Peter van Dijk [Wed, 11 Oct 2023 10:38:05 +0000 (12:38 +0200)]
dnsdist: update to 1.8.2
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit
b19f8a822b948c75bb40dfec03ab0a9344e25963)
Peter van Dijk [Fri, 8 Sep 2023 11:16:21 +0000 (13:16 +0200)]
dnsdist: update to 1.8.1
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit
e25bb510de90671f4c8c9df42b850cc7c34d31be)
Remi Gacogne [Mon, 19 Jun 2023 07:48:08 +0000 (09:48 +0200)]
dnsdist: Move the configuration to Config.in
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
2b19da613f135181ed620128afa46bf74d212d4f)
Remi Gacogne [Tue, 13 Jun 2023 15:48:27 +0000 (17:48 +0200)]
dnsdist: Split in two packages `dnsdist` and `dnsdist-full`
`dnsdist-full` has all optional features enabled, but is a big package
in term of both flash and memory footprint.
`dnsdist` only keeps the features that make the most sense
on embeded devices, but can also be customised to match the
user's needs, up to the point where it matches `dnsdist-full`.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
ca01c1bf59140e7bee13a4da8c91c759f9eec069)
Peter van Dijk [Wed, 11 Oct 2023 09:09:16 +0000 (11:09 +0200)]
h2o: ABI-breaking patch for CVE-2023-44487
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
bump soname
refreh
(cherry picked from commit
5b9239a95b8cbbeec61e8508538d4aa0da5f469f)
Remi Gacogne [Wed, 14 Jun 2023 13:18:29 +0000 (15:18 +0200)]
h2o: Build libh2o-evloop without yaml support
The only package using this library, dnsdist, does not require it
so let's save space and PSS memory.
Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit
23a9cd519ca6f5a0e0a23518d4cb1470720f3438)
Hirokazu MORIKAWA [Sat, 14 Oct 2023 03:31:16 +0000 (12:31 +0900)]
nghttp2: fix CVE-2023-44487
update to v1.57.0
CVE-2023-44487 : HTTP/2 Rapid Reset
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
afecaa71c22503affa53246d029b4e0eb4677d2b)
Glenn Strauss [Sat, 7 Oct 2023 06:24:55 +0000 (02:24 -0400)]
lighttpd: update to lighttpd 1.4.72 release hash
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
3e9b2d85f04c770a5f3e8bdc3065467ef976dea4)
Oskari Rauta [Wed, 4 Oct 2023 21:46:57 +0000 (23:46 +0200)]
zsh: use autoreconf PKG_FIXUP to configure
In preparation to PCRE2 fixup, use autoreconf PKG_FIXUP as a better
configure system instead of configure script. This is needed to reduce
upcoming patch to migrate to PCRE2 library.
To correctly use autoreconf it's needed to declare empty
PKG_REMOVE_FILES.
zsh include custom macro in the default aclocal.m4
When autoreconf PKG_FIXUP is used, if PKG_REMOVE_FILES is not defined,
it's set to remove the file aclocal.m4 by default resulting in problem
with the custom macro AC_PROG_LN.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
[ split to 2 commit, add PKG_REMOVE_FILES, reword commit description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
a7f837c98b0ab3fde1b19283e13a21fdaf1b1ee2)
Christian Marangi [Tue, 10 Oct 2023 10:29:49 +0000 (12:29 +0200)]
zsh: backport PCRE2 patches and move to it
Backport PCRE2 patches from upstream and move package to PCRE2 library
as PCRE is EOL and won't receive any security update anymore.
Patch are backported with minimal change, only the Changelog change is
commented out as it would conflict and makes no sense to adapt for the
purpose of backport patches.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
5b929fde5f9b8bc2b6e85999c9eb08b5a4295c7f)
Jeffery To [Sun, 15 Oct 2023 13:09:52 +0000 (21:09 +0800)]
golang: Update to 1.21.3
Includes fix for CVE-2023-39325 (net/http, x/net/http2: rapid stream
resets can cause excessive work).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
f151ab8c0e6becdabc146e3c2fd1aa2d02708bd4)
Tianling Shen [Mon, 16 Oct 2023 08:46:25 +0000 (16:46 +0800)]
Merge pull request #22350 from miska/samba4-23.05
[23.05] samba4: Update to version 4.18.7
Michal Hrusecky [Mon, 16 Oct 2023 05:15:46 +0000 (07:15 +0200)]
samba4: Update to version 4.18.8
Mainly security release, fixing CVE-2023-3961, CVE-2023-4091,
CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670. For more details see:
https://www.samba.org/samba/history/samba-4.18.8.html
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit
c9c5f62e30a7d6cdc07f20accd8dfc95910e213e)
Tianling Shen [Mon, 16 Oct 2023 01:01:32 +0000 (09:01 +0800)]
Merge pull request #22375 from jefferyto/python-zope-interface-6.1-openwrt-23.05
[openwrt-23.05] python-zope-interface: Update to 6.1, refresh patch
Tianling Shen [Wed, 11 Oct 2023 14:48:22 +0000 (22:48 +0800)]
dnsproxy: Update to 0.56.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
da5ac5da830eaca8a36f280734b8c79fd097a4b6)
Oskari Rauta [Thu, 12 Oct 2023 13:24:31 +0000 (16:24 +0300)]
rust: update to 1.73.0
patches refreshed.
