This fixes CVE-2022-23308.
Also switch to GNOME as download source and xz tarball.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 81fd836f97)
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
libxml2 seems to be required only during build, hence no need to
depend on it in run-time.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1f3585a387)
Since muninlite 2.0 the unpatched upstream also uses
/proc/sys/kernel/hostname. Thus the patch is not necessary anymore.
Signed-off-by: Lars Kruse <devel@sumpfralle.de>
* follow upstream ressources to github
* rename /usr/sbin/munin-node to /usr/sbin/muninlite
(following the chane of upstream)
* change plugin directory from /usr/sbin/munin-node-plugin.d/
to /etc/munin/plugins (compatible to upstream / munin-node)
* all patches (except one OpenWrt-specific patch) were merged
upstream
Signed-off-by: Lars Kruse <devel@sumpfralle.de>
We received a report from Turris user on Turris support department that
netatalk version 3.1.13 does not work properly.
Process afpd says: INTERNAL ERROR Signal 11
because of that Apple Time Machine does not work as it should
This was already reported to netatalk by different people on various
GNU/Linux distributions like CentOS, AlmaLinux [1] [2]
netatalk developer states [3]:
```
Generally, at this point I can only advice to stop using Netatalk. There
are more pending CVEs that I currently don't have the bandwidth to work on.
```
[1] https://sourceforge.net/p/netatalk/bugs/669/
[2] https://sourceforge.net/p/netatalk/bugs/670/
[3] https://sourceforge.net/p/netatalk/mailman/message/37638871/
This reverts commit 165c5625a3.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
otherwise, a user would have to either manually run /etc/init.d/lxc-auto
boot or reboot the system to start using lxc.
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 2cde10b950)
This fixes CVE-2022-24884.
Also update the package URL to match the source repository.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit de5671e582)
Fixes from 2.6.9:
- CVE-2021-41817: Regular Expression Denial of Service Vulnerability of
Date Parsing Methods
- CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse
Fixes from 2.6.10:
- CVE-2022-28739: Buffer overrun in String-to-Float conversion
After this release, Ruby 2.6 reaches EOL.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
- Fixes CVE-2020-15803, CVE-2021-27927
- SourceForge does not provide tarball for version 4.0.37 and it was
necessary to use Zabbix CDN to download it.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Provide a new variant, nano-full, that enables almost
all functionality of nano. Only libmagic file type detection
has been left out.
Ship with a minimal /etc/nanorc that the user can modify.
nanorc documentation at
https://www.nano-editor.org/dist/latest/nanorc.5.html
Provide color highlighting for the uci config files.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 6a51794638)
Please update to this latest release as soon as possible as this
releases fixes the following major security issues: CVE-2021-31439,
CVE-2022-23121, CVE-2022-23122, CVE-2022-23123, CVE-2022-23124,
CVE-2022-23125 and CVE-2022-0194.
For a summary of news and a detailed list of changes see the
ReleaseNotes[1].
[1]: https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 951ef67479)
If miniportal option is enabled, some haserl scripts are provided which
present a simple login web page. To make it functional haserl is required.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 532088818a)
- add missing configs to PKG_CONFIG_DEPENDS and sort it
- remove redundant INSTALL_DIR
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 2c71fb2065)
Includes fixes for:
* Windows builds updated to bzip2 1.0.8 to mitigate CVE-2016-3189 and
CVE-2019-12900
* CVE-2022-26488: Escalation of privilege via Windows Installer
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Fixes security issues:
* CVE-2022-0396 -- A synchronous call to closehandle_cb() caused
isc__nm_process_sock_buffer() to be called recursively,
which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when
out-of-order processing was disabled.
* CVE-2021-25220 -- The rules for acceptance of records into the cache
have been tightened to prevent the possibility of
poisoning if forwarders send records outside
the configured bailiwick.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
The FreeBSD project stopped publishing HTTP date headers and seeks to
limit further resource taxing by distributed htpdate clients using the
www.freebsd.org host as default time source.
Fixes: #17924
Reported-by: Allan Jude <allanjude@freebsd.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e871318002)
Update nano to 6.2.
Remove inactive second maintainer.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit a3f14c5114)
[removed AUTORELEASE]
The runtime testing always ran on master branch aka snapshots since the
branch wasn't passed over to the container execution!
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit f535d77090)
Nano is by default built as "tiny" with most features disabled.
That is suitable for basic tasks in routers with small flash.
Add a new nano-plus variant that enables selected additional
features in the build config:
* multiple files (multibuffer)
* Unicode/utf8
* justify
* .nanorc support
* help
* also some key bindings get enabled as "tiny" configure option
is removed.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 85cb71d8d8)
Remove paxctl stuff. pax is not packaged in OpenWrt.
Add reload support.
Install lua cfg file as 644. It's needed to be readable as prosody user
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit eb46e231cd)
Michael Heimpold