Full changelog at https://github.com/eclipse/mosquitto/blob/v1.5.3/ChangeLog.txt
Primary change:
CVE fix for CVE-2018-12543 - prevent crash on topics that begin with $
but are not $SYS
Selected other fixes relevant to OpenWrt since 1.5.1:
- Fix retained messages not sent by bridges on outgoing topics at the first
connection. Closes#701.
- Fix duplicate clients being added to by_id hash before the old client was
removed. Closes#645.
- Fix excessive CPU usage when the number of sockets exceeds the system limit.
Closes#948.
- Fix for bridge connections when using WITH_ADNS=yes.
- Fix round_robin false behaviour. Closes#481.
- Fix segfault on HUP when bridges and security options are configured.
Closes#965.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Move setting global enabled flag from /etc/init.d/mwan3 to mwan3
command. So we could start mwan3 from the cmd mwan3 as well.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
- The original copy process is to delete all routing tables first,
then add new routing table. This process is too slow and very dirty.
- We use grep to identify the changes and apply them.
- ignore ipv6 unreachable routes
- update version number
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
This adds a metapakcge for acme luci ap without uhttpd dependency and adds entities and check to stop handle nginx server and modify the certificate set automatically.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Should be faster.
Rearranged Makefile slightly for consistency with other packages.
Version 3.5.6 and above are relicensed to GPL-2.0.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fix the init script to allow access from IPv6 subnets of the interface
specified in allow section in /etc/config/chrony.
Fixes issue #7039.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
- adjust a few UCI translations to coordinate with upstream defaults
- remove OpenSSL < 1.1.0 API log error patch which is included upstream
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
* if <keyutils.h> is found krb5 pulls in the lib, which than fails to link because of a missing -fPic in libkeyutils.so
* keyutils 1.5.11 will depend on krb5, so we disable it in krb5 to avoid circular dependency
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* update to 4.9.0
* move vfs_xattr_tdb to defaults
* add vfs_audit, vfs_extd_audit, vfs_full_audit to AD-DC variant
* disable jansson, libarchive by default, enabled for AD-DC variant
* update waf answers
Noteable smb.conf changes:
* store dos attributes Default changed yes
* ea support Default changed yes
Fixes: Timemachine "The identity of the Backup disk ... has changed since the previous backup."
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Commit 6cd8fcabe added ipsec hotplug script support by calling "exec
/sbin/hotplug-call ipsec".
Using the exec call breaks the insertion of iptables rules by the _updown.in
script as hotplug-call just replaces the current shell meaning the commands
following exec do not run since the shell is replaced and as a result lead to
connectivity issues.
Fix this by removing the exec command in front of /sbin/hotplug-call.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
libbsd may compile before nfs-kernel-server, it will make
nfs-kernel-server depends libbsd.so.0, that is not we want to see. so
gave option to 'configure' to disable libbsd detect and tell it we have
no libbsd
Signed-off-by: Guo Li <uxgood.org@gmail.com>