changelog at https://github.com/rust-lang/rust/releases/tag/1.73.0
Also added a configuration ardument and patch
from https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-lang/rust/files/1.72.0-bump-libc-deps-to-0.2.146.patch?id=
515b5920046117355d88b3494c74da269ce9b30a
to provide support for building rust on musl hosts.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
rust: add support for musl build hosts
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
d3b1b0d34e24c16b6c285874113313221a69e675)
Tianling Shen [Sun, 15 Oct 2023 03:48:46 +0000 (11:48 +0800)]
Merge pull request #22376 from jefferyto/rust-build-performance-openwrt-23.05
[openwrt-23.05] rust: Improve build performance
Nick Hainke [Mon, 2 Oct 2023 07:45:19 +0000 (09:45 +0200)]
kmod: update to 31
Release Notes:
https://github.com/kmod-project/kmod/blob/
aff617ea871d0568cc491bd116c0be1e857463bb/NEWS#L1
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
ca057f3e4e997aa8cd27ab03f97429309b18cbc1)
Nick Hainke [Fri, 22 Sep 2023 08:21:53 +0000 (10:21 +0200)]
snowflake: update to 2.6.1
Release Notes:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/tags/v2.6.1
Remove upstreamed patches:
- 0001-Bump-minimum-required-version-of-go.patch
- 0002-Update-dependencies.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
9bd39a33b1c343b33a12dfe84b7e6078125405dc)
Hirokazu MORIKAWA [Thu, 12 Oct 2023 04:05:38 +0000 (13:05 +0900)]
node: bump to v18.18.1
Notable Changes
This release addresses some regressions that appeared in Node.js 18.18.0:
(Windows) FS can not handle certain characters in file name #48673
18 and 20 node images give error - Text file busy (after re-build images) nodejs/docker-node#1968
libuv update in 18.18.0 breaks webpack's thread-loader #49911
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
b2079b87d1425f69feb89b8fa9f48f0a913e8fb2)
Oskari Rauta [Sun, 8 Oct 2023 14:51:50 +0000 (17:51 +0300)]
cni-protocol: update protocol
Changes to protocol file and it's description.
Works better now and restarts firewall automaticly
when tunnel comes available. More informative/guiding
description.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
ff93e4a19d9e9957b61f4a214399cfc87f9c7648)
Oskari Rauta [Fri, 13 Oct 2023 13:10:13 +0000 (16:10 +0300)]
podman: update to 4.7.1
Bugfixes
- Fixed a bug involving non-English locales of Windows where machine installs using user-mode networking were rejected due to erroneous version detection (#20209).
- Fixed a regression in --env-file handling (#19565).
- Fixed a bug where podman inspect would fail when stat'ing a device failed.
API
- The network list compat API endpoint is now much faster (#20035).
Openwrt updates: added patch to allow building with musl-1.2.4
Patch source is from gentoo https://github.com/vimproved/gentoo/blob/
c4c349f11a4352be1965726eadfe3a8bd8a6fa9c/app-containers/podman/files/podman-4.5.0-fix-build-with-musl-1.2.4.patch
Issue was discussed by @jefferyto at mattn/go-sqlite3#1177
remarks:
removed musl-1.2.4 patch from commit, since that version of musl
is not available with openwrt-23.05
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
e25d417f1a3162bb2ecaad06a6b79ab6afb74659)
Oskari Rauta [Sun, 1 Oct 2023 16:31:33 +0000 (19:31 +0300)]
aardvark-dns: update to 1.8.0
changes:
- dependency updates
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
4371aa8f9300116fdfe007840e5e48c174772340)
Oskari Rauta [Sun, 1 Oct 2023 16:27:49 +0000 (19:27 +0300)]
netavark: update to 1.8.0
changelog:
- iptables: improve error when ip6?tables commands are missing
- docs: Convert markdown with go-md2man instead of mandown
- iptables: drop invalid packages
- bump rust edition to 2021
- Add ACCEPT rules in firewall for bridge network with internal dns
- Add vrf support for bridges
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
b788f77db48d6d20f925daa762a70fe5c40dc54a)
Oskari Rauta [Tue, 19 Sep 2023 14:03:05 +0000 (17:03 +0300)]
slirp4netns: update to 1.2.2
v1.2.2 changes:
- Enabled reproducible builds
v1.2.1 changes:
- sandbox: Add support for escaping resolv.conf symlinks. This fixes usage in WSL environments which symlinks /etc/resolv.conf under a shared location under /mnt.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
8b3bf5bb88ce00a78312ed2da7dea7efa54de197)
Oskari Rauta [Sun, 1 Oct 2023 16:18:02 +0000 (19:18 +0300)]
crun: update to 1.9.2
changelog 1.9.2:
- cgroup: reset the inherited cpu affinity after moving to cgroup. Old kernels do that automatically, but new kernels remember the affinity that was set before the cgroup move, so we need to reset it in order to honor the cpuset configuration.
