upg gzip libaio libgpg-error runit-service-scripts wpa_supplicant xz

gzip/PKGBUILD

@@ -5,7 +5,7 @@
 #-----------------------------------------| DESCRIPTION |---------------------------------------
 
 pkgname=gzip
-pkgver=1.11
+pkgver=1.12
 pkgrel=01
 pkgdesc='GNU compression utility'
 arch=('x86_64')
@@ -20,7 +20,7 @@ prepare() {
   local filename
   for filename in "${source[@]}"; do
     if [[ "$filename" =~ \.patch$ ]]; then
-      msg2 "Applying patch ${filename##*/}"
+      echo "Applying patch ${filename##*/}"
       patch -p1 -N -i "$srcdir/${filename##*/}"
     fi
   done
@@ -49,5 +49,5 @@ license=('GPL3')
 
 validpgpkeys=('155D3FC500C834486D1EEA677FD9FCCB000BEEEE') # Jim Meyering
 
-sha256sums=(9b9a95d68fdcb936849a4d6fada8bf8686cddf58b9b26c9c4289ed0c92a77907 # gzip-1.11.tar.xz
-	d1fb725178c534a8ad69f0075f9d487e091f86ccc442a666fe8e76a50cb2ef65) #  gzip-1.11.tar.xz.sig
+sha256sums=(ce5e03e519f637e1f814011ace35c4f87b33c0bbabeec35baf5fbd3479e91956 # gzip-1.12.tar.xz
+	3ed9ab54452576e0be0d477c772c9f47baa36415133fef7dd1fcf7b15480ba32) # gzip-1.12.tar.xz.sig

gzip/PKGBUILD-arch

@@ -1,9 +1,9 @@
-# Mainainer: Sébastien "Seblu" Luttringer <seblu@archlinux.org>
+# Maintainer: Sébastien "Seblu" Luttringer <seblu@archlinux.org>
 # Contributor: Allan McRae <allan@archlinux.org>
 # Contributor: judd <jvinet@zeroflux.org>
 
 pkgname=gzip
-pkgver=1.11
+pkgver=1.12
 pkgrel=1
 pkgdesc='GNU compression utility'
 arch=('x86_64')
@@ -13,15 +13,15 @@ groups=('base-devel')
 depends=('glibc' 'bash' 'less')
 validpgpkeys=('155D3FC500C834486D1EEA677FD9FCCB000BEEEE') # Jim Meyering
 source=("https://ftp.gnu.org/pub/gnu/gzip/gzip-$pkgver.tar.xz"{,.sig})
-md5sums=('d1e93996dba00cab0caa7903cd01d454'
-         'SKIP')
+sha256sums=('ce5e03e519f637e1f814011ace35c4f87b33c0bbabeec35baf5fbd3479e91956'
+            'SKIP')
 prepare() {
   cd $pkgname-$pkgver
   # apply patch from the source array (should be a pacman feature)
   local filename
   for filename in "${source[@]}"; do
     if [[ "$filename" =~ \.patch$ ]]; then
-      msg2 "Applying patch ${filename##*/}"
+      echo "Applying patch ${filename##*/}"
       patch -p1 -N -i "$srcdir/${filename##*/}"
     fi
   done

libaio/PKGBUILD

@@ -1,43 +1,52 @@
 #!/usr/bin/bash
 # JOBoRun		: Jwm OpenBox Obarun RUNit
-# Maintainer		: Joe Bo Run <joborun@disroot.org>
+# Maintainer	: Joe Bo Run <joborun@disroot.org>
 # PkgSource		: url="https://gittea.disroot.org/joborun-pkg/jobcore/$pkgname"
+# Website		: https://pozol.eu
 #-----------------------------------------| DESCRIPTION |---------------------------------------
 
 pkgname=libaio
 pkgver=0.3.112
-pkgrel=02
+pkgrel=03
 pkgdesc="The Linux-native asynchronous I/O facility (aio) library"
-arch=('x86_64')
+arch=(x86_64)
 url="https://pagure.io/libaio"
+depends=(glibc)
+provides=(libaio.so)
+# options=(debug) # uncomment to build debug package
 source=(https://releases.pagure.org/libaio/${pkgname}-${pkgver}.tar.gz)
 
-build() {
-  cd "$srcdir/$pkgname-$pkgver"
-  # AIO library is a thin wrapper around kernel syscalls, it does not use stdlib
-  # and other helpers like stack protection libraries
-  CFLAGS="-march=${CARCH/_/-} -mtune=generic -O2 -pipe"
-  make
+prepare() {
+  # -Werror, not even once
+  sed 's/-Werror//' -i $pkgname-$pkgver/harness/Makefile
 }
 
-#check() {
+build() {
+  CFLAGS="-march=${CARCH/_/-} -mtune=generic -O2 -pipe"
+  # libaio is a thin wrapper around kernel syscalls, it does not use stdlib and
+  # other helpers like stack protection libraries
+   CFLAGS="-march=${CARCH/_/-} -mtune=generic -O2 -pipe"
+  make -C $pkgname-$pkgver
+}
+
+check() {
 #  cd "$srcdir/$pkgname-$pkgver"
 #
 #  # work around gcc warning (-Werror) in test suite
 #  sed -i '/strncpy/s#sizeof(TEMPLATE)#sizeof(template)#' harness/cases/19.t
 #  sed -i '/strncpy/s#sizeof(TEMPLATE)#sizeof(temp_file)#' harness/cases/21.t
-#
 #  make partcheck
-#}
-
-package() {
-  cd "$srcdir/$pkgname-$pkgver"
-  make prefix="$pkgdir/usr" install
+  make partcheck -k -C $pkgname-$pkgver
 }
 
+package() {
+  make DESTDIR="$pkgdir" install -C $pkgname-$pkgver
+  install -vDm 644 $pkgname-$pkgver/{ChangeLog,README.md} -t "$pkgdir/usr/share/doc/$pkgname/"
+  install -vDm 644 $pkgname-$pkgver/man/*.3 -t "$pkgdir/usr/share/man/man3/"
+}
 
