This commit updates Boost to version 1.59, released in the 13th of August of 2015 [1].
- The new version adds two new template libraries, Convert [2] and CoRoutine2 [3].
- [Warning]-> CoRoutine2 library absolutly requires a C++14 compiler.
- patch 001-mips-options-fix.patch was removed, since it is already incorporated upstream.
[1] - http://www.boost.org/users/history/version_1_59_0.html
[2] - http://www.boost.org/libs/convert/
[3] - http://www.boost.org/libs/coroutine2/
Signed-off-by: Carlos Ferreira <carlosmf.pt@gmail.com>
When only strongswan-minimal is selected, libtls.so will not be built
yet package strongswan will still try to copy the file causing build
failure.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This is a bug and security fix release, including:
- CVE-2015-3900 Request hijacking vulnerability in RubyGems 2.4.6 and earlier
http://svn.ruby-lang.org/repos/ruby/tags/v2_2_3/ChangeLog
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
It's better to install setuptools-enabled Python packages with a special
flag that makes a flatter structure of the egg and does not create
site.py file. Already done for python-pip recently. Also, version was
bumped to 18.1.
Signed-off-by: Jan Čermák <jan.cermak@nic.cz>
error reported by buildbot, replicated locally:
wave.c:(.text+0x8e4): undefined reference to `__builtin_bswap16'
It seems that gcc builtin function is not working for mips64
according to
https://gcc.gnu.org/ml/gcc-patches/2014-01/msg00551.html
bswap patterns only work in >4.8 so the compiler
check in wave.c seems inconsistent across different archs
as octeon has gcc 4.6
make it require gcc >=4.8
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
PIP's installation procedure was too complicated, requiring obscure
postinstall and prerm scripts to move files created by setup procedure.
But since setuptools is required anyway, it's better to use a special
flag created for the purpose of package creation. Resulting directory
structure is flatter and unnecessary files that had to be moved by
prerm/postinstall scripts are not created anymore.
Signed-off-by: Jan Čermák <jan.cermak@nic.cz>
Update vsftpd to 3.0.3 released in July 2015.
Changelog: https://security.appspot.com/vsftpd/Changelog.txt
Release blog: http://scarybeastsecurity.blogspot.fi/2015/07/vsftpd-303-released-and-horrors-of-ftp.html
- Increase VSFTP_AS_LIMIT to 200MB; various reports.
- Make the PWD response more RFC compliant; report from Barry Kelly
<barry@modeltwozero.com>.
- Remove the trailing period from EPSV response to work around BT Internet
issues; report from Tim Bishop <tdb@mirrorservice.org>.
- Fix syslog_enable issues vs. seccomp filtering. Report from Michal Vyskocil
<mvyskocil@suse.cz>. At least, syslogging seems to work on my Fedora now.
- Allow gettimeofday() in the seccomp sandbox. I can't repro failures, but I
probably have a different distro / libc / etc. and there are multiple reports.
- Some kernels support PR_SET_NO_NEW_PRIVS but not PR_SET_SECCOMP, so handle
this case gracefully. Report from Vasily Averin <vvs@odin.com>.
- List the TLS1.2 cipher AES128-GCM-SHA256 as first preference by default.
- Make some compile-time SSL defaults (such as correct client shutdown
handling) stricter.
- Disable Nagle algorithm during SSL data connection shutdown, to avoid 200ms
delays. From Tim Kosse <tim.kosse@filezilla-project.org>.
- Kill the FTP session if we see HTTP protocol commands, to avoid
cross-protocol attacks. A report from Jann Horn <jann@thejh.net>.
- Kill the FTP session if we see session re-use failure. A report from
Tim Kosse <tim.kosse@filezilla-project.org>.
(vsftpd-3.0.3pre1)
- Enable ECDHE, Tim Kosse <tim.kosse@filezilla-project.org>.
- Default cipher list is now just ECDHE-RSA-AES256-GCM-SHA384.
- Minor SSL logging improvements.
- Un-default tunable_strict_ssl_write_shutdown again. We still have
tunable_strict_ssl_read_eof defaulted now, which is the important one to prove
upload integrity.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Several patches here and pull requests at the upstream github project
page were merged into the devel branch. Switch to that until the next
stable release.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This change aims to address the following 2 issues
- The control file was there yet xl2tpd process was not
- The control file's existence prevented xl2tpd from start
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
L2TP with xl2tpd has no proto_task in the context of netifd and because
of this there is no valid $ERROR to check for when doing tearing down.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Jo-Philipp Wich
Dirk Neukirchen
Jacob Siverskog
Jonas Gorski
Alexandru Ardelean
Ted Hess
cmf
Steven Barth
Yousong Zhou
Luiz Angelo Daros de Luca
Rafał Miłecki
Jan Čermák
Hannu Nyman
Luka Perkov
heil
Toke Høiland-Jørgensen
Noah Meyerhans