changelog 1.9.1:
- utils: ignore ENOTSUP when chmod a symlink. It fixes a problem on Linux 6.6 that always refuses chmod on a symlink.
- build: fix build on CentOS 7
- linux: add new fallback when mount fails with EBUSY, so that there is not an additional tmpfs mount if not needed.
- utils: improve error message when a directory cannot be created as a component of the path is already existing as a non directory.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
bb3af8acb92e396f181d3f435dd2ca8ac1c9ec30)
Oskari Rauta [Sat, 16 Sep 2023 07:36:37 +0000 (10:36 +0300)]
conmon: update to 2.1.8
Bug fixes:
- stdio: ignore EIO for terminals
- ensure console socket buffers are properly sized
- conmon: drop return after pexit()
- ctrl: make accept4 failures fatal
- logging: avoid opening /dev/null for each write
- oom: restore old OOM score
- Use default umask 0022
Misc changes:
- cli: log parsing errors to stderr
- Changes to build conmon for riscv64
- Changes to build conmon for ppc64le
- Fix close_other_fds on FreeBSD
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
3d88d18ee2918840b9b05fb27e50587fc9f62b64)
Jeffery To [Sun, 8 Oct 2023 12:24:38 +0000 (20:24 +0800)]
python-setuptools-rust: Set cargo profile from environment variable
This adds a patch (submitted upstream in
https://github.com/PyO3/setuptools-rust/pull/364), to read the profile
to pass to cargo from an environment variable.
This also updates the Python include files to set the environment
variable based on values from rust-values.mk.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
29ca9797a66f7e4d2ae40d26b91f3d1c2982a744)
Jeffery To [Sat, 30 Sep 2023 05:57:43 +0000 (13:57 +0800)]
rust: Set release profile settings
* codegen-units, lto, opt-level - Set to values to optimize binary
size[1].
* overflow-checks - Enabled because in release mode, integer overflows
are defined as two's complement wrap[2]. It is highly unlikely that
any program is intentionally relying on this behaviour; it would be
better to panic instead of continue execution in this case.
* debug, debug-assertions, panic, rpath - Set to their default (release)
values, to override any settings made by packages, e.g. ripgrep sets
debug = 1[3].
[1]: https://github.com/johnthagen/min-sized-rust
[2]: https://huonw.github.io/blog/2016/04/myths-and-legends-about-integer-overflow-in-rust/
[3]: https://github.com/BurntSushi/ripgrep/blob/13.0.0/Cargo.toml#L79-L80
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
8bf2725f9be82eec0849cc5efe77bedeb0a693a0)
Jeffery To [Mon, 25 Sep 2023 02:00:58 +0000 (10:00 +0800)]
rust: Add option to use sccache
Using sccache makes recompilation of rustc and Rust packages faster.
This also makes the rust package visible in menuconfig, in order for the
sccache options to be accessible.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
b4ec01739865770e3d0432683406844f7fd8e707)
Jeffery To [Sat, 23 Sep 2023 12:24:37 +0000 (20:24 +0800)]
rust: Use make's jobserver when building packages
This allows cargo to use make's jobserver when building packages, by
marking the cargo command as recursive (with the + prefix[1]) and
setting MAKEFLAGS.
This also:
* Give cargo/x.py the build directory instead of having to change the
current directory (and opening subshells)
* Set PKG_BUILD_PARALLEL/HOST_BUILD_PARALLEL for Rust packages to enable
the use of make's jobserver
[1]: https://www.gnu.org/software/make/manual/html_node/POSIX-Jobserver.html
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
0dfc1b508d5e5b361978ef9783cb63775176c305)
[omit changes to arp-whisper and procs]
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Mon, 25 Sep 2023 03:58:12 +0000 (11:58 +0800)]
rust: Consolidate cargo environment variables
This consolidates all environment variables for cargo into:
* CARGO_HOST_CONFIG_VARS / CARGO_PKG_CONFIG_VARS
These contain all cargo-specific environment variables, i.e. without
"common" variables like CC.