 #---- license gpg-key sha256sums ----
 
-license=('LGPL')
+license=(LGPL2.1)
 
 sha256sums=(ab0462f2c9d546683e5147b1ce9c195fe95d07fac5bf362f6c01637955c3b492) #  libaio-0.3.112.tar.gz

libaio/PKGBUILD-arch

@@ -1,36 +1,40 @@
-# Maintainer:  Bartłomiej Piotrowski <barthalion@gmail.com>
+# Maintainer: David Runge <dvzrv@archlinux.org>
+# Contributor: Bartłomiej Piotrowski <barthalion@gmail.com>
 # Contributor: Thomas S Hatch <thatch45 at gmail dot com>
 
 pkgname=libaio
 pkgver=0.3.112
-pkgrel=2
+pkgrel=3
 pkgdesc="The Linux-native asynchronous I/O facility (aio) library"
-arch=('x86_64')
+arch=(x86_64)
 url="https://pagure.io/libaio"
-license=('LGPL')
+license=(LGPL2.1)
+depends=(glibc)
+provides=(libaio.so)
+options=(debug)
 source=(https://releases.pagure.org/libaio/${pkgname}-${pkgver}.tar.gz)
-sha256sums=('ab0462f2c9d546683e5147b1ce9c195fe95d07fac5bf362f6c01637955c3b492')
+sha512sums=('5f984529c9f747a6c82f1e4457fc0832bb1fc299ae6e700f2ac5a8ea7b9bfc6ea1e75809728cc115a020cff6685ed1f4e38c6aeacc1ea98dfccce04dd19dafaa')
+b2sums=('088f3b195a65bdc97ae2318e47af17c65259ed3208dca7bfef93c81a800602085e5b2078dbd436c740be316d0ebd923a1b3b7c0808257e2e7c7fb0f7ae1e0dba')
+
+prepare() {
+  # -Werror, not even once
+  sed 's/-Werror//' -i $pkgname-$pkgver/harness/Makefile
+}
 
 build() {
-  cd "$srcdir/$pkgname-$pkgver"
-  # AIO library is a thin wrapper around kernel syscalls, it does not use stdlib
-  # and other helpers like stack protection libraries
+  # libaio is a thin wrapper around kernel syscalls, it does not use stdlib and
+  # other helpers like stack protection libraries
   CFLAGS="-march=${CARCH/_/-} -mtune=generic -O2 -pipe"
-  make
+  make -C $pkgname-$pkgver
 }
 
 check() {
-  cd "$srcdir/$pkgname-$pkgver"
-
-  # work around gcc warning (-Werror) in test suite
-  sed -i '/strncpy/s#sizeof(TEMPLATE)#sizeof(template)#' harness/cases/19.t
-  sed -i '/strncpy/s#sizeof(TEMPLATE)#sizeof(temp_file)#' harness/cases/21.t
-
-  make partcheck
+  make partcheck -k -C $pkgname-$pkgver
 }
 
 package() {
-  cd "$srcdir/$pkgname-$pkgver"
-  make prefix="$pkgdir/usr" install
+  make DESTDIR="$pkgdir" install -C $pkgname-$pkgver
+  install -vDm 644 $pkgname-$pkgver/{ChangeLog,README.md} -t "$pkgdir/usr/share/doc/$pkgname/"
+  install -vDm 644 $pkgname-$pkgver/man/*.3 -t "$pkgdir/usr/share/man/man3/"
 }
 

libaio/time

@@ -1,3 +1,8 @@
 real	0m1.588s
 user	0m1.478s
 sys	0m0.248s
+with tests +3m
+real	3m0.826s
+user	0m9.467s
+sys	0m13.346s
+

libgpg-error/PKGBUILD

@@ -1,11 +1,12 @@
 #!/usr/bin/bash
 # JOBoRun		: Jwm OpenBox Obarun RUNit
-# Maintainer		: Joe Bo Run <joborun@disroot.org>
+# Maintainer	: Joe Bo Run <joborun@disroot.org>
 # PkgSource		: url="https://gittea.disroot.org/joborun-pkg/jobcore/$pkgname"
+# Website		: https://pozol.eu
 #-----------------------------------------| DESCRIPTION |---------------------------------------
 
 pkgname=libgpg-error
-pkgver=1.44
+pkgver=1.45
 pkgrel=01
 pkgdesc="Support library for libgcrypt"
 arch=(x86_64)
@@ -40,8 +41,13 @@ package() {
 
 license=('LGPL')
 
-validpgpkeys=(6DAA6E64A76D2840571B4902528897B826403ADA # Werner Koch (dist signing 2020)
-            031EC2536E580D8EA286A9F22071B08A33BD3F06) # NIIBE Yutaka (GnuPG Release Key) <gniibe@fsij.org>
+validpgpkeys=(D8692123C4065DEA5E0F3AB5249B39D24F25E3B6  # Werner Koch
+	AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD # NIIBE Yutaka (GnuPG Release Key) <gniibe@fsij.org>
+#              031EC2536E580D8EA286A9F22071B08A33BD3F06  # NIIBE Yutaka (GnuPG Release Key) <gniibe@fsij.org>
+              6DAA6E64A76D2840571B4902528897B826403ADA) # "Werner Koch (dist signing 2020)"
 
-sha256sums=(8e3d2da7a8b9a104dd8e9212ebe8e0daf86aa838cc1314ba6bc4de8f2d8a1ff9 # libgpg-error-1.44.tar.bz2
-	dd807f159c7acb0ee46dacf940ded43689d6259aad00ad57b4322bdffede890c) # libgpg-error-1.44.tar.bz2.sig
+# Arch lists a different key than what the package is signed by, nevertheless their package is built, which
+# indicates they are building disregarding signature errors.  And I thought it was only Obarun being negligent!
+
+sha256sums=(570f8ee4fb4bff7b7495cff920c275002aea2147e9a1d220c068213267f80a26 # libgpg-error-1.45.tar.bz2
+	51736fef75ae3c020512f6987b046698bd418d960eb0e2fe1a0860749da21444) # libgpg-error-1.45.tar.bz2.sig

