This release breaks the noexit patch, because the code for removing old
now returns an error when no interfaces are configured. As it is run on
startup, the daemon exits in this case. To avoid this, add an additional
check so an error is only returned in an actual error case.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
This is a security and bug fix release.
Security:
- CVE-2023-28366: Fix memory leak in broker when clients send multiple QoS 2
messages with the same message ID, but then never respond to the PUBREC
commands.
- CVE-2023-0809: Fix excessive memory being allocated based on malicious
initial packets that are not CONNECT packets.
- CVE-2023-3592: Fix memory leak when clients send v5 CONNECT packets with a
will message that contains invalid property types.
- Broker will now reject Will messages that attempt to publish to $CONTROL/.
- Broker now validates usernames provided in a TLS certificate or TLS-PSK
identity are valid UTF-8.
- Fix potential crash when loading invalid persistence file.
- Library will no longer allow single level wildcard certificates, e.g. *.com
Bugfixes of note or relevance to OpenWrt:
- Fix bridges with non-matching cleansession/local_cleansession being expired
on start after restoring from persistence. Closes#2634.
Client library:
- Use CLOCK_BOOTTIME when available, to keep track of time. This solves the
problem of the client OS sleeping and the client hence not being able to
calculate the actual time for keepalive purposes. Closes#2760.
Full changelog available at: https://github.com/eclipse/mosquitto/blob/v2.0.16/ChangeLog.txt
plus: https://github.com/eclipse/mosquitto/blob/v2.0.17/ChangeLog.txt
(2.0.17 fixes regressions from the 2.0.16 release)
Signed-off-by: Karl Palsson <karlp@tweak.au>
Update the mdio-netlink kmod and userspace mdio-tools to version 1.3.0.
[v1.3.0] - 2023-07-24
---------------------
Primarily widen the gamut of supported kernel versions, now supporting
all kernels from 5.2 and onwards.
- mvls: Support for 88E6320/88E6321
- mdio-netlink: Adapt to the upstream C22/C45 refactor.
Signed-off-by: Zhi-Jun You <hujy652@protonmail.com>
* quic-go v0.36.x cannot be compiled with Go 1.21. Update that
AdGuardHome dependency to latest one from v0.37 series.
* It fixes following compilation error:
go-mod-cache/github.com/quic-go/quic-go@v0.36.2/internal/qtls/go121.go:5:13: cannot use "The version of quic-go you're using can't be built on Go 1.21 yet. For more details, please see https://github.
com/quic-go/quic-go/wiki/quic-go-and-Go-versions." (untyped string constant "The version of quic-go you're using can't be built on Go 1.21 yet.
Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
Everything is working on pure upstream code.
Patching is not longer needed.
Added entire /etc/tailscale/ directory to conffiles for persistent ssh
host key & https certificate across sysupgrades.
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
Add new option to a config bridge section to indicate
if a bridge port added to the bridge should be isolated
or not. The default is 0 (no isolation).
example
config bridge
option interface 'br-mybridge1446'
option mtu '1446'
option isolate '1' # default '0'
Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
Fixes the commit 105fa3920e which was intended to make rust/host build
on aarch64 darwin working again. However, the fix contains a mistake
because it sets RUSTC_TARGET_ARCH instead of RUSTC_HOST_ARCH. Thus, the
fix doesn't work.
This properly sets the correct variable RUSTC_HOST_ARCH.
Fixes: 105fa3920e ("rust: fix host build on aarch64 darwin")
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
100_add_cross_platform_build_ability.patch was submitted upstream in
https://github.com/giampaolo/psutil/pull/2068, but that pull request was
closed without being merged.
This replaces that patch with a simpler version that only updates
setup.py, leaving the run-time library code unchanged.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
rust/host failed to compile on macOS running on Apple Silicon M1 Pro
because the host target triple is autogenerated to be
'arm64-unknown-linux-'. Rust doesn't have such a target triple, thus the
build failes because there are no pre-built artifacts for bootstrapping.
Fix this by setting RUSTC_HOST_ARCH to 'aarch64-apple-darwin' in case
our host is HOST_ARCH=arm64 and HOST_OS=darwin.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
