| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
This was requested in
https://github.com/openwrt/packages/pull/21227#issuecomment-1567676980.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jan Hák <jan.hak@nic.cz>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVEs:
- CVE-2023-2828: The overmem cleaning process has been improved, to
prevent the cache from significantly exceeding the configured
max-cache-size limit.
- CVE-2023-2911: A query that prioritizes stale data over lookup
triggers a fetch to refresh the stale data in cache. If the fetch is
aborted for exceeding the recursion quota, it was possible for named
to enter an infinite callback loop and crash due to stack overflow.
The complete list of changes is available in the upstream release
notes at
https://ftp.isc.org/isc/bind9/cur/9.18/doc/arm/html/notes.html#notes-for-bind-9-18-16
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
|
| |\
| |
| | |
selinux: Update selinux packages to 3.5, setools to 4.4.2, reorganize packages
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add separate packages for each tool (semodule-*)
* Update the semodule-utils package as a meta-package that installs all
tools, keeping it functionally the same as the current semodule-utils
package
* Remove host build (not used by any other package)
* Update package titles, descriptions, and license files
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Added packages:
* python3-seobject
Contains the seobject.py library file which was previously included
in selinux-semanage
* selinux-sepolicy
Contains the sepolicy and sepolgen tools which were previously
included in python3-sepolicy
* selinux-sepolgen-ifgen
Contains the sepolgen-ifgen tool which was previously included in
selinux-audit2allow
* selinux-python
A meta-package to install all tools
* Change the python3-sepolgen data_dir from /usr/share/sepolgen to
/etc/sepolgen (updated 0001-sepolgen-adjust-data_dir.patch), and add
the directory to conffiles
By default, the sepolgen-ifgen tool writes to a file named
"interface_info" in the data directory, to be read by the audit2allow
tool. The header comment in the perm_map file also suggests that the
file is customizable.
The best place for these files would be in /var/lib, but /etc is more
appropriate than /usr.
* Remove gui files from python3-sepolicy (0003-sepolicy-no-gui.patch)
* Fix ModuleNotFoundError raised by sepolicy
(0004-sepolicy-fix-get_os_version-except.patch)
Patch has been submitted upstream:
https://lore.kernel.org/selinux/20230619063217.3165462-1-jeffery.to@gmail.com/
* Update package titles, descriptions, and dependencies
* Use Py3Package to build Python bytecode and source packages
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
This also moves the python3-selinux dependency from the default section
into each util package.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Rename:
* Source package from python3-libsemanage to python-semanage
* Target package from python3-libsemanage to python3-semanage
* Update dependents with new target package name
* Update package title, license files, and dependencies
* Remove Build/InstallDev (files not used by any other package)
* Use Py3Package to build Python bytecode and source packages
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Rename:
* Source package from python3-libselinux to python-selinux
* Target package from python3-libselinux to python3-selinux
* Update dependents with new target package name
* Remove patches:
* 010-setup-py-custom-cc.patch: LDSHARED is already set as part of
$(PYTHON3_VARS)
* 020-Make-use-of-variables-when-defining-libdir-and-inclu.patch: This
package doesn't install the libselinux.pc file
* Update package title and dependencies
* Remove Build/InstallDev (files not used by any other package)
* Use Py3Package to build Python bytecode and source packages
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add separate packages for each tool (setools-*) and a package for the
Python bindings (python3-setools)
* Update the setools package as a meta-package that installs all tools,
keeping it functionally the same as the current setools package
* Remove gui tool (apol) and Python binding (setoolsgui)
* Simplify 030-remove-host-paths.patch (libraries installed by
Build/InstallDev are placed in $(STAGING_DIR)/usr/lib only)
* Update package titles, descriptions, license, and dependencies
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Release notes:
https://github.com/ntop/PF_RING/releases/tag/8.4.0
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix 6.1 kernel compile
git log --oneline ecc6eb.. -- xr_usb_serial_common-1a/
90ad530166f0 Support Linux 6.1
af618e2eded6 #45 Fix some warnings
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
|
| |\ \
| | |
| | | |
haproxy: update to v2.8.0
|
| | | |
| | |
| | |
| | |
| | |
| | | |
- New major LTS release (https://www.mail-archive.com/haproxy@formilux.org/msg43600.html)
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
* process local lists in strict sequential order to prevent possible race conditions
* support ranges in the IP search, too
* fix some minor search issues
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
musl 1.2.4 deprecated legacy "LFS64" ("large file support") interfaces so
just having _GNU_SOURCE defined is not enough anymore.
Manually pass -D_LARGEFILE64_SOURCE to allow to keep using LFS64 definitions.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| | |
| |
| |
| | |
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
`dnsdist-full` has all optional features enabled, but is a big package
in term of both flash and memory footprint.
`dnsdist` only keeps the features that make the most sense
on embeded devices, but can also be customised to match the
user's needs, up to the point where it matches `dnsdist-full`.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Added test.sh script
* Fixed build with riscv64
* Passed package version via go ldflags
* Refreshed patches
* Removed useless test binaries from package
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The initial value takes 80kB of memory for each HTTP/2 connection
which is a lot on small devices. Using 8kB instead saves a fair
amount of memory without sacrificing performance.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
|
| | |
| |
| |
| |
| |
| |
| | |
The map takes a fair amount of memory and the only consumer of this
library, dnsdist, does not need it.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
|
| | |
| |
| |
| |
| |
| |
| | |
The only package using this library, dnsdist, does not require it
so let's save space and PSS memory.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Major changes since version 3.1.1:
* Officially supports the 2019 version of IEEE 1588
* Improved unicast messaging
* Enhanced G.8275.2 profile
* More flexible Pulse Per Second (PPS) handling
* Virtual clock support
* Power profile support
* VLAN over bond support.
