- Mar 28, 2024
-
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
- [Feature]: Transport grew a new packetizer_class kwarg for overriding the packet-handler class used internally. Mostly for testing, but advanced users may find this useful when doing deep hacks. - [Bug]: Tweak ext-info-(c|s) detection during KEXINIT protocol phase; the original implementation made assumptions based on an OpenSSH implementation detail. - [Bug]: Address CVE 2023-48795 (aka the “Terrapin Attack”, a vulnerability found in the SSH protocol re: treatment of packet sequence numbers) as follows: - The vulnerability only impacts encrypt-then-MAC digest algorithms in tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko currently only implements hmac-sha2-(256|512)-etm in tandem with AES-CBC. If you are unable to upgrade to Paramiko versions containing the below fixes right away, you may instead use the disabled_algorithms connection option to disable the ETM MACs and/or the CBC ciphers (this option is present in Paramiko >=2.6). - As the fix for the vulnerability requires both ends of the connection to cooperate, the below changes will only take effect when the remote end is OpenSSH >= 9.6 (or equivalent, such as Paramiko in server mode, as of this patch version) and configured to use the new “strict kex” mode. Paramiko will always attempt to use “strict kex” mode if offered by the server, unless you override this by specifying strict_kex=False in Transport.__init__. - Paramiko will now raise an SSHException subclass (MessageOrderError) when protocol messages are received in unexpected order. This includes situations like receiving MSG_DEBUG or MSG_IGNORE during initial key exchange, which are no longer allowed during strict mode. - Key (re)negotiation – i.e. MSG_NEWKEYS, whenever it is encountered – now resets packet sequence numbers. (This should be invisible to users during normal operation, only causing exceptions if the exploit is encountered, which will usually result in, again, MessageOrderError.) - Sequence number rollover will now raise SSHException if it occurs during initial key exchange (regardless of strict mode status). Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
snippets/ Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
fixes issue #15653 Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at> Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
uhttpd: /usr/lib/lua/prometheus-collectors/uci_dhcp_host.lua:9: bad argument #1 to 'upper' (string expected, got nil) Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
update This reverts commit b748d59e . Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
- BACKWARD COMPATIBILITY: - Replace setup.py with build - ENHANCEMENTS: - Lowered LinuxDistribution._distro_release_info method complexity - Added official support for Buildroot distribution - Added official support for Guix distribution - Added support for /etc/debian_version - Fixed a typography in CONTRIBUTING.md - Improved README.md "Usage" code block - RELEASE: - Bumped black to v22.3.0 in pre-commit.ci configuration - Enabled GitHub Dependabot to keep GitHub Actions up to date Signed-off-by: Javier Marcet <javier@marcet.info>
-
This commits adds the possibility that iperf3 can be configured via the uci. Signed-off-by: Florian Eckert <fe@dev.tdt.de> Signed-off-by: Javier Marcet <javier@marcet.info>
-
State information since last commit interval is not saved during shutdown/reboot. By default the database directory is mounted on a tmpfs filesystem, but becomes an issue when using a persistent directory. Added to init.d stop sequence and included sleep to allow dying process time to write state before filesystems are unmounted. Signed-off-by: Chad Fraleigh <chadf@triularity.org> Signed-off-by: Javier Marcet <javier@marcet.info>
-
Remove upstreamed patches: - 001-support-defining-compilation-date-in-SOURCE_DATE_EPOCH.patch -> https://github.com/vim/vim/commit/8f1dde5021d9623a951d1ccbc78cf1b1a55ccd7a - 020-macos.patch -> https://github.com/vim/vim/commit/5289783e0b07cfc3f92ee933261ca4c4acdca007 Refresh patches: - 002-remove_helptags_generation.patch Release Notes: https://www.vim.org/vim90.php Signed-off-by: Nick Hainke <vincent@systemli.org> Signed-off-by: Javier Marcet <javier@marcet.info>
-
Javier Marcet authored
This reverts commit a2f02572 . Signed-off-by: Javier Marcet <javier@marcet.info>
-