libgpg-error/PKGBUILD-arch

@@ -2,7 +2,7 @@
 # Contributor: judd <jvinet@zeroflux.org>
 
 pkgname=libgpg-error
-pkgver=1.44
+pkgver=1.45
 pkgrel=1
 pkgdesc="Support library for libgcrypt"
 arch=(x86_64)
@@ -11,7 +11,7 @@ license=('LGPL')
 depends=('glibc' 'sh')
 source=(https://www.gnupg.org/ftp/gcrypt/libgpg-error/${pkgname}-${pkgver}.tar.bz2{,.sig})
 # https://www.gnupg.org/download/integrity_check.html
-sha1sums=('c16ab473d1e558ba1712c77ace38bd03e467cbb0'
+sha1sums=('fe724ed37b4935964059a47b7c64d5f8246659d8'
           'SKIP')
 validpgpkeys=('D8692123C4065DEA5E0F3AB5249B39D24F25E3B6'  # Werner Koch
               '031EC2536E580D8EA286A9F22071B08A33BD3F06'  # NIIBE Yutaka (GnuPG Release Key) <gniibe@fsij.org>

libgpg-error/key

@@ -1,3 +1,3 @@
-gpg -v --recv-key 528897B826403ADA
-gpg -v --recv-key 249B39D24F25E3B6
-gpg -v --recv-key 2071B08A33BD3F06
+gpg --recv-keys 249B39D24F25E3B6
+gpg --recv-keys 2071B08A33BD3F06
+gpg --recv-keys E98E9B2D19C6C8BD

wpa_supplicant/PKGBUILD

@@ -7,7 +7,7 @@
 
 pkgname=wpa_supplicant
 pkgver=2.10
-pkgrel=03
+pkgrel=04
 epoch=2
 pkgdesc='A utility providing key negotiation for WPA wireless networks w/o systemd'
 url='https://w1.fi/wpa_supplicant/'
@@ -70,9 +70,11 @@ sha256sums=(20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f # w
 	08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992 # wpa_supplicant_tls.patch
 #	60f6a1cf2e124813dfce1da78ee1818e2ff5236aafa4113c7ae3b3f2a0b84006 # wpa_supplicant_dbus_service_syslog.patch
 #	d42bdbf3d4980b9f0a819612df0c39843c7e96c8afcb103aa656c824f93790b0 # wpa_supplicant_service_ignore-on-isolate.patch
-	385c956607d9a4966b13458db60a29b7556ff0c9928d7fef59381678ce79f13b # wpa_supplicant_config
+	89dc439b958574e9231c58bea6c83faec469909c9f84476bfc83fa35b3e97bd1 # wpa_supplicant_config
+#	385c956607d9a4966b13458db60a29b7556ff0c9928d7fef59381678ce79f13b # wpa_supplicant_config
 	aaedf87f1530d4e6cb00bf7981d1f868409ed892cc41b83c5613019e7b51f380) # add_extra-ies_only_if_allowed_by_driver.patch
-bf91a135e717265969f1ab0319297c9d2e6f695928a17e3b3fa5accc8ef7b297  CVE-2019-16275.patch
-449c7dad67b246b5b93e796f57c2f90c5c32cfc5b16f7aa4f17802dc260d3414  tls.patch
-1ad3b61397c4a1dbafbf89059bccdda07cfe7eaff9f23ee25bed7bdd82c2bd87  roam-properties.patch
-6f71a04875465178992e78216603d3c4735ee717a31738a6e30702c7a81c6c4e  config
+#bf91a135e717265969f1ab0319297c9d2e6f695928a17e3b3fa5accc8ef7b297  CVE-2019-16275.patch
+#449c7dad67b246b5b93e796f57c2f90c5c32cfc5b16f7aa4f17802dc260d3414  tls.patch
+#1ad3b61397c4a1dbafbf89059bccdda07cfe7eaff9f23ee25bed7bdd82c2bd87  roam-properties.patch
+#6f71a04875465178992e78216603d3c4735ee717a31738a6e30702c7a81c6c4e  config
+

wpa_supplicant/PKGBUILD-arch

@@ -5,7 +5,7 @@
 
 pkgname=wpa_supplicant
 pkgver=2.10
-pkgrel=3
+pkgrel=4
 epoch=2
 pkgdesc='A utility providing key negotiation for WPA wireless networks'
 url='https://w1.fi/wpa_supplicant/'
@@ -27,7 +27,7 @@ sha256sums=('20df7ae5154b3830355f8ab4269123a87affdea59fe74fe9292a91d0d7e17b2f'
             '08915b040d03a3e07cdc8ea6c76b497e00059e01ce85b67413dfe41d4fc68992'
             '60f6a1cf2e124813dfce1da78ee1818e2ff5236aafa4113c7ae3b3f2a0b84006'
             'd42bdbf3d4980b9f0a819612df0c39843c7e96c8afcb103aa656c824f93790b0'
-            'd99c48843bb413d7eb63e87e0bab255736712f901b515b9a625f40c8eb8e99db'
+            '89dc439b958574e9231c58bea6c83faec469909c9f84476bfc83fa35b3e97bd1'
             'aaedf87f1530d4e6cb00bf7981d1f868409ed892cc41b83c5613019e7b51f380')
 
 prepare() {

wpa_supplicant/deps

@@ -1 +1 @@
-
+ 

wpa_supplicant/wpa_supplicant_config

@@ -477,7 +477,7 @@ CONFIG_IEEE80211AC=y
 
 # Wireless Network Management (IEEE Std 802.11v-2011)
 # Note: This is experimental and not complete implementation.
-#CONFIG_WNM=y
+CONFIG_WNM=y
 
 # Interworking (IEEE 802.11u)
 # This can be used to enable functionality to improve interworking with
@@ -588,7 +588,7 @@ CONFIG_IBSS_RSN=y
 CONFIG_PMKSA_CACHE_EXTERNAL=y
 