* Parallel Redundancy Protocol (PRP) trailer handling.
* Non-privileged read-only monitoring port.
* New statistics reporting.
[V2]
* reset package release
* adapt license name to the new format
Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@westermo.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Gettext is a prerequisite to build OpenWrt according to:
https://openwrt.org/docs/guide-developer/toolchain/install-buildsystem
but github automated tests fail without this explicit dependency:
2023-06-19T08:02:45.1940511Z checking for py module gzip ... ok
2023-06-19T08:02:45.1968662Z checking for /builder/staging_dir/host/bin/pkg-config ...ok
2023-06-19T08:02:45.1998491Z ERROR: no gettext binaries found
2023-06-19T08:02:45.1999746Z checking for xgettext ... fail
2023-06-19T08:02:45.2008403Z make[2]: *** [Makefile:263: /builder/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/tvheadend-2023-06-05/.configured_a17fb5ef857664f03cd0ce37cc5ea591] Error 1
Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
|
| | |
| |
| |
| |
| |
| | |
Update to git master 2023-06-05 and removed unneeded compatibility patch.
Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
|
| |\ \
| | |
| | | |
python-ble2mqtt: fix installation of python program
|
| | | |
| | |
| | |
| | |
| | |
| | | |
This was broken when the init script was added in 408502ee0.
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is a security and bugfix release.
Security
o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS
query IDs
o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross
compilation
Fixing libcares.pc
The pkg-config file libcares.pc in version 1.19.1 has been changed to be unsuitable for OpenWrt
and causes build errors with Openwrt packages that use libcares.
For this reason, libcares.pc was replaced.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|
| |\ \ \
| | | |
| | | | |
openelp: Add new package
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
OpenELP is an open source EchoLink proxy for Linux and Windows. It aims
to be efficient and maintain a small footprint, while still implementing
all of the features present in the official EchoLink proxy.
Signed-off-by: Scott K Logan <logans@cottsay.net>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| |\ \ \ \
| | | | |
| | | | | |
node: June 20 2023 Security Releases
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update to v18.16.1
The following CVEs are fixed in this release:
* CVE-2023-30581: mainModule.__proto__ Bypass Experimental Policy Mechanism (High)
* CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
* CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium)
* CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium)
* CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium)
* OpenSSL Security Releases (Depends on shared library provided by OpenWrt)
* OpenSSL security advisory 28th March.
* OpenSSL security advisory 20th April.
* OpenSSL security advisory 30th May
* c-ares vulnerabilities: (Depends on shared library provided by OpenWrt)
* GHSA-9g78-jv2r-p7vc
* GHSA-8r8p-23f3-64c2
* GHSA-54xr-f67r-4pc4
* GHSA-x6mf-cxr9-8q6v
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Support MAC-/IPv4/IPv6 ranges in CIDR notation
* Support concatenation of local MAC addresses with IPv4/IPv6 addresses, e.g. to enforce dhcp assignments (see readme)
* small fixes & cosmetics
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Nuno Gonçalves <nunojpg@gmail.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
modemmanager: do not cache virtual device events
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If an alias name is used for the modem, then a check if the device exists
in sysfs does not work. To fix this remove the check if the sysfs device
exists. The protocoll handler already checks if the modem is responsible
for this device on the next line.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
On small systems with many virtual devices, the modem manager sometimes
could not start because it took too long until all devices for the modem
were recognised. This is because all system events that are stored in
the file events.cache have to be processed. To speed up the processing,
all devices under /sys/devices/virtual are now filtered out so that they
do not have to be processed.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Nuno Gonçalves <nunojpg@gmail.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
https-dns-proxy: update to 2023-05-25-2
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
bugfix: proper mdns object creation
bugfix: prevent fw errors by allowing custom interfaces in config
Signed-off-by: Stan Grishin <stangri@melmac.ca>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |\ \ \
| | | |
| | | | |
isc-dhcp: force sending unrequested parameters
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Parallel build does not work because it may reach a point where OSTYPE
might be needed before it is actually built. They appear to run
parallel to each other:
echo slx > OSTYPE
[...]
cat: OSTYPE: No such file or directory
sh: line 1: test: too many arguments
cat: OSTYPE: No such file or directory
Already built for -- you must do "make clean" first
make[6]: *** [Makefile:706: rebuild] Error 1
make[6]: *** Waiting for unfinished jobs....
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1.45.0
* linux: introduce io_uring support
* src: add new metrics APIs
* unix,win: give thread pool threads an 8 MB stack
* win,unix: change execution order of timers
1.44.2
* loop: better align order-of-events behavior between platforms
* zos: fix fs event not fired if the watched file is moved/removed/recreated
* win: Fix pipe resource leak if closed during connect (and other bugs)
* zos: don't error when killing a zombie process
* macos: avoid posix_spawnp() cwd bug
* kqueue: skip EVFILT_PROC events when invalidating events for an fd.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|