musl libc does not support this feature, and for glibc, additional
library libasan is required. Disable it explicitly to avoid build issue
when CONFIG_DEBUG is selected.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Libarchive 3.7.9 is a bugfix release, fixing a regression in libarchive
3.7.8 regarding GNU sparse entries was fixed.
Libarchive 3.7.8 is a bugfix and security release:
Security fixes:
* tar reader: Handle truncation in the middle of a GNU long linkname (CVE-2024-57970)
* unzip: fix null pointer dereference (CVE-2025-1632)
* tar reader: fix unchecked return value in list_item_verbose() (CVE-2025-25724)
Important bugfixes:
* 7zip reader: add SPARC and POWERPC filter support for non-LZMA compressors
* tar reader: Ignore ustar size when pax size is present
* tar writer: Fix bug when -s/a/b/ used more than once with b flag
* cpio: Fix a Y2038 bug on Windows
* libarchive: Handle ARCHIVE_FILTER_LZOP in archive_read_append_filter
* libarchive: Adding missing seeker function to archive_read_open_FILE()
Full Changelog: https://github.com/libarchive/libarchive/compare/v3.7.7...v3.7.8
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Add openssh-sk-helper package containing ssh-sk-helper.
The helper can be used by openssh-client, openssh-sftp-client,
and openssh-keygen to access `ecdsa_sk` and `ed25519_sk keys
provided by a FIDO U2F or FIDO2 hardware token connected over USB.
Close#24509
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
This reverts commit 855db864b0.
The reverted commit doesn't make sense since the component
(ssh-sk-helper) that uses libfido2, which is mentioned in
the commit message, isn't packaged.
Signed-off-by: Mikael Magnusson <mikma@users.sourceforge.net>
libarchive fixed a lot of security issues in the last few releases, listing only
notable changes,
libarchive 3.7.5:
* rar4: protect copy_from_lzss_window_to_unp() CVE-2024-20696
* rar4: fix CVE-2024-26256
libarchive 3.7.6:
* this release fixes a tar regression introduced in libarchive 3.7.5
libarchive 3.7.7:
* gzip: prevent a hang when processing a malformed gzip inside a gzip (OSS-Fuzz)
* tar: don't crash on truncated tar archives (OSS-Fuzz)
* tar: fix two leaks in tar header parsing
Link: https://github.com/libarchive/libarchive/releases
Signed-off-by: Matthias Franck <matthias.franck@softathome.com>
* the ETAG function now supports country and asn feeds as well
* fixed becyber URL and other small fixes
* LuCI fixes and improvements (separate commit)
Signed-off-by: Dirk Brenken <dev@brenken.org>
* added a 'DNS Shift' option, where the generated final DNS blocklist is moved to the backup directory and
only a soft link to this file is set in memory. As long as your backup directory is located on an external drive,
you should activate this option to save disk space
* added ETAG-Header support to make sure to download only feeds that has been changed,
use backups otherwise (not supported by uclient-fetch)
* removed aria2 support
* added brave as a new safesearch provider
* removed the racist terminology from the local lists and renamed it to "allowlist" and "blocklist"
* removed the 'list' and 'timer' function from init, use the LuCI feed editor and the standard cron frontend instead
* various code changes and improvements
* major LuCI frontend changes, incl. a custom feed editor (separate commit)
* partial readme update
Signed-off-by: Dirk Brenken <dev@brenken.org>
This is a major upgrade to latest stable PHP version.
- IMAP extension was unbundled from PHP
- align patch filenames with latest ones from Debian
- removed obsolete patches
- adapted/refreshed patches
- added patch to remove call to httpd during configure
Note: this assumes that 'prefork' mpm is used
Upstream changelog for this specific release:
https://www.php.net/ChangeLog-8.php#8.4.5
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
For the moment, we have to finetune the package
versioning to make apk happy.
This update provides compatibility with PHP 8.4.x.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This PECL package seems to be not actively maintained
anymore by upstream and it does not work with PHP 8.4.x
so let's drop it.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This commit allows building the package without downloading enterprise
numbers from the IANA PEN registry. This enables offline builds and
reduces storage usage, especially on devices with limited space.
Signed-off-by: Oliver Sedlbauer <osedlbauer@tdt.de>
Update nano edit to version 8.4.
Add configure flags to overcome upstream bug 66978, where the newly added
gnulib module for strcasecmp always fails in the configure step when
cross-compiling.
https://savannah.gnu.org/bugs/?66978b2927d1b1f
The added flags disable the strcasecmp function from gnulib.
If upstream (gnulib?) fixes things later, the flags should be removed.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Commit 9fc79e2e2622 ("download: don't overwrite VERSION variable")
changed the variable for direct download call from VERSION to
SOURCE_VERSION.
This cause the dl_github_archive script to pass empty value for
--version arg making it always clone HEAD.
Correctly update the variable to SOURCE_VERSION to actually clone the
expected commit HASH.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Commit 9fc79e2e2622 ("download: don't overwrite VERSION variable")
changed the variable for direct download call from VERSION to
SOURCE_VERSION.
This cause the dl_github_archive script to pass empty value for
--version arg making it always clone HEAD.
Correctly update the variable to SOURCE_VERSION to actually clone the
expected commit HASH.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
