For every mysql* binary create corresponding mariadb binary and vice
versa.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 2295c351ed)
Do not pick just few random SQL files to install, install all of them.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 4653d83048)
Remove from default configuration options that are compiled in like
default paths and character set. On the other hand add few examples of
tweak options that might be handy.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit a2c1a57282)
Update init script so other user/group can be used. Also make sure that
init script can actually create an empty database instead of forcing the
user to do it by hand. Other new feature is taking care of migration
of the database when upgrading the database.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 1be35284bb)
The raison d'être of package mariadb-common was to provide common my.cnf
config file that was being used to include subdirectories and then to
push utf-8 as default everywhere. Let's make this file part of the
server package as there we actually set other options as well and drop
it from all clients. Instead let's set utf-8 as default in server,
client and client libraries. While at it also set socket to the more
common path and drop mysqld_safe script from the list of configuration
files and do other minor tweaks.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit d8ecded02d)
Also bump the version in syslog-ng config file.
Removes this warning:
Nov 16 14:19:41 turris syslog-ng[15159]: WARNING: Configuration file format is too old, syslog-ng is running in compatibility mode. Please update it to use the syslog-ng 3.35 format at your time of convenience. To upgrade the configuration, please review the warnings about incompatible changes printed by syslog-ng, and once completed change the @version header at the top of the configuration file; config-version='3.33'
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 2d2fd36e28)
ICU 70 released. It updates to Unicode 14, including new characters, scripts, emoji, and corresponding API constants. ICU 70 adds support for emoji properties of strings. It also updates to CLDR 40 locale data with many additions and corrections. ICU 70 also includes many other bug fixes and enhancements, especially for measurement unit formatting, and it can now be built and used with C++20 compilers.
This change will require minor modifications in php7 and php8.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
As written in the commit message:
Depending on your conntrackd configuration, events might get lost,
leaving stuck entries in the cache forever. Skip checking the conntrack
ID to allow for lazy cleanup by when a new entry that is represented by
the same tuple is added.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit da619f19f4)
This fixes:
- CVE-2021-21707
Also drop upstream patch which is included in the release now.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 2e9c1a00ea)
This fixes:
- CVE-2021-21707
Also drop upstream patch which is included in the release now.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit c6f27671a3)
Reasons to drop this package:
a) this package depends on luci-app-rosy-file-server
Unfortunately, it was marked as broken as it is unmaintained.
See: 34b682afac
b) maintainer is inactive
c) rosinson website does not seem to be working
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit f1893a426a)
Contains fixes for:
* CVE-2021-41771: ImportedSymbols in debug/macho (for Open or OpenFat)
accesses a memory location after the end of a buffer
* CVE-2021-41772: archive/zip Reader.Open panic via a crafted ZIP
archive containing an invalid name or an empty filename field
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 901f80aae7)
Remove parsing of data which is not used within `auc`. Later iterations
may use these but they can be gradually added whenever needed.
Also remove HTTP code handling of error codes no longer used by the
backend. Early iterations of the server where infinitely complex to
figure out created images and announce them to clients but ever since
everything is stored in JSON, things got better (aka simpler).
If a package is missing on the upstream server, color it in red.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 6527d65b9b)
Currently `auc` uses the outdated /json/ path, this commit uses
/json/v1/ to be more future proof.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 69b5c28929)
* use username/group 'exim' instead of mail
* register configuration file
* make sure /usr/lib/exim/lookups exists
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 66a62e2fcf)
Ship default configuration /etc/exim/exim.conf as well as
a simple procd init script. Enable building with LMTP for better
integration with dovecot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 31d12ead78)
Several exploitable vulnerabilities in Exim were reported to us and are
fixed.
Local vulnerabilities
- CVE-2020-28007: Link attack in Exim's log directory
- CVE-2020-28008: Assorted attacks in Exim's spool directory
- CVE-2020-28014: Arbitrary PID file creation
- CVE-2020-28011: Heap buffer overflow in queue_run()
- CVE-2020-28010: Heap out-of-bounds write in main()
- CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()
- CVE-2020-28016: Heap out-of-bounds write in parse_fix_phrase()
- CVE-2020-28015: New-line injection into spool header file (local)
- CVE-2020-28012: Missing close-on-exec flag for privileged pipe
- CVE-2020-28009: Integer overflow in get_stdinput()
Remote vulnerabilities
- CVE-2020-28017: Integer overflow in receive_add_recipient()
- CVE-2020-28020: Integer overflow in receive_msg()
- CVE-2020-28023: Out-of-bounds read in smtp_setup_msg()
- CVE-2020-28021: New-line injection into spool header file (remote)
- CVE-2020-28022: Heap out-of-bounds read and write in extract_option()
- CVE-2020-28026: Line truncation and injection in spool_read_header()
- CVE-2020-28019: Failure to reset function pointer after BDAT error
- CVE-2020-28024: Heap buffer underflow in smtp_ungetc()
- CVE-2020-28018: Use-after-free in tls-openssl.c
- CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash()
The update to 4.94.2 also integrates a fix for a printf format issue
previously addressed by a local patch which is removed.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c241cb12bb)
A lot of changes since 3.3.1.
Full (long) lists of release notes between
versions are available at
https://github.com/containers/podman/releases
containers.conf updated
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 3e5761d6cd)
Earlier versions of podman did not make use of TMPDIR when running "podman
run ...". Podman's default, /var/tmp, presents a problem to rootless
use since OpenWrt's /var/tmp does not permit writes by non-root users.
Podman 3.3.1 makes full use of TMPDIR.
This is part of an attempt to get rootless podman to work on OpenWrt.
See https://github.com/openwrt/packages/issues/15096.
See also the upstream issue at
https://github.com/containers/podman/issues/10698.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit 416eced174)
