Oliver Sedlbauer [Mon, 23 Oct 2023 15:52:38 +0000 (17:52 +0200)]
modemmanager: move iface cleanup to wrapper script
If the ModemManager process crashes, the interfaces are not cleaned
up properly because the stop_service method is not called. With this
change, the interfaces are cleaned up both when stopping the service
and during a crash. Therefore it is no longer necessary to perform a
cleanup at the beginning.
Oliver Sedlbauer [Tue, 17 Oct 2023 15:13:37 +0000 (17:13 +0200)]
modemmanager: improve cleanup of ifaces
Change workflow to cleanup interfaces using the sysfscache.
The sysfscache stores the processed sysfs-paths. Using this
instead of mmcli -L, the interfaces can be properly cleaned
up even if, for example, ModemManager crashes and mmcli is
no longer usable.
,,_ -*> Snort++ <*-
o" )~ Version 3.1.73.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2023 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.12
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.11 19 Sep 2023
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.3
Using Hyperscan version 5.4.2 2023-10-26
Jochen Dolze [Wed, 25 Oct 2023 16:58:12 +0000 (16:58 +0000)]
apinger: fixed bugs in apinger.init and apinger.rpc
Fix bug in init_apinger_config - debug/status_interval/rrd_interval were never set correctly
Fix bug in apinger_status - send and receive were swapped
Fix bug in apinger_status - added ability to use ipv6 on wan6
Stan Grishin [Thu, 26 Oct 2023 14:39:06 +0000 (14:39 +0000)]
https-dns-proxy: bugfix: crashes on logging from upstream
* update to 2023-10-25 upstream version which fixes the crashes on logging on ath79
* remove no longer needed 030-src-logging.c-fix-crash.patch
* update 010-cmakelists-remove-cflags.patch to work with a new version
* update 020-src-options.c-add-version.patch to work with a new version
Proxy churn is removed and because of that also distinctcounter:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/commit/6393af6bab0f7c3c95b11352d5c582d2000062fa
Oliver Sedlbauer [Mon, 16 Oct 2023 14:42:25 +0000 (16:42 +0200)]
modemmanager: check status of report-kernel-event
At mm_report_modem_wait a wait status is set. When attempting to report
an event (via hotplug or during startup) and the DBus is not yet available,
the status in the sysfs cache is set to 'processed' incorrectly, even
if mmcli fails.
This is fixed by aborting the operation and logging an error when
the kernel report fails.
Oliver Sedlbauer [Mon, 16 Oct 2023 12:21:21 +0000 (14:21 +0200)]
modemmanager: remove sysfscache after dbus ready
The mm_report_events_from_cache method is called during the startup and
informs the ModemManager of kernel events. Additionally, hotplug scripts
inform the ModemManager of kernel events. Processed events are stored in
the sysfs cache. It is possible for a hotplug script to write to the
sysfs cache while the mm_report_events_from_cache method is still waiting
for the ModemManager to be available on the bus during startup.
This could lead to a misbehavior where modems are not recognized.
To ensure a clean state on startup, the sysfs cache is cleared after the
ModemManager is available, ensuring reliable processing of kernel events.
Dirk Brenken [Tue, 24 Oct 2023 15:27:40 +0000 (17:27 +0200)]
travelmate: release 2.1.1
* various vpn/wireguard improvements & fixes
* improved compatibility with new netifd
* added open STA improvements by @brianjmurrell
* closes #22227 #22288 #22357
Stan Grishin [Tue, 24 Oct 2023 02:14:08 +0000 (02:14 +0000)]
https-dns-proxy: bugfix: prevent crashes on IPv6 systems
* update service triggers so that procd_add_raw_trigger is only
executed on boot and not on other service actions
* remove outdated iface hotplug script
Tarvi Pillessaar [Sun, 22 Oct 2023 07:36:10 +0000 (10:36 +0300)]
strongswan: add eap-dynamic plugin
This plugin acts as a proxy that dynamically selects an EAP method that is
supported/preferred by the client. If the original EAP method initiated by
the plugin is rejected with an EAP-NAK message, it will select a different
method that is supported/requested by the client.
For example it is possible to configure eap-tls as preferred
authentication method for your connection while still allow eap-mschapv2.
Convert package to PCRE2 by porting a pending patch from a closed PR.
The PR is old but the code never changed and is simple enough to check
the changes. The patch apply directly with no changes (aside from
commenting out the travis CI file)
The PR was never merged as PCRE2 at times was too new and they were
trying to find a better regex lib.
Stan Grishin [Sat, 21 Oct 2023 02:26:02 +0000 (02:26 +0000)]
adblock-fast: bugfix: allow command
* fix sed to properly purge allowed domains from block-lists
* ensure resolver is restarted on allow command
* reduce pause default/max in attempt to make it work with luci
Stan Grishin [Wed, 18 Oct 2023 18:58:00 +0000 (18:58 +0000)]
curl: prepare for HTTP/3 support
* these changes along with 2 PRs below and using non-standard
openssl library allow for building curl with HTTP/3 support
* https://github.com/openwrt/packages/pull/22443
* https://github.com/openwrt/packages/pull/22444
Maxim Anisimov [Tue, 17 Oct 2023 12:22:14 +0000 (15:22 +0300)]
modemmanager: bump to 1.22.0
- switch to builtin plugins
- import upstream patch for fixing support of ublox LARA-R6001 / LARA-R6001D modules
(see: https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/779)
This is a security release.
Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-44487: nghttp2 Security Release (High) (Depends on shared library provided by OpenWrt)
* CVE-2023-45143: undici Security Release (High)
* CVE-2023-38552: Integrity checks according to policies can be circumvented (Medium)
* CVE-2023-39333: Code injection via WebAssembly export names (Low)
More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post.
Michal Hrusecky [Mon, 16 Oct 2023 05:15:46 +0000 (07:15 +0200)]
samba4: Update to version 4.18.8
Mainly security release, fixing CVE-2023-3961, CVE-2023-4091,
CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670. For more details see:
https://www.samba.org/samba/history/samba-4.18.8.html
git.99rst.org / openwrt-packages.git / log