diff --git a/build/bhyve-fw/build.sh b/build/bhyve-fw/build.sh index 68f6f5c4ba..e69ded11d7 100755 --- a/build/bhyve-fw/build.sh +++ b/build/bhyve-fw/build.sh @@ -23,7 +23,7 @@ BUILD_DEPENDS_IPS=" PROG=uefi-edk2 PKG=system/bhyve/firmware -VER=20230201 +VER=20230801 SUMMARY="UEFI-EDK2(+CSM) firmware for bhyve" DESC="$SUMMARY" @@ -47,7 +47,7 @@ trap "pkill -T0; exit" SIGINT # Build the UEFI firmware -tag=il-edk2-stable202302-1 +tag=il-edk2-stable202308-1 XFORM_ARGS+=" -D UEFITAG=$tag" typeset -A jobs diff --git a/build/openssh/build.sh b/build/openssh/build.sh index ebfc98825e..7874115e25 100755 --- a/build/openssh/build.sh +++ b/build/openssh/build.sh @@ -18,7 +18,7 @@ . ../../lib/build.sh PROG=openssh -VER=9.4p1 +VER=9.5p1 PKG=network/openssh SUMMARY="OpenSSH Client and utilities" DESC="OpenSSH Secure Shell protocol Client and associated Utilities" diff --git a/build/openssh/patches/0006-GSS-store-creds-for-Solaris.patch b/build/openssh/patches/0006-GSS-store-creds-for-Solaris.patch index c12f1ceadb..1fdccd2966 100644 --- a/build/openssh/patches/0006-GSS-store-creds-for-Solaris.patch +++ b/build/openssh/patches/0006-GSS-store-creds-for-Solaris.patch @@ -6,7 +6,7 @@ Subject: [PATCH 06/34] GSS store creds for Solaris diff -wpruN --no-dereference '--exclude=*.orig' a~/configure.ac a/configure.ac --- a~/configure.ac 1970-01-01 00:00:00 +++ a/configure.ac 1970-01-01 00:00:00 -@@ -1151,6 +1151,9 @@ mips-sony-bsd|mips-sony-newsos4) +@@ -1157,6 +1157,9 @@ mips-sony-bsd|mips-sony-newsos4) ], ) TEST_SHELL=$SHELL # let configure find us a capable shell diff --git a/build/openssh/patches/0008-Add-DisableBanner-option.patch b/build/openssh/patches/0008-Add-DisableBanner-option.patch index 7a14685a78..bbdbecb326 100644 --- a/build/openssh/patches/0008-Add-DisableBanner-option.patch +++ b/build/openssh/patches/0008-Add-DisableBanner-option.patch @@ -21,7 +21,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/readconf.c a/readconf.c { "tunnel", oTunnel }, { "tunneldevice", oTunnelDevice }, { "localcommand", oLocalCommand }, -@@ -1005,6 +1011,17 @@ parse_multistate_value(const char *arg, +@@ -1006,6 +1012,17 @@ parse_multistate_value(const char *arg, return -1; } @@ -39,9 +39,9 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/readconf.c a/readconf.c /* * Processes a single option line as used in the configuration files. This * only sets those values that have not already been set. -@@ -2280,6 +2297,13 @@ parse_pubkey_algos: - intptr = &options->required_rsa_size; - goto parse_int; +@@ -2323,6 +2340,13 @@ parse_pubkey_algos: + *intptr = value; + break; +#ifdef DISABLE_BANNER + case oDisableBanner: @@ -53,7 +53,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/readconf.c a/readconf.c case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); -@@ -2516,6 +2540,9 @@ initialize_options(Options * options) +@@ -2559,6 +2583,9 @@ initialize_options(Options * options) options->stdin_null = -1; options->fork_after_authentication = -1; options->proxy_use_fdpass = -1; @@ -63,7 +63,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/readconf.c a/readconf.c options->ignored_unknown = NULL; options->num_canonical_domains = 0; options->num_permitted_cnames = 0; -@@ -2718,6 +2745,10 @@ fill_default_options(Options * options) +@@ -2762,6 +2789,10 @@ fill_default_options(Options * options) options->canonicalize_fallback_local = 1; if (options->canonicalize_hostname == -1) options->canonicalize_hostname = SSH_CANONICALISE_NO; @@ -77,8 +77,8 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/readconf.c a/readconf.c diff -wpruN --no-dereference '--exclude=*.orig' a~/readconf.h a/readconf.h --- a~/readconf.h 1970-01-01 00:00:00 +++ a/readconf.h 1970-01-01 00:00:00 -@@ -182,6 +182,9 @@ typedef struct { - int enable_escape_commandline; /* ~C commandline */ +@@ -183,6 +183,9 @@ typedef struct { + int obscure_keystroke_timing_interval; char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ +#ifdef DISABLE_BANNER @@ -87,9 +87,9 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/readconf.h a/readconf.h } Options; #define SSH_PUBKEY_AUTH_NO 0x00 -@@ -222,6 +225,12 @@ typedef struct { - #define SSH_STRICT_HOSTKEY_YES 2 - #define SSH_STRICT_HOSTKEY_ASK 3 +@@ -228,6 +231,12 @@ typedef struct { + #define SSH_KEYSTROKE_CHAFF_MIN_MS 1024 + #define SSH_KEYSTROKE_CHAFF_RNG_MS 2048 +#ifdef DISABLE_BANNER +#define SSH_DISABLEBANNER_NO 0 diff --git a/build/openssh/patches/0010-PAM-enhancements-for-Solaris.patch b/build/openssh/patches/0010-PAM-enhancements-for-Solaris.patch index 9b534691ad..cac43dda11 100644 --- a/build/openssh/patches/0010-PAM-enhancements-for-Solaris.patch +++ b/build/openssh/patches/0010-PAM-enhancements-for-Solaris.patch @@ -161,7 +161,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/auth.h a/auth.h diff -wpruN --no-dereference '--exclude=*.orig' a~/auth2.c a/auth2.c --- a~/auth2.c 1970-01-01 00:00:00 +++ a/auth2.c 1970-01-01 00:00:00 -@@ -294,9 +294,17 @@ input_userauth_request(int type, u_int32 +@@ -301,9 +301,17 @@ input_userauth_request(int type, u_int32 #endif } #ifdef USE_PAM @@ -180,7 +180,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/auth2.c a/auth2.c ssh_packet_set_log_preamble(ssh, "%suser %s", authctxt->valid ? "authenticating " : "invalid ", user); setproctitle("%s%s", authctxt->valid ? user : "unknown", -@@ -331,6 +339,18 @@ input_userauth_request(int type, u_int32 +@@ -338,6 +346,18 @@ input_userauth_request(int type, u_int32 /* try to authenticate user */ m = authmethod_lookup(authctxt, method); if (m != NULL && authctxt->failures < options.max_authtries) { @@ -199,7 +199,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/auth2.c a/auth2.c debug2("input_userauth_request: try method %s", method); authenticated = m->userauth(ssh, method); } -@@ -356,6 +376,10 @@ userauth_finish(struct ssh *ssh, int aut +@@ -363,6 +383,10 @@ userauth_finish(struct ssh *ssh, int aut char *methods; int r, partial = 0; @@ -210,7 +210,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/auth2.c a/auth2.c if (authenticated) { if (!authctxt->valid) { fatal("INTERNAL ERROR: authenticated invalid user %s", -@@ -379,6 +403,25 @@ userauth_finish(struct ssh *ssh, int aut +@@ -386,6 +410,25 @@ userauth_finish(struct ssh *ssh, int aut } if (authenticated && options.num_auth_methods != 0) { @@ -236,7 +236,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/auth2.c a/auth2.c if (!auth2_update_methods_lists(authctxt, method, submethod)) { authenticated = 0; partial = 1; -@@ -396,7 +439,19 @@ userauth_finish(struct ssh *ssh, int aut +@@ -403,7 +446,19 @@ userauth_finish(struct ssh *ssh, int aut return; #ifdef USE_PAM @@ -335,7 +335,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/monitor.c a/monitor.c struct sshbuf *m; if ((m = sshbuf_new()) == NULL) -@@ -797,6 +839,11 @@ mm_answer_pwnamallow(struct ssh *ssh, in +@@ -802,6 +844,11 @@ mm_answer_pwnamallow(struct ssh *ssh, in monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); @@ -347,7 +347,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/monitor.c a/monitor.c #ifdef USE_PAM if (options.use_pam) monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1); -@@ -820,6 +867,27 @@ int mm_answer_auth2_read_banner(struct s +@@ -825,6 +872,27 @@ int mm_answer_auth2_read_banner(struct s return (0); } @@ -472,7 +472,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.c a/servconf.c { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL }, -@@ -2575,6 +2600,37 @@ process_server_config_line_depth(ServerO +@@ -2590,6 +2615,37 @@ process_server_config_line_depth(ServerO } goto parse_time; @@ -513,7 +513,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.c a/servconf.c diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.h a/servconf.h --- a~/servconf.h 1970-01-01 00:00:00 +++ a/servconf.h 1970-01-01 00:00:00 -@@ -73,6 +73,10 @@ struct listenaddr { +@@ -71,6 +71,10 @@ struct listenaddr { struct addrinfo *addrs; }; @@ -524,7 +524,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.h a/servconf.h typedef struct { u_int num_ports; u_int ports_from_cmdline; -@@ -225,6 +229,12 @@ typedef struct { +@@ -223,6 +227,12 @@ typedef struct { u_int num_auth_methods; char **auth_methods; diff --git a/build/openssh/patches/0013-Solaris-Auditing-support.patch b/build/openssh/patches/0013-Solaris-Auditing-support.patch index c706cbac24..b7a5299e3a 100644 --- a/build/openssh/patches/0013-Solaris-Auditing-support.patch +++ b/build/openssh/patches/0013-Solaris-Auditing-support.patch @@ -699,7 +699,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/audit.h a/audit.h diff -wpruN --no-dereference '--exclude=*.orig' a~/configure.ac a/configure.ac --- a~/configure.ac 1970-01-01 00:00:00 +++ a/configure.ac 1970-01-01 00:00:00 -@@ -1751,7 +1751,7 @@ AC_ARG_WITH([libedit], +@@ -1757,7 +1757,7 @@ AC_ARG_WITH([libedit], AUDIT_MODULE=none AC_ARG_WITH([audit], @@ -708,7 +708,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/configure.ac a/configure.ac [ AC_MSG_CHECKING([for supported audit module]) case "$withval" in -@@ -1788,6 +1788,13 @@ AC_ARG_WITH([audit], +@@ -1794,6 +1794,13 @@ AC_ARG_WITH([audit], SSHDLIBS="$SSHDLIBS -laudit" AC_DEFINE([USE_LINUX_AUDIT], [1], [Use Linux audit module]) ;; diff --git a/build/openssh/patches/0015-Enable-login-to-a-role-if-PAM-is-ok-with-it.patch b/build/openssh/patches/0015-Enable-login-to-a-role-if-PAM-is-ok-with-it.patch index de8b05793f..2d596bae8b 100644 --- a/build/openssh/patches/0015-Enable-login-to-a-role-if-PAM-is-ok-with-it.patch +++ b/build/openssh/patches/0015-Enable-login-to-a-role-if-PAM-is-ok-with-it.patch @@ -78,7 +78,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/auth2-hostbased.c a/auth2-hos diff -wpruN --no-dereference '--exclude=*.orig' a~/auth2.c a/auth2.c --- a~/auth2.c 1970-01-01 00:00:00 +++ a/auth2.c 1970-01-01 00:00:00 -@@ -402,6 +402,14 @@ userauth_finish(struct ssh *ssh, int aut +@@ -409,6 +409,14 @@ userauth_finish(struct ssh *ssh, int aut #endif } @@ -96,7 +96,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/auth2.c a/auth2.c diff -wpruN --no-dereference '--exclude=*.orig' a~/monitor.c a/monitor.c --- a~/monitor.c 1970-01-01 00:00:00 +++ a/monitor.c 1970-01-01 00:00:00 -@@ -386,6 +386,12 @@ monitor_child_preauth(struct ssh *ssh, s +@@ -391,6 +391,12 @@ monitor_child_preauth(struct ssh *ssh, s } } @@ -109,7 +109,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/monitor.c a/monitor.c if (!authctxt->valid) fatal_f("authenticated invalid user"); if (strcmp(auth_method, "unknown") == 0) -@@ -589,14 +595,16 @@ monitor_reset_key_state(void) +@@ -594,14 +600,16 @@ monitor_reset_key_state(void) { /* reset state */ free(key_blob); @@ -127,7 +127,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/monitor.c a/monitor.c hostbased_chost = NULL; } -@@ -1069,6 +1077,11 @@ mm_answer_pam_account(struct ssh *ssh, i +@@ -1074,6 +1082,11 @@ mm_answer_pam_account(struct ssh *ssh, i if (!options.use_pam) fatal("%s: PAM not enabled", __func__); diff --git a/build/openssh/patches/0018-Per-session-xauthfile.patch b/build/openssh/patches/0018-Per-session-xauthfile.patch index c334a56e84..ec6e68da1d 100644 --- a/build/openssh/patches/0018-Per-session-xauthfile.patch +++ b/build/openssh/patches/0018-Per-session-xauthfile.patch @@ -196,7 +196,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/session.c a/session.c static char * sig2name(int sig) { -@@ -2446,6 +2569,9 @@ session_close(struct ssh *ssh, Session * +@@ -2453,6 +2576,9 @@ session_close(struct ssh *ssh, Session * free(s->auth_display); free(s->auth_data); free(s->auth_proto); @@ -206,7 +206,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/session.c a/session.c free(s->subsys); if (s->env != NULL) { for (i = 0; i < s->num_env; i++) { -@@ -2701,6 +2827,10 @@ do_cleanup(struct ssh *ssh, Authctxt *au +@@ -2708,6 +2834,10 @@ do_cleanup(struct ssh *ssh, Authctxt *au auth_info_file = NULL; } diff --git a/build/openssh/patches/0019-PubKeyPlugin-support.patch b/build/openssh/patches/0019-PubKeyPlugin-support.patch index 110a4d6487..42318b833b 100644 --- a/build/openssh/patches/0019-PubKeyPlugin-support.patch +++ b/build/openssh/patches/0019-PubKeyPlugin-support.patch @@ -215,7 +215,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.c a/servconf.c { "securitykeyprovider", sSecurityKeyProvider, SSHCFG_GLOBAL }, { "requiredrsasize", sRequiredRSASize, SSHCFG_ALL }, { "channeltimeout", sChannelTimeout, SSHCFG_ALL }, -@@ -2631,6 +2634,18 @@ process_server_config_line_depth(ServerO +@@ -2646,6 +2649,18 @@ process_server_config_line_depth(ServerO } break; @@ -237,7 +237,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.c a/servconf.c diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.h a/servconf.h --- a~/servconf.h 1970-01-01 00:00:00 +++ a/servconf.h 1970-01-01 00:00:00 -@@ -237,6 +237,7 @@ typedef struct { +@@ -235,6 +235,7 @@ typedef struct { int fingerprint_hash; int expose_userauth_info; diff --git a/build/openssh/patches/0026-Don-t-use-krb5-config-to-check-for-GSSAPI-on-illumos.patch b/build/openssh/patches/0026-Don-t-use-krb5-config-to-check-for-GSSAPI-on-illumos.patch index 2b4cc274fc..82868bee35 100644 --- a/build/openssh/patches/0026-Don-t-use-krb5-config-to-check-for-GSSAPI-on-illumos.patch +++ b/build/openssh/patches/0026-Don-t-use-krb5-config-to-check-for-GSSAPI-on-illumos.patch @@ -6,7 +6,7 @@ Subject: [PATCH 26/34] Don't use krb5-config to check for GSSAPI on illumos diff -wpruN --no-dereference '--exclude=*.orig' a~/configure.ac a/configure.ac --- a~/configure.ac 1970-01-01 00:00:00 +++ a/configure.ac 1970-01-01 00:00:00 -@@ -4705,6 +4705,11 @@ AC_ARG_WITH([kerberos5], +@@ -4711,6 +4711,11 @@ AC_ARG_WITH([kerberos5], AC_PATH_TOOL([KRB5CONF], [krb5-config], [$KRB5ROOT/bin/krb5-config], [$KRB5ROOT/bin:$PATH]) @@ -18,7 +18,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/configure.ac a/configure.ac if test -x $KRB5CONF ; then K5CFLAGS="`$KRB5CONF --cflags`" K5LIBS="`$KRB5CONF --libs`" -@@ -4746,7 +4751,7 @@ AC_ARG_WITH([kerberos5], +@@ -4752,7 +4757,7 @@ AC_ARG_WITH([kerberos5], AC_CHECK_LIB([des], [des_cbc_encrypt], [K5LIBS="$K5LIBS -ldes"]) ], [ AC_MSG_RESULT([no]) diff --git a/build/openssh/patches/0029-Accept-LANG-and-LC_-environment-variables-from-clien.patch b/build/openssh/patches/0029-Accept-LANG-and-LC_-environment-variables-from-clien.patch index b1358687fa..4b9545983c 100644 --- a/build/openssh/patches/0029-Accept-LANG-and-LC_-environment-variables-from-clien.patch +++ b/build/openssh/patches/0029-Accept-LANG-and-LC_-environment-variables-from-clien.patch @@ -53,7 +53,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.c a/servconf.c if (options->client_alive_interval == -1) options->client_alive_interval = 0; if (options->client_alive_count_max == -1) -@@ -2204,8 +2231,12 @@ process_server_config_line_depth(ServerO +@@ -2219,8 +2246,12 @@ process_server_config_line_depth(ServerO