Maintainer: @blogic me
Compile tested: head r14241-ba2ddba, x86_64
Run tested: x86_64 (VirtualBox)
Description:
Addressed the build failure with node.js version 12.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Maintainer: @blogic me
Compile tested: head r14241-ba2ddba, x86_64
Run tested: x86_64 (VirtualBox)
Description:
Addressed the build failure with node.js version 12.
https://github.com/openwrt/packages/pull/12225
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Several security issures are addressed:
- CVE-2020-8620 It was possible to trigger an assertion failure by sending
a specially crafted large TCP DNS message.
- CVE-2020-8621 named could crash after failing an assertion check in
certain query resolution scenarios where QNAME minimization and
forwarding were both enabled. To prevent such crashes, QNAME minimization is
now always disabled for a given query resolution process, if forwarders are
used at any point.
- CVE-2020-8622 It was possible to trigger an assertion failure when
verifying the response to a TSIG-signed request.
- CVE-2020-8623 When BIND 9 was compiled with native PKCS#11 support, it
was possible to trigger an assertion failure in code determining the
number of bits in the PKCS#11 RSA public key with a specially crafted
packet.
- CVE-2020-8624 update-policy rules of type subdomain were incorrectly
treated as zonesub rules, which allowed keys used in subdomain rules to
update names outside of the specified subdomains. The problem was fixed by
making sure subdomain rules are again processed as described in the ARM.
Full release notes are available at
https://ftp.isc.org/isc/bind9/9.16.6/doc/arm/html/notes.html#notes-for-bind-9-16-6
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
Drops pid files, no longer needed with procd management.
Now properly reloads on reload_config after UCI changes.
Signed-off-by: Karl Palsson <karlp@etactica.com>
[ Fixed two shellcheck warnings and bump PKG_RELEASE ]
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
The openfortivpn routes are a bit different than the standard ppp
routes so we need to handle them with a custom ppp-up script.
Gateway should not be set, and src should be set to the PPP local ip
address.
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>