Josef Schlehofer [Tue, 5 Mar 2024 19:24:19 +0000 (20:24 +0100)]
syslog-ng: update to version 4.6.0
1. Bump version config to 4.6
2. Updated to 4.6.0 version
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.6.0
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.5.0
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
cf4df28d06e3ffa9ce0971fb29f9212cb97cfbee)
Sergey Ponomarev [Sun, 26 Nov 2023 08:50:56 +0000 (10:50 +0200)]
syslog-ng: conf: fix deprecated stats_freq
The deprecated stats_freq() replaced with stats(freq(0)).
Also make comments shorter.
Fix tabs.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
(cherry picked from commit
37d2d69595e2e454c2562c3d963dc8065a24db70)
Tianling Shen [Tue, 5 Mar 2024 05:28:00 +0000 (13:28 +0800)]
v2ray-core: Update to 5.14.1
Including security fixes, see release note:
https://github.com/v2fly/v2ray-core/releases/tag/v5.14.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
9834d79ea17a2fed3d7e84d225de03b512310a88)
krant [Fri, 23 Feb 2024 20:19:37 +0000 (22:19 +0200)]
c-ares: update to 1.27.0
- Update package URL
- Don't set default CMake options
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
0858accfda87e09df019c2e8ba4ab51f6323f17e)
Dengfeng Liu [Wed, 28 Feb 2024 05:05:26 +0000 (13:05 +0800)]
apfree-wifidog: update to 7.02.1977
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
Dengfeng Liu [Wed, 28 Feb 2024 04:43:29 +0000 (12:43 +0800)]
apfree-wifidog: fix some bugs in the wifidogx.init file
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
Stan Grishin [Mon, 4 Mar 2024 20:59:51 +0000 (13:59 -0700)]
Merge pull request #23573 from stangri/openwrt-23.05-https-dns-proxy
[23.05] https-dns-proxy: update to upstream 2023-11-19
Dirk Brenken [Mon, 4 Mar 2024 20:26:44 +0000 (21:26 +0100)]
banip: update 0.9.4-3
* fix another logical glitch in the logfile monitor
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
4356180197a7a32236a05b332eebf6cf1329cb25)
Ray Wang [Sun, 3 Mar 2024 10:23:39 +0000 (18:23 +0800)]
natmap: update to
20240303
Signed-off-by: Ray Wang <r@hev.cc>
(cherry picked from commit
7bbd9156cc478ab133d142f05f243eb3061d0c8d)
Tianling Shen [Sat, 2 Mar 2024 15:33:03 +0000 (23:33 +0800)]
v2raya: Update to 2.2.5.1
Hot fix for a frontend failure bug.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
ab2f10233ed984b0c8935005a0d26efa57c7a4d1)
Tianling Shen [Sat, 2 Mar 2024 11:50:51 +0000 (19:50 +0800)]
dnsproxy: Update to 0.65.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
b5290ace07891fe744863a0858290bc627bbff01)
Tianling Shen [Mon, 26 Feb 2024 08:25:18 +0000 (16:25 +0800)]
golang: Update to 1.21.7
go1.21.6 (released 2024-01-09) includes fixes to the compiler,
the runtime, and the crypto/tls, maps, and runtime/pprof packages.
go1.21.7 (released 2024-02-06) includes fixes to the compiler,
the go command, the runtime, and the crypto/x509 package.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
34867e83ca666094114d1f53c2831d2da221c428)
Tianling Shen [Sat, 2 Mar 2024 09:56:04 +0000 (17:56 +0800)]
v2raya: Update to 2.2.5
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
381d1af34796bbc2254581360243e56ea3766e19)
Dirk Brenken [Sat, 2 Mar 2024 20:25:47 +0000 (21:25 +0100)]
banip: update 0.9.4-2
* fix a long standing problem in the logfile-parser with dropbear and compressed IPv6 addresses
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
7b06b1d312ed3a43d2d030b55b6932a55365b5bd)
Dirk Brenken [Sat, 2 Mar 2024 08:28:39 +0000 (09:28 +0100)]
banip: release 0.9.4-1
* add support for destination port & protocol limitations for external feeds (see readme for details),
useful for lan-forward ad- or DoH-blocking, e.g. only tcp ports 80 and 443
* add turris sentinel blocklist feed
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
730ad59cb960bd10c1a3a7597cafaabf080dcf7a)
Tianling Shen [Tue, 27 Feb 2024 16:39:15 +0000 (00:39 +0800)]
rclone: add fuse3-utils as dependency
rclone has switched to use fuse3 since v1.62.0.