* CARGO_HOST_VARS / CARGO_PKG_VARS (renamed from CARGO_VARS)
These contain all environment variables to be passed to cargo.
This also:
* Set the CARGO_BUILD_TARGET environment variable instead of using the
--target command-line option
* Update Python include files to use CARGO_HOST_CONFIG_VARS /
CARGO_PKG_CONFIG_VARS
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
9db7284d589dc8490f8c7dbe56af731fce953eda)
Jeffery To [Fri, 22 Sep 2023 16:26:20 +0000 (00:26 +0800)]
rust: Move CARGO_HOME to $(DL_DIR)/cargo
As CARGO_HOME mainly functions as a download and source cache[1], moving
it into $(DL_DIR) allows it to persist and be reused between different
buildroots/sdks (when DL_DIR is set to a custom/external location).
[1]: https://doc.rust-lang.org/cargo/guide/cargo-home.html
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
853c9c9e8625c54a2c3214b2ef770ffc76bd3495)
Jeffery To [Sun, 1 Oct 2023 18:16:22 +0000 (02:16 +0800)]
rust: Move cargo config options into environment variables
This also:
* Modify the "release" profile in place of adding the "stripped" profile
Only the profile for target is modified; there are no file size
constraints for host.
* For host, build with the "release" profile
* For target, build with either the "dev" or "release" profile based on
CONFIG_DEBUG
There is no environment variable to specify the "strip" option, but
enabling this option is not necessary as the build system will already
strip binaries based on CONFIG_NO_STRIP / CONFIG_USE_STRIP /
CONFIG_USE_SSTRIP.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
5c5123f0f63cfda1d4f17a5d315356883fd82923)
Jeffery To [Fri, 22 Sep 2023 16:02:01 +0000 (00:02 +0800)]
rust: Install to $(STAGING_DIR)/host
This allows rustc/cargo/etc to be called without having to set PATH, as
$(STAGING_DIR)/host/bin is already in PATH.
This also fixes CARGO_HOME not being set during Host/Configure and
Host/Compile.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
49aaf19c65a35c37725ead7a438684411b512d6f)
Jeffery To [Wed, 11 Oct 2023 04:56:20 +0000 (12:56 +0800)]
rust: Improve Host/Install speed
* Compress dist archives with gzip instead of xz; gzip is faster to
compress and decompress
* Use a for loop instead of calling find to extract archives
* Use libdeflate's gzip to decompress instead of gzip
* Limit search for install scripts to top level of extracted archives
This also runs the install scripts with bash instead of sh, in
accordance with the shebang lines inside the scripts.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
855623d8cce4db8655af58bed5d52c64d38608c5)
Jeffery To [Sun, 1 Oct 2023 20:52:32 +0000 (04:52 +0800)]
rust: Cache bootstrap downloads to $(DL_DIR)/rustc
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
35768bf31e5867046874dc6fd0374ff8fe575da2)
Jeffery To [Mon, 25 Sep 2023 03:28:45 +0000 (11:28 +0800)]
rust: Add RUST_HOST_FEATURES for host builds
Features to be enabled for host may not be the same as those for target.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
d24095b8fc5b8d4e509d59f73d6901842b50c4bd)
Jeffery To [Sat, 30 Sep 2023 08:49:11 +0000 (16:49 +0800)]
rust: Use build host Python
The build system already requires Python to be installed.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
a00dae9ed071030426a9e2c624aec58bb62538f0)
Jeffery To [Mon, 9 Oct 2023 01:21:58 +0000 (09:21 +0800)]
python-zope-interface: Update to 6.1, refresh patch
This also updates the list of dependencies and adds a test.sh script for
the packages feed CI.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
7e8f7b28d74ca2044309dff9c789dec055ee43c5)
Kaveh Dadgar [Sat, 7 Oct 2023 19:44:02 +0000 (21:44 +0200)]
v2ray-geodata: add package v2ray-geosite-ir
"Iran Hosted Domains" is a comprehensive list of Iranian domains and services that are hosted within the country.
Signed-off-by: Kaveh Dadgar <Kavehdadgar666@protonmail.com>
(cherry picked from commit
b1fc3754b3969edc9dca2f1fd5129edbd0a76517)
Tianling Shen [Mon, 9 Oct 2023 03:48:10 +0000 (11:48 +0800)]
cloudreve: Update to 3.8.3
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
503825ef41d67af8b2cb35fe8dfe683f1c1ca766)
Tianling Shen [Sat, 7 Oct 2023 04:59:43 +0000 (12:59 +0800)]
dnsproxy: Update to 0.56.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
303f0ad5ed690a22de5bfe959975d0d19511043a)
Tianling Shen [Sat, 23 Sep 2023 14:48:16 +0000 (22:48 +0800)]
dnsproxy: Update to 0.55.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
830552b624a5be6ebc6dcdb39096d18d31cadf5d)
Tianling Shen [Sat, 7 Oct 2023 04:51:06 +0000 (12:51 +0800)]
v2ray-core: Update to 5.8.0
Removed upstreamed patches.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
02b723bec3c17567edf60e6bf8012834c49a7270)
Michal Hrusecky [Wed, 11 Oct 2023 06:18:45 +0000 (08:18 +0200)]
curl: Update to version 8.4.0
For detailed changes, see https://curl.se/changes.html#8_4_0
Switching to tar.bz2 for the time being as tar.xz is not yet available.
