17 files changed, 635 insertions, 602 deletions
diff --git a/debian/patches/0005-gcc10.patch b/debian/patches/0005-gcc10.patch
deleted file mode 100644
index a4e5d8a..0000000
--- a/debian/patches/0005-gcc10.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-Description: Fix ftbfs with gcc-10
-Author: Jörg Frings-Fürst <debian@jff.email>
-Bug: https://github.com/ipmitool/ipmitool/issues/220
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=957371
-Last-Update: 2020-07-28
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/include/ipmitool/ipmi_hpmfwupg.h
-===================================================================
---- trunk.orig/include/ipmitool/ipmi_hpmfwupg.h
-+++ trunk/include/ipmitool/ipmi_hpmfwupg.h
-@@ -30,9 +30,22 @@
-  * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
-  */
- 
-+
- #ifndef IPMI_HPMFWUPG_H
- #define IPMI_HPMFWUPG_H
- 
-+
-+#ifdef IPMI_HPMFWUPG_MOD
-+
-+    #define EXTERN
-+
-+#else
-+
-+    #define EXTERN extern
-+
-+#endif
-+
-+
- #include <inttypes.h>
- #include <ipmitool/ipmi.h>
- 
-@@ -800,10 +813,12 @@ typedef struct _VERSIONINFO {
- 	char descString[HPMFWUPG_DESC_STRING_LENGTH + 1];
- }VERSIONINFO, *PVERSIONINFO;
- 
--VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
-+EXTERN VERSIONINFO gVersionInfo[HPMFWUPG_COMPONENT_ID_MAX];
- 
- #define TARGET_VER (0x01)
- #define ROLLBACK_VER (0x02)
- #define IMAGE_VER (0x04)
- 
- #endif /* IPMI_KFWUM_H */
-+
-+#undef EXTERN
-Index: trunk/lib/ipmi_hpmfwupg.c
-===================================================================
---- trunk.orig/lib/ipmi_hpmfwupg.c
-+++ trunk/lib/ipmi_hpmfwupg.c
-@@ -37,7 +37,10 @@
- 
- #include <ipmitool/ipmi_intf.h>
- #include <ipmitool/ipmi_mc.h>
-+
-+#define IPMI_HPMFWUPG_MOD
- #include <ipmitool/ipmi_hpmfwupg.h>
-+
- #include <ipmitool/helper.h>
- #include <ipmitool/ipmi_strings.h>
- #include <ipmitool/log.h>
diff --git a/debian/patches/0100-fix_buf_overflow.patch b/debian/patches/0100-fix_buf_overflow.patch
index 174d205..1651487 100644
--- a/debian/patches/0100-fix_buf_overflow.patch
+++ b/debian/patches/0100-fix_buf_overflow.patch
@@ -11,12 +11,12 @@ Index: trunk/lib/ipmi_tsol.c
 ===================================================================
 --- trunk.orig/lib/ipmi_tsol.c
 +++ trunk/lib/ipmi_tsol.c
-@@ -375,7 +375,7 @@ ipmi_tsol_main(struct ipmi_intf *intf, i
+@@ -374,7 +374,7 @@ ipmi_tsol_main(struct ipmi_intf *intf, i
  	char *recvip = NULL;
  	char in_buff[IPMI_BUF_SIZE];
  	char out_buff[IPMI_BUF_SIZE * 8];
 -	char buff[IPMI_BUF_SIZE + 4];
 +	char buff[IPMI_BUF_SIZE * 8 + 4];
  	int fd_socket, result, i;
- 	int out_buff_fill, in_buff_fill;
+ 	size_t out_buff_fill, in_buff_fill;
  	int ip1, ip2, ip3, ip4;
diff --git a/debian/patches/0105-sensor_reading.patch b/debian/patches/0105-sensor_reading.patch
new file mode 100644
index 0000000..edde4a0
--- /dev/null
+++ b/debian/patches/0105-sensor_reading.patch
@@ -0,0 +1,35 @@
+Description: Fix soensor reading
+Author: mareedu srinivasa rao
+Origin: upstream, https://sourceforge.net/p/ipmitool/bugs/490/
+Bug: https://sourceforge.net/p/ipmitool/bugs/490/
+Bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983082
+Forwarded: not-needed
+Last-Update: 2022-10-29
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/lib/ipmi_sdr.c
+===================================================================
+--- trunk.orig/lib/ipmi_sdr.c
++++ trunk/lib/ipmi_sdr.c
+@@ -1799,7 +1799,7 @@ ipmi_sdr_print_sensor_fc(struct ipmi_int
+ 						      sr->s_a_units);
+ 			} else /* Discrete */
+ 				snprintf(sval, sizeof(sval),
+-					"0x%02x", sr->s_reading);
++					"0x%02x", sr->s_data2);
+ 		}
+ 		else if (sr->s_scanning_disabled)
+ 			snprintf(sval, sizeof (sval), sr->full ? "disabled"   : "Not Readable");
+Index: trunk/lib/ipmi_sensor.c
+===================================================================
+--- trunk.orig/lib/ipmi_sensor.c
++++ trunk/lib/ipmi_sensor.c
+@@ -201,7 +201,7 @@ ipmi_sensor_print_fc_discrete(struct ipm
+ 					       sr->s_a_str, sr->s_a_units, "ok");
+ 				} else {
+ 					printf("| 0x%-8x | %-10s | 0x%02x%02x",
+-					       sr->s_reading, "discrete",
++					       sr->s_data2, "discrete",
+ 					       sr->s_data2, sr->s_data3);
+ 				}
+ 			} else {
diff --git a/debian/patches/0110-getpass-prototype.patch b/debian/patches/0110-getpass-prototype.patch
deleted file mode 100644
index ecd8ee9..0000000
--- a/debian/patches/0110-getpass-prototype.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Description: use necessary source dialect to ensure getpass() availability
-  getpass is a deprecated function, and building with either c99 or gnu99
-  does not ensure this function's availability.  So instead, declare
- _DEFAULT_SOURCE so that the function remains available.
-Author: Steve Langasek <steve.langasek@ubuntu.com>
-Origin: <upstream|backport|vendor|other>, <URL, required except if Author is present>
-Bug: <URL to the upstream bug report if any, implies patch has been forwarded, optional>
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819340
-Last-Update: 2016-05-15
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/lib/ipmi_main.c
-===================================================================
---- trunk.orig/lib/ipmi_main.c
-+++ trunk/lib/ipmi_main.c
-@@ -34,6 +34,7 @@
- 	(_XOPEN_SOURCE >= 500 || \
- 	_XOPEN_SOURCE && _XOPEN_SOURCE_EXTENDED) && \
- 	!(_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600)
-+#define _DEFAULT_SOURCE
- 
- #include <stdlib.h>
- #include <stdio.h>
diff --git a/debian/patches/0110-unpdate_IANA_URL.patch b/debian/patches/0110-unpdate_IANA_URL.patch
new file mode 100644
index 0000000..6239c4c
--- /dev/null
+++ b/debian/patches/0110-unpdate_IANA_URL.patch
@@ -0,0 +1,72 @@
+Description: Fix IANA url
+Author: <name and email of author, optional>
+Origin: upstream, https://github.com/siderolabs/pkgs/pull/634/commits/5a39853823255f3715857fb4907bca13573e76d0
+Bug: https://github.com/ipmitool/ipmitool/issues/377
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023312 
+Forwarded: not-needed
+Applied-Upstream: https://github.com/siderolabs/pkgs/pull/634/commits/5a39853823255f3715857fb4907bca13573e76d0
+Last-Update: 2022-12-25
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/Makefile.am
+===================================================================
+--- trunk.orig/Makefile.am
++++ trunk/Makefile.am
+@@ -41,7 +41,7 @@ MAINTAINERCLEANFILES = Makefile.in acloc
+ 	$(distdir).tar.gz $(distdir).tar.bz2
+ 
+ SUBDIRS = lib src include doc contrib control
+-IANA_PEN = http://www.iana.org/assignments/enterprise-numbers
++IANA_PEN = http://www.iana.org/assignments/enterprise-numbers.txt
+ 
+ dist-hook:
+ 	cp control/ipmitool.spec $(distdir)
+Index: trunk/lib/ipmi_strings.c
+===================================================================
+--- trunk.orig/lib/ipmi_strings.c
++++ trunk/lib/ipmi_strings.c
+@@ -1489,7 +1489,7 @@ size_t count_bytes(const char *s, unsign
+  * That is, IANA PEN at position 0, enterprise name at position 2.
