libmariadb 10.2 needs to be linked in together with iconv.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit b695c1150a)
Even on a powerful platform a collectd process'
activities are sometimes affecting throoughput and
latency. This is a backgroud process, that should not
be running with default priority.
Even if it is a little deplayed, that is not a worry in
this case. The routing should be the main priority,
stats collection can wait a bit.
Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
Make niceness more moderate, bump version.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit b33ec70c95)
Hard float includes: mp3lame
Soft float includes: shine (mp3 encoder)
libx264 is included when selected iff BUILD_PATENTED is true.
fdk-aac will not be available in libffmpeg-full due to incompatible license with libx264.
Custom builds can override licensing restrictions but results may not be re-distributable.
Signed-off-by: Ted Hess <thess@kitschensync.net>
Notable Changes (copied from release notes):
Various fixes from MySQL 5.6.42: MDEV-17533, MDEV-17532, MDEV-17531
MDEV-16465: fixed a bug with DDL and FOREIGN KEY
Fulltext index fixes:
MDEV-12547: extended the range of innodb_ft_result_cache_limit on 64-bit systems
MDEV-16865: InnoDB fts_query() ignores KILL
Fixes for the following security vulnerabilities:
CVE-2018-3282
CVE-2016-9843
CVE-2018-3174
CVE-2018-3143
CVE-2018-3156
CVE-2018-3251
OpenWrt changes:
- dropped obsolete ucontext patch (issue fixed upstream)
- refreshed 130-c11_atomics.patch
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This is basically same commit that took place in master 3 weeks ago.
gcc-7 with -Os makes inline functions disappeard. It is caused by
the new C11 inline semantics. pass option -fgnu89-inline to gcc let
it use gnu inline semantics.
see https://wiki.debian.org/GCC7#Porting_help
Compile tested on 18.06. Run tested on OpenWrt 18.06.1 r7258-5eb055306f
QEMU Virtual CPU version (cpu64-rhel6)
Signed-off-by: Jean-Michel Lacroix <lacroix@lepine-lacroix.info>
I used podman/buildah to build this image, and the local sha256 is not the same than
the docker hub sha256. The layers are the same, so maybe just docker hub changing the manifest
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Fix only release, including:
* CVE-2018-16396: Tainted flags are not propagated in Array#pack
and String#unpack with some directives
* CVE-2018-16395: OpenSSL::X509::Name equality check does not work
correctly
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 74216a55e1)
The only known user of this library is currently unable to get their
application to work with with the fixed 0.7.6 release of this library.
To prevent accidental use by unknown parties of a flawed library, mark
it as BROKEN.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 14ad4cb976)
The last commit added PKG_CPE_ID and now uscan detects a CVE that I missed
Reordered patches by date
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[tweaked commit message]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 394ff73e53)
Patches taken from official git repository.
Added PKG_CPE_ID for proper CVE tracking.
Added PKG_BUILD_PARALLEL for faster compilation.
Also adjusted Makefile to be more similar to other projects.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 6f0ff25503)
Full changelog at https://github.com/eclipse/mosquitto/blob/v1.5.3/ChangeLog.txt
Primary change:
CVE fix for CVE-2018-12543 - prevent crash on topics that begin with $
but are not $SYS
Selected other fixes relevant to OpenWrt since 1.5.1:
- Fix retained messages not sent by bridges on outgoing topics at the first
connection. Closes#701.
- Fix duplicate clients being added to by_id hash before the old client was
removed. Closes#645.
- Fix excessive CPU usage when the number of sockets exceeds the system limit.
Closes#948.
- Fix for bridge connections when using WITH_ADNS=yes.
- Fix round_robin false behaviour. Closes#481.
- Fix segfault on HUP when bridges and security options are configured.
Closes#965.
Signed-off-by: Karl Palsson <karlp@etactica.com>
musl libc (http://musl-libc.org lack the non-standard <fpu_control.h>
header, which is used in src/os/linux/{i386,x86_64}/init.c files to
setup the floating point precision. This patch makes it use the
standard C <fenv.h> header instead.
Original patch at Felix Janda at
https://sourceforge.net/p/jamvm/patches/6/
Signed-off-by: Guo Li <uxgood.org@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Makefile and package changes to support builds with both Python 2.x and Python 3.x versions.
Python versioning is automatically configured from lang/python repository xxx-version.mk files.
Signed-off-by: Ted Hess <thess@kitschensync.net>
Commit 6cd8fcabe added ipsec hotplug script support by calling "exec
/sbin/hotplug-call ipsec".
Using the exec call breaks the insertion of iptables rules by the _updown.in
script as hotplug-call just replaces the current shell meaning the commands
following exec do not run since the shell is replaced and as a result lead to
connectivity issues.
Fix this by removing the exec command in front of /sbin/hotplug-call.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit d0ac611bf0)
Ipsec user script (/etc/ipsec.user) now get called indirectly by openwrt
"/sbin/hotplug-call". So other packages could also install their scripts
in "/etc/hotplug.d/ipsec".
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 6cd8fcabe6)
ibmariadb 10.2 needs to be linked in together with iconv.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 7a0aebbff2)
Commit ae5ee6ba6c added support for inbound
firewall rule support but some corner cases were not covered.
In case net-snmp is started and the network interface is already up
the procd firewall rule is created but not applied by fw3 as
service_started calling procd_set_config_changed firewall was missing.
When stopping net-snmp clean up the net-snmp inbound firewall rules in
iptables by calling procd_set_config_changed firewall in stop_service
which will trigger fw3 to remove the inbound firewall rules.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 0bd19db049)
libbsd gets picked up since it's no longer limited to glibc.
Patch identical to libtalloc one. Same codebase.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 33dc529e00)