 # Mesh Networking (IEEE 802.11s)
-#CONFIG_MESH=y
+CONFIG_MESH=y
 
 # Background scanning modules
 # These can be used to request wpa_supplicant to perform background scanning

wpa_supplicant/wpa_supplicant_config.0

@@ -0,0 +1,637 @@
+# Example wpa_supplicant build time configuration
+#
+# This file lists the configuration options that are used when building the
+# wpa_supplicant binary. All lines starting with # are ignored. Configuration
+# option lines must be commented out complete, if they are not to be included,
+# i.e., just setting VARIABLE=n is not disabling that variable.
+#
+# This file is included in Makefile, so variables like CFLAGS and LIBS can also
+# be modified from here. In most cases, these lines should use += in order not
+# to override previous values of the variables.
+
+
+# Uncomment following two lines and fix the paths if you have installed OpenSSL
+# or GnuTLS in non-default location
+#CFLAGS += -I/usr/local/openssl/include
+#LIBS += -L/usr/local/openssl/lib
+
+# Some Red Hat versions seem to include kerberos header files from OpenSSL, but
+# the kerberos files are not in the default include path. Following line can be
+# used to fix build issues on such systems (krb5.h not found).
+#CFLAGS += -I/usr/include/kerberos
+
+# Driver interface for generic Linux wireless extensions
+# Note: WEXT is deprecated in the current Linux kernel version and no new
+# functionality is added to it. nl80211-based interface is the new
+# replacement for WEXT and its use allows wpa_supplicant to properly control
+# the driver to improve existing functionality like roaming and to support new
+# functionality.
+CONFIG_DRIVER_WEXT=y
+
+# Driver interface for Linux drivers using the nl80211 kernel interface
+CONFIG_DRIVER_NL80211=y
+
+# QCA vendor extensions to nl80211
+CONFIG_DRIVER_NL80211_QCA=y
+
+# driver_nl80211.c requires libnl. If you are compiling it yourself
+# you may need to point hostapd to your version of libnl.
+#
+#CFLAGS += -I$<path to libnl include files>
+#LIBS += -L$<path to libnl library files>
+
+# Use libnl v2.0 (or 3.0) libraries.
+#CONFIG_LIBNL20=y
+
+# Use libnl 3.2 libraries (if this is selected, CONFIG_LIBNL20 is ignored)
+CONFIG_LIBNL32=y
+
+
+# Driver interface for FreeBSD net80211 layer (e.g., Atheros driver)
+#CONFIG_DRIVER_BSD=y
+#CFLAGS += -I/usr/local/include
+#LIBS += -L/usr/local/lib
+#LIBS_p += -L/usr/local/lib
+#LIBS_c += -L/usr/local/lib
+
+# Driver interface for Windows NDIS
+#CONFIG_DRIVER_NDIS=y
+#CFLAGS += -I/usr/include/w32api/ddk
+#LIBS += -L/usr/local/lib
+# For native build using mingw
+#CONFIG_NATIVE_WINDOWS=y
+# Additional directories for cross-compilation on Linux host for mingw target
+#CFLAGS += -I/opt/mingw/mingw32/include/ddk
+#LIBS += -L/opt/mingw/mingw32/lib
+#CC=mingw32-gcc
+# By default, driver_ndis uses WinPcap for low-level operations. This can be
+# replaced with the following option which replaces WinPcap calls with NDISUIO.
+# However, this requires that WZC is disabled (net stop wzcsvc) before starting
+# wpa_supplicant.
+# CONFIG_USE_NDISUIO=y
+
+# Driver interface for wired Ethernet drivers
+CONFIG_DRIVER_WIRED=y
+
+# Driver interface for MACsec capable Qualcomm Atheros drivers
+#CONFIG_DRIVER_MACSEC_QCA=y
+
+# Driver interface for Linux MACsec drivers
+CONFIG_DRIVER_MACSEC_LINUX=y
+
+# Driver interface for the Broadcom RoboSwitch family
+#CONFIG_DRIVER_ROBOSWITCH=y
+
+# Driver interface for no driver (e.g., WPS ER only)
+CONFIG_DRIVER_NONE=y
+
+# Solaris libraries
+#LIBS += -lsocket -ldlpi -lnsl
+#LIBS_c += -lsocket
+
+# Enable IEEE 802.1X Supplicant (automatically included if any EAP method or
+# MACsec is included)
+CONFIG_IEEE8021X_EAPOL=y
+
+# EAP-MD5
+CONFIG_EAP_MD5=y
+
+# EAP-MSCHAPv2
+CONFIG_EAP_MSCHAPV2=y
+
+# EAP-TLS
+CONFIG_EAP_TLS=y
+
+# EAL-PEAP
+CONFIG_EAP_PEAP=y
+
+# EAP-TTLS
+CONFIG_EAP_TTLS=y
+
+# EAP-FAST
+CONFIG_EAP_FAST=y
+
+# EAP-TEAP
+# Note: The current EAP-TEAP implementation is experimental and should not be
+# enabled for production use. The IETF RFC 7170 that defines EAP-TEAP has number
+# of conflicting statements and missing details and the implementation has
+# vendor specific workarounds for those and as such, may not interoperate with
+# any other implementation. This should not be used for anything else than
+# experimentation and interoperability testing until those issues has been
+# resolved.
+#CONFIG_EAP_TEAP=y
+
+# EAP-GTC
+CONFIG_EAP_GTC=y
+
+# EAP-OTP
+CONFIG_EAP_OTP=y
+
+# EAP-SIM (enable CONFIG_PCSC, if EAP-SIM is used)
+CONFIG_EAP_SIM=y
+
+# Enable SIM simulator (Milenage) for EAP-SIM
+#CONFIG_SIM_SIMULATOR=y
+
+# EAP-PSK (experimental; this is _not_ needed for WPA-PSK)
+CONFIG_EAP_PSK=y
+
+# EAP-pwd (secure authentication using only a password)
+CONFIG_EAP_PWD=y
+
+# EAP-PAX
+CONFIG_EAP_PAX=y
+
+# LEAP
+CONFIG_EAP_LEAP=y
+
+# EAP-AKA (enable CONFIG_PCSC, if EAP-AKA is used)
+CONFIG_EAP_AKA=y
+
+# EAP-AKA' (enable CONFIG_PCSC, if EAP-AKA' is used).
+# This requires CONFIG_EAP_AKA to be enabled, too.
+CONFIG_EAP_AKA_PRIME=y
+
+# Enable USIM simulator (Milenage) for EAP-AKA
+#CONFIG_USIM_SIMULATOR=y
+
+# EAP-SAKE
+CONFIG_EAP_SAKE=y
+
+# EAP-GPSK
+CONFIG_EAP_GPSK=y
+# Include support for optional SHA256 cipher suite in EAP-GPSK
+CONFIG_EAP_GPSK_SHA256=y
+
+# EAP-TNC and related Trusted Network Connect support (experimental)
+CONFIG_EAP_TNC=y
+
+# Wi-Fi Protected Setup (WPS)
+CONFIG_WPS=y
+# Enable WPS external registrar functionality
+CONFIG_WPS_ER=y
+# Disable credentials for an open network by default when acting as a WPS
+# registrar.
+CONFIG_WPS_REG_DISABLE_OPEN=y
+# Enable WPS support with NFC config method
+CONFIG_WPS_NFC=y
+
+# EAP-IKEv2
+CONFIG_EAP_IKEV2=y
+
+# EAP-EKE
+CONFIG_EAP_EKE=y
+
+# MACsec
+CONFIG_MACSEC=y
+
+# PKCS#12 (PFX) support (used to read private key and certificate file from
+# a file that usually has extension .p12 or .pfx)
+CONFIG_PKCS12=y
+
+# Smartcard support (i.e., private key on a smartcard), e.g., with openssl
+# engine.
+CONFIG_SMARTCARD=y
+
+# PC/SC interface for smartcards (USIM, GSM SIM)
