mirror of
https://github.com/openwrt/packages.git
synced 2026-06-17 19:10:30 +04:00
Alexandru Ardelean
eb538bd758
3.0.3 is a security/vulnerability release on the stable 3.0 series. Notable fixes since 3.0.2: * **CVE-2026-3608** — A large number of bracket pairs in a JSON payload sent to any endpoint caused a stack overflow during recursive parsing. The exploit does not need a syntactically valid command, so it bypasses RBAC and the command filters on the High-Availability endpoints (upstream #4275 / #4288 / #4387). * Null dereference when configuring the Control Agent with a socket entry that lacks the mandatory ``socket-name`` is now caught (#4388, #4365). * UNIX command sockets are created group-writable so Stork 2.4.0+ and other tooling using the configured group can talk to the daemon (#4398, #4260). Upstream's release notes flag "no incompatible changes" and "no known issues" for this bump. All current patches still apply cleanly. Release notes: https://ftp.isc.org/isc/kea/3.0.3/Kea-3.0.3-ReleaseNotes.txt Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
OpenWrt packages feed
Description
This is the OpenWrt "packages"-feed containing community-maintained build scripts, options and patches for applications, modules and libraries used within OpenWrt.
Installation of pre-built packages is handled directly by the opkg utility within your running OpenWrt system or by using the OpenWrt SDK on a build system.
Usage
This repository is intended to be layered on-top of an OpenWrt buildroot. If you do not have an OpenWrt buildroot installed, see the documentation at: OpenWrt Buildroot – Installation on the OpenWrt support site.
This feed is enabled by default. To install all its package definitions, run:
./scripts/feeds update packages
./scripts/feeds install -a -p packages
License
See LICENSE file.
Package Guidelines
See CONTRIBUTING.md file.