libfido2 is licensed under the BSD 2-clause license as per:
https://github.com/Yubico/libfido2/
Update package Makefile to correctly reflect this.
Signed-off-by: Rahul Thakur <rahul.thakur@iopsys.eu>
Ruby 3.3 adds a new parser named Prism, uses Lrama as a parser
generator, adds a new pure-Ruby JIT compiler named RJIT, and many
performance improvements especially YJIT.
See: https://www.ruby-lang.org/en/news/2023/12/25/ruby-3-3-0-released/
The 3.3.1 release includes security fixes.
- CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
- CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
- CVE-2024-27280: Buffer overread vulnerability in StringIO
See: https://www.ruby-lang.org/en/news/2024/04/23/ruby-3-3-1-released/
The 3.3.2 release includes many bug-fixes.
See: https://www.ruby-lang.org/en/news/2024/05/30/ruby-3-3-2-released/
Packaging changes since 3.2.2:
- New packages: ruby-prism and ruby-rjit
- Added /usr/bin/rdbg to ruby-debug
- Added /usr/bin/syntax_suggest to ruby-syntax_suggest
The 3.3.3 release includes:
- RubyGems 3.5.11
- Bundler 2.5.11
- REXML 3.2.8
- strscan 3.0.9
- --dump=prism_parsetree is replaced by --parser=prism --dump=parsetree
- Invalid encoding symbols raise SyntaxError instead of EncodingError
- Memory leak fix in Ripper parsing
- Bugfixes for YJIT, **{}, Ripper.tokenize,
- RubyVM::InstructionSequence#to_binary, --with-gmp, and some build
environments
See: https://www.ruby-lang.org/en/news/2024/06/12/ruby-3-3-3-released/
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Updated 010-configure-uname.patch as source changed.
Removed 100-example-conf-in.patch as not needed any more.
Release message:
This release has a fix for the DNSBomb issue CVE-2024-33655. This has a
low severity for Unbound, since it makes Unbound complicit in targeting
others, but does not affect Unbound so much.
To mitigate the issue new configuration options are introduced.
The options discard-timeout: 1900, wait-limit: 1000
and wait-limit-cookie: 10000 are enabled by default. They limit the
number of outstanding queries that a querier can have. This limits
the reply pulse, and make Unbound less favorable for the issue.
With the config wait-limit-netblock and wait-limit-cookie-netblock
the parameters can be fine tuned for specific destinations.
More information on the attack and Unbound's mitigations are
presented further down.
Other fixes in this release are that Unbound no longer follows symlinks
when truncating the pidfile. Unbound also does not chown the pidfile,
this is for safety reasons. There are also a number of fixes for RPZ, in
handling CNAMEs. There is a memory leak fix for the edns client subnet
cache. For DNSSEC validation a case is fixed when the query is of type
DNAME. The unbound-anchor program is fixed to first write to a temporary
file, before replacing the original. This handles disk full situations,
and because of it unbound-anchor needs permission to create that file,
in the same directory as the original file. There is also a fix for
IP_DONTFRAG, to disable fragmentation instead of the opposite.
The option cache-min-negative-ttl can be used to set the minimum TTL
for negative responses in the cache. It complements existing options to
set the maximum ttl for negative responses and to set the minimum and
maximum ttl but not specifically for negative responses.
The option cachedb-check-when-serve-expired option makes Unbound use
cachedb to check for expired responses, when serve-expired is enabled,
and cachedb is used. It is enabled by default.
The -q option for unbound-checkconf can be added to silence it when
there are no errors.
Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
Release mainly focuses on bug fixes and patching compatibility issues.
Also, adds support to multiple platforms.
Removed obsolete patch as upstream has fixed.
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
This release includes enhancements and bug fixes.
This release is ABI compatible with the previous release.
See: https://github.com/webmproject/libvpx/releases/tag/v1.14.1
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Remove one patch - instead of messing with BUILDCXXFLAGS there we
properly define it via CONFIGURE_ARGS inside Makefile of the package.
Refresh remaining patch.
Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
* fixed a possible "Argument list too long" error in the f_log function
* fixed multiple, incomplete digit character classes
* fixed/optimized split file handling
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
Remove the ancient package with experimental cake options,
from time when cake was not yet officially here.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Supports interface metrics exposed by mwan3. The performance is a
little slow compared to other collectors (~300ms) as the ubus call is
where most of the time is spent. Any future speedups are likely better
put into mwan3's rpcd binary.
Signed-off-by: Ryan Doyle <ryan@doylenet.net>
[rename metrics,bump version]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
…for textfile collector, to make it more consistent with the upstream
Prometheus node-exporter
Signed-off-by: Rob Hoelz <rob@hoelz.ro>
[bump version]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Merge duplicate src/dest samples by suming their value (bytes count)
Fixes#24166
Signed-off-by: Antoine C <hi@acolombier.dev>
[bump version number]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
The message 'MM_CONNECT_IN_PROGRESS' is a status message, not an error
message. To avoid confusion, the message has been removed.
Signed-off-by: Oliver Sedlbauer <osedlbauer@tdt.de>
This commit improves the automatic reconnect logic. If the modem cannot
establish a connection, for example due to poor reception, the
proto_block_restart prevents the interface from trying to reconnect.
To enforce the connection, this commit adds a new option that allows the
system to attempt to establish a connection indefinitely.
Signed-off-by: Oliver Sedlbauer <osedlbauer@tdt.de>
Update to latest version.
Changelog: https://github.com/snort3/libdaq/releases/tag/v3.0.15
,,_ -*> Snort++ <*-
o" )~ Version 3.1.84.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.15
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.13 30 Jan 2024
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 10.42 2022-12-11
Using ZLIB version 1.3.1
Using Hyperscan version 5.4.2 2024-05-26
Using LZMA version 5.4.6
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
go1.22.4 (released 2024-06-04) includes
security fixes to the archive/zip and net/netip packages,
as well as bug fixes to the compiler,
the go command, the linker,
the runtime, and the os package.
Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
Latest Erlang update incorrectly detects THP as always enabled,
which leads to segmentation fault on systems without transparent hugepages.
Here we manually override configure flag by checking actual option of target kernel.
Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
Rahul Thakur