+  */
+ #define IANA_NAME_OFFSET 2
+-#define IANA_PEN_REGISTRY "enterprise-numbers"
++#define IANA_PEN_REGISTRY "enterprise-numbers.txt"
+ static
+ int oem_info_list_load(oem_valstr_list_t **list)
+ {
+Index: trunk/doc/ipmitool.1.in
+===================================================================
+--- trunk.orig/doc/ipmitool.1.in
++++ trunk/doc/ipmitool.1.in
+@@ -3830,10 +3830,10 @@ Chassis Power Control: Up/On
+ 
+ .SH FILES
+ .TP
+-.B @IANADIR@/enterprise-numbers
+-system IANA PEN registry taken from http://www.iana.org/assignments/enterprise-numbers
++.B @IANADIR@/enterprise-numbers.txt
++system IANA PEN registry taken from https://www.iana.org/assignments/enterprise-numbers.txt
+ .TP
+-.B ~/@IANAUSERDIR@/enterprise-numbers
++.B ~/@IANAUSERDIR@/enterprise-numbers.txt
+ user's override for the system IANA PEN registry, this file if it exists is loaded instead
+ of the system registry (see above).
+ 
+Index: trunk/doc/ipmievd.8.in
+===================================================================
+--- trunk.orig/doc/ipmievd.8.in
++++ trunk/doc/ipmievd.8.in
+@@ -220,10 +220,10 @@ Waiting for Events...
+ 
+ .SH FILES
+ .TP
+-.B @IANADIR@/enterprise-numbers
+-system IANA PEN registry taken from http://www.iana.org/assignments/enterprise-numbers
++.B @IANADIR@/enterprise-numbers.txt
++system IANA PEN registry taken from https://www.iana.org/assignments/enterprise-numbers.txt
+ .TP
+-.B ~/@IANAUSERDIR@/enterprise-numbers
++.B ~/@IANAUSERDIR@/enterprise-numbers.txt
+ user's override for the system IANA PEN registry, this file if it exists is loaded instead
+ of the system registry (see above).
+ 
diff --git a/debian/patches/0115-hurd_PATH_MAX.patch b/debian/patches/0115-hurd_PATH_MAX.patch
new file mode 100644
index 0000000..83d30e5
--- /dev/null
+++ b/debian/patches/0115-hurd_PATH_MAX.patch
@@ -0,0 +1,21 @@
+Description: Add missing PATH_MAX for hurd-i386
+Author: Jörg Frings-Fürst <debian@jff.email>
+Forwarded: not-needed
+Last-Update: 2022-12-26
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/include/ipmitool/ipmi_strings.h
+===================================================================
+--- trunk.orig/include/ipmitool/ipmi_strings.h
++++ trunk/include/ipmitool/ipmi_strings.h
+@@ -36,6 +36,10 @@
+ 
+ #define CC_STRING(cc) val2str(cc, completion_code_vals)
+ 
++#ifndef PATH_MAX
++    #define PATH_MAX 1024
++#endif
++
+ extern const struct valstr completion_code_vals[];
+ extern const struct valstr entity_id_vals[];
+ extern const struct valstr entity_device_type_vals[];
diff --git a/debian/patches/0115-typo.patch b/debian/patches/0115-typo.patch
deleted file mode 100644
index e8f762c..0000000
--- a/debian/patches/0115-typo.patch
+++ /dev/null
@@ -1,164 +0,0 @@
-Description: source typos
-Author: Jörg Frings-Fürst <debian@jff-webhosting.net>
-Forwarded: not-needed
-Last-Update: 2017-08-13
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/lib/dimm_spd.c
-===================================================================
---- trunk.orig/lib/dimm_spd.c
-+++ trunk/lib/dimm_spd.c
-@@ -798,7 +798,7 @@ const struct valstr jedec_id5_vals[] = {
- 	{ 0xE3, "WIS Technologies" },
- 	{ 0x64, "GateChange Technologies" },
- 	{ 0xE5, "High Density Devices AS" },
--	{ 0xE6, "Synopsys" },
-+	{ 0xE6, "Synopsis" },
- 	{ 0x67, "Gigaram" },
- 	{ 0x68, "Enigma Semiconductor Inc." },
- 	{ 0xE9, "Century Micro Inc." },
-Index: trunk/lib/ipmi_hpmfwupg.c
-===================================================================
---- trunk.orig/lib/ipmi_hpmfwupg.c
-+++ trunk/lib/ipmi_hpmfwupg.c
-@@ -1507,7 +1507,7 @@ HpmfwupgGetTargetUpgCapabilities(struct
- 				pCtx->resp.GlobalCapabilities.bitField.autRollbackOverride ? 'y' : 'n');
- 		lprintf(LOG_NOTICE, "IPMC degraded...........[%c]   ",
- 				pCtx->resp.GlobalCapabilities.bitField.ipmcDegradedDurinUpg ? 'y' : 'n');
--		lprintf(LOG_NOTICE, "Defered activation......[%c]   ",
-+		lprintf(LOG_NOTICE, "Deferred activation......[%c]   ",
- 				pCtx->resp.GlobalCapabilities.bitField.deferActivation ? 'y' : 'n');
- 		lprintf(LOG_NOTICE, "Service affected........[%c]   ",
- 				pCtx->resp.GlobalCapabilities.bitField.servAffectDuringUpg ? 'y' : 'n');
-Index: trunk/lib/ipmi_kontronoem.c
-===================================================================
---- trunk.orig/lib/ipmi_kontronoem.c
-+++ trunk/lib/ipmi_kontronoem.c
-@@ -85,7 +85,7 @@ ipmi_kontronoem_main(struct ipmi_intf *i
- 			return (-1);
- 		}
- 		if (ipmi_kontron_set_serial_number(intf) > 0) {
--			printf("FRU serial number setted successfully\n");
-+			printf("FRU serial number set successfully\n");
- 		} else {
- 			printf("FRU serial number set failed\n");
- 			rc = (-1);
-@@ -96,7 +96,7 @@ ipmi_kontronoem_main(struct ipmi_intf *i
- 			return (-1);
- 		}
- 		if (ipmi_kontron_set_mfg_date(intf) > 0) {
--			printf("FRU manufacturing date setted successfully\n");
-+			printf("FRU manufacturing date set successfully\n");
- 		} else {
- 			printf("FRU manufacturing date set failed\n");
- 			rc = (-1);
-Index: trunk/lib/ipmi_ekanalyzer.c
-===================================================================
---- trunk.orig/lib/ipmi_ekanalyzer.c
-+++ trunk/lib/ipmi_ekanalyzer.c
-@@ -3398,7 +3398,7 @@ ipmi_ek_display_board_p2p_record(struct
- 				printf("ShMC Cross-connect (two-pair)\n");
- 				break;
- 			default:
--				printf("Unknwon\n");
-+				printf("Unknown\n");
- 				break;
- 			}
- 		} else if (d->type == FRU_PICMGEXT_LINK_TYPE_FABRIC_ETHERNET) {
-@@ -3413,17 +3413,17 @@ ipmi_ek_display_board_p2p_record(struct
- 				printf("FC-PI\n");
- 				break;
- 			default:
--				printf("Unknwon\n");
-+				printf("Unknown\n");
- 				break;
- 			}
- 		} else if (d->type == FRU_PICMGEXT_LINK_TYPE_FABRIC_INFINIBAND) {
--			printf("Unknwon\n");
-+			printf("Unknown\n");
- 		} else if (d->type == FRU_PICMGEXT_LINK_TYPE_FABRIC_STAR) {
--			printf("Unknwon\n");
-+			printf("Unknown\n");