if (*arg == '\0' || strchr(arg, '=') != NULL) fatal("%s line %d: Invalid environment name.", filename, linenum); @@ -66,7 +66,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/servconf.c a/servconf.c opt_array_append(filename, linenum, keyword, &options->accept_env, &options->num_accept_env, arg); -@@ -2900,7 +2931,7 @@ copy_set_server_options(ServerOptions *d +@@ -2956,7 +2987,7 @@ copy_set_server_options(ServerOptions *d } while(0) #define M_CP_STRARRAYOPT(s, num_s) do {\ u_int i; \ diff --git a/build/openssh/patches/0031-Restore-tcpwrappers-libwrap-support.patch b/build/openssh/patches/0031-Restore-tcpwrappers-libwrap-support.patch index 00f89a6381..560cdca225 100644 --- a/build/openssh/patches/0031-Restore-tcpwrappers-libwrap-support.patch +++ b/build/openssh/patches/0031-Restore-tcpwrappers-libwrap-support.patch @@ -1,7 +1,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/configure.ac a/configure.ac --- a~/configure.ac 1970-01-01 00:00:00 +++ a/configure.ac 1970-01-01 00:00:00 -@@ -1646,6 +1646,62 @@ else +@@ -1652,6 +1652,62 @@ else AC_MSG_RESULT([no]) fi @@ -64,7 +64,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/configure.ac a/configure.ac # Check whether user wants to use ldns LDNS_MSG="no" AC_ARG_WITH(ldns, -@@ -5617,6 +5673,7 @@ echo " PAM support +@@ -5623,6 +5679,7 @@ echo " PAM support echo " OSF SIA support: $SIA_MSG" echo " KerberosV support: $KRB5_MSG" echo " SELinux support: $SELINUX_MSG" diff --git a/build/openssh/patches/series b/build/openssh/patches/series index 230b5d9be7..d2ffe6cb20 100644 --- a/build/openssh/patches/series +++ b/build/openssh/patches/series @@ -20,4 +20,3 @@ sshd_config.patch 0029-Accept-LANG-and-LC_-environment-variables-from-clien.patch 0031-Restore-tcpwrappers-libwrap-support.patch test.patch -zlib-check.patch diff --git a/build/openssh/patches/zlib-check.patch b/build/openssh/patches/zlib-check.patch deleted file mode 100644 index c86c680265..0000000000 --- a/build/openssh/patches/zlib-check.patch +++ /dev/null @@ -1,23 +0,0 @@ -From cb4ed12ffc332d1f72d054ed92655b5f1c38f621 Mon Sep 17 00:00:00 2001 -From: Darren Tucker -Date: Sat, 19 Aug 2023 07:39:08 +1000 -Subject: [PATCH] Fix zlib version check for 1.3 and future version. - -bz#3604. ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 07893e87065..e3128dfcbb4 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1464,7 +1464,7 @@ else - [[ - int a=0, b=0, c=0, d=0, n, v; - n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); -- if (n != 3 && n != 4) -+ if (n < 1) - exit(1); - v = a*1000000 + b*10000 + c*100 + d; - fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); diff --git a/build/openssh/testsuite.log b/build/openssh/testsuite.log index 94f58944fb..1670078965 100644 --- a/build/openssh/testsuite.log +++ b/build/openssh/testsuite.log @@ -80,6 +80,7 @@ ok known hosts command ok agent restrictions ok channel timeout ok unused connection timeout +ok sshd_config match subsystem test_sshbuf: ...................................................................................................... 103 tests ok test_sshkey: ........................................................................................................ 104 tests ok test_sshsig: ........ 8 tests ok diff --git a/build/python311/build.sh b/build/python311/build.sh index fe9a201e57..b54ffdb794 100755 --- a/build/python311/build.sh +++ b/build/python311/build.sh @@ -17,7 +17,7 @@ . ../../lib/build.sh PROG=Python -VER=3.11.5 +VER=3.11.6 PKG=runtime/python-311 MVER=${VER%.