- CVE-2019-3855
Possible integer overflow in transport read allows out-of-bounds write
- CVE-2019-3856
Possible integer overflow in keyboard interactive handling allows
out-of-bounds write
- CVE-2019-3857
Possible integer overflow leading to zero-byte allocation and out-of-bounds
write
- CVE-2019-3858
Possible zero-byte allocation leading to an out-of-bounds read
- CVE-2019-3859
Out-of-bounds reads with specially crafted payloads due to unchecked use of
`_libssh2_packet_require` and `_libssh2_packet_requirev`
- CVE-2019-3860
Out-of-bounds reads with specially crafted SFTP packets
- CVE-2019-3861
Out-of-bounds reads with specially crafted SSH packets
- CVE-2019-3862
Out-of-bounds memory comparison
- CVE-2019-3863
Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Revert the addition of build dependency in commit 2d1694ff7
to a non-existent host build of zlib.
The host build of zlib was removed already in April 2018 by
8dcd941d8b (diff-1ed408c61d79f9c6c5d197333e94ce8d)
which made zlib a build tool defined in /tools
The newly introduced build dependency causes always a warning like:
WARNING: Makefile 'package/feeds/packages/postgresql/Makefile'
has a build dependency on 'zlib/host', which does not exist
Not sure what was the error that 2d1694ff7 tried to fix,
but reference to a non-existent host build is not the solution.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
With crypt(3) password storage scheme enabled, OpenLDAP can receive and
store SHA-256 and SHA-512 password hashes from Samba AD-DC. Without
crypt(3), synchronization of passwords between Samba AD-DC (v4.5 and
above) and OpenLDAP requires use of cleartext passwords.
To use password hashes from Samba, OpenLDAP must be compiled with
--enable-crypt switch. This patch introduces a new configuration
parameter to enable the use of crypt(3) function by OpenLDAP.
Enabling crypt(3) increases the size of slapd binary by 12 bytes on
the x86_64 target and by only 4 bytes on the ipq806x target.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
If the cpp lib is added after pcre is first compiled, pcre will
not be reconfigured and the build will fail.
Fix this by always building the cpp parts.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
spotted on buildbot trying postgresql/host build:
configure: error: zlib library not found
Fix this by adding zlib/host to HOST_BUILD_DEPENDS.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Release 0.37.0 was not actually released. From the git log, there are
two functional changes about optimization by using float points directly
Bump version to 0.38.0
pixman: Use maximum precision for pixman-bits-image, v2.
Implement floating point gradient computation, v2.
build: Add meson files to EXTRA_DIST
editorconfig: use tabs for Makefiles
Merge remote-tracking branch 'origin/master'
Post release version bump to 37.1
gitlab-ci: Add meson build to pipeline test
meson: Add a meson build system
Add .editorconfig file
Bump version to 0.36.0
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This fixes compilation with glibc and uClibc for the included
sample programs as reported by builtbots for e.g. arc target:
-snip-
In file included from ../../upnp/inc/upnp.h:402:0,
from common/sample_util.h:49,
from common/sample_util.c:42:
../../upnp/inc/FileInfo.h:22:2: error: #error libupnp uses large file support, so users must do that, too
#error libupnp uses large file support, so users must do that, too
^~~~~
Makefile:577: recipe for target 'common/tv_ctrlpt-sample_util.o' failed
-snap-
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
libcgroup also contains cgroup-utils, which make it very handy to work
with user defined cgroups settings.
It let's you define cgroups in a json like config file and execute them on the cmdline.
Example:
/etc/cgroup.conf:
----------------
group lowbob {
cpu { cpu.shares="1"; }
cpuacct { cpuset.cpu = "0" }
memory { memory.limit_in_bytes = 10m; }
blkio { ... }
...
}
----------------
cgconfigparser -l /etc/cgroup.conf
cgexec -g cpu,memory,blkio:/lowbob cpuintense-task
Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
This commit fixes the bug described in issue #8146 [1], where the
package fails to build if the boost package is selected without
selecting any of the internal non-header-only libraries.
[1]: https://github.com/openwrt/packages/issues/8146
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
Disabled doc and valgrind tests to speed up compilation.
Added --disable-ld-version-script to reduce compiled size.
Added -Wl,--gc-sections to reduce compiled size.
From 28339 to 27700 bytes.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Disable debug to save some space: 163689 vs. 155034 bytes.
Add -Wl,--gc-sections. Down to 138627 bytes.
Miscellaneous cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Remove patches 001-fix-unused.patch and 002-replace-nitems.patch,
similar fixes to make libudev-fbsd compile were applied upstream.
Refresh remaining patches.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The inline if statement does not work correctly. Moved it to a more proper place.
Also changed the install to install the symlinks as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Instead of libextractor-1.8.tar.gz, the SHA-256 sum of
libextractor-1.8.tar.gz.sig was entered by accident.
Fix that.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Reduces package size
175705 to 162704 bytes on mt7621
Also removed NTLM auth support. Brings size down to 161433
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Update to 0.9.62
Various cosmetic changes to Makefile
Fix variants and default to no ssl variant
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>