Fixes CVE-2023-38546 and CVE-2023-38545.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from
d353218c320073bf6c2b48f4b9eeab5d4aeeed1c)
Jeffery To [Mon, 9 Oct 2023 01:18:40 +0000 (09:18 +0800)]
python3: Update to 3.11.6, refresh patches
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
2aba43afe9e1bf5d9dc5e3578af7f82f6da51b2b)
Tianling Shen [Wed, 11 Oct 2023 01:48:38 +0000 (09:48 +0800)]
Merge pull request #22346 from douglarek/sb
[openwrt-23.05] sing-box: update to v1.5.2
Josef Schlehofer [Tue, 10 Oct 2023 08:08:19 +0000 (10:08 +0200)]
Merge pull request #22293 from jefferyto/python-charset-normalizer-3.3.0-openwrt-23.05
[openwrt-23.05] python-charset-normalizer: Update to 3.3.0
Leo Douglas [Fri, 29 Sep 2023 11:38:04 +0000 (19:38 +0800)]
sing-box: update to v1.5.2
* Enable `with_ech` and `with_dhcp`, just like upstream
* See changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.5.2
Signed-off-by: Leo Douglas <douglarek@gmail.com>
sing-box: ShadowsocksR is marked as deprecated since v1.5.0
Signed-off-by: Leo Douglas <douglarek@gmail.com>
sing-box: remove dhcp by default
Signed-off-by: Leo Douglas <douglarek@gmail.com>
(cherry picked from commit
bf7ce353b8af9a36411525306abcde23e860e76d)
Olivier Poitrey [Sat, 7 Oct 2023 01:30:20 +0000 (01:30 +0000)]
nextdns: Update to version 1.41.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Christian Marangi [Sat, 30 Sep 2023 14:09:18 +0000 (16:09 +0200)]
net-snmp: move to PCRE2 library
Add upstream patch adding support for pcre2 and update dependency to
require libpcre2 instead of libpcre.
--with-pcre2-8 is now needed to exclude support for pcre and only
require pcre2 as net-snmp still use and try to use pcre by default.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
daf29ecbb2e17adce7ba9c25759b60c9afff9c01)
Josef Schlehofer [Sun, 8 Oct 2023 07:00:20 +0000 (09:00 +0200)]
Merge pull request #22326 from jefferyto/python-twisted-23.8.0-openwrt-23.05
[openwrt-23.05] python-twisted: Update to 23.8.0, rework patches
Luiz Angelo Daros de Luca [Sat, 7 Oct 2023 03:00:07 +0000 (00:00 -0300)]
libvpx: update to 1.13.1
v1.13.0
This release includes more Neon and AVX2 optimizations, adds a new codec
control to set per frame QP, upgrades GoogleTest to v1.12.1, and includes
numerous bug fixes.
v1.13.1
This release contains two security related fixes. One each for VP8 and VP9.
- https://crbug.com/
1486441 (CVE-2023-5217)
- Fix bug with smaller width bigger size (CVE-2023-44488)
Fixes #22318
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit
36566a99af9074334eee3293a6d5a0aa7f4e8246)
Daniel Golle [Fri, 6 Oct 2023 21:38:23 +0000 (23:38 +0200)]
exim: update to version 4.96.1
This is a security release.
JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which
could be triggered by externally-supplied input. Found by Trend Micro.
CVE-2023-42115
JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42116
JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42114
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
7c8f4a2a1c2e883ae3ebd62aab96bb45e31b4d55)
Jeffery To [Sat, 7 Oct 2023 12:04:12 +0000 (20:04 +0800)]
golang: Update to 1.21.2
Includes fix for CVE-2023-39323 (cmd/go: line directives allows
arbitrary execution during build).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
a8374204bbf5c111f8492995560088a4c399dca4)
Eneas U de Queiroz [Wed, 4 Oct 2023 19:19:07 +0000 (16:19 -0300)]
python3: avoid unnecessary rebuilds
Move the order in which BuildPackage is called, so that the libpython
package is built ahead of the module packages, to avoid forcing a
clean-build of the package when 'make package/python3/compile' is called
a second time without changes.
