Includes fix for CVE-2022-21716 (The Twisted SSH client and server
implementation naively accepted an infinite amount of data for the
peer's SSH version identifier.)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Both packages provide the same packages and should conflict to each
other.
Fixes:
```
Packages 'haproxy' and 'haproxy-nossl' do not conflict while providing same file: /usr/sbin/haproxy
Packages 'haproxy' and 'haproxy-nossl' do not conflict while providing same file: /etc/haproxy.cfg
Packages 'haproxy' and 'haproxy-nossl' do not conflict while providing same file: /etc/init.d/haproxy
```
They should not be installed side by side.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
- There should be shorter TITLE in Package/haproxy/Default
otherwise it is not shown
- No need to call Build/Prepare/Default
- Remove twice TITLE in non-SSL variant
- Make conffiles more clear
- Remove empty menu for halog
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Both packages provide the same files:
/usr/bin/chronyc
/usr/sbin/chronyd
/etc/chrony/chrony.conf
/etc/hotplug.d/iface/20-chrony
/etc/init.d/chronyd
They should not be installed side by side.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Both packages provides the same files:
- /usr/bin/u2boat
- /usr/bin/u2spewfoo
- /usr/bin/snort
- /etc/init.d/snort
- /etc/config/snort
So they should be in conflict.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Fix the following build failures by adding the missing dependencies:
Package strongswan-mod-connmark is missing dependencies for the following libraries:
libip4tc.so.2
Package strongswan-mod-forecast is missing dependencies for the following libraries:
libip4tc.so.2
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
added patch with following features:
- forces table family always to inet instead of ip or ip6.
- force fw4 table using
- change default chain names for fw4
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
fixes error: format not a string literal and no format arguments [-Werror=format-security] during compile
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
- Patch had became obsolete, it's contents were merged to upstream. Patch removed.
- Version updated, long list of changes is available at https://github.com/containers/podman/releases
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Following recent dependency rework, we can switch
between iptables-legacy and iptables-nft, and they both
PROVIDES iptables. Make it easier for user that want/need to
stick to firewall3/iptables-legacy to do so.
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
It will be mostly implemented with ucode templates installed at
/usr/share/ss-rules and called from init script. The generated nftables
rules will be stored at /etc/nftables.d/
Incompatible changes were introduced as described in the README.md file
- Netfilter ipset was replaced with nftables sets
- UCI options ipt_args and dst_forward_recentrst of section ss_rules
are now deprecated. The former does not apply to nftables. The
later not yet implemented with nftables.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
ss-rules with iptables needs presence of netfilter nat table to work.
ss-rules works before without explicitly requesting it as a dependency
because it's present by default on a pre-firewall4/nftables OpenWrt
install. We request it explicitly now to make life easier in case
people would like to try ss-rules/iptables on firewall4/nftables enabled
OpenWrt system
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Provide group read, write and execute permissions for /dev/dvb, otherwise
adapters will not be accessible from tvheadend.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>