Reported-by: qiuzi <gxfclql@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
df9d076d600a3d02da198af4a625980ed0633d2a)
Tianling Shen [Mon, 26 Feb 2024 08:22:26 +0000 (16:22 +0800)]
yq: Update to 4.42.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
fa54dbc72a8aa25830b1c2e341876182ea19b455)
Tianling Shen [Mon, 26 Feb 2024 08:18:56 +0000 (16:18 +0800)]
v2fly-geodata: Update to latest version
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
120fc57d553ef76ce144fccec1426b7ce1bc4c73)
Tianling Shen [Mon, 26 Feb 2024 08:21:09 +0000 (16:21 +0800)]
cloudflared: Update to 2024.2.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
18aef55126916334e35fe24d3a9268fac6cb9e76)
Tianling Shen [Tue, 20 Feb 2024 07:48:04 +0000 (15:48 +0800)]
btop: Update to 1.3.2
Synced LDFLAGS from upstream Makefile.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
187b52c95afc826213ba3e204e43ed009d8e8908)
Tianling Shen [Tue, 20 Feb 2024 07:47:42 +0000 (15:47 +0800)]
v2raya: Update to 2.2.4.7
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
870d09c5dd577a05cd850228b4a2e4aaa3f4362c)
Tianling Shen [Tue, 20 Feb 2024 07:47:34 +0000 (15:47 +0800)]
yq: Update to 4.41.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
69d963df9e7fc580d7efa11ccaf372b2b2dc8986)
Tianling Shen [Wed, 14 Feb 2024 04:51:13 +0000 (12:51 +0800)]
yq: Update to 4.40.7
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
aec476691327417dd1b5576fad1600ae53b03697)
Tianling Shen [Wed, 14 Feb 2024 04:51:05 +0000 (12:51 +0800)]
cloudflared: Update to 2024.2.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
87bd747652ad03a07ea550db79797563e132da00)
Tianling Shen [Wed, 14 Feb 2024 04:50:54 +0000 (12:50 +0800)]
v2ray-geodata: Update to latest version
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
21a8b968d16cb1655eb8bed516a334be198a0c7c)
Stan Grishin [Sat, 2 Mar 2024 00:13:49 +0000 (00:13 +0000)]
https-dns-proxy: update to upstream 2023-11-19
* update to upstream 2023-11-19
(changes: https://github.com/aarond10/https_dns_proxy/commit/
489c57efd46983e688579974a2ab7aeaa7df8d83)
* bugfix: include resolveip dependency in Makefile
(fixes https://github.com/openwrt/packages/issues/23567)
* minor update for failed healthcheck logging
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
bd501dd89c65857c060ca1ac034bc2fe7846b4e7)
Edmunt Pienkowsky [Sat, 17 Feb 2024 08:57:08 +0000 (09:57 +0100)]
rtl-sdr: update to v2.0.1
Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
(cherry picked from commit
c623291b383495a71dcddbbb866d5aa6c9ccb1a4)
Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
Edmunt Pienkowsky [Sat, 17 Feb 2024 09:03:02 +0000 (10:03 +0100)]
rtl_433: update to 23.11
Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
(cherry picked from commit
0bb9240f6be9b695d1eebf9f0d96092957efe85c)
Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>
Dirk Brenken [Thu, 29 Feb 2024 20:00:21 +0000 (21:00 +0100)]
travelmate: update 2.1.2-5
* final vpn tweaks
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
bec5f35dea7ac5b4b4b7d75a931be470a19d4f22)
Dirk Brenken [Wed, 28 Feb 2024 20:11:48 +0000 (21:11 +0100)]
adblock: update 4.1.5-9
* minimal fix with reporting interface 'any'
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
0af6e8d15898f62c0c5080877af4fd8557bb4731)
John Audia [Thu, 25 May 2023 12:50:53 +0000 (08:50 -0400)]
ragel: new package to build vectorscan
This is a new package for ragel which is a dependency for another
new package vectorscan
Co-authored-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
fa76c4df5c857ee564bf2f2eaeedfea5b497b1e7)
John Audia [Sun, 25 Feb 2024 00:06:45 +0000 (19:06 -0500)]
snort3: build against gperftools-runtime
Should provide increases in snort3 performance thanks to thread-
caching malloc provided by gperftools. Avg CPU usage is down.
