Since the new hotplug script in master was not backport (new feature),
for 18.06 branch revert the old behavior of running NUT daemons and
drivers as root by default to avoid permisions problems, but backport
fix the support for running as another user for those who can set the
appropriate permissions on the USB (or other) device.
Closes: #7742
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Defaulting to -fPIC is a bad idea, especially for executables (here:
sqlite3-cli). In short, there are certain security implications as well
as overhead/performance penalties. Details see:
https://wiki.gentoo.org/wiki/Project:Hardened/Position_Independent_Code_internals
The configure script is able to detect the need for PIC and adds the
flag when needed anyway (when compiling the library).
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
A remote code execution vuln has been found in sqlite. Infos available
here:
https://blade.tencent.com/magellan/index_en.html
sqlite 3.26.0 contains the fix.
This commit also changes source URL to https.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Backport and squash the following commits from master:
5790053eb nut: Add missing conffiles
ceff68837 nut: Reorganize nut-server to clarify nut-driver
f6a2a97d2 nut: Use 'real' procd init for nut-monitor
918a62f91 nut: Make FSD really work
a2f64b3ba nut: Reduce user error with POWERDOWNFLAG
461393810 nut: Use quotes around filenames
1b6dbe7a7 nut: Remove duplicate/extraneous lines
0a49d0ffb nut: Fix checking for path before it exists
3b5a8eee8 nut: Various startup fixes for monitor and server
44e57d4bd nut: Fix variables for NUT drivers
36fd59dc7 nut: Fix extraneous config_get
192b0f164 nut: Fix a typo in setting a driver parameter
f48b060fa nut: Fix upsd runs as root
And bump PKG_RELEASE
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
This bumps libtiff's minor version from 9 to 10. In addition to the CVE
fixes that we already included this fixes:
CVE-2017-17095
CVE-2018-17101
CVE-2018-18557
The update is 100% backwards compatible, no symbol changes.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Adds support for acl_plugin, and acl_opt_* options.
acl_opt_* requires some care as it relies on the internal behaviour of
cfg_load setting environment variables in a certain form. However,
given that _all_ of the cfg_load infrastructure relies on that, we can
be pretty sure that it won't change in a way that will hurt us.
Originally reported as: https://github.com/openwrt/packages/pull/7434
Signed-off-by: Karl Palsson <karlp@etactica.com>
This is the same change as the one on master
This is to change the init script to a procd init script
This also enable some additional parameters in the binary that
were present but not enabled:
The export file (option export_file)
The import file (option import_file)
The daylog (option daylog_file)
These are disabled by default. Also, the option to run as a daemon
is removed, as not compatible with procd.
There is no change in the binary.
Signed-off-by: Jean-Michel Lacroix <lacroix@lepine-lacroix.info>
Checking:
- Pull request does not contain unwanted merges
- signed-off-by tag exists and matches author
- Subject line has package name
- Author name has 'firstname lastname' (no nicknames)
Signed-off-by: Ted Hess <thess@kitschensync.net>
[Use git instead of CircleCI variables]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
libmariadb 10.2 needs to be linked in together with iconv.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit b695c1150a)
Even on a powerful platform a collectd process'
activities are sometimes affecting throoughput and
latency. This is a backgroud process, that should not
be running with default priority.
Even if it is a little deplayed, that is not a worry in
this case. The routing should be the main priority,
stats collection can wait a bit.
Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
Make niceness more moderate, bump version.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit b33ec70c95)
Hard float includes: mp3lame
Soft float includes: shine (mp3 encoder)
libx264 is included when selected iff BUILD_PATENTED is true.
fdk-aac will not be available in libffmpeg-full due to incompatible license with libx264.
Custom builds can override licensing restrictions but results may not be re-distributable.
Signed-off-by: Ted Hess <thess@kitschensync.net>