+# Enable this if EAP-SIM or EAP-AKA is included
+#CONFIG_PCSC=y
+
+# Support HT overrides (disable HT/HT40, mask MCS rates, etc.)
+CONFIG_HT_OVERRIDES=y
+
+# Support VHT overrides (disable VHT, mask MCS rates, etc.)
+CONFIG_VHT_OVERRIDES=y
+
+# Development testing
+#CONFIG_EAPOL_TEST=y
+
+# Select control interface backend for external programs, e.g, wpa_cli:
+# unix = UNIX domain sockets (default for Linux/*BSD)
+# udp = UDP sockets using localhost (127.0.0.1)
+# udp6 = UDP IPv6 sockets using localhost (::1)
+# named_pipe = Windows Named Pipe (default for Windows)
+# udp-remote = UDP sockets with remote access (only for tests systems/purpose)
+# udp6-remote = UDP IPv6 sockets with remote access (only for tests purpose)
+# y = use default (backwards compatibility)
+# If this option is commented out, control interface is not included in the
+# build.
+CONFIG_CTRL_IFACE=y
+
+# Include support for GNU Readline and History Libraries in wpa_cli.
+# When building a wpa_cli binary for distribution, please note that these
+# libraries are licensed under GPL and as such, BSD license may not apply for
+# the resulting binary.
+CONFIG_READLINE=y
+
+# Include internal line edit mode in wpa_cli. This can be used as a replacement
+# for GNU Readline to provide limited command line editing and history support.
+#CONFIG_WPA_CLI_EDIT=y
+
+# Remove debugging code that is printing out debug message to stdout.
+# This can be used to reduce the size of the wpa_supplicant considerably
+# if debugging code is not needed. The size reduction can be around 35%
+# (e.g., 90 kB).
+#CONFIG_NO_STDOUT_DEBUG=y
+
+# Remove WPA support, e.g., for wired-only IEEE 802.1X supplicant, to save
+# 35-50 kB in code size.
+#CONFIG_NO_WPA=y
+
+# Remove IEEE 802.11i/WPA-Personal ASCII passphrase support
+# This option can be used to reduce code size by removing support for
+# converting ASCII passphrases into PSK. If this functionality is removed, the
+# PSK can only be configured as the 64-octet hexstring (e.g., from
+# wpa_passphrase). This saves about 0.5 kB in code size.
+#CONFIG_NO_WPA_PASSPHRASE=y
+
+# Simultaneous Authentication of Equals (SAE), WPA3-Personal
+CONFIG_SAE=y
+
+# Disable scan result processing (ap_scan=1) to save code size by about 1 kB.
+# This can be used if ap_scan=1 mode is never enabled.
+#CONFIG_NO_SCAN_PROCESSING=y
+
+# Select configuration backend:
+# file = text file (e.g., wpa_supplicant.conf; note: the configuration file
+#	path is given on command line, not here; this option is just used to
+#	select the backend that allows configuration files to be used)
+# winreg = Windows registry (see win_example.reg for an example)
+CONFIG_BACKEND=file
+
+# Remove configuration write functionality (i.e., to allow the configuration
+# file to be updated based on runtime configuration changes). The runtime
+# configuration can still be changed, the changes are just not going to be
+# persistent over restarts. This option can be used to reduce code size by
+# about 3.5 kB.
+#CONFIG_NO_CONFIG_WRITE=y
+
+# Remove support for configuration blobs to reduce code size by about 1.5 kB.
+#CONFIG_NO_CONFIG_BLOBS=y
+
+# Select program entry point implementation:
+# main = UNIX/POSIX like main() function (default)
+# main_winsvc = Windows service (read parameters from registry)
+# main_none = Very basic example (development use only)
+CONFIG_MAIN=main
+
+# Select wrapper for operating system and C library specific functions
+# unix = UNIX/POSIX like systems (default)
+# win32 = Windows systems
+# none = Empty template
+CONFIG_OS=unix
+
+# Select event loop implementation
+# eloop = select() loop (default)
+# eloop_win = Windows events and WaitForMultipleObject() loop
+CONFIG_ELOOP=eloop
+
+# Should we use poll instead of select? Select is used by default.
+#CONFIG_ELOOP_POLL=y
+
+# Should we use epoll instead of select? Select is used by default.
+#CONFIG_ELOOP_EPOLL=y
+
+# Should we use kqueue instead of select? Select is used by default.
+#CONFIG_ELOOP_KQUEUE=y
+
+# Select layer 2 packet implementation
+# linux = Linux packet socket (default)
+# pcap = libpcap/libdnet/WinPcap
+# freebsd = FreeBSD libpcap
+# winpcap = WinPcap with receive thread
+# ndis = Windows NDISUIO (note: requires CONFIG_USE_NDISUIO=y)
+# none = Empty template
+CONFIG_L2_PACKET=linux
+
+# Disable Linux packet socket workaround applicable for station interface
+# in a bridge for EAPOL frames. This should be uncommented only if the kernel
+# is known to not have the regression issue in packet socket behavior with
+# bridge interfaces (commit 'bridge: respect RFC2863 operational state')').
+#CONFIG_NO_LINUX_PACKET_SOCKET_WAR=y
+
+# Support Operating Channel Validation
+#CONFIG_OCV=y
+
+# Select TLS implementation
+# openssl = OpenSSL (default)
+# gnutls = GnuTLS
+# internal = Internal TLSv1 implementation (experimental)
+# linux = Linux kernel AF_ALG and internal TLSv1 implementation (experimental)
+# none = Empty template
+CONFIG_TLS=openssl
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.1)
+# can be enabled to get a stronger construction of messages when block ciphers
+# are used. It should be noted that some existing TLS v1.0 -based
+# implementation may not be compatible with TLS v1.1 message (ClientHello is
+# sent prior to negotiating which version will be used)
+CONFIG_TLSV11=y
+
+# TLS-based EAP methods require at least TLS v1.0. Newer version of TLS (v1.2)
+# can be enabled to enable use of stronger crypto algorithms. It should be
+# noted that some existing TLS v1.0 -based implementation may not be compatible
+# with TLS v1.2 message (ClientHello is sent prior to negotiating which version
+# will be used)
+CONFIG_TLSV12=y
+
+# Select which ciphers to use by default with OpenSSL if the user does not
+# specify them.
+#CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT:!EXP:!LOW"
+CONFIG_TLS_DEFAULT_CIPHERS="DEFAULT@SECLEVEL=1"
+
+# If CONFIG_TLS=internal is used, additional library and include paths are
+# needed for LibTomMath. Alternatively, an integrated, minimal version of