Another user reported higher throughput achieved with snort3
compiled with this on samba transfers on system with CPU-limited
snort3 performance.[1]
1. https://forum.openwrt.org/t/some-help-with-a-makefile-gperftools/165656/22
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
4295bd7f45943b92e6e12ba91aac5f701b2da5a3)
John Audia [Tue, 20 Feb 2024 20:36:26 +0000 (15:36 -0500)]
snort3: update to 3.1.81.0
Changelog: https://github.com/snort3/snort3/releases/tag/3.1.81.0
,,_ -*> Snort++ <*-
o" )~ Version 3.1.81.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.14
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.13 30 Jan 2024
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.3.1
Using Hyperscan version 5.4.2 2024-02-16
Using LZMA version 5.4.6
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
a7b5bfbfb75c07f05072e52224d3259648165916)
John Audia [Thu, 13 Jul 2023 14:20:48 +0000 (10:20 -0400)]
gperftools: add new package
Thread-caching malloc provided by this package improves snort3
performance. I have been running with this for over seven months
without issues. Avg CPU usage is down. Another user reported
higher throughput achieved with snort3 compiled with this on
samba transfers on system with CPU-limited snort performance.[1]
1. https://forum.openwrt.org/t/some-help-with-a-makefile-gperftools/165656/22
Build system: x86/64
Build-tested: x86/64
Run-tested: x86/64
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
c1b4e80825d6855d66899dc32490b0ce9537aff5)
John Audia [Sat, 1 Jul 2023 09:41:41 +0000 (05:41 -0400)]
hyperscan: new package for speeding up regex ops
Hyperscan is a high performance regular expression matching
library from Intel that runs on x86 platforms and offers
support for Perl Compatible Regular Expressions (PCRE) syntax,
simultaneous matching of groups of regular expressions, and
streaming operations.
This has utility in speeding up snort3.
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
1db5c5461778223c661ae9206f3c5d6929081b84)
Gerard Ryan [Sun, 31 Dec 2023 06:15:27 +0000 (16:15 +1000)]
dockerd: Update to 25.0.3
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Gerard Ryan [Sun, 31 Dec 2023 06:15:04 +0000 (16:15 +1000)]
docker: Update to 25.0.3
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Gerard Ryan [Sun, 31 Dec 2023 06:13:12 +0000 (16:13 +1000)]
containerd: Update to 1.7.13
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Gerard Ryan [Sun, 31 Dec 2023 06:12:55 +0000 (16:12 +1000)]
runc: Update to 1.1.12
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Zephyr Lykos [Thu, 25 Jan 2024 18:21:33 +0000 (02:21 +0800)]
tailscale: Update to 1.58.2
https://github.com/tailscale/tailscale/releases/tag/v1.58.2
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
(cherry picked from commit
a37a6e17035f67c8f6c3e4325d0bae116e0fcf2a)
Zephyr Lykos [Fri, 19 Jan 2024 10:13:05 +0000 (18:13 +0800)]
tailscale: Update to 1.58.0
https://github.com/tailscale/tailscale/releases/tag/v1.58.0
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
(cherry picked from commit
0b0a13ed3338e7111f28c14c296a00a4f6b9123c)
Dirk Brenken [Sat, 24 Feb 2024 21:39:10 +0000 (22:39 +0100)]
travelmate: update 2.1.2-4
* more re-connections tweaks
* made travelmate generated emails responsive
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
bd8829b341b8e86147280ba5aa2c4523f3adc2af)
Michael Heimpold [Sat, 24 Feb 2024 09:53:07 +0000 (10:53 +0100)]
Merge pull request #23485 from mhei/23.05-php8-update-to-8.2.16
[23.05] php8: update to 8.2.16
Dirk Brenken [Sat, 24 Feb 2024 05:58:40 +0000 (06:58 +0100)]
travelmate: update 2.1.2-3
* various vpn optimizations
