Missing input validation of host names returned by Domain Name Servers
in the c-ares library can lead to output of wrong hostnames (leading to
Domain Hijacking).
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2021-3672 to this issue.
References: https://c-ares.haxx.se/adv_20210810.html
Signed-off-by: Petr Štetiar <ynezz@true.cz>
With a clean build environment and at least two parallel jobs
a compilation error may occur:
...
-- Looking for uv/version.h - found
libubox include dir: ULOOP_INCLUDE_DIRS-NOTFOUND
libubox libraries: ULOOP_LIBRARIES-NOTFOUND
...
CMake Error in lib/event-libs/uloop/CMakeLists.txt:
Found relative path while evaluating include directories of
"websockets-evlib_uloop":
"ULOOP_INCLUDE_DIRS-NOTFOUND"
...
Signed-off-by: Ronny Kotzschmar <ro.ok@me.com>
Use newly introduced procd_add_restart_mount_trigger to make sure
postmaster gets started only once PGDATA becomes available.
Relocate socket directory to /var/lib/postgresql to make it possible
to run postgresql inside a ujail.
Use signal for shutdown, so it works nicely with jail.
Allow multiple script in UCI 'config postgres-db' to be a list and
run them in order listed.
User more silent methods to check for db or role existence and make
it easy to create several databases owned by the same user by passing
the same credentials multiple times.
Remove disfunctional reload handler.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
'cp' fails with a text file busy error if it tries to overwrite an
executable file that is running. 'install' unlinks the file first, so
it will not cause the problem.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Missing input validation of host names returned by Domain Name Servers
in the c-ares library can lead to output of wrong hostnames (leading to
Domain Hijacking).
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name CVE-2021-3672 to this issue.
References: https://c-ares.haxx.se/adv_20210810.html
Signed-off-by: Petr Štetiar <ynezz@true.cz>
368014b8 Bump version number to v1.44.0, LT revision to 34:2:20
fa16e66a nghttpx: Fix max distance in weight group/address cycle comparison
40af31da nghttpx: Set connect_blocker and live_check after shuffling addresses
9e6c0685 Fix build failure
ebad3d47 Port new ngtcp2 map implementation
d4fd0681 Bump llhttp to 6.0.2
43a47aa0 Do not return HPE_USER from where it is prohibited
20079b4c Update bash_completions
2aeec770 Update manual pages
cef458c3 Replace black-list with block-list
617a5766 Replace master with main
f1d67335 Initialize Config rps field
5f3bcb1f Add precious variables for libev and jemalloc and use JEMALLOC_CFLAGS
b419bfd9 Remove unused field
e406a2c1 Update doc
962a75c4 Merge pull request #1559 from nghttp2/h2load-rps
6cdc13d6 h2load: Add --rps option
92944f78 h2load: Allow unit in -D option
276792a8 Remove unnecessary function
579fa6ea Add more --with-* configure flags
2f2b2117 Add LIBTOOL_LDFLAGS configure variable
88a3cb51 Bump llhttp to 4.0.0
40679cf6 Merge pull request #1553 from nghttp2/nghttpx-fix-accesslog-method
5b587e85 Merge pull request #1550 from jktjkt/docs-asio-fix-typos
50a1121d nghttpx: Remove trailing white space after $method log variable
3239c5ef Bump up version number to v1.44.0-DEV
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Remove both patches as they have been upstreamed.
This new release is only available on Github and does not ship configure
or Makefile, so autoreconf is needed.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
uloop is always available on OpenWrt, so build in LWS's uloop support by
default. Size difference of .ipk is 683 bytes, or about 0.5%.
No known applications use this at present, but it seems better to
proactively offer it.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Initial draft PR is:
https://github.com/openwrt/packages/pull/11894
This one is a bit more complete, and follows packaging practices.
For now, disabling builds on ARC and PowerPC. Will require more work to get
them going.
Explicitly disabling OpenMP support, so that it doesn't get picked by
accident.
Later we may use the `CPU_TYPE` parameter to tweak things a little further.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
❯ alsamixer
ALSA lib conf.c:827:(get_char_skip_comments) Cannot access file /usr/share/alsa/ctl/default.conf
ALSA lib conf.c:1994:(_snd_config_load_with_include) _toplevel_:61:26:No such file or directory
ALSA lib conf.c:4040:(config_file_open) /usr/share/alsa/cards/aliases.conf may be old or corrupted: consider to remove or fix it
ALSA lib conf.c:3962:(snd_config_hooks_call) function snd_config_hook_load returned error: No such file or directory
ALSA lib control.c:1481:(snd_ctl_open_noupdate) Invalid CTL cards.ctl.default
cannot open mixer: No such file or directory
Signed-off-by: Javier Marcet <javier@marcet.info>
This backports an upstream fix for the following warning:
Warning: Unparsable number `xu \b, dcrypt version %d'
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Notable changes:
* Use toml as new default storage backend:
Upstream has removed the ini plugin, we have been using in the
past. toml is still somewhat experimental, but upstream has
designated it as future recommended default.
* Remove the dependency on boost. The only plugin needing that has
been removed upstram.
* Enable plugins for libev and libuv event loop integration. This
adds two new packages with the respective dependencies.
Upstream has fixed the bugs preventing us from using this.
* Enable the internal notification plugin/system. This allows
applications to automatically receive notifications about changes
to their configuration. Again upstream fixing bugs enables this
for us.
* Set the environment variable $XDG_CACHE_HOME to "/tmp/" globally
to prevent elektra (and possibly other applications) from
writing temporary data to flash.
Signed-off-by: Harald Geyer <harald@ccbib.org>
Python supports both GNU dbm and Berkley DBM.
GNU dbm also has a compatibility layer for Berkeley.
The current Berkley DB in OpenWrt is 4.7 and hasn't been updated in ages.
It's also pretty big.
So, an alternative for Python is to use GNU dbm for both (GNU and Berkley).
Also, removing static shared libraries from the build, to encourage the
usage of the shared ones.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Switch to AUTORELEASE for simplicity.
Disable parallel compilation as there's something wrong with NSS' build
system. Reliably fails with make -j 12 on a ryzen 3600.
Signed-off-by: Rosen Penev <rosenp@gmail.com>