,,_ -*> Snort++ <*-
o" )~ Version 3.1.77.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2023 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.13
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.12 24 Oct 2023
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.3
Using Hyperscan version 5.4.2 2023-12-20
Daniel Golle [Wed, 20 Dec 2023 05:01:15 +0000 (05:01 +0000)]
gnunet: update to version 0.20.0
v0.20.0:
- GNUNET_TESTING_get_testname_from_underscore renamed to GNUNET_STRINGS_get_suffix_from_binary_name and moved from libgnunettesting to libgnuneutil
- Move GNUNET_s into libgnunetutil.
- re-introduce compiler annotation for array size in signature
- function-signature adjustment due to compiler error
- GNUNET_PQ_get_oid removed, GNUNET_PQ_get_oid_by_name improved
- Added GNUNET_PQ_get_oid_by_name
- added GNUNET_PQ_get_oid()
- Added new CCA-secure KEM and use in IDENTITY encryption
- Add KEM API to avoid ephemeral private key management
- Add new GNUNET_PQ_event_do_poll() API to gnunet_pq_lib.h
- Added API to support arrays in query results
- Improve PQ API documentation.
- API for array types extended for times
- API extended for array query types
- relevant array-types in queries (not results) in postgresql added
- just style fixes, int to enum
- initial steps towards support of array-types in posgresql
- adds GNUNET_JSON_spec_object_const() and GNUNET_JSON_spec_array_const()
Fabrice Fontaine [Wed, 20 Dec 2023 08:18:46 +0000 (09:18 +0100)]
libassuan: Fix license
libassuan license is wrong since the addition of the package in commit
https://git.openwrt.org/?p=feed/packages.git;a=commit;h=e24e8fa98c813911419271d64433deb2b453fa02
Indeed, libassuan has been licensed under LGPL-2.1+ since version 1.0.3
back in 2007 [1]:
Noteworthy changes in version 1.0.3 (2007-08-24)
------------------------------------------------
* Changed the license of the library code back to LGPLv2.1 to support
a bunch of GPLv2(only) software which does not allow the use of
LGPLv3. Note that this is only a temporary change and authors of
GPLv2(only) software are asked to switch to GPLv3 or to add an
exception which allow the use of LPGLv3 software.
Florian Eckert [Wed, 20 Dec 2023 13:20:13 +0000 (14:20 +0100)]
openvpn: Added option to not start the native OpenVPN configurations on boot
OpenVPN configurations that have a uci entry, the enable/enabled option can
be used to control whether the OpenVPN connection should be started at
system startup or not.
OpenVPN configurations that are located under '/etc/openvpn/' are always
started at system boot. To ensure that these connections can also be
started later, they must 'not' be started automatically during system boot.
This can be prevented with the following entry in the OpenVPN configuration.
config globals 'globals'
option autostart '0'
These OpenVPN configurations can then be started later with the command.
'/etc/init.d/openvpn start <name>'
Florian Eckert [Wed, 20 Dec 2023 09:19:24 +0000 (10:19 +0100)]
openvpn: add possibility to start openvpn_path_instance on request
This commit adds the possibility that an OpenVPN instance located under
'/etc/openvpn' can also be started with the command.
'/etc/init.d/openvpn start <name>'
Daniel Golle [Wed, 20 Dec 2023 02:21:11 +0000 (02:21 +0000)]
ccid: update to version 1.5.4
Add new build dependency on zlib as package no longer builds without
it being present.
1.5.4 - 29 October 2023, Ludovic Rousseau
- fix a regression introduced in 1.5.3
1.5.3 - 25 October 2023, Ludovic Rousseau
- Add support of
- ACS ACR1552 1S CL Reader
- ACS ACR1552 CL Reader
- ACS ACR1581
- ACS ACR40T ICC Reader
- ACS ACR40U ICC Reader
- ACS WalletMate 1S CL Reader
- Aktiv Rutoken SCR 3101 NFC Reader
- CIRIGHT ONE PASS U2F
- Dexon Tecnologias Digitais LTDA eSmartDX
- Excelsecu Card reader
- GHI NC001
- Identiv uTrust Token Flex
- SpringCard M519 with idProduct: 0x6212
- SpringCard M519 with idProduct: 0x621A
- WCMi SD5931
- parse: create output.bin file
- udev: Disable USB-persist for CCID devices
- configure: fail if flex is not found
- Some other minor improvements
1.5.2 - 31 January 2023, Ludovic Rousseau
- Add support of
- KAPELSE KAP-LINK
- LDU LANDI
- Sensyl SSC-HV Reader
- TOKEN2 MFA NFC Reader
- TOKEN2 Molto2
- Thales RF Reader
- Alcor Micro AU9560: Remove high speeds since they are not supported
- Hack for AlcorMicro AU9560 and Acos-ID card
- configure.ac: disable the use of --disable-usbdropdir
Daniel Golle [Wed, 20 Dec 2023 04:01:35 +0000 (04:01 +0000)]
pcsc-lite: update to version 2.0.1
Add configure argument to keep polkit disabled as per before 2.0.1.
