This can be finally re-reverted, so we can use version 3.1.13, which
fixes multiple security vulnerabilities, but it segfaults almost
immediately. There is currently pending pull request, which fixes this,
and multiple users confirmed that it works on different GNU/Linux distributions.
This reverts commit bfe255064e.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This fixes CVE-2022-23308.
Also switch to GNOME as download source and xz tarball.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 81fd836f97)
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
libxml2 seems to be required only during build, hence no need to
depend on it in run-time.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1f3585a387)
Since muninlite 2.0 the unpatched upstream also uses
/proc/sys/kernel/hostname. Thus the patch is not necessary anymore.
Signed-off-by: Lars Kruse <devel@sumpfralle.de>
* follow upstream ressources to github
* rename /usr/sbin/munin-node to /usr/sbin/muninlite
(following the chane of upstream)
* change plugin directory from /usr/sbin/munin-node-plugin.d/
to /etc/munin/plugins (compatible to upstream / munin-node)
* all patches (except one OpenWrt-specific patch) were merged
upstream
Signed-off-by: Lars Kruse <devel@sumpfralle.de>
We received a report from Turris user on Turris support department that
netatalk version 3.1.13 does not work properly.
Process afpd says: INTERNAL ERROR Signal 11
because of that Apple Time Machine does not work as it should
This was already reported to netatalk by different people on various
GNU/Linux distributions like CentOS, AlmaLinux [1] [2]
netatalk developer states [3]:
```
Generally, at this point I can only advice to stop using Netatalk. There
are more pending CVEs that I currently don't have the bandwidth to work on.
```
[1] https://sourceforge.net/p/netatalk/bugs/669/
[2] https://sourceforge.net/p/netatalk/bugs/670/
[3] https://sourceforge.net/p/netatalk/mailman/message/37638871/
This reverts commit 165c5625a3.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
otherwise, a user would have to either manually run /etc/init.d/lxc-auto
boot or reboot the system to start using lxc.
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 2cde10b950)
This fixes CVE-2022-24884.
Also update the package URL to match the source repository.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit de5671e582)
Fixes from 2.6.9:
- CVE-2021-41817: Regular Expression Denial of Service Vulnerability of
Date Parsing Methods
- CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
Fixes from 2.6.10:
- CVE-2022-28739: Buffer overrun in String-to-Float conversion
After this release, Ruby 2.6 reaches EOL.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
- Fixes CVE-2020-15803, CVE-2021-27927
- SourceForge does not provide tarball for version 4.0.37 and it was
necessary to use Zabbix CDN to download it.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Provide a new variant, nano-full, that enables almost
all functionality of nano. Only libmagic file type detection
has been left out.
Ship with a minimal /etc/nanorc that the user can modify.
nanorc documentation at
https://www.nano-editor.org/dist/latest/nanorc.5.html
Provide color highlighting for the uci config files.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 6a51794638)
Please update to this latest release as soon as possible as this
releases fixes the following major security issues: CVE-2021-31439,
CVE-2022-23121, CVE-2022-23122, CVE-2022-23123, CVE-2022-23124,
CVE-2022-23125 and CVE-2022-0194.
For a summary of news and a detailed list of changes see the
ReleaseNotes[1].
[1]: https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 951ef67479)
If miniportal option is enabled, some haserl scripts are provided which
present a simple login web page. To make it functional haserl is required.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 532088818a)
- add missing configs to PKG_CONFIG_DEPENDS and sort it
- remove redundant INSTALL_DIR
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 2c71fb2065)
Includes fixes for:
* Windows builds updated to bzip2 1.0.8 to mitigate CVE-2016-3189 and
CVE-2019-12900
* CVE-2022-26488: Escalation of privilege via Windows Installer
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Fixes security issues:
* CVE-2022-0396 -- A synchronous call to closehandle_cb() caused
isc__nm_process_sock_buffer() to be called recursively,
which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when
out-of-order processing was disabled.
* CVE-2021-25220 -- The rules for acceptance of records into the cache
have been tightened to prevent the possibility of
poisoning if forwarders send records outside
the configured bailiwick.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
The FreeBSD project stopped publishing HTTP date headers and seeks to
limit further resource taxing by distributed htpdate clients using the
www.freebsd.org host as default time source.
Fixes: #17924
Reported-by: Allan Jude <allanjude@freebsd.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e871318002)
Update nano to 6.2.
Remove inactive second maintainer.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit a3f14c5114)
[removed AUTORELEASE]
The runtime testing always ran on master branch aka snapshots since the
branch wasn't passed over to the container execution!
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit f535d77090)