+# LibTomMath can be used. See beginning of libtommath.c for details on benefits
+# and drawbacks of this option.
+#CONFIG_INTERNAL_LIBTOMMATH=y
+#ifndef CONFIG_INTERNAL_LIBTOMMATH
+#LTM_PATH=/usr/src/libtommath-0.39
+#CFLAGS += -I$(LTM_PATH)
+#LIBS += -L$(LTM_PATH)
+#LIBS_p += -L$(LTM_PATH)
+#endif
+# At the cost of about 4 kB of additional binary size, the internal LibTomMath
+# can be configured to include faster routines for exptmod, sqr, and div to
+# speed up DH and RSA calculation considerably
+#CONFIG_INTERNAL_LIBTOMMATH_FAST=y
+
+# Include NDIS event processing through WMI into wpa_supplicant/wpasvc.
+# This is only for Windows builds and requires WMI-related header files and
+# WbemUuid.Lib from Platform SDK even when building with MinGW.
+#CONFIG_NDIS_EVENTS_INTEGRATED=y
+#PLATFORMSDKLIB="/opt/Program Files/Microsoft Platform SDK/Lib"
+
+# Add support for new DBus control interface
+# (fi.w1.wpa_supplicant1)
+CONFIG_CTRL_IFACE_DBUS_NEW=y
+
+# Add introspection support for new DBus control interface
+CONFIG_CTRL_IFACE_DBUS_INTRO=y
+
+# Add support for loading EAP methods dynamically as shared libraries.
+# When this option is enabled, each EAP method can be either included
+# statically (CONFIG_EAP_<method>=y) or dynamically (CONFIG_EAP_<method>=dyn).
+# Dynamic EAP methods are build as shared objects (eap_*.so) and they need to
+# be loaded in the beginning of the wpa_supplicant configuration file
+# (see load_dynamic_eap parameter in the example file) before being used in
+# the network blocks.
+#
+# Note that some shared parts of EAP methods are included in the main program
+# and in order to be able to use dynamic EAP methods using these parts, the
+# main program must have been build with the EAP method enabled (=y or =dyn).
+# This means that EAP-TLS/PEAP/TTLS/FAST cannot be added as dynamic libraries
+# unless at least one of them was included in the main build to force inclusion
+# of the shared code. Similarly, at least one of EAP-SIM/AKA must be included
+# in the main build to be able to load these methods dynamically.
+#
+# Please also note that using dynamic libraries will increase the total binary
+# size. Thus, it may not be the best option for targets that have limited
+# amount of memory/flash.
+#CONFIG_DYNAMIC_EAP_METHODS=y
+
+# IEEE Std 802.11r-2008 (Fast BSS Transition) for station mode
+CONFIG_IEEE80211R=y
+
+# Add support for writing debug log to a file (/tmp/wpa_supplicant-log-#.txt)
+CONFIG_DEBUG_FILE=y
+
+# Send debug messages to syslog instead of stdout
+CONFIG_DEBUG_SYSLOG=y
+# Set syslog facility for debug messages
+CONFIG_DEBUG_SYSLOG_FACILITY=LOG_DAEMON
+
+# Add support for sending all debug messages (regardless of debug verbosity)
+# to the Linux kernel tracing facility. This helps debug the entire stack by
+# making it easy to record everything happening from the driver up into the
+# same file, e.g., using trace-cmd.
+CONFIG_DEBUG_LINUX_TRACING=y
+
+# Add support for writing debug log to Android logcat instead of standard
+# output
+#CONFIG_ANDROID_LOG=y
+
+# Enable privilege separation (see README 'Privilege separation' for details)
+#CONFIG_PRIVSEP=y
+
+# Enable mitigation against certain attacks against TKIP by delaying Michael
+# MIC error reports by a random amount of time between 0 and 60 seconds
+CONFIG_DELAYED_MIC_ERROR_REPORT=y
+
+# Enable tracing code for developer debugging
+# This tracks use of memory allocations and other registrations and reports
+# incorrect use with a backtrace of call (or allocation) location.
+#CONFIG_WPA_TRACE=y
+# For BSD, uncomment these.
+#LIBS += -lexecinfo
+#LIBS_p += -lexecinfo
+#LIBS_c += -lexecinfo
+
+# Use libbfd to get more details for developer debugging
+# This enables use of libbfd to get more detailed symbols for the backtraces
+# generated by CONFIG_WPA_TRACE=y.
+#CONFIG_WPA_TRACE_BFD=y
+# For BSD, uncomment these.
+#LIBS += -lbfd -liberty -lz
+#LIBS_p += -lbfd -liberty -lz
+#LIBS_c += -lbfd -liberty -lz
+
+# wpa_supplicant depends on strong random number generation being available
+# from the operating system. os_get_random() function is used to fetch random
+# data when needed, e.g., for key generation. On Linux and BSD systems, this
+# works by reading /dev/urandom. It should be noted that the OS entropy pool
+# needs to be properly initialized before wpa_supplicant is started. This is
+# important especially on embedded devices that do not have a hardware random
+# number generator and may by default start up with minimal entropy available
+# for random number generation.
+#
+# As a safety net, wpa_supplicant is by default trying to internally collect
+# additional entropy for generating random data to mix in with the data fetched
+# from the OS. This by itself is not considered to be very strong, but it may
+# help in cases where the system pool is not initialized properly. However, it
+# is very strongly recommended that the system pool is initialized with enough
+# entropy either by using hardware assisted random number generator or by
+# storing state over device reboots.
+#
+# wpa_supplicant can be configured to maintain its own entropy store over
+# restarts to enhance random number generation. This is not perfect, but it is
+# much more secure than using the same sequence of random numbers after every
+# reboot. This can be enabled with -e<entropy file> command line option. The
+# specified file needs to be readable and writable by wpa_supplicant.
+#
+# If the os_get_random() is known to provide strong random data (e.g., on
+# Linux/BSD, the board in question is known to have reliable source of random
+# data from /dev/urandom), the internal wpa_supplicant random pool can be
+# disabled. This will save some in binary size and CPU use. However, this
+# should only be considered for builds that are known to be used on devices
+# that meet the requirements described above.
+CONFIG_NO_RANDOM_POOL=y
+
+# Should we attempt to use the getrandom(2) call that provides more reliable
