- rename the section instance to yggdrasil (feat. request)
- allow zone to cover both ip4 and ip6 fam
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit 2baab77b77)
For now, disable mqtt as it was automatically enabled as the build
system finds compiled libpaho-mqtt-c and requires dependency.
---
Here is the output:
Package syslog-ng is missing dependencies for the following libraries:
libpaho-mqtt3c.so.1
---
This is a new feature since syslog-ng 3.33.1 and if anyone is interested
in it, it can be enabled.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit e319e89fde)
- Release notes:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.33.1
- Bump version in config
It fixes:
WARNING: Configuration file format is too old, syslog-ng is running in compatibility mode. Please update it to use the syslog-ng 3.33 format at your time of convenience. To upgrade the configuration, please review the warnings about incompatible changes printed by syslog-ng, and once completed change the @version header at the top of the configuration file; config-version='3.31'
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 2b4be08a8c)
While bumping czmq to version 4.2.1 from master branch into OpenWrt
19.07, it automatically detects nss when compiled before czmq.
These steps can verify this:
make package/nss/compile V=s
make package/czmq/compile V=s
Then czmq requires many dependencies:
Package czmq is missing dependencies for the following libraries:
libnspr4.so
libnss3.so
libnssutil3.so
libplc4.so
libplds4.so
libsmime3.so
libsoftokn3.so
libssl3.so
And this fails. If you are using SDK and wants to have just a few
packages then czmq gets compiled if any of those packages are not
present in build system.
This was also mentioned in the release notes for czmq 4.2.1:
https://github.com/zeromq/czmq/releases/tag/v4.2.1
> Note for packagers: NSS can now be used and linked against to avoid using
an internal embedded reimplementation of SHA. It is enabled by default if
present.
NSS was disabled before, so let's disable it.
This is required only for OpenWrt 19.07 as this is done differently in OpenWrt 21.02 and OpenWrt
master and czmq is compiled there.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Fixes:
CVE-2019-17567
CVE-2020-13938
CVE-2020-13950
CVE-2020-35452
CVE-2021-26690
CVE-2021-26691
CVE-2021-30641
CVE-2021-31618
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(partially cherry picked from commit 6dfd07097d)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[removed patch, which is not in OpenWrt 19.07 branch, used integer in
PKG_RELEASE instead of autorelease]
By default, there was used sks-keyservers.net pool, which has invalid
SSL certificate and they also announced that their service is deprecate
and no longer maintained.
Use the same GPG server as LXC is using by default in the newer
releases.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Backport from 21.02 in order to satisfy dependencies of snort3 to allow
upgrade to stable version of snort3 from beta available now.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
The luci app scan the script and search for params in the form of
$required_params.
This script use the form "${required_params}" and cause confusion
with the luci app by hiding needed values. Fix this by using the
standard way to declare required params following other ddns scripts.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
This reverts commit 29da5d65b6.
That fix doesn't work fully correct as the egg directory has version 0.0.0.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Fixes https://github.com/openwrt/packages/issues/15988
It seems that the newer setuptools-scm package (6.0.1) has some
Python3-only syntax.
For the 19.07 release, where Python2 is still around this causes the
python-dateutil package to fail to build.
See https://github.com/pypa/setuptools_scm/issues/541
However, removing 'setuptools-scm' from the build also works.
This change does that.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Building the xr_usb_serial module fails for recent 4.14 kernel with
CONFIG_PM enabled:
xr_usb_serial_common.c:1574:15: error: 'ASYNCB_INITIALIZED' undeclared
(first use in this function); did you mean 'RCU_INITIALIZER'?
Use tty_port_initialized in order to determine the status of the TTY
port.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 69cf7836df)
Fixes the following security issues:
* CVE-2021-25216 - A specially crafted GSS-TSIG query could cause a buffer
overflow in the ISC implementation of SPNEGO.
* CVE-2021-25215 - named crashed when a DNAME record placed in the ANSWER
section during DNAME chasing turned out to be the final
answer to a client query.
* CVE-2021-25214 - Insufficient IXFR checks could result in named serving a
zone without an SOA record at the apex, leading to a
RUNTIME_CHECK assertion failure when the zone was
subsequently refreshed. This has been fixed by adding an
owner name check for all SOA records which are included
in a zone transfer.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
