* new 'ca-bundle' dependency as all https connections
are now validated by default
* automatically select the download utility: 'aria2', 'curl',
'uclient-fetch' with libustream-* or wget are supported
* track & ban failed LuCI login attempts as well
* add a small log/banIP background monitor to block
SSH/LuCI brute force attacks in realtime (disabled by default)
* add a config version check (please update your default config!)
* made the automatic wan detection more stable
* fix the IPv6 logfile parser
* fix the service status message
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit ff8b853a6d)
These patches address issues:
CVE-2019-16056: email.utils.parseaddr mistakenly parse an email
CVE-2019-16935: A reflected XSS in python/Lib/DocXMLRPCServer.py (for
Python 2.7)
CVE-2019-16935 was fixed for python3 in #10109
Links to Python issues:
https://bugs.python.org/issue34155https://bugs.python.org/issue38243
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This release incorporates fixes for CVE-2019-13224 and CVE-2019-13225,
and "fixed many problems (found by libfuzzer programs)."
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit b7d0a82a7f)
Add code blocks for easier reading and change "dns" to "DNS".
Signed-off-by: Claudius Ellsel <claudius.ellsel@live.de>
(cherry picked from commit 088a14e5ce)
This can be helpful for example in hotels where you need to
enter a new user/password combination every week.
Signed-off-by: Johannes Rothe <mail@johannes-rothe.de>
(cherry picked from commit a7f87f939d)
Go 1.13 added a new -trimpath option to the "go build" command[1] that
removes system paths from compiled executables. This replaces the
previous -trimpath flags.
There are still system paths in the compiled executable (for crti.o and
crtn.o, when cross-compiling); these appear to be stripped during the
packaging process.
[1]: https://golang.org/doc/go1.13#trimpath
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry-picked from commit 22ee6e86a0)
Patch 002 - Force Python3 is no longer applying, let's try to throw it
away to see if it is still necessary
Patch 003 - Was backported from the master branch and it was included in
Netdata version 1.17.0
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit 5e89816)
Repository was moved.
Also cleaned up Makefile slightly.
Ran init script through shellcheck.
Added PKG_BUILD_PARALLEL for faster compilation.
Added several CFLAGS and LDFLAGS for smaller size.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from f3245e6c7d)
When passing -Wimplicit-function-declaration
Also got rid of std=gnu89. It's easy to patch out.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 1b5e4883a4)
Cleaned up Makefile for consistency between packages.
Switched to CMAKE_INSTALL to get rid of the InstallDev section.
Refreshed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 2e2929366b)
The libyajl cleanup commit revealed that it was not being installed
correctly. Now that it is, mpd picks it up properly.
Enabled SoundCloud support for the full variant. Disabled for the mini.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 835bc1df03)