- 		} else if (d->type == FRU_PICMGEXT_LINK_TYPE_PCIE) {
--			printf("Unknwon\n");
-+			printf("Unknown\n");
- 		} else {
--			printf("Unknwon\n");
-+			printf("Unknown\n");
- 		}
- 		printf("\tLink Type:\t\t0x%02x - ", d->type);
- 		if (d->type == 0 || d->type == 0xff) {
-Index: trunk/src/ipmievd.c
-===================================================================
---- trunk.orig/src/ipmievd.c
-+++ trunk/src/ipmievd.c
-@@ -125,7 +125,7 @@ static int openipmi_wait(struct ipmi_eve
- static int openipmi_read(struct ipmi_event_intf * eintf);
- static struct ipmi_event_intf openipmi_event_intf = {
- 	.name = "open",
--	.desc = "OpenIPMI asyncronous notification of events",
-+	.desc = "OpenIPMI asynchronous notification of events",
- 	.prefix = "",
- 	.setup = openipmi_setup,
- 	.wait = openipmi_wait,
-@@ -864,7 +864,7 @@ ipmievd_open_main(struct ipmi_intf * int
- 
- struct ipmi_cmd ipmievd_cmd_list[] = {
- #ifdef IPMI_INTF_OPEN
--	{ ipmievd_open_main,	"open",   "Use OpenIPMI for asyncronous notification of events" },
-+	{ ipmievd_open_main,	"open",   "Use OpenIPMI for asynchronous notification of events" },
- #endif
- 	{ ipmievd_sel_main,	"sel",    "Poll SEL for notification of events" },
- 	{ NULL }
-Index: trunk/include/ipmitool/ipmi_pef.h
-===================================================================
---- trunk.orig/include/ipmitool/ipmi_pef.h
-+++ trunk/include/ipmitool/ipmi_pef.h
-@@ -178,7 +178,7 @@ BIT_DESC_MAP_LIST,
- 	{"Entity presence",				37},
- 	{"Monitor ASIC/IC",				38},
- 	{"LAN",								39},
--	{"Management subsytem health",40},
-+	{"Management subsystem health",40},
- 	{"Battery",							41},
- 	{NULL}
- }	};
-Index: trunk/doc/ipmievd.8
-===================================================================
---- trunk.orig/doc/ipmievd.8
-+++ trunk/doc/ipmievd.8
-@@ -145,7 +145,7 @@ placed at the end of commands to get opt
- > ipmievd help
- .br 
- Commands:
--    open    Use OpenIPMI for asyncronous notification of events
-+    open    Use OpenIPMI for asynchronous notification of events
-     sel     Poll SEL for notification of events
- 
- .TP 
-Index: trunk/lib/ipmi_lanp.c
-===================================================================
---- trunk.orig/lib/ipmi_lanp.c
-+++ trunk/lib/ipmi_lanp.c
-@@ -1271,7 +1271,7 @@ print_lan_set_bad_pass_thresh_usage(void
- {
- 	lprintf(LOG_NOTICE,
- "lan set <chanel> bad_pass_thresh <thresh_num> <1|0> <reset_interval> <lockout_interval>\n"
--"        <thresh_num>         Bad Pasword Threshold number.\n"
-+"        <thresh_num>         Bad Password Threshold number.\n"
- "        <1|0>                1 = generate a Session Audit sensor event.\n"
- "                             0 = do not generate an event.\n"
- "        <reset_interval>     Attempt Count Reset Interval. In tens of seconds.\n"
-Index: trunk/lib/ipmi_mc.c
-===================================================================
---- trunk.orig/lib/ipmi_mc.c
-+++ trunk/lib/ipmi_mc.c
-@@ -583,7 +583,7 @@ static int ipmi_mc_get_selftest(struct i
- 			printf(" -> SEL device not accessible\n");
- 		}
- 		if (sft_res->test & IPM_SELFTEST_SDR_ERROR) {
--			printf(" -> SDR repository not accesible\n");
-+			printf(" -> SDR repository not accessible\n");
- 		}
- 		if (sft_res->test & IPM_SELFTEST_FRU_ERROR) {
- 			printf("FRU device not accessible\n");
diff --git a/debian/patches/0120-openssl1.1.patch b/debian/patches/0120-openssl1.1.patch
deleted file mode 100644
index a7523fd..0000000
--- a/debian/patches/0120-openssl1.1.patch
+++ /dev/null
@@ -1,150 +0,0 @@
-Description: Migrate to openssl 1.1
- Cherry-picked from upstream
-Author: Jörg Frings-Fürst <debian@jff-webhosting.net>
-Origin: upstream https://sourceforge.net/p/ipmitool/source/ci/1664902525a1c3771b4d8b3ccab7ea1ba6b2bdd1/
-Bug: https://sourceforge.net/p/ipmitool/bugs/461/
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853782
-Forwarded: not-needed
-Last-Update: 2017-08-13 <YYYY-MM-DD, last update of the meta-information, optional>
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/src/plugins/lanplus/lanplus_crypt_impl.c
-===================================================================
---- trunk.orig/src/plugins/lanplus/lanplus_crypt_impl.c
-+++ trunk/src/plugins/lanplus/lanplus_crypt_impl.c
-@@ -164,11 +164,7 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 							uint8_t       * output,
- 							uint32_t        * bytes_written)
- {
--	EVP_CIPHER_CTX ctx;
--	EVP_CIPHER_CTX_init(&ctx);
--	EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
--	EVP_CIPHER_CTX_set_padding(&ctx, 0);
--	
-+	EVP_CIPHER_CTX *ctx = NULL;
- 
- 	*bytes_written = 0;
- 
-@@ -182,6 +178,14 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 		printbuf(input, input_length, "encrypting this data");
- 	}
- 
-+	ctx = EVP_CIPHER_CTX_new();
-+	if (ctx == NULL) {
-+		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
-+		return;
-+	}
-+	EVP_CIPHER_CTX_init(ctx);
-+	EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
-+	EVP_CIPHER_CTX_set_padding(ctx, 0);
- 
- 	/*
- 	 * The default implementation adds a whole block of padding if the input
-@@ -191,28 +195,28 @@ lanplus_encrypt_aes_cbc_128(const uint8_
- 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- 
- 
--	if(!EVP_EncryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
-+	if(!EVP_EncryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
- 	{
- 		/* Error */
- 		*bytes_written = 0;
--		return;
- 	}
- 	else
- 	{
- 		uint32_t tmplen;
- 
--		if(!EVP_EncryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
-+		if(!EVP_EncryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
- 		{
-+			/* Error */
- 			*bytes_written = 0;
--			return; /* Error */
- 		}
- 		else
- 		{
- 			/* Success */
- 			*bytes_written += tmplen;
--			EVP_CIPHER_CTX_cleanup(&ctx);
- 		}
- 	}
-+	/* performs cleanup and free */
-+	EVP_CIPHER_CTX_free(ctx);
- }
- 
- 