* remove obsololete trm_maxscan option
* small fixes for net status and captive portal handling
* add an additional login variant to the h-hotels login script
* fix the wifibahn login script work again with wifionice hotspots again
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
6e4ea63b7e701298807babecfc8d319327d6a4ad)
krant [Thu, 22 Feb 2024 20:54:29 +0000 (22:54 +0200)]
git: update to 2.43.2
- Refresh a patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
f9e16375f6ab491be91b506e6c9a7828ee9f7adf)
krant [Tue, 6 Feb 2024 08:10:04 +0000 (10:10 +0200)]
git: update to 2.43.0
- Refresh patches
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
158b76119385cc5d4bacdde9b903da8cabd44706)
Glenn Strauss [Thu, 22 Feb 2024 18:03:24 +0000 (13:03 -0500)]
lighttpd: update to lighttpd 1.4.74 release hash
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
4d8bb07b734391d11318cb319548a17273820685)
Yousong Zhou [Wed, 21 Feb 2024 08:41:19 +0000 (08:41 +0000)]
ovn: bump to 22.03.5
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
4d1c7a144ab06dfdad6b11a90a364e7f88a976c3)
Yousong Zhou [Mon, 5 Feb 2024 03:14:38 +0000 (03:14 +0000)]
openvswitch: bump to 2.17.9
Refresh and backport patches so that
- ./python path in the source code takes precedence over the same dir in hostpkg
- OVN LTS version 22.03.5 which depends on Open vSwitch 3.0 can compile
with Open vSwitch 2.17
Fixes: https://github.com/openwrt/packages/issues/22744
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
7ccbb9a66cfadba035e2ad95a7931877e5faf504)
krant [Fri, 9 Feb 2024 20:44:43 +0000 (22:44 +0200)]
squid: fix configure options
- Remove non-existing 'dlmalloc' option
- Use 'with-cap' instead of 'with-libcap'
- Use 'with-xml2' instead of 'with-libxml2'
- Patch configure.ac to properly handle 'with-nettle'
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
f58be51721fb0e2c5aa0747bce36a19deb7392dd)
S. Brusch [Wed, 14 Feb 2024 12:37:59 +0000 (13:37 +0100)]
unbound: update to latest upstream release version 1.19.1
Maintainer: @EricLuehrsen
Fixes: CVE-2023-50387, CVE-2023-50868
Release notes: https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
Run tested: BPi-R3, mediatek/filogic, OpenWrt 23.05.2 with updated packages from snapshot
Signed-off-by: S. Brusch <ne20002@gmx.ch>
(cherry picked from commit
35ba14e50c6c90b3cc32538573d02a3b4f5b9184)
Hirokazu MORIKAWA [Fri, 16 Feb 2024 09:33:14 +0000 (18:33 +0900)]
libuv: fix CVE-2024-24806
Update to 1.48.0
CVE-2024-24806 : Improper Domain Lookup that potentially leads to SSRF attacks
Vulnerabilities fixed
* CVE-2024-24806 / GHSA-f74f-cvh7-c6q6
0f2d7e7,
3530bcc and
e0327e1
Notable Changes
* linux: disable io_uring on ppc64 and ppc64le #4285
* linux: disable io_uring on hppa below kernel 6.1.51 #4224
* win/spawn: optionally run executable paths with no file extension #4292 (We recommend that most users consider setting this by default)
Important Bugs Fixed
* unix,win: fix busy loop with zero timeout timers #4250, #4304.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
02a982bc10e8278905d0b76ac073b82192576433)
Christian Lachner [Fri, 16 Feb 2024 07:43:35 +0000 (08:43 +0100)]
haproxy: update to v2.8.6
- Update haproxy PKG_VERSION and PKG_HASH
- See changes: http://git.haproxy.org/?p=haproxy-2.8.git;a=shortlog
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Nikos Mavrogiannopoulos [Sun, 10 Sep 2023 13:49:13 +0000 (15:49 +0200)]
ocserv: updated config
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Nikos Mavrogiannopoulos [Sun, 10 Sep 2023 13:48:12 +0000 (15:48 +0200)]
ocserv: use better separator for sed
This prevents clashes with network addresses that
contain '/'.
