fixes:
* path traversal vulnerability in mod_http_files (CVE-2016-1231)
* use of weak PRNG in generation of dialback secrets (CVE-2016-1232)
Signed-off-by: heil <heil@terminal-consulting.de>
- add support for "hostip" to get_registered_ip() as alternative to "Bind host" package https://dev.openwrt.org/ticket/20893#comment:5
- allow to send updates using compiled-in certificate file/path of curl/wget #2242#2243#2245
- add support for uclient-fetch / libustream-ssl.so
- remove /128 prefix-filter in get_local_ip() via interface #2268
- add dyndns.org to services_ipv6 https://forum.openwrt.org/viewtopic.php?id=62103
- readd duckdns.org to services #2251 (lost somewhere in data heaven)
- add zzzz.io service #2302
- updated tld_names.dat
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Import cifs-utils from old packages:
* update to 6.4
* add upstream patch to fix builds with musl
* add license information
* add myself as maintainer
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Building both variants improperly tried to include the passwd utility
for the non-ssl variant, as the variable was set for the ssl variant.
Use properly separated install tasks to install additional files, rather
than hacking around inside the single target.
Signed-off-by: Karl Palsson <karlp@remake.is>
Many users of the SSL build of mosquitto need the passwd utility for
managing keys.
Fixes github issue #1909
Signed-off-by: Karl Palsson <karlp@remake.is>
This is necessary when there are multiple records for the same domain,
otherwise the script will overwrite the first one returned by the API.
It has the secondary benefit of allowing faster updates by performing
only one API call instead of two.
In case 'rec_id' is not set the script behaves exactly as before.
Signed-off-by: Leonardo Brondani Schenkel <leonardo@schenkel.net>
Signed-off-by: Patrick Grimm <patrick@lunatiki.de>
Acked-by: Othmar Truniger <github@truniger.ch>
[Squashed patches from PR into single one, bump PKG_RELEASE]
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
I guess these were left since some initial OVS package versions.
They were fine up until recently.
Some of the build artifacts got a little messy and thus the
OpenWRT OVS package got a little messy.
This cleans it up a bit.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* upstream to Radicale 1.1
* new "boot_delay" option (default 10 seconds) to wait for interfaces to come up before hotplug restarts are enabled.
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Most patches for 4.1 are no longer needed, only a minor patch to fix a
missing WAIT_ANY constant. 2.5.0 depends on nf_conntrack (ipv4 and ipv6)
Signed-off-by: Jeroen van Bemmel <jvb127@gmail.com>
Added dy.fi dynamic dns provider into ddns-scripts (ipv4) services file.
Tested-by: Vaasa Hacklab ry <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>
Whenever we ship fixed libopenssl binaries in DD, the Freeradius daemon fails
at startup because it detects a mismatch of the build time and runtime OpenSSL
version.
Since our OpenSSL updates for DD are ABI compatible we do not need or even want
this superflous check. Removing it saves us the effort to rebuild Freeradius
after every OpenSSL version bump.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Added dy.fi dynamic dns provider into ddns-scripts (ipv4) services file.
Tested-by: Vaasa Hacklab ry <info@vaasa.hacklab.fi>
Signed-off-by: Sami Olmari <sami@olmari.fi>
https://rsync.samba.org/security.html#s3_1_2:
If you're using a version of rsync older than 3.1.2 as a client and
receiving files from an rsync server that you might not fully trust,
this version adds extra checking to the file list to prevent the sender
from tweaking the paths and/or the transfer requests in a way that could
cause a file to be received outside the transfer destination.
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>