GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style
diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.
https://nvd.nist.gov/vuln/detail/CVE-2019-13638
Signed-off-by: Russell Senior <russell@personaltelco.net>
Upstream project's behaviour of reporting this data source in range 0-1
is used by at least CentOS 7 collectd 5.8.1, very likely the same
behaviour is also in widely use by other distributions.
The change is important for providing consistent experience across
collectd deployments on different environments
Ref: https://github.com/collectd/collectd/pull/3244
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Makefile always checks the existence of host's NAT-PMP header,
which results in internal NAT-PMP code being used if it's missing.
Add a patch to make it check targets' header instead.
Use aligned_alloc() instead of valloc() in case of uclibc.
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
kcptun is a stable & secure tunnel based on kcp with N:M multiplexing.
https://github.com/xtaci/kcptun
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
Musl only specifies in/outb for x86/x86. Use the fallback path in case
musl is used.
This should fail compilation during the linking stage but for some reason
does not. Will do if -Werror=implicit-function-declaration is specified.
Fixed up license information.
Other small cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
If PATH contains space, like in WSL where you have also Windows dir, compilation of this package is broken.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* add extra options to control auto-addons to
blacklist & whitelist ('ban_autoblacklist' & 'ban_autowhitelist',
both enabled by default). If disabled auto-addons are only stored
temporary in the black/whitelist ipset but not in the list itself,
fixes#9631
* remove old, no longer needed procd workaround
* remove 'zeus' source from default config (discontinued)
Signed-off-by: Dirk Brenken <dev@brenken.org>
Signed-off-by: Dirk Brenken <dev@brenken.org>
* add missing dnsmasq dependency
* add a captive portal auto-login hook (configurable via uci/LuCI),
you could reference an external auto-login script - see readme
* provide an auto-login script for german ICE hotspots
(/etc/travelmate/wifionice.login), requires 'curl'
* small fixes
Signed-off-by: Dirk Brenken <dev@brenken.org>