Resolves: #18589
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Nikos Mavrogiannopoulos [Sat, 10 Feb 2024 13:30:12 +0000 (14:30 +0100)]
openconnect: make host dependency more resilient
Retry when resolveip fails as it seems to be causing issues
on startup depending on various unpredictable parameters.
Resolves: #23185
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Rosen Penev [Mon, 25 Dec 2023 06:01:33 +0000 (22:01 -0800)]
openconnect: update to 9.12
Remove upstream backport and fix libxml 1.12 compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Vladislav Grigoryev [Sat, 14 Oct 2023 09:25:34 +0000 (12:25 +0300)]
openconnect: add support for option --pfs
Add support for the OpenConnect option `--pfs`.
Designed to require perfect forward secrecy.
Signed-off-by: Vladislav Grigoryev <vg.aetera@gmail.com>
Michael Heimpold [Mon, 19 Feb 2024 07:10:19 +0000 (08:10 +0100)]
php8: update to 8.2.16
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
John Audia [Fri, 28 Jul 2023 21:52:17 +0000 (17:52 -0400)]
lxc: update to 5.0.3
Bump to latest upstream release.
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
1b5ee689f3f8fa68580206274b5b67c06db3ec91)
Florian Eckert [Tue, 17 Oct 2023 12:14:58 +0000 (14:14 +0200)]
zabbix: update to version 6.4.7
Switch to current stable version 6.4.7.
See release notes:
https://www.zabbix.com/rn/rn6.4.7
So that the new version builds cleanly. The 'libevent2-pthreads' must be
added as dependency.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
4f9ced5cf9d411dc54a815beb365b539c561bbfb)
Alexander Egorenkov [Sun, 31 Dec 2023 10:57:42 +0000 (11:57 +0100)]
yt-dlp: bump to version 2023.12.30
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
(cherry picked from commit
5d3424f992b09602f2abd4e71cb163a3af8f3e7c)
Alexander Egorenkov [Sun, 29 Oct 2023 12:42:34 +0000 (13:42 +0100)]
yt-dlp: bump to version 2023.11.16
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
(cherry picked from commit
707e87884d67650c26fda2c30c790d5832e319d7)
Rani Hod [Wed, 19 Jul 2023 15:20:09 +0000 (18:20 +0300)]
yt-dlp: add missing dependencies
Added missing python3-{logging,uuid} dependencies.
Signed-off-by: Rani Hod <rani.hod@gmail.com>
(cherry picked from commit
40a680ffd7d155798123a9eadcc3411f7a201259)
Hirokazu MORIKAWA [Fri, 16 Feb 2024 07:06:52 +0000 (16:06 +0900)]
node: February 14 2024 Security Releases
Update to v18.19.1
This is a security release.
Notable changes
* CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
* CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
* CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
* CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
* undici version 5.28.3
* npm version 10.2.4
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Stan Grishin [Fri, 16 Feb 2024 23:12:44 +0000 (16:12 -0700)]
Merge pull request #23407 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: add force_dns_interface setting
Noah Meyerhans [Thu, 15 Feb 2024 17:36:41 +0000 (09:36 -0800)]
bind: bump to 9.18.24
Fixes CVEs:
- CVE-2023-50387: Validating DNS messages containing a lot of DNSSEC signatures
could cause excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof could cause
excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-4408: Parsing DNS messages with many different names could cause
excessive CPU load.
- CVE-2023-5517: Specific queries could cause named to crash with an assertion
failure when nxdomain-redirect was enabled.
