This is a security and bugfix release.
Security
o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service
o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS query IDs
o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation
Fixing libcares.pc
The pkg-config file libcares.pc in version 1.19.1 has been changed to be unsuitable for OpenWrt
and causes build errors with Openwrt packages that use libcares.
For this reason, libcares.pc was replaced.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
* Support MAC-/IPv4/IPv6 ranges in CIDR notation
* Support concatenation of local MAC addresses with IPv4/IPv6 addresses, e.g. to enforce dhcp assignments (see readme)
* small fixes & cosmetics
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
Update to v18.16.1
The following CVEs are fixed in this release:
* CVE-2023-30581: mainModule.__proto__ Bypass Experimental Policy Mechanism (High)
* CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
* CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium)
* CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium)
* CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium)
* OpenSSL Security Releases (Depends on shared library provided by OpenWrt)
* OpenSSL security advisory 28th March.
* OpenSSL security advisory 20th April.
* OpenSSL security advisory 30th May
* c-ares vulnerabilities: (Depends on shared library provided by OpenWrt)
* GHSA-9g78-jv2r-p7vc
* GHSA-8r8p-23f3-64c2
* GHSA-54xr-f67r-4pc4
* GHSA-x6mf-cxr9-8q6v
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
OpenELP is an open source EchoLink proxy for Linux and Windows. It aims
to be efficient and maintain a small footprint, while still implementing
all of the features present in the official EchoLink proxy.
Signed-off-by: Scott K Logan <logans@cottsay.net>
Parallel build does not work because it may reach a point where OSTYPE
might be needed before it is actually built. They appear to run
parallel to each other:
echo slx > OSTYPE
[...]
cat: OSTYPE: No such file or directory
sh: line 1: test: too many arguments
cat: OSTYPE: No such file or directory
Already built for -- you must do "make clean" first
make[6]: *** [Makefile:706: rebuild] Error 1
make[6]: *** Waiting for unfinished jobs....
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
1.45.0
* linux: introduce io_uring support
* src: add new metrics APIs
* unix,win: give thread pool threads an 8 MB stack
* win,unix: change execution order of timers
1.44.2
* loop: better align order-of-events behavior between platforms
* zos: fix fs event not fired if the watched file is moved/removed/recreated
* win: Fix pipe resource leak if closed during connect (and other bugs)
* zos: don't error when killing a zombie process
* macos: avoid posix_spawnp() cwd bug
* kqueue: skip EVFILT_PROC events when invalidating events for an fd.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
arp-whisper listens to ARP requests on a network interface and responds
to them based on a list of IP-MAC address mappings defined in a
configuration file
Signed-off-by: Facundo Acevedo <facevedo@disroot.org>
The 'ipq807x' target was renamed to be 'qualcommax' (and ipq807x was
set as subtarget). Adjust plugin target dependencies to this renaming.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
mhz is a tool for mathematically calculating the current CPU frequency, it
has proven to be a really good help while developing CPU frequency scaling
solutions as it allows to independently prove that scaling actually works.
Now that the author has added a license we can package it for the all to
use.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Tests are breaking compilation for mipsel targets because of the removal
of the sysmips call. Let's just not build them.
While at it, remove patches from 1.1 version and move the current ones
to the default 'patches' directory.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
- armvirt target has been renamed to armsr (Arm SystemReady) [1].
- armsr-armv8 has been switched to aarch64_generic architecture [2].
1. 40b02a2301
2. e0f06ddc23
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
armvirt target has been renamed to armsr (Arm SystemReady) [1],
so the dependency need to be changed as well.
40b02a2301
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
armvirt target has been renamed to armsr (Arm SystemReady) [1],
so the dependency need to be changed as well.
1. 40b02a2301
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
If an alias name is used for the modem, then a check if the device exists
in sysfs does not work. To fix this remove the check if the sysfs device
exists. The protocoll handler already checks if the modem is responsible
for this device on the next line.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
On small systems with many virtual devices, the modem manager sometimes
could not start because it took too long until all devices for the modem
were recognised. This is because all system events that are stored in
the file events.cache have to be processed. To speed up the processing,
all devices under /sys/devices/virtual are now filtered out so that they
do not have to be processed.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
ICU 73.2 updates to CLDR 43.1 locale data. These are maintenance releases for ICU 73 and CLDR 43, with limited sets of bug fixes and no API or structural changes.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Automatically compute and substitute current values for all
$(COMMITCOUNT) instances as this feature is deprecated and shouldn't be
used.
Based on commit 0c10c224be:
Change COMMITCOUNT in rules.mk to:
```
COMMITCOUNT = $(if $(DUMP),0,$(shell sed -i "s/\$$(COMMITCOUNT)/$(call commitcount)/" $(CURDIR)/Makefile))
```
then update all affected packages by:
```
for i in $(git -C feeds/packages grep -l COMMITCOUNT | sed 's^.*/\([^/]*\)/Makefile^\1^';);
do
make package/$i/clean
done
```
Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
This reverts commit a2e76e4978.
Now that the issue is fixed on gcc side (see openwrt/openwrt@7b4a966),
we can revert this workaround here.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Fix a bug on installation of nginx-mod-luci where module.d directory
is not found and luci.module creation fails.
Correctly create empty directory for module.d include for dynamic module
loading by placing file in this directory.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
When using both ipv4 and ipv6 entries on the same host, ddns is clearing A
(or AAAA) record depending on the connection (ipv4 or ipv6).
see https://desec.readthedocs.io/en/latest/dyndns/update-api.html#determine-ip-addresses
Signed-off-by: Baptiste Fouques <bateast@duck.com>
Update comment and bump PKG_RELEASE number.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Release Information:
https://gitlab.com/gpsd/gpsd/-/blob/release-3.25/NEWS?ref_type=tags
Remove the backport that is now contained in the release:
- 003_sconscript-cross-platform-build-support.patch
Latest olsrd version needs this bump.
Signed-off-by: Nick Hainke <vincent@systemli.org>
