This release fixes some bugs and these vulnerabilities:
* CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
* CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
* CVE-2021-31799: A command injection vulnerability in RDoc
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
For now, disable mqtt as it was automatically enabled as the build
system finds compiled libpaho-mqtt-c and requires dependency.
---
Here is the output:
Package syslog-ng is missing dependencies for the following libraries:
libpaho-mqtt3c.so.1
---
This is a new feature since syslog-ng 3.33.1 and if anyone is interested
in it, it can be enabled.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
- Release notes:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.33.1
- Bump version in config
It fixes:
WARNING: Configuration file format is too old, syslog-ng is running in compatibility mode. Please update it to use the syslog-ng 3.33 format at your time of convenience. To upgrade the configuration, please review the warnings about incompatible changes printed by syslog-ng, and once completed change the @version header at the top of the configuration file; config-version='3.31'
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
The commit updating the seccomp filter didn't bump PKG_RELEASE.
Do that now.
Fixes: 1141ee1e5 ("transmission: add new syscalls to seccomp filter)"
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Testing showed that additional syscalls are needed on ARMv7.
Add "getegid32", "geteuid32", "getgid32" and "getrandom" as they are
all innocent.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Using GPT/UUID parition table is not always a possible choice.
Add support for MBR/DOS partitioned disks to make autopart work on
legacy targets like mt7623.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
By default, there was used sks-keyservers.net pool, which has invalid
SSL certificate and they also announced that their service is deprecate
and no longer maintained.
Use the same GPG server as LXC is using by default in the newer
releases.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
555268b ubus: filter neighbors by SSID when preparing nr
3db9607 data storage: match SSID when searching ap entry
a22f5a7 storage: ensure SSID strings are NULL-terminated
Signed-off-by: Nick Hainke <vincent@systemli.org>
configure.in checks for "ARMv8 CRC32C intrinsics" and goes as far as
adding "-march=armv8-a+crc" to the target flags if the compiler allows
it. This can clash with the OpenWrt target flags in
CONFIG_TARGET_OPTIMIZATION. If for example the latter is set to
"-mcpu=cortex-a9" the following warning is issued:
cc1: warning: switch '-mcpu=cortex-a9' conflicts with '-march=armv5t' switch
This commit prevents configure.in from adding the mentioned flag. The
addition is unwanted when cross-compiling.
An issue was raised for this recently, see [1].
[1] https://github.com/openwrt/packages/issues/16034
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
To allow cross matching bssids between different exporters we need to
use the same case, as label matching is case senstive.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
There was a corner case, when a vif had no stations, that
evaluate_metrics for a station that was nil and had no collected metrics
would have been called.
Comment the code, to make it easier to understand and follow, and
simplify some variable names along the way.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
Normalizes metrics according to the Prometheus upstream metric
guidelines available at https://prometheus.io/docs/practices/naming/.
Drops the `hostapd_station_wpa` metric, because it is misleading, as it
is not a differentiator between WPA versions, like one could be led to
assume.
Exposes more flags in a more consistent manner. Their metric was
previously only exposed if the flag was present, but not if it wasn't.
The same applies issue was fixed with regards to vht caps.
After this commit the following breaking changes are in place:
- All flags have been moved below `hostapd_station_flags_$flagname`:
- `hostapd_station_ht` is now `hostapd_station_flag_ht`
- `hostapd_station_mfp` is now `hostapd_station_flag_mfp`
- `hostapd_station_vht` is now `hostapd_station_flag_vht`
- `hostapd_station_wmm` is now `hostapd_station_flag_wmm`
- New flags have been exposed:
- `hostapd_station_flag_he` for high-efficency connections
- `hostapd_station_flag_short_preamble` for short preamble connections
- `hostapd_station_flag_auth` for authentication state
- `hostapd_station_flag_assoc` for association state
- Some metrics have had their unit normalized to the SI base unit or
embedded into the metrics name:
- `hostapd_station_inactive_msec` is now
`hostapd_station_inactive_seconds`, the value is still float64 and
as such has enough precision anyway, but becomes easier to reason
about
- `hostapd_station_connected_time` has been renamed to
`hostapd_station_connected_seconds_total` so the unit, as well as
the nature of the counter is reflected
- `hostapd_station_signal` now includes its unit and is therefore
named `hostapd_station_signal_dbm`
- The packet counter metrics have been normalized to what the node
exporter uses, so it is more in line with the defaults in the
Prometheus ecosystem:
- `hostapd_station_rx_packets` is now
`hostapd_station_receive_packets_total`
- `hostapd_station_rx_bytes` is now
`hostapd_station_receive_bytes_total`
- `hostapd_station_tx_packets` is now
`hostapd_station_transmit_packets_total`
- `hostapd_station_tx_bytes` is now
`hostapd_station_transmit_bytes_total`
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
An empty line has a name and value that is nil and setting a table
index to nil breaks metrics for every vif after the first one.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>