The library must be built first, so that when the buildsystem checks for
ABI version changes using libpython3.version, its timestamp should be
older than the dependent package's STAMP_PREPARED file.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
c230d7bd7f8a794032d2414588f1cdfc1a5ec74e)
John Audia [Wed, 4 Oct 2023 19:35:03 +0000 (15:35 -0400)]
openssh: bump to 9.5p1
Changelog: https://www.openssh.com/txt/release-9.5
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
6dc86d46da18d573971b7e7a2d625b2498dbe249)
Josef Schlehofer [Thu, 5 Oct 2023 12:16:07 +0000 (14:16 +0200)]
tor-fw-helper: remove it
This package does not receive any update since 2015. [1]
It seems unmaintained and most likely not used at all.
[1] https://gitweb.torproject.org/tor-fw-helper.git/
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
c980086b1e4353fcdbd9f44065ce1cbf9c158e09)
Jeffery To [Fri, 29 Sep 2023 03:37:08 +0000 (11:37 +0800)]
python-twisted: Update to 23.8.0, rework patches
The package changed to the hatchling build backend.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
00841f98731fe7599c7f2cae2bf4e08599833647)
S. Brusch [Mon, 2 Oct 2023 15:30:48 +0000 (17:30 +0200)]
crowdsec-firewall-bouncer: new upstream release version 0.0.28
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma GĂ©rald <gandalf@gk2.net>
Run tested: mediatek/filogic, BPI-R3, Openwrt 23.05.0-rc3
Description: Update crowdsec-firewall-bouncer to latest upstream release version 0.0.28
(cherry picked from commit
401d2428ac24abcd90dcaa7bf5bc32ef33e6769b)
Stan Grishin [Fri, 6 Oct 2023 22:42:38 +0000 (16:42 -0600)]
Merge pull request #22312 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: bugfix: properly identify hosts-files
Dirk Brenken [Tue, 3 Oct 2023 19:30:15 +0000 (21:30 +0200)]
banip: release 0.9.1-1
* drop packets silently on input and forwardwan chains or actively reject the traffic, set 'ban_blocktype' accordingly
* optimized banIP boot/reload handling
* removed pppoe quirk in device detection
* small fixes and optimizations
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
00cad2980cc7707f662acb1fa2a51c4e4fc331d9)
Tianling Shen [Mon, 2 Oct 2023 13:30:26 +0000 (21:30 +0800)]
yq: Update to 4.35.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
b46ff1fd8a877afc0f36cf7df5b9aae9d15fdb95)
Stan Grishin [Thu, 5 Oct 2023 14:51:51 +0000 (14:51 +0000)]
adblock-fast: bugfix: properly identify hosts-files
* escape dots in grep command to properly identify hosts files
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
13a88d0b79142f385d77baaa390211673bf6b9c0)
Christian Marangi [Wed, 27 Sep 2023 17:10:39 +0000 (19:10 +0200)]
atftp: move to PCRE2
Move atftp to PCRE2 as PCRE is flagged as EOL and won't receive security
updates anymore.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
f81a1a1212c17f460721fe6f4d4497e66ee418c6)
Christian Marangi [Wed, 27 Sep 2023 17:09:56 +0000 (19:09 +0200)]
atftp: bump to release 0.8.0
Bump to release 0.8.0. Autorecong is now needed to correctly compile the
package.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
364fe00b17ddfeb9f2bdf16298eda84866d58d27)
Jan Kratochvil [Tue, 3 Oct 2023 04:46:43 +0000 (12:46 +0800)]
ffmpeg: Add avi muxer
Otherwise one cannot produce *.avi containers needed for some H.264
camera codecs.