-@@ -239,11 +243,7 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 							uint8_t       * output,
- 							uint32_t        * bytes_written)
- {
--	EVP_CIPHER_CTX ctx;
--	EVP_CIPHER_CTX_init(&ctx);
--	EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv);
--	EVP_CIPHER_CTX_set_padding(&ctx, 0);
--
-+	EVP_CIPHER_CTX *ctx = NULL;
- 
- 	if (verbose >= 5)
- 	{
-@@ -252,12 +252,20 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 		printbuf(input, input_length, "decrypting this data");
- 	}
- 
--
- 	*bytes_written = 0;
- 
- 	if (input_length == 0)
- 		return;
- 
-+	ctx = EVP_CIPHER_CTX_new();
-+	if (ctx == NULL) {
-+		lprintf(LOG_DEBUG, "ERROR: EVP_CIPHER_CTX_new() failed");
-+		return;
-+	}
-+	EVP_CIPHER_CTX_init(ctx);
-+	EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);
-+	EVP_CIPHER_CTX_set_padding(ctx, 0);
-+
- 	/*
- 	 * The default implementation adds a whole block of padding if the input
- 	 * data is perfectly aligned.  We would like to keep that from happening.
-@@ -266,33 +274,33 @@ lanplus_decrypt_aes_cbc_128(const uint8_
- 	assert((input_length % IPMI_CRYPT_AES_CBC_128_BLOCK_SIZE) == 0);
- 
- 
--	if (!EVP_DecryptUpdate(&ctx, output, (int *)bytes_written, input, input_length))
-+	if (!EVP_DecryptUpdate(ctx, output, (int *)bytes_written, input, input_length))
- 	{
- 		/* Error */
- 		lprintf(LOG_DEBUG, "ERROR: decrypt update failed");
- 		*bytes_written = 0;
--		return;
- 	}
- 	else
- 	{
- 		uint32_t tmplen;
- 
--		if (!EVP_DecryptFinal_ex(&ctx, output + *bytes_written, (int *)&tmplen))
-+		if (!EVP_DecryptFinal_ex(ctx, output + *bytes_written, (int *)&tmplen))
- 		{
-+			/* Error */
- 			char buffer[1000];
- 			ERR_error_string(ERR_get_error(), buffer);
- 			lprintf(LOG_DEBUG, "the ERR error %s", buffer);
- 			lprintf(LOG_DEBUG, "ERROR: decrypt final failed");
- 			*bytes_written = 0;
--			return; /* Error */
- 		}
- 		else
- 		{
- 			/* Success */
- 			*bytes_written += tmplen;
--			EVP_CIPHER_CTX_cleanup(&ctx);
- 		}
- 	}
-+	/* performs cleanup and free */
-+	EVP_CIPHER_CTX_free(ctx);
- 
- 	if (verbose >= 5)
- 	{
diff --git a/debian/patches/0125-nvidia-iana.patch b/debian/patches/0125-nvidia-iana.patch
deleted file mode 100644
index 28276f8..0000000
--- a/debian/patches/0125-nvidia-iana.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Description: Add IANA ID for NVIDIA hardware
- Add the NVIDIA IANA ID to the hardcoded list used in ipmitool <= 1.8.18.
- After upstream commit "9d41136 ID:491 - Fetch vendor IDs from IANA", ipmitool
- generates a list of vendor IDs dynamically at build time, so we can drop this
- patch in future releases.
-Author: dann frazier <dannf@debian.org>
-Origin: backport
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903616
-Forwarded: not-needed
-Last-Update: 2018-07-11
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: ipmitool-1.8.18/include/ipmitool/ipmi.h
-===================================================================
---- ipmitool-1.8.18.orig/include/ipmitool/ipmi.h
-+++ ipmitool-1.8.18/include/ipmitool/ipmi.h
-@@ -279,6 +279,7 @@ typedef enum IPMI_OEM {
-      /* 4769 for [IBM Corporation] */
-      IPMI_OEM_IBM_4769   = 4769,
-      IPMI_OEM_MAGNUM     = 5593,
-+     IPMI_OEM_NVIDIA     = 5703,
-      IPMI_OEM_TYAN       = 6653,
-      IPMI_OEM_QUANTA     = 7244,
-      IPMI_OEM_NEWISYS    = 9237,
-Index: ipmitool-1.8.18/lib/ipmi_strings.c
-===================================================================
---- ipmitool-1.8.18.orig/lib/ipmi_strings.c
-+++ ipmitool-1.8.18/lib/ipmi_strings.c
-@@ -96,6 +96,7 @@ const struct valstr ipmi_oem_info[] = {
-    { IPMI_OEM_IBM_4769,               "IBM Corporation" },
-    { IPMI_OEM_IBM_20301,              "IBM eServer X" },
-    { IPMI_OEM_ADLINK_24339,           "ADLINK Technology Inc." },
-+   { IPMI_OEM_NVIDIA,                 "NVIDIA Corporation" },
-    { 0xffff , NULL },
- };
- 
diff --git a/debian/patches/0130-Correct_lanplus_segment_violation.patch b/debian/patches/0130-Correct_lanplus_segment_violation.patch
deleted file mode 100644
index 17e8fe5..0000000
--- a/debian/patches/0130-Correct_lanplus_segment_violation.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-Description: Fix lanplus segment violation for truncated response
-Origin: upstream, https://github.com/pjdhpe/ipmitool/commit/815aae70cf8dc9f0e1ba1923fc4ec3cc16d0d2f1?diff=unified
-Bug: https://github.com/ipmitool/ipmitool/issues/72
-Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945764
-Last-Update: 2019-12-22 
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/src/plugins/lanplus/lanplus.c
-===================================================================
---- trunk.orig/src/plugins/lanplus/lanplus.c
-+++ trunk/src/plugins/lanplus/lanplus.c
-@@ -819,7 +819,7 @@ ipmi_lan_poll_single(struct ipmi_intf *
- 			 * rsp->data_len becomes the length of that data
- 			 */
- 			extra_data_length = payload_size - (offset - payload_start) - 1;
--			if (extra_data_length) {
-+			if (extra_data_length > 0) {
- 				rsp->data_len = extra_data_length;
- 				memmove(rsp->data, rsp->data + offset, extra_data_length);
- 			} else {
-@@ -873,7 +873,7 @@ ipmi_lan_poll_single(struct ipmi_intf *
- 		}
- 		read_sol_packet(rsp, &offset);
- 		extra_data_length = payload_size - (offset - payload_start);
--		if (rsp && extra_data_length) {
-+		if (rsp && extra_data_length > 0) {
- 			rsp->data_len = extra_data_length;
- 			memmove(rsp->data, rsp->data + offset, extra_data_length);
- 		} else {
diff --git a/debian/patches/0500-fix_CVE-2011-4339.patch b/debian/patches/0500-fix_CVE-2011-4339.patch
deleted file mode 100644
index 62a9d0c..0000000
--- a/debian/patches/0500-fix_CVE-2011-4339.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-Description: CVE-2011-4339
- insecure file permission when creating PID files
- based on 112_fix_CVE-2011-4339
-Author: Jörg Frings-Fürst <debian@jff-webhosting.net>
-Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651917
