The postinst script is sourced during image build, which causes the
follow failure:
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-x86_64_musl/root-x86/etc/init.d/lxc-auto: line 3: /lib/functions.sh: No such file or directory
postinst script ./usr/lib/opkg/info/lxc-auto.postinst has failed with exit code 1
Sourcing /lib/functions.sh is not needed, as /etc/rc.common does so
already. Unfortunately removing that line from the init script is not
enough to fix the problem. The postinst script should also check
IPKG_INSTROOT. As these two changes are unrelated, they should go in
separate commits, and the solution to the image build problem is to
revert the commit that introduced the breakage.
This reverts commit 2cde10b950.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
otherwise, a user would have to either manually run /etc/init.d/lxc-auto
boot or reboot the system to start using lxc.
originally committed in 2cde10b950
reverted in 039912dec5
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 7da7356539)
fix ldconfig build issue. This patch is a backport from upstream:
18c9cf7d37
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit 42c4d25455)
Commit 9bcea2de2c causes a dependency
problem with some out-of-tree packages which expect "DEPENDS:=+kmod-pcspkr".
To fix this problem, this commit restores a dependency definition to
the previous one on x86 target.
Signed-off-by: Yanase Yuki <dev@zpc.sakura.ne.jp>
(cherry picked from commit 8b1216fb49)
Beep is a target-independent software that can handle buzzers controlled by kmod-gpio-beeper.
This change is useful for some non-x86 enterprise APs and development boards
that have a buzzer connected to GPIO.
Compile-tested: ath79, ELECOM WAB-I1750-PS, 3fab4ac + device support patch
Run-tested: ath79, ELECOM WAB-I1750-PS, 3fab4ac + device support patch
Signed-off-by: Yanase Yuki <dev@zpc.sakura.ne.jp>
(cherry picked from commit 9bcea2de2c)
This can be finally re-reverted, so we can use version 3.1.13, which
fixes multiple security vulnerabilities, but it segfaults almost
immediately. There is currently pending pull request, which fixes this,
and multiple users confirmed that it works on different GNU/Linux distributions.
This reverts commit bfe255064e.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This fixes CVE-2022-23308.
Also switch to GNOME as download source and xz tarball.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 81fd836f97)
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
libxml2 seems to be required only during build, hence no need to
depend on it in run-time.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1f3585a387)
Since muninlite 2.0 the unpatched upstream also uses
/proc/sys/kernel/hostname. Thus the patch is not necessary anymore.
Signed-off-by: Lars Kruse <devel@sumpfralle.de>
* follow upstream ressources to github
* rename /usr/sbin/munin-node to /usr/sbin/muninlite
(following the chane of upstream)
* change plugin directory from /usr/sbin/munin-node-plugin.d/
to /etc/munin/plugins (compatible to upstream / munin-node)
* all patches (except one OpenWrt-specific patch) were merged
upstream
Signed-off-by: Lars Kruse <devel@sumpfralle.de>
We received a report from Turris user on Turris support department that
netatalk version 3.1.13 does not work properly.
Process afpd says: INTERNAL ERROR Signal 11
because of that Apple Time Machine does not work as it should
This was already reported to netatalk by different people on various
GNU/Linux distributions like CentOS, AlmaLinux [1] [2]
netatalk developer states [3]:
```
Generally, at this point I can only advice to stop using Netatalk. There
are more pending CVEs that I currently don't have the bandwidth to work on.
```
[1] https://sourceforge.net/p/netatalk/bugs/669/
[2] https://sourceforge.net/p/netatalk/bugs/670/
[3] https://sourceforge.net/p/netatalk/mailman/message/37638871/
This reverts commit 165c5625a3.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
otherwise, a user would have to either manually run /etc/init.d/lxc-auto
boot or reboot the system to start using lxc.
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 2cde10b950)
This fixes CVE-2022-24884.
Also update the package URL to match the source repository.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit de5671e582)
Fixes from 2.6.9:
- CVE-2021-41817: Regular Expression Denial of Service Vulnerability of
Date Parsing Methods
- CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
Fixes from 2.6.10:
- CVE-2022-28739: Buffer overrun in String-to-Float conversion
After this release, Ruby 2.6 reaches EOL.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
- Fixes CVE-2020-15803, CVE-2021-27927
- SourceForge does not provide tarball for version 4.0.37 and it was
necessary to use Zabbix CDN to download it.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Provide a new variant, nano-full, that enables almost
all functionality of nano. Only libmagic file type detection
has been left out.
Ship with a minimal /etc/nanorc that the user can modify.
nanorc documentation at
https://www.nano-editor.org/dist/latest/nanorc.5.html
Provide color highlighting for the uci config files.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 6a51794638)
Please update to this latest release as soon as possible as this
releases fixes the following major security issues: CVE-2021-31439,
CVE-2022-23121, CVE-2022-23122, CVE-2022-23123, CVE-2022-23124,
CVE-2022-23125 and CVE-2022-0194.
For a summary of news and a detailed list of changes see the
ReleaseNotes[1].
[1]: https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 951ef67479)
If miniportal option is enabled, some haserl scripts are provided which
present a simple login web page. To make it functional haserl is required.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 532088818a)
- add missing configs to PKG_CONFIG_DEPENDS and sort it
- remove redundant INSTALL_DIR
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 2c71fb2065)
Includes fixes for:
* Windows builds updated to bzip2 1.0.8 to mitigate CVE-2016-3189 and
CVE-2019-12900
* CVE-2022-26488: Escalation of privilege via Windows Installer
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Fixes security issues:
* CVE-2022-0396 -- A synchronous call to closehandle_cb() caused
isc__nm_process_sock_buffer() to be called recursively,
which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when
out-of-order processing was disabled.
* CVE-2021-25220 -- The rules for acceptance of records into the cache
have been tightened to prevent the possibility of
poisoning if forwarders send records outside
the configured bailiwick.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