*} SUMMARY="$PROG $MVER" diff --git a/build/python311/patches/mod-posix-sched_priority.patch b/build/python311/patches/mod-posix-sched_priority.patch index ef1e2a9ee1..a9246f13b4 100644 --- a/build/python311/patches/mod-posix-sched_priority.patch +++ b/build/python311/patches/mod-posix-sched_priority.patch @@ -7,7 +7,7 @@ However, -1 alongside EINVAL represents an error. diff -wpruN --no-dereference '--exclude=*.orig' a~/Modules/posixmodule.c a/Modules/posixmodule.c --- a~/Modules/posixmodule.c 1970-01-01 00:00:00 +++ a/Modules/posixmodule.c 1970-01-01 00:00:00 -@@ -6867,7 +6867,11 @@ os_sched_get_priority_max_impl(PyObject +@@ -6900,7 +6900,11 @@ os_sched_get_priority_max_impl(PyObject int max; max = sched_get_priority_max(policy); @@ -19,7 +19,7 @@ diff -wpruN --no-dereference '--exclude=*.orig' a~/Modules/posixmodule.c a/Modul return posix_error(); return PyLong_FromLong(max); } -@@ -6886,7 +6890,11 @@ os_sched_get_priority_min_impl(PyObject +@@ -6919,7 +6923,11 @@ os_sched_get_priority_min_impl(PyObject /*[clinic end generated code: output=7595c1138cc47a6d input=21bc8fa0d70983bf]*/ { int min = sched_get_priority_min(policy); diff --git a/build/python311/patches/series b/build/python311/patches/series index a8d1595157..7092b87195 100644 --- a/build/python311/patches/series +++ b/build/python311/patches/series @@ -32,7 +32,6 @@ test-zipfile.patch test-pkgutil.patch test-metadata.patch test-tarfile.patch -test-httpservers.patch revert-makedirs.patch # # Do not add ustack.patch to this file, it is used to build the debug diff --git a/build/python311/patches/test-filecomments.patch b/build/python311/patches/test-filecomments.patch index d060cbd205..cc6b38c961 100644 --- a/build/python311/patches/test-filecomments.patch +++ b/build/python311/patches/test-filecomments.patch @@ -4,7 +4,7 @@ Support comments in the test ignore file (see ../files/test.exclude) diff -wpruN --no-dereference '--exclude=*.orig' a~/Lib/test/libregrtest/cmdline.py a/Lib/test/libregrtest/cmdline.py --- a~/Lib/test/libregrtest/cmdline.py 1970-01-01 00:00:00 +++ a/Lib/test/libregrtest/cmdline.py 1970-01-01 00:00:00 -@@ -436,6 +436,7 @@ def _parse_args(args, **kwargs): +@@ -438,6 +438,7 @@ def _parse_args(args, **kwargs): ns.ignore_tests = [] with open(ns.ignore_filename) as fp: for line in fp: diff --git a/build/python311/patches/test-freeze.patch b/build/python311/patches/test-freeze.patch index 222997570c..6b7d462c15 100644 --- a/build/python311/patches/test-freeze.patch +++ b/build/python311/patches/test-freeze.patch @@ -12,28 +12,28 @@ This patch: diff -wpruN --no-dereference '--exclude=*.orig' a~/Tools/freeze/test/freeze.py a/Tools/freeze/test/freeze.py --- a~/Tools/freeze/test/freeze.py 1970-01-01 00:00:00 +++ a/Tools/freeze/test/freeze.py 1970-01-01 00:00:00 -@@ -10,7 +10,7 @@ TESTS_DIR = os.path.dirname(__file__) +@@ -18,7 +18,7 @@ TESTS_DIR = os.path.dirname(__file__) TOOL_ROOT = os.path.dirname(TESTS_DIR) - SRCDIR = os.path.dirname(os.path.dirname(TOOL_ROOT)) + SRCDIR = get_python_source_dir() -MAKE = shutil.which('make') +MAKE = shutil.which('gmake') FREEZE = os.path.join(TOOL_ROOT, 'freeze.py') OUTDIR = os.path.join(TESTS_DIR, 'outdir') -@@ -93,8 +93,6 @@ def copy_source_tree(newroot, oldroot): - return subdirs_to_skip +@@ -90,8 +90,6 @@ def copy_source_tree(newroot, oldroot): + shutil.rmtree(newroot) - shutil.copytree(oldroot, newroot, ignore=ignore_non_src) + shutil.copytree(oldroot, newroot, ignore=support.copy_python_src_ignore) - if os.path.exists(os.path.join(newroot, 'Makefile')): - _run_quiet([MAKE, 'clean'], newroot) - def get_makefile_var(builddir, name): -@@ -155,6 +153,7 @@ def prepare(script=None, outdir=None): - os.path.join(srcdir, 'configure'), - *shlex.split(get_config_var(srcdir, 'CONFIG_ARGS') or ''), - ] + ################################## +@@ -122,6 +120,7 @@ def prepare(script=None, outdir=None): + print(f'configuring python in {builddir}...') + config_args = shlex.split(sysconfig.get_config_var('CONFIG_ARGS') or '') + cmd = [os.path.join(srcdir, 'configure'), *config_args] + cmd = [c for c in cmd if not re.search(r'^--.