-Forwarded: https://sourceforge.net/p/ipmitool/patches/99/
-Last-Update: 2014-12-01
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/lib/helper.c
-===================================================================
---- trunk.orig/lib/helper.c
-+++ trunk/lib/helper.c
-@@ -829,7 +829,6 @@ ipmi_start_daemon(struct ipmi_intf *intf
- #endif
- 
- 	chdir("/");
--	umask(0);
- 
- 	for (fd=0; fd<64; fd++) {
- 		if (fd != intf->fd)
diff --git a/debian/patches/0600-manpage_longlines.patch b/debian/patches/0600-manpage_longlines.patch
deleted file mode 100644
index 8fae0a9..0000000
--- a/debian/patches/0600-manpage_longlines.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-Description: long lines in man-page
- prevent "can't break line" warnings
-Author: Jörg Frings-Fürst <debian@jff-webhosting.net>
-Forwarded: not-needed
-Last-Update: 2014-05-20
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/doc/ipmitool.1
-===================================================================
---- trunk.orig/doc/ipmitool.1
-+++ trunk/doc/ipmitool.1
-@@ -1035,7 +1035,7 @@ Display point to point physical connecti
-       AMC slot B2 topology:
-          Port 0 =====> On Carrier Device ID 0, Port 3
-          Port 2 =====> AMC slot B1, Port 2
--   *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-+   *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-*
-    From Carrier file: carrierfru
-       On Carrier Device ID 0 topology:
-          Port 0 =====> AMC slot B1, Port 4
-@@ -1091,7 +1091,7 @@ and an AMC module or between 2 AMC modul
-     \-Link Type: AMC.2 Ethernet
-     \-Link Type extension: 1000BASE-BX (SerDES Gigabit) Ethernet link
-     \-Link Group ID: 0 || Link Asym. Match: exact match
--   *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-+   *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-*
-   AMC slot B1 port 1 ==> On-Carrier Device 0 port 12
-    Matching Result
-    - From On-Carrier Device ID 0
-@@ -1104,7 +1104,7 @@ and an AMC module or between 2 AMC modul
-     \-Link Type: AMC.2 Ethernet
-     \-Link Type extension: 1000BASE-BX (SerDES Gigabit) Ethernet link
-     \-Link Group ID: 0 || Link Asym. Match: exact match
--   *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-+   *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-*
-  On-Carrier Device vs AMC slot A2
-   AMC slot A2 port 0 ==> On-Carrier Device 0 port 3
-    Matching Result
-@@ -1118,7 +1118,7 @@ and an AMC module or between 2 AMC modul
-     \-Link Type: AMC.2 Ethernet
-     \-Link Type extension: 1000BASE-BX (SerDES Gigabit) Ethernet link
-     \-Link Group ID: 0 || Link Asym. Match: exact match
--   *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-+   *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-*
-  AMC slot B1 vs AMC slot A2
-   AMC slot A2 port 2 ==> AMC slot B1 port 2
-    Matching Result
-@@ -1132,7 +1132,7 @@ and an AMC module or between 2 AMC modul
-     \-Link Type: AMC.3 Storage
-     \-Link Type extension: Serial Attached SCSI (SAS/SATA)
-     \-Link Group ID: 0 || Link Asym. Match: FC or SAS interface {exact match}
-- *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-+   *-*-*-* *-*-* *-*-* *-*-* *-*-* *-*-* *-*-*
- .TP
- \fIunmatch\fP <\fBxx=filename\fR> <\fBxx=filename\fR> \fB...\fr
- .br
diff --git a/debian/patches/0615-manpage_typo.patch b/debian/patches/0615-manpage_typo.patch
deleted file mode 100644
index b1196d7..0000000
--- a/debian/patches/0615-manpage_typo.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-Description: typo in man-pages
-Author: Jörg Frings-Fürst <debian@jff.email>
-Last-Update: 2019-07-18
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: trunk/doc/ipmitool.1
-===================================================================
---- trunk.orig/doc/ipmitool.1
-+++ trunk/doc/ipmitool.1
-@@ -2478,7 +2478,7 @@ Discover Node Manager presence as well a
- .br
- 
- Add a new power policy, or overwrite an existing policy.
--The \fIcorrection\fP parameter is the agressiveness of frequency limiting, default is auto.
-+The \fIcorrection\fP parameter is the aggressiveness of frequency limiting, default is auto.
- The \fItrig_lim\fP is the correction time limit and must be at least 6000 and not greater than 65535.
- The \fIstats\fP setting is the averaging period in seconds and ranges from 1-65535.
- If domain is not supplied a default of platform is used.
-@@ -2489,7 +2489,7 @@ If domain is not supplied a default of p
- .br
- 
- Add a new inlet temp policy, or overwrite an existing policy.
--The \fIcorrection\fP parameter is the agressiveness of frequency limiting, default is auto.
-+The \fIcorrection\fP parameter is the aggressiveness of frequency limiting, default is auto.
- The \fItrig_lim\fP is the correction time limit and must be at least 6000 and not greater than 65535.
- The \fIstats\fP setting is the averaging period in seconds and ranges from 1-65535.
- If domain is not supplied a default of platform is used.
-@@ -3657,7 +3657,7 @@ and encryption algorithms to use for for
- on the cipher suite ID found in the IPMIv2.0 specification in table
- 22\-19.  The default cipher suite is \fI3\fP which specifies
- RAKP\-HMAC\-SHA1 authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128
--encryption algorightms.
-+encryption algorithms.
- 
- .SH "FREE INTERFACE"
- .LP
-Index: trunk/doc/ipmievd.8
-===================================================================
---- trunk.orig/doc/ipmievd.8
-+++ trunk/doc/ipmievd.8
-@@ -56,7 +56,7 @@ This is not available with all commands.
- The remote server authentication, integrity, and encryption algorithms
- to use for IPMIv2 \fIlanplus\fP connections.  See table 22\-19 in the
- IPMIv2 specification.  The default is 3 which specifies RAKP\-HMAC\-SHA1 
--authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorightms.
-+authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorithms.