2.0.1: Ludovic Rousseau
24 November 2023
- SCardConnect(): return SCARD_W_SECURITY_VIOLATION when needed (polkit)
- SCardCancel(): return SCARD_S_SUCCESS even if the client already finished
- polkit is enabled by default
- libpcscspy: fix a crash with NULL pointers
- Doxygen: fix SCardBeginTransaction() documentation
- fix pcscd internal thread safety issues (clang -fsanitize=thread)
- Some other minor improvements
9 June 2023
2.0.0: Ludovic Rousseau
9 June 2023
- Adjust USB drivers path at run-time via environment variable PCSCLITE_HP_DROPDIR
- Add '--disable-polkit' option
- Reset eventCounter when a reader is removed
- Add "polkit" in "pcscd -v" output if enabled
- Doxygen: document SCARD_E_INVALID_VALUE for some functions
- use secure_getenv(3) if available
- Some other minor improvements
* Non-maintainer upload targeting Debian 12.2, with maintainer approval
from Luca Boccassi.
* Backport merged-/usr support changes from trixie:
- Implement merged-/usr by post-merging.
This changes the bootstrap order so that it will be possible for a
future version of base-files in trixie/sid to take responsibility for
creating the /bin, /sbin, /lib* symlinks, and is a prerequisite for
lifting the moratorium imposed by #1035831.
(Closes: #1049898; implementation by Helmut Grohne)
- functions: Reinstate setup_merged_usr() as it existed before
fixing #1049898, for backwards-compatibility with older versions of
mmdebstrap.
- functions: Default to merged-/usr for suites newer than bookworm,
even for the buildd profile. This allows packages targeting trixie
to assume that merged-/usr is the only layout possible, and is a
prerequisite for lifting the moratorium imposed by #1035831.
- Mention --merged-usr in --help output. (Closes: #1031828)
* Backport autopkgtest regression fixes from trixie:
- Revert fake/schroot-1.6.10-3 to an accurate emulation of the
behaviour of schroot 1.6.10-3 (Closes: #983311)
- Document schroot 1.6.10-3 with the default profile as expected to
fail to use /dev/pts in a lxc >= 3 or Docker container; this is a
schroot bug (#983423) and not a debootstrap bug
- With these changes, the autopkgtest is confirmed to pass in
autopkgtest-virt-qemu (Closes: #983197)
-- Simon McVittie <redacted> Wed, 30 Aug 2023 15:21:17 +0100
[ Heysion Yuan ]
* add usrmerge support loongarch64.
[ Paul Menzel ]
* Avoid duplicate components in `sources.list`.
[ Edward Tomasz Napierala ]
* Mount /dev/fd if the host is FreeBSD.
[ Debian Janitor ]
* Bump debhelper from old 12 to 13.
* Update renamed lintian tag names in lintian overrides.
[ Luca Falavigna ]
* Add (Ubuntu) kinetic as a symlink to gutsy.
* Update standards version to 4.6.0.1, no changes needed.
[ Luca Boccassi ]
* setup_merged_usr: create skip flag when merged-usr is disabled on bookworm+
* Add usr-is-merged to the required set on testing/unstable
Daniel Golle [Wed, 20 Dec 2023 02:24:47 +0000 (02:24 +0000)]
hiredis: update to version 1.2.0
Announcing Hiredis v1.2.0 with with new adapters, and a great many bug
fixes.
🚀 New Features
- Add sdevent adapter
- Allow specifying the keepalive interval
- Add RedisModule adapter
- Helper for setting TCP_USER_TIMEOUT socket option
🐛 Bug Fixes
- Fix a typo in b6a052f.
