We had been creating "rundir" but it was never used, probably leftover
from some removed function. At the same time, we were setting quite
strict rights to the socket directory (while comments sugested
otherwise).
Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
(cherry picked from commit 8f6831b64b)
1.9.8: Ludovic Rousseau
11 June 2022
- Install install_spy.sh & uninstall_spy.sh scripts in docdir
- SCardTransmit(): do not fail if receive buffer is "too large"
- SCardControl(): do not fail if receive buffer is "too large"
- fix some memory leaks on shutdown
- use a better random number generator
- Some other minor improvements
1.9.7: Ludovic Rousseau
13 May 2022
- disable strict compilation by default
- fix 3 warnings
1.9.6: Ludovic Rousseau
11 May 2022
- do not fail reader removal in some specific cases (USB/Thunderbolt port)
- improve documentation regarding /etc/reader.conf.d/
- SCardGetStatusChange: speedup the case DISABLE_AUTO_POWER_ON
- configure:
. add --disable-strict option
By default the compiler arguments are now:
-Wall -Wextra -Wno-unused-parameter -Werror ${CFLAGS}
. fail if flex is not found
- fix different data races
- pcscdaemon: -v displays internal constants values:
MAX_READERNAME & PCSCLITE_MAX_READERS_CONTEXTS
- Some other minor improvements
1.9.5: Ludovic Rousseau 4 December 2021
- pcscd: autoexit even if no client connects
- Fix variable substitution in systemd units
- fix potential race conditions with powerState handling
- Add and use tag TAG_IFD_DEVICE_REMOVED
- UnitaryTests: port code to Python 3
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 5c22f49175)
(cherry picked from commit db667b5b0f)
pcsc-lite: update to verion 1.9.9
1.9.9: Ludovic Rousseau
11 September 2022
- SCardEstablishContext() may return SCARD_W_SECURITY_VIOLATION if refused by Polkit
- Fix SCardReleaseContext() failure on orphan handles
- Fix SCardDisconnect() on orphan handle
- pcsc-spy: log the pioSendPci & pioRecvPci SCardTransmit() parameters
- Improve the log from pcscd: log the return code in text instead of hex
- Some other minor improvements
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit a8698d5ede)
Version 2.03.15 - 07th February 2022
====================================
Remove service based autoactivation. global/event_activation = 0 is NOOP.
Improve support for metadata profiles for --type writecache.
Use cache or active DM device when available with new kernels.
Introduce function to utilize UUIDs from DM_DEVICE_LIST.
Increase some hash table size to better support large device sets.
Version 2.03.16 - 18th May 2022
===============================
Fix segfault when handling selection with historical LVs.
Add support --vdosettings with lvcreate, lvconvert, lvchange.
Filtering multipath devices respects blacklist setting from multipath
configuration.
lvmdevices support for removing by device id using --deviceidtype and
--deldev.
Display writecache block size with lvs -o writecache_block_size.
Improve cachesettings description in man lvmcache.
Fix lossing of delete message on thin-pool extension.
Mostly bug fixes and minor improvements.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 63408123df)
(cherry picked from commit 4e70f5caef)
Use PKG_FIXUP:=autoreconf when building cryptsetup to prevent
accidental linkage against host libraries.
Fixes: #19011
Reported-by: @dreirund
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ad0ac5198d)
1.5.0 - 27 January 2022, Ludovic Rousseau
- Add support of
- ACS ACR1281U
- Circle CCR7125 ICC
- Circle CIR125 ICC
- Circle CIR125-DOT ICC
- Circle CIR215 CL with iProduct 0x2100
- Circle CIR315 DI
- Circle CIR315 with idProduct: 0x0324
- Circle CIR315 with idProduct: 0x7004
- Circle CIR415 CL
- Circle CIR515 ICC
- Circle CIR615 CL
- Circle CIR615 CL & 1S
- ELYCTIS CL reader
- Nitrokey Nitrokey 3
- Thales Shield M4 Reader
- Add support of simultaneous slot access on multi slots readers
- Use FeliCa instead of Felica on SONY request
- Fix SafeNet eToken 5110 SC issue
- Allow vendor control commands for Omnikey 5427 CK
- always compute readTimeout to use a value greater than default 3 seconds
- Check the bSeq value when receiving a CCID frame
- Avoid logging errors when a reader is removed
- Some other minor improvements
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 0dd218a2fb)
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.
Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 845d81ca09)
(cherry picked from commit f624e41f38)
This adds conflicts between the variants,
because they provide the same files, and it should not be
possible to install them side by side. Otherwise, it might happen that
half files would be from one variant and the other half from the
other.
Also, adds provides as if you request to install ``vim`` and
``vim-full``, then the request could be satisfied even they collide,
because ``vim-full`` provides ``vim`` package.
Signed-off-by: Karel Kočí <cynerd@email.cz>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[add commit message]
(cherry picked from commit 46c058468a)
The function udev_enumarte_scan_devices returns a value less than 0 on
failure. If this is the case then we terminate the read for this smart
information.
This change was already send upstream. And could be delete in feature
collectd versions.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 896a0f0db6)
This was not a real fix but a workaround. It is no longer clear to me
why this was necessary. Deleting the patch restores the upstream
behaviour of the collected for the smart plugin. I have tested it and on
my system the hard disk to be monitored is recognised.
root@system ~ # cat /sys/class/block/sda/uevent
MAJOR=8
MINOR=0
DEVNAME=sda
DEVTYPE=disk
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit a9ea1cf6ed)
The postinst script is sourced during image build, which causes the
follow failure:
/home/stijn/Development/OpenWrt/openwrt/build_dir/target-x86_64_musl/root-x86/etc/init.d/lxc-auto: line 3: /lib/functions.sh: No such file or directory
postinst script ./usr/lib/opkg/info/lxc-auto.postinst has failed with exit code 1
Sourcing /lib/functions.sh is not needed, as /etc/rc.common does so
already. Unfortunately removing that line from the init script is not
enough to fix the problem. The postinst script should also check
IPKG_INSTROOT. As these two changes are unrelated, they should go in
separate commits, and the solution to the image build problem is to
revert the commit that introduced the breakage.
This reverts commit 2cde10b950.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 039912dec5)
otherwise, a user would have to either manually run /etc/init.d/lxc-auto
boot or reboot the system to start using lxc.
originally committed in 2cde10b950
reverted in 039912dec5
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 7da7356539)
(cherry picked from commit 345ae974bc)
Apply post-1.9.0 patch from upstream to fix a segfault.
savedptr can be NULL, so guard for that.
Fixes#18741
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit ab7a23102e)
Apply post-1.9.0 patch from upstream to fix the irq-->module
relation detection.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 358c2293fa)
Upstream has finally patched the UI communication socket
creation to happen only if the irqbalance UI is enabled.
As we do not use the irqbalance UI, we can remove
our local fix implemented by 4f0c847828.
(If you want to enable irqbalance UI, the fix is still needed.)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 8e71e0ad97)
Linux 5.15 does not have the linux/ipx.h header.
The patch is a partial cherry-pick (skipped ChangeLog) of upstream
commit 6b09724c6 ("Make IPX packet interpretation dependent on the ipx
header file existing").
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7be14da0d5)