- .TP 
- \fB\-E\fR
- The remote server password is specified by the environment
diff --git a/debian/patches/0620-manpage_typo.patch b/debian/patches/0620-manpage_typo.patch
new file mode 100644
index 0000000..63ed5d4
--- /dev/null
+++ b/debian/patches/0620-manpage_typo.patch
@@ -0,0 +1,370 @@
+Description: Fix man page typos
+Author: Jörg Frings-Fürst <debian@jff.email>
+Forwarded: not-needed
+Last-Update: 2022-10-29
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/doc/ipmitool.1.in
+===================================================================
+--- trunk.orig/doc/ipmitool.1.in
++++ trunk/doc/ipmitool.1.in
+@@ -3,7 +3,7 @@
+ ipmitool \- utility for controlling IPMI\-enabled devices
+ .SH "SYNOPSIS"
+ 
+-.BR ipmitool
++.br ipmitool
+ [ <options> ] <command> [ <sub-commands and sub-options> ]
+ 
+ <options>           := [ <general-options> | <conditional-opts> ]
+@@ -68,7 +68,7 @@ On Solaris this driver is called \fIBMC\
+ Management of a remote station requires the IPMI\-over\-LAN interface to be
+ enabled and configured.  Depending on the particular requirements of each
+ system it may be possible to enable the LAN interface using
+-.BR ipmitool
++.br ipmitool
+ over the system interface.
+ .SH "OPTIONS"
+ .TP 
+@@ -102,7 +102,7 @@ IPMI v2.0 specification. The default is
+ authentication, HMAC\-SHA256\-128 integrity, and AES\-CBC\-128 encryption algorithms.
+ 
+ NOTE: In
+-.BR ipmitool
++.br ipmitool
+ 1.8.18 and earlier the default was 3, which was insecure and was not supported
+ by some more recent BMC implementations.
+ .TP 
+@@ -242,7 +242,7 @@ Change Size of Communication Channel. (O
+ 
+ .LP 
+ If no password method is specified then
+-.BR ipmitool
++.br ipmitool
+ will prompt the user for a password. If no password is entered at the prompt,
+ the remote server password will default to NULL.
+ .SH "SECURITY"
+@@ -267,17 +267,17 @@ local station.
+ For IPMI v1.5, the maximum password length is 16 characters; longer
+ passwords might be truncated or rejected by the server, or rejected
+ by
+-.BR ipmitool .
++.br ipmitool .
+ 
+ For IPMI v2.0, the maximum password length is 20 characters; longer
+ passwords will be rejected by
+-.BR ipmitool .
++.br ipmitool .
+ 
+ .SH "COMMANDS"
+ .TP 
+ \fIhelp\fP
+ This can be used to get command\-line help on 
+-.BR ipmitool
++.br ipmitool
+ commands. It may also be placed at the end of commands to get option usage help.
+ 
+ > ipmitool help
+@@ -1223,7 +1223,7 @@ Get a list of all the possible Sensor St
+ Shortcuts available for a particular sensor.   \fBsensorid\fR is the character 
+ string representation of the sensor and must be enclosed in double quotes
+ if it includes white space.  Several different commands including 
+-.BR ipmitool
++.br ipmitool
+ \fIsensor list\fP may be used to obtain a list that includes 
+ the \fBsensorid\fR strings representing the sensors on a given system. 
+ .RS
+@@ -1287,7 +1287,7 @@ Finding sensor PS 2T Fan Fault... ok
+ 
+ .RS
+ Execute
+-.BR ipmitool
++.br ipmitool
+ commands from \fIfilename\fR.  Each line is a
+ complete command.  The syntax of the commands are defined by the
+ COMMANDS section in this manpage.  Each line may have an optional
+@@ -1698,7 +1698,7 @@ user, operator, admin, oem.
+ .br
+ 
+ Causes
+-.BR ipmitool
++.br ipmitool
+ to enter Intel IPMI v1.5 Serial Over LAN mode. An RMCP+
+ connection is made to the BMC, the terminal is set to raw mode, and user
+ input is sent to the serial console on the remote server. On exit, 
+@@ -1752,7 +1752,7 @@ Select the next boot order on the Kontro
+ 
+ These commands will allow you to configure IPMI LAN channels
+ with network information so they can be used with the
+-..BR ipmitool
++.br ipmitool
+ \fIlan\fP and \fIlanplus\fP interfaces.  \fINOTE\fR: To
+ determine on which channel the LAN interface is located, issue
+ the `channel info \fInumber\fR' command until you come across
+@@ -2035,7 +2035,7 @@ Display the Management Controller Global
+ .br
+ 
+ This is the default behavior for
+-.BR ipmitool (1).
++.br ipmitool (1).
+ 
+ Try to automatically detect the encoding based on the value of the
+ version field and (for version 1) the timestamp. The version is
+@@ -2049,11 +2049,11 @@ neither one has that, then the precedenc
+ \fIsmbios\fP, \fIipmi\fP, \fIrfc4122\fP.
+ 
+ If neither encoding yields a valid version field, then
+-.BR ipmitool (1)
++.br ipmitool (1)
+ defaults to \fIdump\fP mode.
+ 
+ If this option is in use, then
+-.BR ipmitool (1)
++.br ipmitool (1)
+ will also print out the detected encoding and warn
+ regarding IPMI specification violation if the encoding isn't \fIipmi\fP.
+ 
+@@ -2551,7 +2551,7 @@ Discover Node Manager presence as well a
+ .br
+ 
+ Add a new power policy, or overwrite an existing policy.
+-The \fIcorrection\fP parameter is the agressiveness of frequency limiting, default is auto.
++The \fIcorrection\fP parameter is the aggressiveness of frequency limiting, default is auto.
+ The \fItrig_lim\fP is the correction time limit and must be at least 6000 and not greater than 65535.
+ The \fIstats\fP setting is the averaging period in seconds and ranges from 1-65535.
+ If domain is not supplied a default of platform is used.
+@@ -2562,7 +2562,7 @@ If domain is not supplied a default of p
+ .br
+ 
+ Add a new inlet temp policy, or overwrite an existing policy.
+-The \fIcorrection\fP parameter is the agressiveness of frequency limiting, default is auto.
++The \fIcorrection\fP parameter is the aggressiveness of frequency limiting, default is auto.
+ The \fItrig_lim\fP is the correction time limit and must be at least 6000 and not greater than 65535.
+ The \fIstats\fP setting is the averaging period in seconds and ranges from 1-65535.
+ If domain is not supplied a default of platform is used.
+@@ -2960,7 +2960,7 @@ A list of all entity ids can be found in
+ Dumps raw SDR data to a file.  This data file can then be used as
+ a local SDR cache of the remote managed system with the \fI\-S <file>\fP
+ option on the
+-.BR ipmitool
++.br ipmitool
+ command line.  This can greatly improve performance
+ over system interface or remote LAN.
+ .TP 
+@@ -3045,7 +3045,7 @@ Print information on the specified SEL R
+ 
+ Save SEL records to a text file that can be fed back into the
+ \fIevent file\fP
+-.BR ipmitool
++.br ipmitool
+ command. This can be useful for
+ testing Event generation by building an appropriate Platform
+ Event Message file based on existing events.  Please see the
+@@ -3056,14 +3056,14 @@ the format of this file.
+ 
+ Save SEL records to a file in raw, binary format.  This file can
+ be fed back to the \fIsel readraw\fP
+-.BR ipmitool
++.br ipmitool
+ command for viewing.