- CVE-2023-5679: A bad interaction between DNS64 and serve-stale could cause
named to crash with an assertion failure, when both of these features were
enabled.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
d277e41e78972130f75dc816ebcbd7931f582519)
Noah Meyerhans [Wed, 27 Sep 2023 17:42:59 +0000 (10:42 -0700)]
bind: bump to 9.18.19
Fixes CVEs:
CVE-2023-3341 - Previously, sending a specially crafted message over the
control channel could cause the packet-parsing code to run out of available
stack memory, causing named to terminate unexpectedly.
CVE-2023-4236 - A flaw in the networking code handling DNS-over-TLS queries
could cause named to terminate unexpectedly due to an assertion failure under
significant DNS-over-TLS query load.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
835b1051511b592d69bc0b8a7d5d993337f890da)
Josef Schlehofer [Tue, 19 Sep 2023 23:01:48 +0000 (01:01 +0200)]
bind: update to version 9.18.18
Release notes:
https://downloads.isc.org/isc/bind9/9.18.18/doc/arm/html/notes.html#notes-for-bind-9-18-18
https://downloads.isc.org/isc/bind9/9.18.17/doc/arm/html/notes.html#notes-for-bind-9-18-17
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
6a8d3565f0a99fe22cac6db9a8bbf553b7dff5a5)
Noah Meyerhans [Mon, 26 Jun 2023 03:02:35 +0000 (20:02 -0700)]
bind: bump to 9.18.16
Fixes CVEs:
- CVE-2023-2828: The overmem cleaning process has been improved, to
prevent the cache from significantly exceeding the configured
max-cache-size limit.
- CVE-2023-2911: A query that prioritizes stale data over lookup
triggers a fetch to refresh the stale data in cache. If the fetch is
aborted for exceeding the recursion quota, it was possible for named
to enter an infinite callback loop and crash due to stack overflow.
The complete list of changes is available in the upstream release
notes at
https://ftp.isc.org/isc/bind9/cur/9.18/doc/arm/html/notes.html#notes-for-bind-9-18-16
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
9ac79ad46966908d2ceb64c0e0d8a0bff435767a)
Peter van Dijk [Tue, 13 Feb 2024 14:00:20 +0000 (15:00 +0100)]
pdns-recursor: update to 4.8.6 (fixes CVE-2023-50387, CVE-2023-50868)
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Tianling Shen [Fri, 16 Feb 2024 06:02:12 +0000 (14:02 +0800)]
Merge pull request #23415 from systemcrash/p910nd_picks
P910nd v23.05 picks
krant [Thu, 8 Feb 2024 13:01:10 +0000 (15:01 +0200)]
squid: update to 6.7
- Switch URL to HTTPS
- Remove default/obsolete configure options
- Fix and refresh the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
4007a08529a86b600b4ce6476cf6367de577a645)
Paul Donald [Wed, 14 Feb 2024 22:58:07 +0000 (23:58 +0100)]
p910nd: bump release
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
9dad4285d3c2de30cf27baa2b299246bda514577)
Paul Donald [Sun, 11 Feb 2024 17:41:23 +0000 (18:41 +0100)]
p910nd: hotplug shellcheck fixes
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
58e7bfc41f02118e5d8b6f5b08a021d9bc351e00)
Paul Donald [Sun, 11 Feb 2024 18:28:38 +0000 (19:28 +0100)]
p910nd: init: check device (/dev/usb/lpX) existence
this prevents the daemon exiting when a configured device
is not plugged in.
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
dabeaa76439260a6a41942365b2526c69dc728aa)
Paul Donald [Sat, 10 Feb 2024 21:02:58 +0000 (22:02 +0100)]
p910nd: init: partial fix for openwrt/packages#10496
Harmless to carry this fix until procd.sh adds the param
This parameter will mean umdns advertises not just "OpenWrt" but a more
appropriate string:
"Apple LaserWriter Pro 630"
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
ac501c908d1a6a607f89373d4667a6949b88ca55)
Paul Donald [Sun, 11 Feb 2024 03:13:53 +0000 (04:13 +0100)]
p910nd: hotplug+init: include extra ieee1284 properties
Apple and macOS GUI co-opts the mDNS note= param as "Location"
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
4591a79fa29f5c46b7061860ac1f51adc848697f)
Paul Donald [Sun, 11 Feb 2024 18:02:57 +0000 (19:02 +0100)]
p910nd: hotplug: minor bug fixes
Commit driver_home defaults before continuing
Fix missing path for serial number acquisition
Store current device if no previously configured device had one.