- Fix wincrypt symbols conflict
- Don't attempt to set a timeout if we are in an error state.
- Accept -nan per the RESP3 spec recommendation.
- Fix colliding option values
- Ensure functionality without `_MSC_VER` definition
🧰 Maintenance
- Add a test for the TCP_USER_TIMEOUT option.
- Add -Werror as a default.
- CI: Update homebrew Redis version.
- Fix typo in makefile.
- Write a version file for the CMake package
- CMakeLists.txt: respect BUILD_SHARED_LIBS
- Cmake static or shared
- fix typo
- Add a test ensuring we don't clobber connection error.
- Search for openssl on macOS
Fabrice Fontaine [Sun, 10 Dec 2023 20:42:37 +0000 (21:42 +0100)]
gpgme: Fix license
gpgme license is wrong since the addition of the package in commit
https://git.openwrt.org/?p=feed/packages.git;a=commit;h=3e39633b75e7d26f3666bce9c2e97d268f0fd068
Indeed, gpgme has been licensed under LPGL-2.1+ since version 1.0.2 back
in 2004 [1]:
Noteworthy changes in version 1.0.2 (2004-12-28)
------------------------------------------------
* Changed the license of the library to the GNU Lesser General Public
License (LGPL), version 2.1 or later.
ICU 74.2 updates to CLDR 44.1 locale data. These are maintenance releases for ICU 74 and CLDR 44, with limited sets of bug fixes and no API or structural changes.
* The CLDR bug fix relevant for ICU is for some formatting patterns that erroneously had two adjacent space characters. These are coalesced into one. (CLDR-17233)
* List of tickets fixed in ICU 74.2
* Important: DateFormat.getInstanceForSkeleton() and the DateTimePatternGenerator sometimes used the wrong patterns because they failed to use/inherit certain data. (ICU-22575 — CLDR 44 had removed some redundant data that ICU relied on.)
John Audia [Sat, 1 Jul 2023 09:41:41 +0000 (05:41 -0400)]
hyperscan: new package for speeding up regex ops
Hyperscan is a high performance regular expression matching
library from Intel that runs on x86 platforms and offers
support for Perl Compatible Regular Expressions (PCRE) syntax,
simultaneous matching of groups of regular expressions, and
streaming operations.
Joel Low [Thu, 14 Dec 2023 12:00:32 +0000 (20:00 +0800)]
strongswan: trigger reload when interfaces are specified
Fixes #20848
Add interface triggers if interfaces to listen to are specified in
`/etc/config/ipsec`. This fixes the "running with no instances" scenario
after rebooting a router.
Eric Fahlgren [Wed, 6 Dec 2023 23:37:32 +0000 (15:37 -0800)]
snort3: add missing config include and general cleanup
- Delete legacy configuration files homenet.lua and local.lua
- Add snort config 'include' to allow user customizations in the lua
- Enhance 'check' to test generated nftables file
- Suppress inclusion of rules file when doing silent config check
- Suppress warnings on configuration check unless '-v'erbose
- Replace text logging with json logging to reduce footprint and make reports easier
- Fix some typos in the snort.uc template
- Fix up some error messages suggesting solutions
Stan Grishin [Fri, 15 Dec 2023 02:41:38 +0000 (02:41 +0000)]
adblock-fast: update to 1.1.1-1
* move reload/restart logic from json() to config_cache()
* improve fw4 restart decision logic
* no longer store reload/restart info in ubus/status json file
* rename variables pointing to run-time information
* create dns_set_output_values to reuse code in principal all and luci app
* improve append_url to store collected URLs in an alternative variable
wifidog: make it compile again with recent version of WolfSSL
Recent version of WolfSSL dropped CyaSSL shims and made the package not
compilable. Converting it to the WolfSSL library is simple enough as the
API used are very basic and can be converted directly. Add patch that
fully convert the package to WolfSSL and doesn't use the compat shim
anymore.
Dirk Brenken [Mon, 11 Dec 2023 16:35:13 +0000 (17:35 +0100)]
banip: bump to release 0.9.3-1
* provides an option to transfer log events on remote servers via cgi interface (disabled by default), see readme for details
* refine the allowlist check to support IP intervals as well before adding an IP to the blocklist
git.99rst.org / openwrt-packages.git / log