+ .TP 
+ \fIreadraw\fP <\fBfile\fR>
+ 
+ Read and display SEL records from a binary file.  Such a file can
+ be created using the \fIsel writeraw\fP
+-.BR ipmitool
++.br ipmitool
+ command.
+ .TP          
+ \fItime\fP
+@@ -3194,10 +3194,10 @@ Verbosity level.
+ .RS
+ This command will launch an interactive shell which you can use
+ to send multiple 
+-.BR ipmitool
++.br ipmitool
+ commands to a BMC and see the responses. This can be useful instead of
+ running the full
+-.BR ipmitool
++.br ipmitool
+ command each time. Some commands will make use of a Sensor Data Record cache
+ and you will see marked improvement in speed if these commands
+ are able to reuse the same cache in a shell session.  LAN sessions
+@@ -3275,7 +3275,7 @@ by the IPMI over serial channel.
+ .br 
+ 
+ Causes
+-.BR ipmitool
++.br ipmitool
+ to enter Serial Over LAN
+ mode, and is only available when using the lanplus
+ interface.  An RMCP+ connection is made to the BMC,
+@@ -3568,7 +3568,7 @@ Determine whether a password has been st
+ 
+ .SH "OPEN INTERFACE"
+ The
+-.BR ipmitool
++.br ipmitool
+ \fIopen\fP interface utilizes the OpenIPMI
+ kernel device driver.  This driver is present in all modern
+ 2.4 and all 2.6 kernels and it should be present in recent
+@@ -3579,7 +3579,7 @@ the OpenIPMI homepage.
+ The required kernel modules is different for 2.4 and 2.6
+ kernels.  The following kernel modules must be loaded on
+ a 2.4\-based kernel in order for
+-.BR ipmitool
++.br ipmitool
+ to work:
+ .TP 
+ .B ipmi_msghandler
+@@ -3593,7 +3593,7 @@ Linux character device interface for the
+ .LP 
+ The following kernel modules must be loaded on
+ a 2.6\-based kernel in order for
+-.BR ipmitool
++.br ipmitool
+ to work:
+ .TP 
+ .B ipmi_msghandler
+@@ -3622,12 +3622,12 @@ entry with:
+ 
+ .I mknod /dev/ipmi0 c 254 0
+ 
+-.BR ipmitool
++.br ipmitool
+ includes some sample initialization scripts that
+ can perform this task automatically at start\-up.
+ 
+ In order to have
+-.BR ipmitool
++.br ipmitool
+ use the OpenIPMI device interface
+ you can specify it on the command line:
+ .PP 
+@@ -3652,16 +3652,16 @@ The following files are associated with
+ Character device node used to communicate with the bmc driver.
+ .SH "LIPMI INTERFACE"
+ The
+-.BR ipmitool
++.br ipmitool
+ \fIlipmi\fP interface uses the Solaris 9 IPMI kernel device driver.
+ It has been superceeded by the \fIbmc\fP interface on Solaris 10.  You can tell
+-.BR ipmitool
++.br ipmitool
+ to use this interface by specifying it on the command line.
+ 
+ > ipmitool \fB\-I\fR \fIlipmi\fP <\fIexpression\fP>
+ .SH "LAN INTERFACE"
+ The
+-.BR ipmitool
++.br ipmitool
+ \fIlan\fP interface communicates with the BMC
+ over an Ethernet LAN connection using UDP under IPv4.  UDP
+ datagrams are formatted to contain IPMI request/response 
+@@ -3676,12 +3676,12 @@ The LAN interface is an authentication m
+ messages delivered to the BMC can (and should) be authenticated
+ with a challenge/response protocol with either straight
+ password/key or MD5 message\-digest algorithm.
+-.BR ipmitool
++.br ipmitool
+ will attempt to connect with administrator privilege level as this
+ is required to perform chassis power functions.
+ 
+ You can tell
+-.BR ipmitool
++.br ipmitool
+ to use the lan interface with the
+ \fB\-I\fR \fIlan\fP option:
+ 
+@@ -3692,7 +3692,7 @@ to use the lan interface with the
+ A hostname must be given on the command line in order to use the 
+ lan interface with \fBipmitool\fR. The password field is optional;
+ if you do not provide a password on the command line,
+-.BR ipmitool
++.br ipmitool
+ will attempt to connect without authentication.  If you specify a 
+ password it will use MD5 authentication if supported by the BMC
+ and straight password/key otherwise, unless overridden with a
+@@ -3706,14 +3706,14 @@ specification.  RMCP+ allows for improve
+ integrity checks, as well as encryption and the ability to carry
+ multiple types of payloads.  Generic Serial Over LAN support 
+ requires RMCP+, so the
+-.BR ipmitool
++.br ipmitool
+ \fIsol activate\fP command
+ requires the use of the \fIlanplus\fP interface.
+ 
+ RMCP+ session establishment uses a symmetric challenge\-response
+ protocol called RAKP (\fBRemote Authenticated Key\-Exchange Protocol\fR)
+ which allows the negotiation of many options.
+-.BR ipmitool
++.br ipmitool
+ does not
+ yet allow the user to specify the value of every option, defaulting
+ to the most obvious settings marked as required in the v2.0 
+@@ -3721,14 +3721,14 @@ specification.  Authentication and integ
+ SHA1, and encryption is performed with AES\-CBC\-128.  Role\-level logins
+ are not yet supported.
+ 
+-.BR ipmitool
++.br ipmitool
+ must be linked with the \fIOpenSSL\fP library in order to
+ perform the encryption functions and support the \fIlanplus\fP
+ interface.  If the required packages are not found it will not be
+ compiled in and supported.
+ 
+ You can tell
+-.BR ipmitool
++.br ipmitool
+ to use the lanplus interface with the
+ \fB\-I\fR \fIlanplus\fP option:
+ 
+@@ -3749,17 +3749,17 @@ and encryption algorithms to use for for
+ on the cipher suite ID found in the IPMIv2.0 specification in table
+ 22\-20.  The default cipher suite is \fI17\fP which specifies
+ RAKP\-HMAC\-SHA256 authentication, HMAC\-SHA256\-128 integrity, and 
+-AES\-CBC\-128 encryption algorightms.
++AES\-CBC\-128 encryption algorithms.
+ 
+ .SH "FREE INTERFACE"
+ .LP
+ The
+-.BR ipmitool
++.br ipmitool
+ \fIfree\fP interface utilizes the FreeIPMI libfreeipmi
+ drivers.  
+ .LP
+ You can tell
+-.BR ipmitool
++.br ipmitool
+ to use the FreeIPMI interface with the \-I option:
+ .PP
+ > ipmitool \fB\-I\fR \fIfree\fP <\fIcommand\fP>
+@@ -3768,12 +3768,12 @@ to use the FreeIPMI interface with the \
+ .SH "IMB INTERFACE"
+ .LP
+ The
+-.BR ipmitool
++.br ipmitool
+ \fIimb\fP interface supports the Intel IMB (Intel
+ Inter-module Bus) Interface through the /dev/imb device.  
+ .LP
+ You can tell
+-.BR ipmitool
++.br ipmitool
+ to use the IMB interface with the \-I option:
+ .PP
+ > ipmitool \fB\-I\fR \fIimb\fP <\fIcommand\fP>
+Index: trunk/doc/ipmievd.8.in
+===================================================================
+--- trunk.orig/doc/ipmievd.8.in
++++ trunk/doc/ipmievd.8.in
+@@ -56,7 +56,7 @@ This is not available with all commands.