*dir=', c)] ensure_opt(cmd, 'cache-file', os.path.join(outdir, 'python-config.cache')) prefix = os.path.join(outdir, 'python-installation') diff --git a/build/python311/patches/test-httpservers.patch b/build/python311/patches/test-httpservers.patch deleted file mode 100644 index 26e7e4ce39..0000000000 --- a/build/python311/patches/test-httpservers.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff -wpruN --no-dereference '--exclude=*.orig' a~/Lib/test/test_httpservers.py a/Lib/test/test_httpservers.py ---- a~/Lib/test/test_httpservers.py 1970-01-01 00:00:00 -+++ a/Lib/test/test_httpservers.py 1970-01-01 00:00:00 -@@ -442,10 +442,10 @@ class SimpleHTTPServerTestCase(BaseTestC - def test_undecodable_parameter(self): - # sanity check using a valid parameter - response = self.request(self.base_url + '/?x=123').read() -- self.assertRegex(response, f'listing for {self.base_url}/\?x=123'.encode('latin1')) -+ self.assertRegex(response, f'listing for {self.base_url}/\\?x=123'.encode('latin1')) - # now the bogus encoding - response = self.request(self.base_url + '/?x=%bb').read() -- self.assertRegex(response, f'listing for {self.base_url}/\?x=\xef\xbf\xbd'.encode('latin1')) -+ self.assertRegex(response, f'listing for {self.base_url}/\\?x=\xef\xbf\xbd'.encode('latin1')) - - def test_get_dir_redirect_location_domain_injection_bug(self): - """Ensure //evil.co/..%2f../../X does not put //evil.co/ in Location. diff --git a/build/python311/patches/test-processgroup.patch b/build/python311/patches/test-processgroup.patch index fec44c710b..2d4252de22 100644 --- a/build/python311/patches/test-processgroup.patch +++ b/build/python311/patches/test-processgroup.patch @@ -6,7 +6,7 @@ Disable the use of process groups for now. diff -wpruN --no-dereference '--exclude=*.orig' a~/Lib/test/libregrtest/runtest_mp.py a/Lib/test/libregrtest/runtest_mp.py --- a~/Lib/test/libregrtest/runtest_mp.py 1970-01-01 00:00:00 +++ a/Lib/test/libregrtest/runtest_mp.py 1970-01-01 00:00:00 -@@ -38,7 +38,8 @@ assert MAIN_PROCESS_TIMEOUT >= PROGRESS_ +@@ -41,7 +41,8 @@ assert MAIN_PROCESS_TIMEOUT >= PROGRESS_ # Time to wait until a worker completes: should be immediate JOIN_TIMEOUT = 30.0 # seconds diff --git a/build/python311/patches/test-tarfile.patch b/build/python311/patches/test-tarfile.patch index b3633466ac..7cba202c8d 100644 --- a/build/python311/patches/test-tarfile.patch +++ b/build/python311/patches/test-tarfile.patch @@ -9,7 +9,7 @@ Convert both timestamps to integer before comparing. diff -wpruN --no-dereference '--exclude=*.orig' a~/Lib/test/test_tarfile.py a/Lib/test/test_tarfile.py --- a~/Lib/test/test_tarfile.py 1970-01-01 00:00:00 +++ a/Lib/test/test_tarfile.py 1970-01-01 00:00:00 -@@ -3058,7 +3058,7 @@ class NoneInfoExtractTests(ReadTest): +@@ -3066,7 +3066,7 @@ class NoneInfoExtractTests(ReadTest): if not path.is_symlink(): raise else: diff --git a/build/python311/testsuite.log b/build/python311/testsuite.log index 374ee37cce..e6f6010d28 100644 --- a/build/python311/testsuite.log +++ b/build/python311/testsuite.log @@ -1,11 +1,18 @@ -410 tests OK. +448 tests OK. -24 tests skipped: - test_dbm_gnu test_epoll test_gdb test_idle test_kqueue - test_launcher test_msilib test_ossaudiodev test_smtpnet - test_socketserver test_startfile test_tcl test_tix test_tk - test_ttk_guionly test_ttk_textonly test_turtle test_urllib2net - test_urllibnet test_winconsoleio test_winreg test_winsound - test_xmlrpc_net test_zipfile64 +4 tests failed: + test_compileall test_dtrace