| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to v16.16.0
Release for the following issues:
HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213)
HTTP Request Smuggling - Improper Delimiting of Header Fields (Medium)(CVE-2022-32214)
HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215)
DNS rebinding in --inspect via invalid IP addresses (High)(CVE-2022-32212)
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/
No vulnerabilities related with openssl (uses system openssl)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|
| |
|
|
|
|
| |
Patch mostly taken from hidapi.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |\
| |
| | |
ser2net: schedule start later during boot (fixes #18872)
|
| |/
|
|
|
|
|
| |
Usually, no other local service depends on the start of ser2net, so
let's start it later in the boot process.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |
|
|
|
|
| |
Ported similar patch from hidapi.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
Backport aarch64 patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
- Updated download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
|
| |
|
|
| |
Signed-off-by: Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
|
| |
|
|
|
|
|
| |
Check also for config files containing comment lines starting
with white spaces.
Signed-off-by: Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
|
| |
|
|
| |
Signed-off-by: Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
|
| |
|
|
| |
Signed-off-by: Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
|
| |
|
|
|
|
| |
Allow advanced configurations from /etc/rsyslog.conf file
Signed-off-by: Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
|
| |
|
|
|
|
| |
Avoid wearing out flash storage
Signed-off-by: Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
|
| |
|
|
| |
Signed-off-by: Giacomo Sanchietti <giacomo.sanchietti@nethesis.it>
|
| |\
| |
| | |
python-cryptography: Fix failing build
|
| |/
|
|
|
|
|
| |
Fixes https://github.com/openwrt/packages/issues/18876.
Fixes https://github.com/openwrt/packages/issues/18879.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
|
| |
* various vpn fixes/optimizations (run tested by forum users)
* refine several log statements
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libarchive looks for ext2fs headers during configure, and if it finds
them it will expect to find them during compile, or on the rare occasion
when they aren't it will fail:
libarchive/archive_entry.c:59:55: fatal error: ext2fs/ext2_fs.h: No such file or directory
As we just need headers for some type constants, let's re-use headers
from tools/e2fsprogs package which are always available.
Reported-by: Adam Dov <adov@maxlinear.com>
Suggested-by: Paul Eggleton <paul.eggleton@linux.intel.com>
References: https://git.yoctoproject.org/poky/commit/?id=f0b9a7cf9f80be1917e45266fa201f464a28c1e5
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
| |
|
|
| |
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
|
| |
|
|
|
|
| |
change this to satisfy luci-app-xfrpc's need
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A network restart where netifd is cleanly restarted involves bringing
the network interfaces down. The 'modemmanager' protocol handler will
run a mmcli --simple-disconnect in this case, but only if there are
bearer objects found.
If the network restart happened *during* the connection attempt
procedure, while the modem is e.g. being registered in the network, no
bearer objects exist yet, and so, we would skip doing anything during
the interface teardown operation. This would lead to the original
connection attempt succeeding, so leaving the modem in ModemManager
in connected state, while the associated interface in netifd is
reported down.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
|
| |
|
|
|
|
|
|
| |
Kea expects /var/run/kea to exist. Without it, errors occur:
Mon Jun 13 10:31:45 2022 daemon.err kea-dhcp6[2977]: Unable to use interprocess sync lockfile (No such file or directory): /var/run/kea/logger_lockfile
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Upstream bump and add a patch to use a blue highlight color for the dark
color scheme (--color dark) as some users find the default bright green is
too intense.
Note that invoking ncdu without the --color switch at use uses the upstream
default bright green, so users will need to call ncdu with --color dark in
order to get the blue color.
Signed-off-by: John Audia <therealgraysky@proton.me>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From the changelog…
o Major bugfixes (congestion control, TROVE-2022-001):
- Fix a scenario where RTT estimation can become wedged, seriously
degrading congestion control performance on all circuits. This
impacts clients, onion services, and relays, and can be triggered
remotely by a malicious endpoint. Tracked as CVE-2022-33903. Fixes
bug 40626; bugfix on 0.4.7.5-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on June 17, 2022.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2022/06/17.
o Minor bugfixes (linux seccomp2 sandbox):
- Allow the rseq system call in the sandbox. This solves a crash
issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug
40601; bugfix on 0.3.5.11.
o Minor bugfixes (logging):
- Demote a harmless warn log message about finding a second hop to
from warn level to info level, if we do not have enough
descriptors yet. Leave it at notice level for other cases. Fixes
bug 40603; bugfix on 0.4.7.1-alpha.
- Demote a notice log message about "Unexpected path length" to info
level. These cases seem to happen arbitrarily, and we likely will
never find all of them before the switch to arti. Fixes bug 40612;
bugfix on 0.4.7.5-alpha.
o Minor bugfixes (relay, logging):
- Demote a harmless XOFF log message to from notice level to info
level. Fixes bug 40620; bugfix on 0.4.7.5-alpha.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
- convert autossh into procd instances
- add new uci config options to handle local and remote
port forwarding
- remove hotplug down actions causing service to stop on
any interface down event
Signed-off-by: Jaymin Patel <jem.patel@gmail.com>
|
| |
|
|
| |
Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca>
|
| |\
| |
| | |
gnutls: adjust to new configure.ac syntax
|
| | |
| |
| |
| |
| |
| |
| | |
Disable the brotli library by default. It is not used and may prevent
linking issues in the future.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Configure.ac syntax changed to:
Old: --without-libbrotli --without-libzstd (also --with-*)
New: --without-brotli --without-zstd (also --with-*)
https://github.com/gnutls/gnutls/commit/6b794e49d1a14e43f9e08023f958364712c3c89a
Fixes: 6385813ddfb4 ("gnutls: update to 3.7.5")
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |/
|
|
| |
Signed-off-by: Moritz Warning <moritzwarning@web.de>
|
| |
|
|
| |
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
| |
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
| |
- Add PKG_LICENSE_FILES
- Use SPDX
- Rearrange
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |\
| |
| | |
radcli: uptdate to 1.3.0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Removed duplicate function definition from util.h
- Increased size of dictionary vendor and values to 32-bits from 16;
this breaks the ABI from the previous release.
- Corrected a string termination issue in rc_avpair_tostr()
- Added functions to create dictionary without a file:
rc_dict_addattr
rc_dict_addval
rc_dict_addvend
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove upstreamed patches:
- 100-fix-setstacksize-for-glibc-2.34.patch
Refresh patches:
- 200-logdest-on-foreground.patch
Changes:
Misc:
- OpenSSL 3.0 compatibility
Bug Fixes:
- Fix refused startup with openssl <1.1
- Fix compiler issue for Fedora 33 on s390x
- Fix small memory leak in config parser
- Fix lazy certificate check when connecting to TLS servers
- Fix connect is aborted if first host in list has invalid certificate
- Fix setstacksize for glibc 2.34
- Fix system defaults/settings for TLS version not honored
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
| |
The totem-pl-parser library seems to rely on freedesktop.org's MIME-type
definitions to parse playlist files. Without them, parsing will produce
a TOTEM_PL_PARSER_RESULT_IGNORED error.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| |
|
|
|
|
|
|
|
|
| |
5be6819 policy: allow disabling load balancing
80b0b65 main: disable load balancing by default
fca4b87 policy: improve readability
73c424b usteer: add option for probe steering
87de1ab main: disable probe steering by default
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
What's Changed:
- Type annotate format checker methods by @sirosen
- Fix fuzzer to include instrumentation by @DavidKorczynski
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
| |
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
|
| |\
| |
| | |
openwisp-monitoring: added 0.1.1
|