+ The remote server authentication, integrity, and encryption algorithms
+ to use for IPMIv2 \fIlanplus\fP connections.  See table 22\-19 in the
+ IPMIv2 specification.  The default is 3 which specifies RAKP\-HMAC\-SHA1 
+-authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorightms.
++authentication, HMAC\-SHA1\-96 integrity, and AES\-CBC\-128 encryption algorithms.
+ .TP 
+ \fB\-E\fR
+ The remote server password is specified by the environment
diff --git a/debian/patches/0625-manpage_wrong_time_set.patch b/debian/patches/0625-manpage_wrong_time_set.patch
new file mode 100644
index 0000000..41d6b48
--- /dev/null
+++ b/debian/patches/0625-manpage_wrong_time_set.patch
@@ -0,0 +1,24 @@
+Description: Fix description of "sel time set"
+Author: Jörg Frings-Fürst <debian@jff.email>
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058711
+Forwarded: https://codeberg.org/IPMITool/ipmitool/issues/18
+Last-Update: 2023-12-17
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/doc/ipmitool.1.in
+===================================================================
+--- trunk.orig/doc/ipmitool.1.in
++++ trunk/doc/ipmitool.1.in
+@@ -3077,9 +3077,9 @@ Displays the SEL clock's current time.
+ .br 
+ 
+ Sets the SEL clock.  Future SEL entries will use the time
+-set by this command.  <\fBtime string\fR> is of the
+-form "MM/DD/YYYY HH:MM:SS".  Note that hours are in 24\-hour
+-form.  It is recommended that the SEL be cleared before
++set by this command.  <\fBtime string\fR> is using the
++locale's date / time format. It is
++recommended that the SEL be cleared before
+ setting the time.
+ .RE
+ .RE
diff --git a/debian/patches/0700-build.patch b/debian/patches/0700-build.patch
new file mode 100644
index 0000000..5334bf6
--- /dev/null
+++ b/debian/patches/0700-build.patch
@@ -0,0 +1,105 @@
+Description: Remove downloads at build time
+Author: Jörg Frings-Fürst <debian@jff.email>
+Forwarded: not-needed
+Last-Update: 2022-10-29
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/configure.ac
+===================================================================
+--- trunk.orig/configure.ac
++++ trunk/configure.ac
+@@ -56,22 +56,22 @@ if test "x$exec_prefix" = "xNONE"; then
+ 	exec_prefix="$prefix"
+ fi
+ 
+-if test "x$WGET" = "x"; then
+-	if test "x$CURL" = "x"; then
+-		AC_MSG_WARN([** Neither wget nor curl could be found.])
+-		AC_MSG_WARN([** IANA PEN database will not be installed by `make install` !])
+-	else
+-		DOWNLOAD="$CURL --location --progress-bar"
+-		AM_CONDITIONAL([DOWNLOAD], [true])
+-	fi
+-else
+-	DOWNLOAD="$WGET -c -nd -O -"
+-	AM_CONDITIONAL([DOWNLOAD], [true])
+-fi
++#if test "x$WGET" = "x"; then
++#	if test "x$CURL" = "x"; then
++#		AC_MSG_WARN([** Neither wget nor curl could be found.])
++#		AC_MSG_WARN([** IANA PEN database will not be installed by `make install` !])
++#	else
++#		DOWNLOAD="$CURL --location --progress-bar"
++#		AM_CONDITIONAL([DOWNLOAD], [true])
++#	fi
++#else
++#	DOWNLOAD="$WGET -c -nd -O -"
++#	AM_CONDITIONAL([DOWNLOAD], [true])
++#fi
+ 
+-AC_MSG_WARN([** Download is:])
+-AC_MSG_WARN($DOWNLOAD)
+-AC_SUBST(DOWNLOAD, $DOWNLOAD)
++#AC_MSG_WARN([** Download is:])
++#AC_MSG_WARN($DOWNLOAD)
++#AC_SUBST(DOWNLOAD, $DOWNLOAD)
+ 
+ dnl
+ dnl set default option values
+Index: trunk/Makefile.am
+===================================================================
+--- trunk.orig/Makefile.am
++++ trunk/Makefile.am
+@@ -49,25 +49,25 @@ dist-hook:
+ .PHONY: install-pen-database uninstall-pen-database
+ .INTERMEDIATE: %.o %.la enterprise-numbers
+ 
+-if DOWNLOAD
++#if DOWNLOAD
+ 
+-enterprise-numbers:
+-	@echo Downloading IANA PEN database...
+-	@$(DOWNLOAD) "$(IANA_PEN)" > tmpfile.$$PPID || {\
+-		echo "FAILED to download the IANA PEN database"; \
+-		rm tmpfile.$$PPID; \
+-		false; \
+-	}
+-	@mv tmpfile.$$PPID $@
+-
+-install-pen-database: enterprise-numbers
+-	mkdir -m 755 -p $(DESTDIR)$(IANADIR)
+-	$(INSTALL_DATA) $< $(DESTDIR)$(IANADIR)/
+-
+-uninstall-pen-database:
+-	-rm -rf $(DESTDIR)$(IANADIR)/enterprise-numbers
+-
+-else
++#enterprise-numbers:
++#	@echo Downloading IANA PEN database...
++#	@$(DOWNLOAD) "$(IANA_PEN)" > tmpfile.$$PPID || {\
++#		echo "FAILED to download the IANA PEN database"; \
++#		rm tmpfile.$$PPID; \
++#		false; \
++#	}
++#	@mv tmpfile.$$PPID $@
++#
++#install-pen-database: enterprise-numbers
++#	mkdir -m 755 -p $(DESTDIR)$(IANADIR)
++#	$(INSTALL_DATA) $< $(DESTDIR)$(IANADIR)/
++#
++#uninstall-pen-database:
++#	-rm -rf $(DESTDIR)$(IANADIR)/enterprise-numbers
++#
++#else
+ 
+ install-pen-database:
+ 	@echo "*** NOT installing the IANA PEN database."
+@@ -77,7 +77,7 @@ uninstall-pen-database:
+ 	@echo "*** NOT uninstalling the IANA PEN database."
+ 	@echo "*** It was installed manually (if ever)."
+ 
+-endif
++#endif
+ 
+ install-data-local: install-pen-database
+ 	mkdir -p $(DESTDIR)$(DOCDIR)
diff --git a/debian/patches/series b/debian/patches/series
index 3c1cb0a..9d62f03 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,11 +1,8 @@
-0120-openssl1.1.patch
+0105-sensor_reading.patch
+0620-manpage_typo.patch
+0700-build.patch
 0100-fix_buf_overflow.patch
-0500-fix_CVE-2011-4339.patch
-0600-manpage_longlines.patch
-0110-getpass-prototype.patch
-0115-typo.patch
-0125-nvidia-iana.patch
-0615-manpage_typo.patch
-0130-Correct_lanplus_segment_violation.patch
-0005-gcc10.patch
 0010-utf8.patch
+0110-unpdate_IANA_URL.patch
+0115-hurd_PATH_MAX.patch
+0625-manpage_wrong_time_set.patch