Signed-off-by: Jan Kratochvil <jan@jankratochvil.net>
(cherry picked from commit
62f01d7b36ca621f3b9e2e01c78a64e897dbf4e8)
Tianling Shen [Wed, 4 Oct 2023 02:31:50 +0000 (10:31 +0800)]
wget: Update to 1.21.4
Removed upstreamed patches and unneeded autoreconf.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
54593c0ba9a52ca72c69a1041b11bc9ef558db77)
Josef Schlehofer [Wed, 4 Oct 2023 10:26:54 +0000 (12:26 +0200)]
syslog-ng: update to version 4.4.0
- Release notes:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.4.0
- Bump version in config file
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
4dd49d7c3cd571107958154f1ed1ec8d8dba7464)
Jeffery To [Tue, 3 Oct 2023 14:26:02 +0000 (22:26 +0800)]
python-cffi: Update to 1.16.0
This includes a patch to unpin the version of setuptools required for
build; the required version is newer than the version bundled with
Python 3.11. This patch should not be necessary when Python 3.12 is
available.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
dd5af62695e2c0fcf421adfffbea92f37d1a652d)
Jeffery To [Tue, 3 Oct 2023 14:59:58 +0000 (22:59 +0800)]
python-packaging: Update to 23.2
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
78bcdd0fd1291a1a02e0d73e43c28e04f36d507d)
Jeffery To [Fri, 29 Sep 2023 02:42:55 +0000 (10:42 +0800)]
python-bcrypt: Update to 4.0.1, add myself as maintainer
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
6b3da46777bb5d029a4933481ee5939efa7c7109)
Jeffery To [Fri, 29 Sep 2023 02:11:05 +0000 (10:11 +0800)]
python-pyopenssl: Update to 23.2.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
bb278a015c6b76ca2c9fdf6663dbd7428777915e)
Jeffery To [Tue, 3 Oct 2023 14:54:02 +0000 (22:54 +0800)]
python-charset-normalizer: Update to 3.3.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
85540346fef07abf5df1a2d3558b341e7afb60d8)
Stan Grishin [Tue, 3 Oct 2023 19:13:45 +0000 (13:13 -0600)]
Merge pull request #22287 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: update to 1.0.0-5
Stan Grishin [Sun, 1 Oct 2023 23:52:15 +0000 (23:52 +0000)]
adblock-fast: update to 1.0.0-5
* improve processing of dnsmasq config files
* do not run sed/show error if allow_filter is empty
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
f3b8e569a5a619d87da873c3f9f657f77b1656c7)
Alexandru Ardelean [Tue, 3 Oct 2023 17:18:21 +0000 (20:18 +0300)]
Merge pull request #22269 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: update to 1.0.0-5
Alexandru Ardelean [Wed, 27 Sep 2023 06:16:16 +0000 (09:16 +0300)]
libwebp: bump to version 1.3.2
From https://github.com/webmproject/libwebp/releases/tag/v1.3.2
- 9/13/2023: version 1.3.2
This is a binary compatible release.
* security fix for lossless decoder (chromium: #
1479274, CVE-2023-4863)
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
(cherry picked from commit
90c6cb239002b1581b249ed19c3d7475fa78e5f1)
Josef Schlehofer [Fri, 29 Sep 2023 15:40:29 +0000 (17:40 +0200)]
prometheus-node-exporter-lua: drop bmx6 package
In the OpenWrt routing feed, package bmx6 and luci-app-bmx6 were removed because the LuCI app was vulnerable to several CVEs, as found by dependabot. It has been reporting it for a few months and has even created an issue. These two packages are not maintained in OpenWrt as well in upstream.
Users should switch to the bmx7 package.
Fixes: 9fb9d9343ea27d6dbb5008ece10c0c843dd2c781 ("bmx6: drop package") in the routing feed
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
9c2bf859005ada11c17835f74826b356cdb0fb7b)
Tianling Shen [Sun, 30 Jul 2023 16:41:02 +0000 (00:41 +0800)]
cloudflared: Update to 2023.7.3
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
08f3dccccd867967d34b8f9102544896cf97edfe)
Dobroslaw Kijowski [Mon, 21 Aug 2023 08:38:47 +0000 (10:38 +0200)]
adguardhome: update quic-go to v0.37.6
* quic-go v0.36.x cannot be compiled with Go 1.21. Update that
AdGuardHome dependency to latest one from v0.37 series.
* It fixes following compilation error:
go-mod-cache/github.com/quic-go/quic-go@v0.36.2/internal/qtls/go121.go:5:13: cannot use "The version of quic-go you're using can't be built on Go 1.21 yet. For more details, please see https://github.
com/quic-go/quic-go/wiki/quic-go-and-Go-versions." (untyped string constant "The version of quic-go you're using can't be built on Go 1.21 yet.
Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
(cherry picked from commit
11230bb580443efd14a3c3bb4aa193c0476e4a7d)
Jeffery To [Mon, 25 Sep 2023 16:42:33 +0000 (00:42 +0800)]
python-typing-extensions: Update to 4.8.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
cb8648679b01982131eda7b2e74aff02f9a7499e)
Jeffery To [Mon, 25 Sep 2023 16:41:17 +0000 (00:41 +0800)]
python-trove-classifiers: Update to 2023.9.19
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
423235b40a84663c611e0f95abb11aaa7202681d)
Jeffery To [Mon, 25 Sep 2023 16:38:11 +0000 (00:38 +0800)]
python-setuptools: Update to 68.2.2
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
c12e4e873d43c6d61909f1a110be924918be1ab5)
Jeffery To [Wed, 13 Sep 2023 04:33:51 +0000 (12:33 +0800)]
python-cryptography: Update to 41.0.4
This includes a patch to update the version of ouroboros (Rust crate)
used, to fix RUSTSEC-2023-0042[1]. Upstream has switch from ouroboros to
self_cell so this patch should only be necessary for cryptography 41.
