| Age | Commit message (Collapse) | Author |
|---|
|
(cherry picked from commit 4417986365472fd9055b12309ba49d88272db04c)
|
|
Fix CVE-2023-48795: (terrapin attack)
The SSH transport protocol with certain OpenSSH extensions allows remote
attackers to bypass integrity checks such that some packets are omitted (from
the extension negotiation message), and a client and server may consequently
end up with a connection for which some security features have been downgraded
or disabled, aka a Terrapin attack.
(cherry picked from commit b17befe2e4e914f3f604bcfa1843f75519d46a4d)
|
|
No need to provide them via the package repository
(cherry picked from commit adab6badd7b1a41bae55d8ae3fa58d213f5ce13d)
|
|
T6033: bump hsflowd version v2.0.55-1 extended PCAP capabilities (backport #544)
|
|
Bump the `hsflowd` version to `v2.0.55-1`
Fixed and extended PCAP capabilities for not hardware/bridge
interfaces (like GRE tunnel interface).
It fixes crashes the daemon if you use tunnel interfaces
```
hsflowd[9160]: PCAP: tun0 has no supported datalink encapsulaton
hsflowd[9160]: Received signal 11
hsflowd[9160]: SIGSEGV, faulty address is (nil)
```
The correct commit fix in https://github.com/sflow/host-sflow/commit/62346aa67240ced0fb16b6725f16d8fa40eaea60
Updated version starts the hsflowd without issues
(cherry picked from commit eb05b77bac542dca906b25f647117c7566380cf2)
|
|
(cherry picked from commit 7fe033b20c23a74028fa088844f4bb993dea83ab)
|
|
|
|
ixgbe: T6155: always enable allow_unsupported_sfp for all NICs by default (backport #538)
|
|
is undefined
This extends an else path with the logic from commit ea7d59a4b ("ixgbe: T6155:
always enable allow_unsupported_sfp for all NICs by default")
(cherry picked from commit 70ac747b2889757e35ac2a90fd77cda9d4b97ebd)
|
|
(cherry picked from commit 311963f379925d56f678f7b173ce6f74cba3d1ce)
|
|
In-tree vs. Out-Of-Tree drivers differ in the way how unsupported transceivers
are defined (uint vs array of int) for the Kernel module parameters.
This results in:
kernel: ixgbe 0000:5e:00.0: failed to initialize because an unsupported SFP+ module type was detected.
kernel: ixgbe 0000:5e:00.0: Reload the driver after installing a supported module.
kernel: ixgbe 0000:5e:00.0: removed PHC on eth6
This patch always enables unsupported SFP+ modules as wo do anyway from
the userspace but only for the first port.
(cherry picked from commit ea7d59a4bf64a854be04ccf7566e1cf95d4e09a8)
|
|
(cherry picked from commit 7552e07320b990d87e3af589e00ec9b2b2241980)
|
|
build: T1449: add default_config field support in flavor files to allow people to easily include a custom default config
|
|
T6115: Fix tagged builds from detached Git HEAD (backport #526)
|
|
(cherry picked from commit 3494ab3e0a50ed701a4b127e51b919c2ceb61bc3)
|
|
to allow people to easily include a custom default config
|
|
docker, build: T6119: use python3-tomli instead of python3-toml
|
|
radvd: T6118: add custom build support with recent source version
|
|
|
|
Jenkins: select proper source version of build pipeline library
|
|
Packages got backported from current, but we need to select the proper pipeline
version from sagitta branch.
|
|
(cherry picked from commit ed79a9fa939fdba80eb004a79989153d51eeea88)
|
|
(cherry picked from commit 016809208da4d5500734f275d544463d8122bbd1)
|
|
(cherry picked from commit 6758b13c7ea096fcc0a13fcf036dcc76b4417624)
|
|
Kernel: T5887: update Linux Kernel to v6.6.19 (backport)
|
|
|
|
T6077: T3664: cleanup flavor build system and extensions for single source URL definitions (backport #522)
|
|
Use single source for project related URLs that will later be consumed by the
MOTD template used.
