- Update haproxy PKG_VERSION and PKG_HASH
- This release includes a fix for an OOB write. The official notes
do not list a CVE entry but I guess there is a chance for
security implications
- See changes: http://git.haproxy.org/?p=haproxy-2.6.git;a=shortlog
Signed-off-by: Christian Lachner <gladiac@gmail.com>
llvm-bpf is not ready for generic usage, so use prebuilt llvm toolchain
provided by the rust project to speedup build (~1hour faster).
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Added new RustBinPackage, RustBinHostBuild wrapper.
Added new RUST_PKG_FEATURES flag.
Moved CARGO_HOME to STAGING_DIR_HOSTPKG.
Overrode default Build/Compile and Host/Compile to Cargo build.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
These tarball cannot be reused, so simply drop them.
Also move cargo config to a file instead of using echo command.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* raise max. timeouts from 10 to 30 seconds to stabilize the autodetection on slow hardware
* made interface trigger action configurable, set 'ban_triggeraction' accordingly (default: 'start')
* made E-Mail notifications configurable to receive status E-Mais with every banIP run,
set 'ban_mailnotification' accordingly (default: disabled)
* small fixes & optimizations
* readme update
Signed-off-by: Dirk Brenken <dev@brenken.org>
836b4e1c73 added
--force-removal-of-dependent-packages but it does not do what the commit
message says it does.
When package A depends on package B (package B is a dependency of
package A; package A is a dependent of package B), trying to remove
package B while package A is installed will result in an error. Adding
--force-removal-of-dependent-packages in this case will cause the
removal of package B and package A (package B's dependent).
But in the case of the CI testing step, it is package A that is being
installed and removed. Removing package A with
--force-removal-of-dependent-packages will not cause package B (package
A's dependency) to be removed.
This adds --autoremove to actually remove the package's dependencies.
This also ignores any errors returned by opkg remove as --autoremove can
sometimes falsely return an error[1].
[1]: https://github.com/openwrt/openwrt/issues/12241
Fixes: 836b4e1c73 ("github-ci: add --force-removal-of-dependent-packages")
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* fix cornercase issue with duplicate entries in black- and whitelist
* change cpbl source URL
* firewall redirects now blocks IPv4 and IPv6 (set family to "any")
Signed-off-by: Dirk Brenken <dev@brenken.org>
This package is a dependency of bleak. Building and installing this package via
pip on a router is not difficult and the build crashes when memory is
exhausted.
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
Includes fixes for:
* 1.20.1:
* CVE-2022-41722: path/filepath: path traversal in filepath.Clean on
Windows
* CVE-2022-41723: net/http: avoid quadratic complexity in HPACK
decoding
* CVE-2022-41724: crypto/tls: large handshake records may cause panics
* CVE-2022-41725: net/http, mime/multipart: denial of service from
excessive resource consumption
* 1.20.2:
* CVE-2023-24532: crypto/elliptic: specific unreduced P-256 scalars
produce incorrect results
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
After recent autotools update, rpcsvc-proto no longer
compiles without autoreconf fixup because automake 1.15
is not found.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
We need the host build of swig only.
And the binding uses libgensiocpp - not the plain
C library, so fix the dependency.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Now since pcre2 provides a host build, let's use it.
This is required for e.g. gensio package to provide
python bindings.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
zerotier as default has executable stack.
[ 11.343143] process '/usr/bin/zerotier-one' started with executable stack
executable stacks are not recommend, possibly provide a threat and there
seems to be no advantage of executable stack with zerotier-one - so let's
build it without instead.
Stack is executable on x86_64, but not on all archs, such as ramips.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Allow build of libjpeg as a static library as well;
one is provided for libpng and possibly for other
formats as well.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
This adds a host build which can be used later by tools,
e.g. swig - which in turn is used by gensio package to
provide python bindings.
While at, switch back from $(AUTORELEASE).
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Christian Lachner