+# yet secure randomness source than /dev/random on Linux 3.17 and newer.
+# Requires glibc 2.25 to build, falls back to /dev/random if unavailable.
+CONFIG_GETRANDOM=y
+
+# IEEE 802.11ac (Very High Throughput) support (mainly for AP mode)
+CONFIG_IEEE80211AC=y
+
+# Wireless Network Management (IEEE Std 802.11v-2011)
+# Note: This is experimental and not complete implementation.
+#CONFIG_WNM=y
+
+# Interworking (IEEE 802.11u)
+# This can be used to enable functionality to improve interworking with
+# external networks (GAS/ANQP to learn more about the networks and network
+# selection based on available credentials).
+CONFIG_INTERWORKING=y
+
+# Hotspot 2.0
+CONFIG_HS20=y
+
+# Enable interface matching in wpa_supplicant
+#CONFIG_MATCH_IFACE=y
+
+# Disable roaming in wpa_supplicant
+#CONFIG_NO_ROAMING=y
+
+# AP mode operations with wpa_supplicant
+# This can be used for controlling AP mode operations with wpa_supplicant. It
+# should be noted that this is mainly aimed at simple cases like
+# WPA2-Personal while more complex configurations like WPA2-Enterprise with an
+# external RADIUS server can be supported with hostapd.
+CONFIG_AP=y
+
+# P2P (Wi-Fi Direct)
+# This can be used to enable P2P support in wpa_supplicant. See README-P2P for
+# more information on P2P operations.
+CONFIG_P2P=y
+
+# Enable TDLS support
+CONFIG_TDLS=y
+
+# Wi-Fi Display
+# This can be used to enable Wi-Fi Display extensions for P2P using an external
+# program to control the additional information exchanges in the messages.
+CONFIG_WIFI_DISPLAY=y
+
+# Autoscan
+# This can be used to enable automatic scan support in wpa_supplicant.
+# See wpa_supplicant.conf for more information on autoscan usage.
+#
+# Enabling directly a module will enable autoscan support.
+# For exponential module:
+CONFIG_AUTOSCAN_EXPONENTIAL=y
+# For periodic module:
+CONFIG_AUTOSCAN_PERIODIC=y
+
+# Password (and passphrase, etc.) backend for external storage
+# These optional mechanisms can be used to add support for storing passwords
+# and other secrets in external (to wpa_supplicant) location. This allows, for
+# example, operating system specific key storage to be used
+#
+# External password backend for testing purposes (developer use)
+#CONFIG_EXT_PASSWORD_TEST=y
+# File-based backend to read passwords from an external file.
+#CONFIG_EXT_PASSWORD_FILE=y
+
+# Enable Fast Session Transfer (FST)
+CONFIG_FST=y
+
+# Enable CLI commands for FST testing
+#CONFIG_FST_TEST=y
+
+# OS X builds. This is only for building eapol_test.
+#CONFIG_OSX=y
+
+# Automatic Channel Selection
+# This will allow wpa_supplicant to pick the channel automatically when channel
+# is set to "0".
+#
+# TODO: Extend parser to be able to parse "channel=acs_survey" as an alternative
+# to "channel=0". This would enable us to eventually add other ACS algorithms in
+# similar way.
+#
+# Automatic selection is currently only done through initialization, later on
+# we hope to do background checks to keep us moving to more ideal channels as
+# time goes by. ACS is currently only supported through the nl80211 driver and
+# your driver must have survey dump capability that is filled by the driver
+# during scanning.
+#
+# TODO: In analogy to hostapd be able to customize the ACS survey algorithm with
+# a newly to create wpa_supplicant.conf variable acs_num_scans.
+#
+# Supported ACS drivers:
+# * ath9k
+# * ath5k
+# * ath10k
+#
+# For more details refer to:
+# http://wireless.kernel.org/en/users/Documentation/acs
+CONFIG_ACS=y
+
+# Support Multi Band Operation
+#CONFIG_MBO=y
+
+# Fast Initial Link Setup (FILS) (IEEE 802.11ai)
+#CONFIG_FILS=y
+# FILS shared key authentication with PFS
+#CONFIG_FILS_SK_PFS=y
+
+# Support RSN on IBSS networks
+# This is needed to be able to use mode=1 network profile with proto=RSN and
+# key_mgmt=WPA-PSK (i.e., full key management instead of WPA-None).
+CONFIG_IBSS_RSN=y
+
+# External PMKSA cache control
+# This can be used to enable control interface commands that allow the current
+# PMKSA cache entries to be fetched and new entries to be added.
+CONFIG_PMKSA_CACHE_EXTERNAL=y
+
+# Mesh Networking (IEEE 802.11s)
+#CONFIG_MESH=y
+
+# Background scanning modules
+# These can be used to request wpa_supplicant to perform background scanning
+# operations for roaming within an ESS (same SSID). See the bgscan parameter in
+# the wpa_supplicant.conf file for more details.
+# Periodic background scans based on signal strength
+CONFIG_BGSCAN_SIMPLE=y
+# Learn channels used by the network and try to avoid bgscans on other
+# channels (experimental)
+CONFIG_BGSCAN_LEARN=y
+
+# Opportunistic Wireless Encryption (OWE)
+# Experimental implementation of draft-harkins-owe-07.txt
+CONFIG_OWE=y
+
+# Device Provisioning Protocol (DPP) (also known as Wi-Fi Easy Connect)
+CONFIG_DPP=y
+# DPP version 2 support
+CONFIG_DPP2=y
+# DPP version 3 support (experimental and still changing; do not enable for
+# production use)
+#CONFIG_DPP3=y
+
+# Wired equivalent privacy (WEP)
+# WEP is an obsolete cryptographic data confidentiality algorithm that is not
+# considered secure. It should not be used for anything anymore. The
+# functionality needed to use WEP is available in the current wpa_supplicant
+# release under this optional build parameter. This functionality is subject to
+# be completely removed in a future release.
+#CONFIG_WEP=y
+
+# Remove all TKIP functionality
+# TKIP is an old cryptographic data confidentiality algorithm that is not
+# considered secure. It should not be used anymore for anything else than a
+# backwards compatibility option as a group cipher when connecting to APs that
+# use WPA+WPA2 mixed mode. For now, the default wpa_supplicant build includes
+# support for this by default, but that functionality is subject to be removed
+# in the future.
+#CONFIG_NO_TKIP=y
+
+# Pre-Association Security Negotiation (PASN)
+# Experimental implementation based on IEEE P802.11z/D2.6 and the protocol
+# design is still subject to change. As such, this should not yet be enabled in
+# production use.
+#CONFIG_PASN=y
+CONFIG_IPV6=y

