Stan Grishin [Sun, 18 Jul 2021 19:45:27 +0000 (19:45 +0000)]
vpnbypass: updates to 1.3.2-1
bugfix: domain names bypass
rename config file
update Makefile
updated README link
updated shellcheck compatibility
support for 21.02.0-rc2 and later
updated code for interface triggers
add newline to test.sh
George Iv [Mon, 19 Jul 2021 12:46:16 +0000 (15:46 +0300)]
yggdrasil: bump to 0.4.0
- Bump yggdrasil-go version to v0.4.0
- Update ygguci tool for compatibility with the new yggdrasil-go version
- Yggdrasil's config file is now generated in a separate command before running the daemon
This patch is causing several issues [1], which then were reported to
upstream [2] and it was not accepted by upstream [3]. This results that
nobody maintain this custom patch and it is not useful as it is changing
addr_is_reserved behavior.
Sebastian Kemper [Sat, 17 Jul 2021 12:03:40 +0000 (14:03 +0200)]
sane-backends: use macros (properly), remove chmod
- use $(INSTALL_DIR) instead of mkdir
- using $(INSTALL_CONF) and then running chmod is pointless, use
$(INSTALL_DATA) directly
- /etc/xinetd.d/sane-port doesn't need read protection from non-root
users, use $(INSTALL_DATA) as well
Sebastian Kemper [Sat, 17 Jul 2021 11:55:46 +0000 (13:55 +0200)]
sane-backends: fix usbid file generation
On some build systems (build bots, Debian Buster for example) the
current mechanism in the Build/Install define doesn't run. Replace it
with shell fu that works.
Daniel Golle [Fri, 16 Jul 2021 21:01:26 +0000 (22:01 +0100)]
uvol: general clean up
* make sure new volumes are in state 'down' until explicitely
requested to transition to 'up' state. Useful for additional
verification steps after writing a read-only volume.
* remove unused ubus events as blockd does that much better now
This release fixes some bugs and these vulnerabilities:
* CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
* CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
* CVE-2021-31799: A command injection vulnerability in RDoc
Signed-off-by: Luiz Angelo Daros de Luca <redacted>
Tianling Shen [Mon, 28 Jun 2021 06:23:24 +0000 (14:23 +0800)]
dnsproxy: add new package
A simple DNS proxy server that supports all existing DNS protocols
including DNS-over-TLS, DNS-over-HTTPS, DNSCrypt, and DNS-over-QUIC.
Moreover, it can work as a DNS-over-HTTPS, DNS-over-TLS or
DNS-over-QUIC server.
For documents, see https://github.com/AdguardTeam/dnsproxy.
mdio is a low-level Linux debug tool for communicating with devices attached an MDIO bus. It improves on existing tools in this space in a few important ways:
MDIO buses are directly addressable. Previous solutions relied on at least one Ethernet PHY on the bus being attached to a net device, which is typically not the case when the device is an Ethernet switch for example.
Complex operations can be performed atomically. The old API only supported a single read or write of a single register. mdio sends byte code to the mdio-netlink kernel module that can perform multiple operations, store intermediate values, loop etc. As a result, things like read/mask/write operations and accesses to paged PHYs can be performed safely.
Harald Geyer [Tue, 13 Jul 2021 21:41:08 +0000 (23:41 +0200)]
elektra: update to 0.9.7
Notable changes:
* Use toml as new default storage backend:
Upstream has removed the ini plugin, we have been using in the
past. toml is still somewhat experimental, but upstream has
designated it as future recommended default.
* Remove the dependency on boost. The only plugin needing that has
been removed upstram.
* Enable plugins for libev and libuv event loop integration. This
adds two new packages with the respective dependencies.
Upstream has fixed the bugs preventing us from using this.
* Enable the internal notification plugin/system. This allows
applications to automatically receive notifications about changes
to their configuration. Again upstream fixing bugs enables this
for us.
* Set the environment variable $XDG_CACHE_HOME to "/tmp/" globally
to prevent elektra (and possibly other applications) from
writing temporary data to flash.
Python works with GNU DBM and with Berkley DBM.
Berkley DBM has been under Oracle for some time.
And it's not clear how many Python users actually use DBM.
In the packages feed, we have both libdb47 (which is now under Oracle) and
GNU DBM. The GNU DBM has a compatibility layer for Berkley DBM.
There are newer versions than libdb47, but it's probably not worth having
them yet. The libbd47 tarball is ~40+ MB. Odds are newer versions will be
bigger and more bloated.
This change merges the old `python3-gdbm` package into the `python3-dbm`
package, since they are effectively using the same underlying library now,
i.e. gdbm.
- Bump version in config
It fixes:
WARNING: Configuration file format is too old, syslog-ng is running in compatibility mode. Please update it to use the syslog-ng 3.33 format at your time of convenience. To upgrade the configuration, please review the warnings about incompatible changes printed by syslog-ng, and once completed change the @version header at the top of the configuration file; config-version='3.31'
Daniel Golle [Fri, 9 Jul 2021 00:25:56 +0000 (01:25 +0100)]
autopart: work on MBR/DOS partitioned disks
Using GPT/UUID parition table is not always a possible choice.
Add support for MBR/DOS partitioned disks to make autopart work on
legacy targets like mt7623.
Josef Schlehofer [Sat, 10 Jul 2021 14:33:08 +0000 (16:33 +0200)]
lxc: add patch to switch GPG server
By default, there was used sks-keyservers.net pool, which has invalid
SSL certificate and they also announced that their service is deprecate
and no longer maintained.
Use the same GPG server as LXC is using by default in the newer
releases.