Also set CHAR_DEV so the printer can get its driver sent on first run.
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
5bc581e6986c84e81d4827b244bbf0deacad6e00)
Paul Donald [Sun, 11 Feb 2024 17:43:43 +0000 (18:43 +0100)]
p910nd: hotplug: small refactor
replace -a with &&
shorten uci commands via variables
add optional ieee1284_id parameters
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
6e886cd4340470a21d6f8cc7928d18d4a48214df)
Paul Donald [Sun, 11 Feb 2024 17:33:03 +0000 (18:33 +0100)]
p910nd: init: add txtvers=1 to mDNS properties
The spec https://developer.apple.com/bonjour/printing-specification/bonjourprinting-1.2.1.pdf
notes:
... if the meaning of any of the TXT record keys is changed, the txtvers value
will be incremented. The current value of this key is “1”, and if this key does not exist in
the TXT record, the default value of “1” is assumed. The txtvers SHOULD be the first
key/value pair in the TXT record.
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
069cc8dc810f10e04abc239727b582e34053d6f1)
Paul Donald [Sun, 11 Feb 2024 02:30:56 +0000 (03:30 +0100)]
p910nd: init: line-break and conditionalize mDNS properties
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
ffa1bbbe7844aca3ae465cc7f1ba018cc4590579)
Paul Donald [Sat, 10 Feb 2024 17:37:00 +0000 (18:37 +0100)]
p910nd: init: only run mDNS changes if mdns is set to on
i.e. don't do the extra work unless mdns setting is enabled
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
b8890c69e40dbd72f35e4ea9fc78aa13a425fd46)
Paul Donald [Sat, 10 Feb 2024 17:35:35 +0000 (18:35 +0100)]
p910nd: init script
Don't run procd with a name of p9100d or p9101d etc.
Use the original binary name: p910nd.
This way, all supplied parameters should be visible via e.g.:
ps
xargs -0 < /proc/{procid}/cmdline
Revise all p910nd strings to the variable DAEMON_NAME or CONFIG where
appropriate.
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
34a35c93cedb259ab67d826d05c700a0457ab136)
Paul Donald [Tue, 16 Jan 2024 01:47:32 +0000 (02:47 +0100)]
p910nd: hotplug script
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
825b22a4db952c891b07341e0176bc6d64f2d72a)
Stan Grishin [Wed, 14 Feb 2024 04:40:42 +0000 (04:40 +0000)]
adblock-fast: add force_dns_interface setting
* allow users to specify list of interfaces/networks to force the
DNS Hijacking on
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
eafdd63d675a84c3a80a86f7af8c1fd4fb823caa)
Daniel Golle [Tue, 13 Feb 2024 03:58:51 +0000 (03:58 +0000)]
stlink: add packages
stlink is an open source toolset to program and debug STM32 devices
and boards manufactured by STMicroelectronics.
Resulting binary packages:
* stlink - library and shared chip info data
* st-info - a programmer and chip information tool
* st-flash - a flash manipulation tool
* st-trace - a logging tool to record information on execution
* st-util - a GDB server
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
e609f6acdf3e4619d691d5325efb9cc8a9a1b9fa)
S. Brusch [Fri, 2 Feb 2024 12:28:37 +0000 (13:28 +0100)]
crowdsec: new upstream release version 1.6.0
Update crowdsec to latest upstream release version 1.6.0
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Package tested: not able to test run due to limited space (package is big)
Description: update to latest version of upstream
(cherry picked from commit
c08dac5ec52441d1aefc0bf8ef251fb1fae5ff8e)
Sibren Vasse [Wed, 20 Dec 2023 16:01:50 +0000 (17:01 +0100)]
openssh: fix build failure on powerpc_8548
https://github.com/openssh/openssh-portable/commit/
1036d77b34a5fa15e56f516b81b9928006848cbd
Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
(cherry picked from commit
a79c49578ca136556bd10d8990aa52ef4eb0664b)
Rucke Teg [Wed, 3 Jan 2024 22:11:05 +0000 (23:11 +0100)]
openssh: bump to 9.6p1
Release notes: https://www.openssh.com/txt/release-9.6
Signed-off-by: Rucke Teg <rucketeg@protonmail.com>
(cherry picked from commit
e8dfc6abbee88f35887c66ec785b081252d6d07d)
Thomas Kupper [Sat, 6 Jan 2024 10:49:36 +0000 (10:49 +0000)]
tailscale: create combined tailscale/tailscaled
Modify Makefile to combine tailscale and tailscaled according to
Tailscale documentatio (https://tailscale.com/kb/1207/small-tailscale)
This resulted for x86_64 in an exec of 31MB + the symlink. Before it
was 29MB (tailscaled) and 10MB (tailscale).