[1]: https://rustsec.org/advisories/RUSTSEC-2023-0042.html
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
9fdff3ea94662653188c3902840e97c35e9f138f)
Jeffery To [Wed, 13 Sep 2023 04:15:18 +0000 (12:15 +0800)]
python: Add environment variables to build Rust extensions
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
4d43be8549c8240f5039040fd1efd44aa2eb61fa)
Jeffery To [Wed, 13 Sep 2023 04:13:52 +0000 (12:13 +0800)]
python-setuptools-rust: Add new host-only package
From the README:
setuptools-rust is a plugin for setuptools to build Rust Python
extensions implemented with PyO3 or rust-cpython.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
f467f47f0ca226e382356a8e3615b5c55655b692)
Jeffery To [Wed, 13 Sep 2023 04:11:52 +0000 (12:11 +0800)]
python-semantic-version: Add new host-only package
From the README:
This small python library provides a few tools to handle SemVer in
Python. It follows strictly the 2.0.0 version of the SemVer scheme.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
b078e01f0c60354b8580fed8b12c25b5a5706cc6)
Daniel Golle [Sun, 1 Oct 2023 17:28:53 +0000 (18:28 +0100)]
exim: apply hotfix for some ZDI reported vulnerabilities
Apply preliminary hotfix for some (three?) of the 0-day
vulnerabilities reported by ZDI.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
db85d9ead6c3258757e199ad1fbd5bd20c9aac5f)
Stan Grishin [Sun, 1 Oct 2023 23:52:15 +0000 (23:52 +0000)]
adblock-fast: update to 1.0.0-5
* improve processing of dnsmasq config files
* do not run sed/show error if allow_filter is empty
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
0dc2aa2e7d67b6b4bce3d3bae9b14e67b90ff0c1)
Tianling Shen [Sat, 30 Sep 2023 11:00:55 +0000 (19:00 +0800)]
v2raya: remove go version hack
This hack was added for Go 1.20 as it did not take minor version.
Now we have Go 1.21, this hack can go away.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Stan Grishin [Fri, 29 Sep 2023 18:00:16 +0000 (12:00 -0600)]
Merge pull request #22242 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: better error reporting when nothing to do
Tianling Shen [Wed, 23 Aug 2023 01:14:22 +0000 (09:14 +0800)]
v2ray-core: backport upstream Go 1.21 updates
Fix build for Go 1.21.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
a8ac5861f677e908e4886406cf57049648c7312d)
Van Waholtz [Thu, 17 Aug 2023 02:53:24 +0000 (10:53 +0800)]
frp: update to 0.51.3
Includes some bug fixes and adds support for GO 1.21.
Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
(cherry picked from commit
14dd31ef27adf023becce757898c9c075591fc08)
Van Waholtz [Wed, 5 Jul 2023 14:06:24 +0000 (22:06 +0800)]
frp: update to 0.51.0
XTCP is incompatible with previous versions since 0.49.0.
Changelog:
https://github.com/fatedier/frp/releases/tag/v0.49.0
https://github.com/fatedier/frp/releases/tag/v0.50.0
https://github.com/fatedier/frp/releases/tag/v0.51.0
Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
(cherry picked from commit
62901b7895583d6f4845bf7cc2d944f98c662a1e)
Josef Schlehofer [Thu, 28 Sep 2023 07:56:02 +0000 (09:56 +0200)]
kismet: drop the package
This package is no longer maintained in OpenWrt even though it is maintained by upstream.
The last update was done in August 2016 and because we have 2023, drop this package
without replacement.
If anyone from the community wants to step in and retake the maintainership together with the update,
feel free to do it.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
52def58084583ff070c107d8c5455fce780e4c32)
Stan Grishin [Thu, 28 Sep 2023 21:30:55 +0000 (21:30 +0000)]
adblock-fast: better error reporting when nothing to do
* also nicer file type output in high verbosity
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
ed6729c251407bbe8a5eedb8a692b40afcb2b782)
Hannu Nyman [Sat, 19 Aug 2023 08:52:35 +0000 (11:52 +0300)]
adguardhome: update to v0.107.36
* Full changelog available at:
* https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.34
* https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.35
* https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.36
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
[ Reword commit message ]
Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
(cherry picked from commit
d4fa3d0a1aa242c0aed5a5292335fe9d9ac42a31)
Van Waholtz [Tue, 5 Sep 2023 15:13:03 +0000 (23:13 +0800)]
syncthing: update to 1.24.0
This package can be built with Go 1.21 and QUIC can be enabled.
Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
(cherry picked from commit
86522d77f1ccf7ed80ef556e0d6621efbd190275)