gammu: Fix build under 64-bit targets.
There's a faulty suffix variable that points to the wrong place.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
bf42426e4a5fbc6c873e027ed92f6e)
This is causing linking errors on i386 and ppc.
Also removed custom warnings an optimization levels that override stock
settings.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from ecb4fcca0c)
Update commit 3d59ce6f50 ("lighttpd: update to 1.4.48") resulted in
plain auth regression: it simply stopped working with:
(mod_auth.c.525) password doesn't match for (...)
appearing on every authentication try.
This regression was fixed in 1.4.49 release. Backport the fix instead of
updating to the 1.4.49 to avoid risking more/other regressions.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 4cc0c88713)
Not all interfaces may have been allocated address at nlbwmon startup so
it may not collect statistics as expected/configured.
Add interface triggers to catch dhcp events and restart as required.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 662d3f16d2)
Even on a powerful platform a nlbwmon process'
activities are sometimes affecting throoughput and
latency. This is a backgroud process, that should not
be running with default priority.
Even if it is a little deplayed, that is not a worry in
this case. The routing should be the main priority,
bandwidth stats collection can wait a bit.
Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
(cherry picked from commit 9b3ecbd64a)
Update to latest Git HEAD in order to solve a number of issues.
- Improves MAC address lookup reliability
- Properly counts DNAT-ed connections (e.g. for port forwards)
- Fixes stack corruption when parsing netlink records
- Fixes deletion of gzipped databases
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 70858690c0)
Define package config files to preserve
/usr/share/nlbwmon/protocols across sysupgrade
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
(cherry picked from commit 2305de5f2e)
- CVE-2019-3855
Possible integer overflow in transport read allows out-of-bounds write
- CVE-2019-3856
Possible integer overflow in keyboard interactive handling allows
out-of-bounds write
- CVE-2019-3857
Possible integer overflow leading to zero-byte allocation and out-of-bounds
write
- CVE-2019-3858
Possible zero-byte allocation leading to an out-of-bounds read
- CVE-2019-3859
Out-of-bounds reads with specially crafted payloads due to unchecked use of
`_libssh2_packet_require` and `_libssh2_packet_requirev`
- CVE-2019-3860
Out-of-bounds reads with specially crafted SFTP packets
- CVE-2019-3861
Out-of-bounds reads with specially crafted SSH packets
- CVE-2019-3862
Out-of-bounds memory comparison
- CVE-2019-3863
Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
When the server hostname resolved to both IPv4 and IPv6 addresses,
connecting would fail with nothing in syslog. This corrects that oversight.
Originally signedoffby: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
cherry picked from ca56324
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
A remote code execution vuln has been found in sqlite. Infos available
here:
https://blade.tencent.com/magellan/index_en.html
sqlite 3.26.0 contains the fix.
This commit also changes source URL to https. It also adds a depend on
zlib, which is now required.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This bumps libtiff's minor version from 9 to 10. In addition to the CVE
fixes that we already included this fixes:
CVE-2017-17095
CVE-2018-17101
CVE-2018-18557
The update is 100% backwards compatible, no symbol changes.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Debian uses libxml2 2.9.4 in Stretch. This adds their security related
fixes from 2.9.4+dfsg1-2.2+deb9u2 to LEDE's 17.01 release.
Fixed CVEs:
CVE-2016-4658
CVE-2016-5131
CVE-2017-0663
CVE-2017-15412
CVE-2017-7375
CVE-2017-7376
CVE-2017-9047
CVE-2017-9048
CVE-2017-9049
CVE-2017-9050
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Backport Rosen's commit in master to 17.01 to address open CVEs. This
fixes:
CVE-2017-11613
CVE-2018-5784
CVE-2018-7456
CVE-2018-8905
CVE-2018-10963
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This update includes fixes for the following CVEs:
- CVE-2018-1053
- CVE-2018-1058
- CVE-2018-10915
- CVE-2018-10925
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
I got into troubles to be behind a proxy and my build then fails
because it cannot connect to git://github.com urls
To avoid such problems for others I think it is useful to replace
them for the whole repo. This changes make it work for me again.
Signed-off-by: Matthias Kesler <krombel@krombel.de>
If we're built with CONFIG_LIGHTTPD_SSL then mod_openssl.so should
be included into the base package. Fixes issue #5343.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
This release includes some bug fixes and some security fixes.
* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems
There are also some bug fixes
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
All of the bugs for which we had patches have been fixed upstream
in 1.4.46, so the patches can be dropped.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Conflicts:
net/lighttpd/Makefile