resolve to symlink targets
- send, receive: fix crash after parent subvolume lookup errors
- build:
fix build on 5.12+ kernels due to changes in linux/kernel.h
fix build on musl with old kernel headers
- other:
error handling fixes, cleanups, refactoring
extent tree v2 preparatory work
lots of RST documentation updates (last release with asciidoc sources),
https://btrfs.readthedocs.io
(From OE-Core rev: 420191dc951f04b36645ffae2d946b50150feab0)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libavresample has been removed; libswresample is the replacement.
(From OE-Core rev: 5555bca01750024a786a1f78d573d02f12b45686)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove patch as upstream addressed the issue.
(From OE-Core rev: cf11425c460ee4ff6b7ac0221a21b13b2d2b7e1e)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: license clarified to BSD-3-Clause only
(From OE-Core rev: 79201206b5f7867ad7ffd462705f34179b33c0d7)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream review and request to address it got no reaction
from the author, and the patches are an ongoing rebase burden,
so if someone needs this feature, please complete
the upstreaming work first.
(From OE-Core rev: c748945e9c91eb2b83b8a44828f35579bcd09146)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
License-Update: copyright years
(From OE-Core rev: d6515a7f58d0405efea21e3be4158681ed9edbe6)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop patch as issue resolved upstream.
(From OE-Core rev: a8accf2a042f8a8cbba350c6de20152efeddd747)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
