Includes fixes for:
* CVE-2022-24675 - encoding/pem: stack overflow
* CVE-2022-28327 - crypto/elliptic: generic P-256 panic when scalar has
too many leading zeroes
This also adds -buildvcs=false to omit VCS information in Go programs.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 8c0477a895)
This reverts commit 0ce744202a.
Broken everywhere else. A better solution will need to be found.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 2784618ab5)
* add new 'hblock' compilation source (XL, see https://hblock.molinero.dev for reference)
* print runtime/date information in ISO-8601 standard format
* minor cleanups
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 51a5ec6069)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 86b8b30683)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 2c9c485822)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
The forecast plugin does not require the iptables binary, it uses
libiptc instead.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 6e132e74fd)
The connmark plugin does not require the iptables binary, it uses
libiptc instead.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 6cb15df69a)
Let's move the iptables IPsec dependencies out of the strongswan package
and into the plugin package that actually depends on it,
strongswan-mod-updown. As the default updown script calls the iptables
binary, also add a dependency on the iptables-legacy package.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 93fbbcbfee)
Enable AUTORELEASE in a separate commit so that the next commit can be
reverted without having to manually re-introduce it.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit cf1e146858)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Includes fixes for:
* Windows builds updated to bzip2 1.0.8 to mitigate CVE-2016-3189 and
CVE-2019-12900
* CVE-2022-26488: Escalation of privilege via Windows Installer
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit bed8dc2132)
Make sure /etc/gnunet and all its files and sub-directories are owned
by gnunet:gnunet. This is somehow necessary as file ownership otherwise
doesn't survive sysupgrade.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 65f5f850f3)
It seems that Turris guys is using this package in the Turris OS, where
it is used for reForis (simple, basic UI for users)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[replace Daniel as maintainer, add commit message]
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
(cherry picked from commit 2366b26813)
This helps in cases, when someone forgets to bump PKG_RELEASE
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 116c0d6c39)
It seems that Turris guys is using this package in the Turris OS, where
it is used for reForis (simple, basic UI for users)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[replace Daniel as maintainer, add commit message]
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
(cherry picked from commit 934a7e22cd)
The new version includes all previously locally backported patches.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 669e4a9542)
Remove backported patch which is now included in the upstream release.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit d7799595bd)
'uvol list' was broken when introducing support for the hidden volumes.
Fix that by not using 'continue' keyword to break the loop (as that
lead to skipping 'json_select ..') and using if-clause instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1337c44026)