mirror
/
openwrt-packages
mirror of https://git.openwrt.org/feed/packages.git
1
0
Fork 0
Code Releases Activity
openwrt-packages/lang
History
Hirokazu MORIKAWA 658621bf5e node: bump to v16.17.1 
The following CVEs are fixed in this release:
* CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
    * Insufficient fix for macOS devices on v18.5.0
* CVE-2022-32222: Node 18 reads openssl.cnf from /home/iojs/build/ upon startup on MacOS (Medium)
* CVE-2022-32213: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)
    * Insufficient fix on v18.5.0
* CVE-2022-32215: HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)
    * Insufficient fix on v18.5.0
* CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)
* CVE-2022-35255: Weak randomness in WebCrypto keygen
More detailed information on each of the vulnerabilities can be found in September 22nd 2022 Security Releases blog post.

llhttp updated to 6.0.10
llhttp is updated to 6.0.10 which includes fixes for the following vulnerabilities.
* HTTP Request Smuggling - CVE-2022-32213 bypass via obs-fold mechanic (Medium)(CVE-2022-32213 ): The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
* HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215): The llhttp parser in the http module does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
* HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)(CVE-35256): The llhttp parser in the http does not correctly handle header fields that are not terminated with CLRF. This can lead to HTTP Request Smuggling (HRS).

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
 		2022-10-05 23:28:49 +02:00
..
chicken-scheme chicken-scheme: add conflict and small Makefile polishing 2022-03-16 19:39:59 -07:00
cqueues cqueues: add cqueues(rel-20200726) to feeds 2022-02-14 17:25:51 -08:00
dkjson
erlang erlang: workaround LibreSSL-3.5.0 compat issues 2022-07-23 12:45:10 -07:00
golang golang: Update to 1.18.4 2022-07-18 17:35:11 +08:00
json4lua
ldbus
linotify lang: linotify: add lua bindings for inotify 2020-09-14 16:48:19 +00:00
lpeg lpeg: update to 1.0.2 2019-11-01 14:55:02 +08:00
lua-argparse lua-argparse: delete whitespace in makefile 2020-08-29 11:47:57 +07:00
lua-bencode
lua-bit32
lua-cjson treewide: back to cmake.mk 2021-06-12 21:05:01 -07:00
lua-copas
lua-coxpcall treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
lua-cs-bouncer lua-cs-bouncer: initial package 2022-02-14 17:26:16 -08:00
lua-curl-v3 lua-curl-v3: fix build on macos 2022-01-08 08:04:50 +01:00
lua-eco treewide: fix security issues by bumping all packages using libwolfssl 2022-10-04 00:58:29 -07:00
lua-ev treewide: back to cmake.mk 2021-06-12 21:05:01 -07:00
lua-libmodbus lang/lua-libmodbus: bump to 0.7 release 2021-03-15 16:03:22 +00:00
lua-lsqlite3
lua-lzlib
lua-md5 treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
lua-mobdebug
lua-mosquitto lua-mosquitto: Update to 0.4.1 2020-08-19 15:47:07 +00:00
lua-openssl lua-openssl: update to version 0.8.2-1 2022-05-26 20:39:30 -07:00
lua-penlight lang: lua-penlight: update to 1.13.1 2022-09-26 09:38:00 +00:00
lua-rings treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
lua-rs232 lua-rs232: don't rely on detected luadir 2021-08-11 17:47:30 -03:00
lua-sha2
lua-wsapi lua-wsapi: build each variant in its own dir 2021-10-15 23:02:07 -07:00
lua-xavante
luabitop
luaexpat luaexpat: update to 1.4.1 2022-05-11 17:47:58 -04:00
luafilesystem luafilesystem: clean up Makefile 2020-11-22 18:53:37 -06:00
luajit luajit: patch: PPC/e500 SPE: use soft float instead of failing 2022-08-06 10:34:58 -07:00
lualanes treewide: back to cmake.mk 2021-06-12 21:05:01 -07:00
luaossl luaossl: update to rel-20220711 2022-08-31 13:33:28 -07:00
luaposix luaposix: update to 35.1 2021-09-18 14:49:15 -07:00
luarocks treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
luasec treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
luasoap
luasocket luasocket: update to 3.0.0 2022-05-11 17:49:59 -04:00
luasql luasql: fix build on macos 2022-01-11 16:25:33 -08:00
luasrcdiet luasrcdiet: add package (moved from luci-base package) 2019-11-23 16:37:34 +01:00
luv treewide: back to cmake.mk 2021-06-12 21:05:01 -07:00
lyaml lyaml: fix build on macos 2022-01-29 13:31:55 -08:00
lzmq treewide: back to cmake.mk 2021-06-12 21:05:01 -07:00
node node: bump to v16.17.1 2022-10-05 23:28:49 +02:00
node-arduino-firmata node-arduino-firmata: Support for npm@8 2022-04-16 11:02:44 -07:00
node-cylon node-cylon: Support for npm@8 2022-04-16 11:02:14 -07:00