Signed-off-by: Thomas Kupper <thomas.kupper@gmail.com>
(cherry picked from commit
7bef195bbabcec88a2b9055846880fd93c2a8a7a)
Jan Hák [Mon, 29 Jan 2024 10:00:48 +0000 (11:00 +0100)]
knot: update to version 3.3.4
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
66c1065b453b46a709f5143459d8a4cee777f9a0)
Jan Hák [Wed, 13 Dec 2023 10:01:41 +0000 (11:01 +0100)]
knot: update to version 3.3.3
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
a693dd5821b11c442bff817cbc4a8193d0367839)
Carsten Schuette [Wed, 6 Sep 2023 12:42:12 +0000 (14:42 +0200)]
dawn: Add PKG_BUILD_FLAGS:=no-lto because lto causes strange SegFaults
Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
(cherry picked from commit
d9acb54dc49b63ea3b473d72543c76c02e93eb2d)
Carsten Schuette [Wed, 6 Sep 2023 07:09:02 +0000 (09:09 +0200)]
dawn: Update to 2023-05-14
Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
(cherry picked from commit
6c5c99d206e62b44de1bbe60b66deba459396508)
Nick Hainke [Tue, 2 Jan 2024 17:37:43 +0000 (18:37 +0100)]
snowflake: update to 2.8.1
Changelog:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/blob/v2.8.1/ChangeLog
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
4173327904acc61a0c2597dd881bc1fa51ad8894)
Rosen Penev [Sun, 4 Feb 2024 23:50:11 +0000 (15:50 -0800)]
mosquitto: reenable options wrongly turned off
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
69dc285ac9259241b65cc7d0c690236dbeaf743e)
Quintin Hill [Fri, 26 Jan 2024 21:52:23 +0000 (21:52 +0000)]
python-ble2mqtt: update to 0.2.2
b3b0cc8 version 0.2.2
85515cd roidmi: initial support for NEX2 Pro
62addc2 isort imports
8695649 README: update other govee to govee_ht
33f6ade ruuvitag: remove device class for counter
2099607 Rename key govee->govee_ht
12acacd codestyle updates
dbba43d ruuvitag: drop redundant import
84878e0 base: add and use HumidityTemperatureSensor
e9f0046 xiaomi_lywsd03_atc: make send_custom a class variable
2f4809a base: use lowercase for instance variable
5b1af17 govee: add manufacturer
7891691 ruuvitag: add manufacturer
cfd799b ruuvitag: remove inheritance from SubscribeAndSetDataMixin
7be28a1 codestyle updates
bffcf5e Add Govee H5074 temperature/humidity sensor support (#77)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
(cherry picked from commit
268ed6d3476f3f3170d71f7ceb91b8c6f2611ea2)
Quintin Hill [Fri, 26 Jan 2024 21:51:10 +0000 (21:51 +0000)]
python-dbus-fast: upgrade to 2.21.1
fix: avoid expensive runtime inspection of known callables (https://github.com/Bluetooth-Devices/dbus-fast/pull/277)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
(cherry picked from commit
8db974d8ebcc19882dd5af6d00248ee820bb5483)
Olivier Poitrey [Sun, 4 Feb 2024 23:50:58 +0000 (23:50 +0000)]
nextdns: Update to version 1.42.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>