xz/PKGBUILD

@@ -1,17 +1,25 @@
 #!/usr/bin/bash
 # JOBoRun		: Jwm OpenBox Obarun RUNit
-# Maintainer		: Joe Bo Run <joborun@disroot.org>
+# Maintainer	: Joe Bo Run <joborun@disroot.org>
 # PkgSource		: url="https://gittea.disroot.org/joborun-pkg/jobcore/$pkgname"
+# Website		: https://pozol.eu
 #-----------------------------------------| DESCRIPTION |---------------------------------------
 
 pkgname=xz
 pkgver=5.2.5
-pkgrel=02
+pkgrel=03
 pkgdesc='Library and command line tools for XZ and LZMA compressed files'
 arch=('x86_64')
 url='https://tukaani.org/xz/'
 depends=('sh')
-source=("https://tukaani.org/${pkgname}/${pkgname}-${pkgver}.tar.gz"{,.sig})
+source=("https://tukaani.org/${pkgname}/${pkgname}-${pkgver}.tar.gz"{,.sig}
+        "https://tukaani.org/${pkgname}/xzgrep-ZDI-CAN-16587.patch"{,.sig})
+ 
+prepare() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+
+	patch -p1 -i "${srcdir}/xzgrep-ZDI-CAN-16587.patch"
+}
 
 build() {
 	cd "${srcdir}/${pkgname}-${pkgver}"
@@ -42,5 +50,7 @@ license=('GPL' 'LGPL' 'custom')
 
 validpgpkeys=('3690C240CE51B4670D30AD1C38EE757D69184620')
 
-sha256sums=(f6f4910fd033078738bd82bfba4f49219d03b17eb0794eb91efbae419f4aba10  # xz-5.2.5.tar.gz
-	a7a25afd19a3b26848cb8d5cbb5e588f8c8b69ad3cae942a6aafc62dfdbdd4a3) # xz-5.2.5.tar.gz.sig
+sha256sums=(f6f4910fd033078738bd82bfba4f49219d03b17eb0794eb91efbae419f4aba10 # xz-5.2.5.tar.gz
+	a7a25afd19a3b26848cb8d5cbb5e588f8c8b69ad3cae942a6aafc62dfdbdd4a3 # xz-5.2.5.tar.gz.sig
+            98c6cb1042284fe704ec30083f3fc87364ce9ed2ea51f62bbb0ee9d3448717ec # xzgrep-ZDI-CAN-16587.patch
+	bc03de8942eae1c7cd12dd4881d4c9b270b1a2ac3902f6c9dfd1b10007625ca8) # xzgrep-ZDI-CAN-16587.patch.sig

xz/PKGBUILD-arch

@@ -3,17 +3,26 @@
 
 pkgname=xz
 pkgver=5.2.5
-pkgrel=2
+pkgrel=3
 pkgdesc='Library and command line tools for XZ and LZMA compressed files'
 arch=('x86_64')
 url='https://tukaani.org/xz/'
 license=('GPL' 'LGPL' 'custom')
 depends=('sh')
-source=("https://tukaani.org/${pkgname}/${pkgname}-${pkgver}.tar.gz"{,.sig})
+source=("https://tukaani.org/${pkgname}/${pkgname}-${pkgver}.tar.gz"{,.sig}
+        "https://tukaani.org/${pkgname}/xzgrep-ZDI-CAN-16587.patch"{,.sig})
 sha256sums=('f6f4910fd033078738bd82bfba4f49219d03b17eb0794eb91efbae419f4aba10'
+            'SKIP'
+            '98c6cb1042284fe704ec30083f3fc87364ce9ed2ea51f62bbb0ee9d3448717ec'
             'SKIP')
 validpgpkeys=('3690C240CE51B4670D30AD1C38EE757D69184620')
 
+prepare() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+
+	patch -p1 -i "${srcdir}/xzgrep-ZDI-CAN-16587.patch"
+}
+
 build() {
 	cd "${srcdir}/${pkgname}-${pkgver}"
 

xz/clean

@@ -1 +1 @@
-rm -rvf {src,pkg,xz*.tar.gz*}
+rm -rvf {src,pkg,xz*.tar.gz*,xzgrep*patch*}

xz/deps

@@ -1 +1,2 @@
 
+