Kea expects /var/run/kea to exist. Without it, errors occur:
Mon Jun 13 10:31:45 2022 daemon.err kea-dhcp6[2977]: Unable to use interprocess sync lockfile (No such file or directory): /var/run/kea/logger_lockfile
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
From the changelog…
o Major bugfixes (congestion control, TROVE-2022-001):
- Fix a scenario where RTT estimation can become wedged, seriously
degrading congestion control performance on all circuits. This
impacts clients, onion services, and relays, and can be triggered
remotely by a malicious endpoint. Tracked as CVE-2022-33903. Fixes
bug 40626; bugfix on 0.4.7.5-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on June 17, 2022.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2022/06/17.
o Minor bugfixes (linux seccomp2 sandbox):
- Allow the rseq system call in the sandbox. This solves a crash
issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug
40601; bugfix on 0.3.5.11.
o Minor bugfixes (logging):
- Demote a harmless warn log message about finding a second hop to
from warn level to info level, if we do not have enough
descriptors yet. Leave it at notice level for other cases. Fixes
bug 40603; bugfix on 0.4.7.1-alpha.
- Demote a notice log message about "Unexpected path length" to info
level. These cases seem to happen arbitrarily, and we likely will
never find all of them before the switch to arti. Fixes bug 40612;
bugfix on 0.4.7.5-alpha.
o Minor bugfixes (relay, logging):
- Demote a harmless XOFF log message to from notice level to info
level. Fixes bug 40620; bugfix on 0.4.7.5-alpha.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
- convert autossh into procd instances
- add new uci config options to handle local and remote
port forwarding
- remove hotplug down actions causing service to stop on
any interface down event
Signed-off-by: Jaymin Patel <jem.patel@gmail.com>
Remove upstreamed patches:
- 100-fix-setstacksize-for-glibc-2.34.patch
Refresh patches:
- 200-logdest-on-foreground.patch
Changes:
Misc:
- OpenSSL 3.0 compatibility
Bug Fixes:
- Fix refused startup with openssl <1.1
- Fix compiler issue for Fedora 33 on s390x
- Fix small memory leak in config parser
- Fix lazy certificate check when connecting to TLS servers
- Fix connect is aborted if first host in list has invalid certificate
- Fix setstacksize for glibc 2.34
- Fix system defaults/settings for TLS version not honored
Signed-off-by: Nick Hainke <vincent@systemli.org>
luajit provides higher performance for requests handled in Lua hooks.
It also enables access to dnsdist functionality only exposed via FFI,
and allows configurations/hooks to call functions in any C library
without providing separate bindings.
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
- New major LTS release (https://www.mail-archive.com/haproxy@formilux.org/msg42371.html)
- Sadly, no QUIC/H3 support for now because the QuicTLS library - which is a fork of OpenSSL - would be needed. However, we do not have a package for that and I currently do not want to build and statically link it into the haproxy package
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
1. Switched to use prebuilt web files to get rid of massive Node.js.
2. Increased nofile limitation to avoid "too many open files" error.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
mdio-tools have a app dedicated to reading Marvell Link Street switch
properties which is really usefull to not have to manually do it via
MDIO.
So, install the mvls binary as well.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Update the mdio-netlink kmod and userspace mdio-tools to version 1.1.1.
mdio-tools required a musl time64 compatibility fix that I have an PR
open for already.
Changelog:
[v1.1.1] - 2022-05-23
---------------------
Tiny bugfix release.
- mdio: The bench operation is now much more reliable when stacked on
other devices than regular PHYs (e.g. paged PHYs or Marvell
switches).
- mvls: The STU can now be dumped chips from the Peridot generation.
[v1.1.0] - 2022-05-04
---------------------
A sprawling release, adding various mvls related introspection
features. mvls also gains a JSON output format.
- mvls: The STU can now be dumped (requires Linux 5.17 or later). This
is useful now that mv88e6xxx supports offloading of MST states
- mvls: Output can now be formatted as JSON for easier scripting
- mdio: mvls: A subset of MIB counters can now be dumped. This let's
you get at counters for DSA ports, which are not reachable from
ethtool
- mdio: mvls: The LAG mask and LAG map tables can now be dumped
- mdio: Improve usage message by including the examples from the
manual
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
This fixes "too many open files" error caused by max-file limitation
when xray processes large traffic.
Reported-by: Terry Ding <terryding77@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Major changes are:
Add support for Heimdal as the Kerberos 5 implementation.
Add smbd max io size parameter.
Accept global share options.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
