Refreshed 001-disable-extra-stressors.patch
Dropped 002-disable-compiler-test.patch
- no longer needed since commit a24c7f2048
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Backport PCRE2 patches from upstream and move package to PCRE2 library
as PCRE is EOL and won't receive any security update anymore.
Patch are backported with minimal change, only the Changelog change is
commented out as it would conflict and makes no sense to adapt for the
purpose of backport patches.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The package should not only depend on a package dropbear but on the dbclient.
Otherwise the dbclient may be disabled during compilation and the dependency will be not satisfied.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
"Iran Hosted Domains" is a comprehensive list of Iranian domains and services that are hosted within the country.
Signed-off-by: Kaveh Dadgar <Kavehdadgar666@protonmail.com>
Changes to protocol file and it's description.
Works better now and restarts firewall automaticly
when tunnel comes available. More informative/guiding
description.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
* Enable `with_ech` and `with_dhcp`, just like upstream
* See changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.5.2
Signed-off-by: Leo Douglas <douglarek@gmail.com>
sing-box: ShadowsocksR is marked as deprecated since v1.5.0
Signed-off-by: Leo Douglas <douglarek@gmail.com>
sing-box: remove dhcp by default
Signed-off-by: Leo Douglas <douglarek@gmail.com>
This tool allows for acquiring the current time from
the cellular network for configuring the local clock.
Compared to NTP, this has the advantage of nut using up
mobile traffic.
It takes advantage of the AT+QLTS command found on Quectel
modems. This functionality depends on support of the mobile
network.
Compile-tested: ath79-nand
Run-tested: ath79-nand (GL.iNET GL-XE300)
Signed-off-by: David Bauer <mail@david-bauer.net>
This program can be used to obtain information stored on the bdinfo
parition found on routers from Shenzhen Cudy Technology.
While this tool is not necessary for operation with OpenWrt, it can be
helpful to decrypt information generated by the stock firmware as well
as to obtain additional device-specific information.
Signed-off-by: David Bauer <mail@david-bauer.net>
A user may have some host configured in the .ssh/config with user and port.
But we anyway have to specify them in the sshtunnel.
The change fixes this
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
The dbclient doesn't support the -o StrictHostKeyChecking but it has it's own -y option:
-y Always accept remote host key if unknown
-y -y Don't perform any remote host key checking (caution)
So we can add these options to make the StrictHostKeyChecking working.
The dbclient will ignore -o StrictHostKeyChecking but use the -y or -yy instead.
The only problem is that the -y flag is also used by the openssh-client:
-y Send log information using the syslog(3) system module. By default this information is sent to stderr.
This is not critical and once the dbclient start to support the StrictHostKeyChecking we can remove the -y flag.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Without the option the ssh will propt a user to accept the host key.
So a user should perform a connection manualy and accept before useing the sshtunnel.
The accept-new is a reasonable trade off.
Also the LogLevel is INFO by default.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Simplify comment and make it shorter.
Remove triling tab after retrydelay.
Use a full path for IdentityFile because otherwise the uci validation fails with the relative path ~/.ssh
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
This is a security release.
JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which
could be triggered by externally-supplied input. Found by Trend Micro.
CVE-2023-42115
JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42116
JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42114
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
v1.13.0
This release includes more Neon and AVX2 optimizations, adds a new codec
control to set per frame QP, upgrades GoogleTest to v1.12.1, and includes
numerous bug fixes.
v1.13.1
This release contains two security related fixes. One each for VP8 and VP9.
- https://crbug.com/1486441 (CVE-2023-5217)
- Fix bug with smaller width bigger size (CVE-2023-44488)
Fixes#22318
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
The samples in the repo are useful for configuring cenrtain aspects of
ddns, and their inclusion is hinted at within their source code
Signed-off-by: Julian Grinblat <julian@dotcore.co.il>
Replace the PYTHON3_PYMYSQL_SHA_PASSWORD_SUPPORT option, which is
causing circular dependencies, with a meta-package that installs both
python3-pymysql and python3-cryptography.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