(cherry picked from commit 7b89f74c316c278ff6af73e75f357139d56243da)
|
|
(cherry picked from commit 195c13022de0b022e054347f0170fb536f4e9b9b)
|
|
Commit 3979b25dcf ("T3664: initial implementation of the build flavor system")
removed the call to make-version-file, thus we can also drop the file itself.
(cherry picked from commit 8a49912cee67c916533fc8fceed76c94941cb2e5)
|
|
(cherry picked from commit d93cb288d7d6bb16afad0df727f012837123a47e)
|
|
(cherry picked from commit 14dd3e74209b0bdb9b25b41efc163fe52991e943)
|
|
Revert "iproute2: T6078: upgrade package to 6.6 to match Kernel" (backport #519)
|
|
This reverts commit 60d16e494958bfe4a43048ee3a7f63fd57600875.
We already use iproute2 6.7 from Debian Bookworm Backports
(cherry picked from commit c56d76986f9efa05c4348401e7cdd05073aed2e7)
|
|
frr: T5788: update libyang to v2.1.148 (backport #517)
|
|
(cherry picked from commit fb31cf3412437f417870c28e9aaba66dc9144aff)
|
|
T6078: package upgrade to v6.6 to match kernel for ethtool and iproute2 (backport #514)
|
|
banner: T6077: implement ASCII contest winner default logo (backport #513)
|
|
(cherry picked from commit 4110c7359da62dacaa858def465e1aa2661c9bb9)
|
|
(cherry picked from commit 60d16e494958bfe4a43048ee3a7f63fd57600875)
|
|
(cherry picked from commit 1ba64f600c3578f7d63d1fc242f2088bf86e3605)
|
|
docker: T4440: add OCI container labels (backport #506)
|
|
Original implementation by jtcarnes
(cherry picked from commit bca80434106d96bb00c9808db7baea74d746b4d9)
|
|
T6065: Remove duplicated lines from build-vyos-image script causing script to fail
|
|
|
|
T6064: add build error if branch information from Git repository is missing (backport #509)
|
|
This was discussed in slack, where a user was missing the Git commit ID in his
custom build
Reason is/was:
git clone --single-branch -b 1.4.0-epa1 https://github.com/vyos/vyos-build
Checks out the 1.4.0-epa1 tag as HEAD and does not clone any branch information.
This results in:
>>> import git
>>> repo = git.Repo('.')
>>> repo.head.object.hexsha[:14]
'bcac2eb1f9b49c'
>>> git_branch = repo.active_branch.name
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3/dist-packages/git/repo/base.py", line 881, in active_branch
return self.head.reference
^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/git/refs/symbolic.py", line 311, in _get_reference
raise TypeError("%s is a detached symbolic reference as it points to %r" % (self, sha))
TypeError: HEAD is a detached symbolic reference as it points to 'bcac2eb1f9b49cc15ebda65838e5465543dbb9c6'
during the build. The exception handler resets the branch and commit name to an empty string: https://github.com/vyos/vyos-build/blob/a3e60a00b400a1bad8609d5ce1abb0bb7abed7bc/scripts/build-vyos-image#L281-L296
This now adds a proper error message during build so it fails early.
(07:46) vyos_bld 08278c5a1172:/vyos/vyos-build # isobuild -test
Building custom VyOS version: 1.5-test-202402250746
I: Checking if packages required for VyOS image build are installed
build/config
Could not retrieve information from git: HEAD is a detached symbolic reference as it points to '39612f541e55bea19868f50f16d7a6c6e0034ed2'
(cherry picked from commit 7c27657c79046dac8ae509a4eacb1a3a152e2d23)
|
|
build: T3664: fix the includes_chroot path for Sagitta
|
|
|
|
(cherry picked from commit 63369b1ac4b53706a11f0aae72b5d40d4e8030bf)
|
