The variables can be empty if not set in the UCI config.
Reported-by: Petr Novák <petrn@me.com>
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
This bug was introduced since dd206b7d0b
mwan3_remon_ipv4 and mwan3_remon_ipv6 is command to run not a variable
I add some comments on them hopefully people will notice it
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
The Go compiler can now manage the build dependencies by itself, as
obfs4proxy has been ported to a Go module.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This adds several variables for Go package Makefiles:
* GO_PKG_GCFLAGS - go tool compile arguments
* GO_PKG_LDFLAGS - go tool link arguments
* GO_PKG_LDFLAGS_X - go tool link -X definitions
Settings these will add the corresponding flags to the go install
command line. (Other command line arguments can still be added by
passing them as the first argument to GoPackage/Build/Compile.)
This also adds Go's runtime environment variables (GOGC, GOMAXPROCS,
GOTRACEBACK) to the unexport list.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* fix a json related ressource leak
* add a reload trigger when the wireless config gets changed
* set an interface default 'trm_wwan' (like the LuCI frontend)
* reordered nested loops to optimize the connection handling
Signed-off-by: Dirk Brenken <dev@brenken.org>
Yggdrasil builds end-to-end encrypted networks with IPv6. Beyond the
similarities with cjdns is a different routing algorithm. This
globally-agreed spanning tree uses greedy routing in a metric space.
Back-pressure routing techniques allow advanced link aggregation bonding
on per-stream basis. In turn, a single stream will span across multiple
network interfaces simultaneously with much greater throughput.
Authored by: William Fleurant <meshnet@protonmail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>
- CVE-2019-3855
Possible integer overflow in transport read allows out-of-bounds write
- CVE-2019-3856
Possible integer overflow in keyboard interactive handling allows
out-of-bounds write
- CVE-2019-3857
Possible integer overflow leading to zero-byte allocation and out-of-bounds
write
- CVE-2019-3858
Possible zero-byte allocation leading to an out-of-bounds read
- CVE-2019-3859
Out-of-bounds reads with specially crafted payloads due to unchecked use of
`_libssh2_packet_require` and `_libssh2_packet_requirev`
- CVE-2019-3860
Out-of-bounds reads with specially crafted SFTP packets
- CVE-2019-3861
Out-of-bounds reads with specially crafted SSH packets
- CVE-2019-3862
Out-of-bounds memory comparison
- CVE-2019-3863
Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This one contains only a few CVEs + bugfixes.
* CVE-2019-8381 memory access in do_checksum() (#538)
* CVE-2019-8376 NULL pointer dereference get_layer4_v6() (#537)
* CVE-2019-8377 NULL pointer dereference get_ipv6_l4proto() (#536)
* Rename Ethereal to Wireshark (#545)
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Fixes: https://github.com/openwrt/packages/issues/8399
These 2 patches cause some breakage for other packages.
For now, we drop them and wait for upstream to finalize a fix.
We can live with deprecated SSL APIs for a while. No need to hurry, since
this doesn't seem to help.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
trafficshaper create QoS rules to limit (or reserve) traffic used
by classes of clients.
Uplink and downlink can be controled (or not controlled) independently.
Client classes are defined by its network addresses (IPv4 or IPv6). Each
client class can define absolute or relative (to wan) bandwith, and also
the use (or not) of spare wan bandwidth when avaiable.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Bug fixes and a security update of the bundled RubyGems:
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Peter Wagner
Hannu Nyman
Stuart B. Wilkins
Jeffery To
Toke Høiland-Jørgensen
Chen Minqiang
Daniel Engberg
Deng Qingfang
Toni Uhlig
Dirk Brenken
Brian J. Murrell
Philip Prindeville
Karel Kočí
William Fleurant
Paul Spooren
Lucian Cristian
Sebastian Kemper
Alexandru Ardelean
Josef Schlehofer
Luiz Angelo Daros de Luca
Eneas U de Queiroz
W. van den Akker