node-hid node-hid: Support for npm@8 2022-04-16 11:01:24 -07:00
node-homebridge node-homebridge: Support for npm@8 2022-04-16 11:00:54 -07:00
node-javascript-obfuscator node-javascript-obfuscator: Support for npm@8 2022-04-16 11:01:38 -07:00
node-serialport node-serialport: Support for npm@8 2022-04-16 11:01:53 -07:00
node-serialport-bindings node-serialport-bindings: Support for npm@8 2022-04-16 11:03:08 -07:00
node-yarn node-yarn: Support for npm@8 2022-04-16 11:01:06 -07:00
perl perl: add powerpc64 support 2022-03-02 16:30:32 -08:00
perl-ack perl-ack: Update to 3.6.0 2022-08-23 16:37:16 -07:00
perl-authen-sasl
perl-authen-sasl-xs treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
perl-cgi perl-cgi: Update to 4.54 2022-02-06 11:08:44 -07:00
perl-compress-bzip2 perl-compress-bzip: Update to 2.26 2019-10-05 12:22:01 -07:00
perl-dbi perl-dbi: update to 1.643 2020-03-19 15:38:23 -07:00
perl-device-serialport perl-device-serialport: fix build on macos 2022-01-18 18:10:18 -08:00
perl-device-usb treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
perl-encode-locale
perl-file-listing
perl-file-next perl-file-next: add new package 2021-05-28 22:38:29 +08:00
perl-file-rsyncp treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
perl-file-sharedir-install perl-file-sharedir-install: Update to 0.13 2019-10-05 12:22:02 -07:00
perl-html-form perl-html-form: update to 6.07 2020-03-19 15:39:48 -07:00
perl-html-parser perl-html-parser: update to 3.75 2021-01-18 20:53:33 -08:00
perl-html-tagset
perl-html-tree
perl-http-cookies perl-http-cookies: update to 6.08 2020-03-19 15:40:54 -07:00
perl-http-daemon perl-http-daemon: Update to 6.06 2019-10-05 12:22:03 -07:00
perl-http-date perl-http-date: update to 6.05 2020-03-19 16:03:58 -07:00
perl-http-message perl-http-message: update to 6.22 2020-03-19 15:42:08 -07:00
perl-http-negotiate
perl-http-server-simple perl-http-server-simple: Update to 0.52 2019-10-05 12:22:03 -07:00
perl-inline perl-inline: update to 0.86 2020-03-19 16:03:59 -07:00
perl-inline-c
perl-io-html
perl-lockfile-simple
perl-lwp-mediatypes perl-lwp-mediatypes: Update to 6.04 2019-10-05 12:22:04 -07:00
perl-mail-spamassassin perl-mail-spamassassin: update to version 3.4.6 2021-04-29 00:59:15 +01:00
perl-net-cidr-lite perl: add Net::CIDR::Lite for iptables-mod-geoip 2020-04-21 23:51:03 -06:00
perl-net-dns perl-net-dns: update to version 1.33 2022-03-18 23:47:14 +00:00
perl-net-http perl-net-http: Update to 6.19 2019-10-05 12:22:04 -07:00
perl-net-telnet
perl-netaddr-ip perl: add NetAddr::IP package 2021-01-03 00:17:50 +00:00
perl-parse-recdescent
perl-parse-yapp samba4: drop maintainership 2022-06-21 12:24:15 -06:00
perl-sub-uplevel perl-sub-uplevel: Update to 0.2800 2019-10-05 12:22:04 -07:00
perl-test-harness perl-test-harness: Update to 3.42 2019-10-05 12:22:04 -07:00
perl-test-warn perl-test-warn: Update to 0.36 2019-10-05 12:22:05 -07:00
perl-text-csv_xs perl-text-csv_xs: update to 1.47 2022-01-02 16:29:33 -07:00
perl-try-tiny perl-try-tiny: update to 0.31 2021-11-29 01:41:19 -08:00
perl-uri perl-uti: Update to 1.76 2019-10-05 12:22:05 -07:00
perl-www perl-www: add dependency on perl-try-tiny 2021-01-03 19:13:26 -05:00
perl-www-curl treewide: Run refresh on all packages 2021-02-20 16:02:15 -08:00
perl-www-mechanize perl-www-mechanize: update to 1.96 2020-03-19 15:44:48 -07:00
perl-www-robotrules
perl-xml-parser expat: don't build host libs 2021-10-19 13:16:18 -07:00
php8 php8: update to 8.1.11 2022-10-03 11:08:08 +02:00
php8-pecl-dio php7-pecl-dio: migrate package to php8-pecl-dio 2021-12-09 21:57:44 +01:00
php8-pecl-http php8-pecl-http: update to 4.2.2 2022-03-19 23:09:50 +01:00
php8-pecl-imagick php8-pecl-imagick: update to 3.7.0 2022-04-03 11:16:52 +02:00
php8-pecl-krb5 php7-pecl-krb5: migrate package to php8-pecl-krb5 2021-12-09 21:57:44 +01:00
php8-pecl-mcrypt php7-pecl-mcrypt: migrate package to php8-pecl-mcrypt 2021-12-09 21:57:44 +01:00
php8-pecl-raphf php7-pecl-raphf: migrate package to php8-pecl-raphf 2021-12-09 21:57:44 +01:00
php8-pecl-redis php8-pecl-redis: update to 5.3.7 2022-04-03 11:17:15 +02:00
php8-pecl-xdebug php8-pecl-xdebug: add package (refs 19424) 2022-09-24 09:50:28 +02:00
python python-stem: update to v1.8.1 2022-10-03 15:04:06 -07:00
ruby ruby: fix build with LibreSSL over v3.5 2022-07-23 19:19:12 -07:00
tcl tcl: fix build on macos 2022-01-29 08:19:54 -08:00
uuid
vala vala: update to version 0.56.0 (LTS version) 2022-03-28 20:47:35 -07:00