test_import test_importlib -Tests result: SUCCESS +26 tests skipped: + test.test_asyncio.test_windows_events + test.test_asyncio.test_windows_utils test_dbm_gnu test_epoll + test_gdb test_idle test_kqueue test_launcher test_msilib + test_ossaudiodev test_smtpnet test_socketserver test_startfile + test_tcl test_tix test_tk test_ttk_guionly test_ttk_textonly + test_turtle test_urllib2net test_urllibnet test_winconsoleio + test_winreg test_winsound test_xmlrpc_net test_zipfile64 + +Total tests: run=39,619 failures=26 skipped=1,402 +Total test files: success=448 failed=4 skipped=26 resource_denied=8 +Result: FAILURE +make: *** [Makefile:1814: test] Error 2 diff --git a/build/rsyslog/build.sh b/build/rsyslog/build.sh index ec21beea48..e6495cfc9f 100755 --- a/build/rsyslog/build.sh +++ b/build/rsyslog/build.sh @@ -17,7 +17,7 @@ . ../../lib/build.sh PROG=rsyslog -VER=8.2308.0 +VER=8.2310.0 PKG=system/rsyslog SUMMARY="rsyslog - the rocket-fast system for log processing." DESC="A high-performance, modular syslog implementation." diff --git a/build/rsyslog/testsuite.log b/build/rsyslog/testsuite.log index 125f02866b..d58ac07b31 100644 --- a/build/rsyslog/testsuite.log +++ b/build/rsyslog/testsuite.log @@ -410,7 +410,7 @@ PASS: imtcp-tls-ossl-error-key.sh PASS: imtcp-tls-ossl-error-key2.sh PASS: uxsock_simple.sh ============================================================================ -Testsuite summary for rsyslog 8.2308.0 +Testsuite summary for rsyslog 8.2310.0 ============================================================================ # TOTAL: 412 # PASS: 372 diff --git a/doc/packages.md b/doc/packages.md index dc7268fb41..9e2f2f09fb 100644 --- a/doc/packages.md +++ b/doc/packages.md @@ -69,7 +69,7 @@ | meta/data/microcode/amd | 20230918 | https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/log/amd-ucode | meta/data/microcode/intel | 20230808 | https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases | network/dns/bind | 9.18.19 | https://ftp.isc.org/isc/bind9/ https://www.isc.org/downloads/ -| network/openssh | 9.4p1 | https://www.mirrorservice.org/pub/OpenBSD/OpenSSH/portable/ +| network/openssh | 9.5p1 | https://www.mirrorservice.org/pub/OpenBSD/OpenSSH/portable/ | network/rsync | 3.2.7 | https://rsync.samba.org/ | network/service/isc-dhcp | 4.4.3-P1 | https://ftp.isc.org/isc/dhcp/ https://www.isc.org/downloads/ | network/socat | 1.7.4.4 | http://www.dest-unreach.org/socat/download/ @@ -81,7 +81,7 @@ | runtime/perl | 5.36.1 | https://www.cpan.org/src/README.html | runtime/python-39 | 3.9.18 | https://www.python.org/downloads/source/ | runtime/python-310 | 3.10.13 | https://www.python.org/downloads/source/ -| runtime/python-311 | 3.11.5 | https://www.python.org/downloads/source/ +| runtime/python-311 | 3.11.6 | https://www.python.org/downloads/source/ | security/sudo | 1.9.14p3 | https://www.sudo.ws/ | service/network/chrony | 4.4 | https://download.tuxfamily.org/chrony/ | service/network/ntpsec | 1.2.2 | https://github.com/ntpsec/ntpsec/tags https://blog.ntpsec.org/ @@ -103,7 +103,7 @@ | system/network/lldp | 0.4alpha | https://sourceforge.net/projects/openlldp/files/ | system/pciutils | 3.10.0 | https://www.kernel.org/pub/software/utils/pciutils/ | system/pkgtree | 1.1 | https://github.com/quattor/pkgtree/tags -| system/rsyslog | 8.2308.0 | https://www.rsyslog.com/downloads/download-v8-stable/ +| system/rsyslog | 8.2310.0 | https://www.rsyslog.com/downloads/download-v8-stable/ | system/test/fio | 3.35 | https://github.com/axboe/fio/tags | system/watch | 3.3.16 | https://gitlab.com/api/v4/projects/procps-ng%2Fprocps/releases https://gitlab.com/procps-ng/procps/-/releases | terminal/screen | 4.9.1 | https://ftp.gnu.org/gnu/screen/