feed/packages.git
4 months agolibs/glib2: remove pcre2 fallback workaround
Yegor Yefremov [Thu, 4 Jul 2024 05:35:44 +0000 (07:35 +0200)]
libs/glib2: remove pcre2 fallback workaround

pcre2 can now be properly linked statically. Hence, remove both
the patch and -Dforce_fallback_for=libpcre2-8 option.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
4 months agolibs/glib2: remove the upstream patch
Yegor Yefremov [Tue, 2 Jul 2024 12:55:20 +0000 (14:55 +0200)]
libs/glib2: remove the upstream patch

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
4 months agolibs/glib2: remove the deprecated option force_posix_threads
Yegor Yefremov [Tue, 2 Jul 2024 12:50:36 +0000 (14:50 +0200)]
libs/glib2: remove the deprecated option force_posix_threads

Resolves the following warning:

glib-2.80.3/meson.build:2053:
WARNING: DEPRECATION: Option 'force_posix_threads' is deprecated and
will be removed after GLib 2.72; please file an issue with your use case
if you still require it

For more information, see the following merge request:

https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2474

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
4 months agoeza: update to 0.18.21
Jonas Jelonek [Wed, 3 Jul 2024 22:14:02 +0000 (00:14 +0200)]
eza: update to 0.18.21

Release notes:
0.18.19: https://github.com/eza-community/eza/releases/tag/v0.18.19
0.18.20: https://github.com/eza-community/eza/releases/tag/v0.18.20
0.18.21: https://github.com/eza-community/eza/releases/tag/v0.18.21

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
4 months agocroc: update to 10.0.9
Jonas Jelonek [Wed, 3 Jul 2024 22:12:58 +0000 (00:12 +0200)]
croc: update to 10.0.9

Release notes:
https://github.com/schollz/croc/releases/tag/v10.0.9

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
4 months agonetbird: update to 0.28.3
Wesley Gimenes [Wed, 3 Jul 2024 03:41:45 +0000 (00:41 -0300)]
netbird: update to 0.28.3

Signed-off-by: Wesley Gimenes <wehagy@proton.me>
4 months agotailscale: Update to 1.68.2
Milinda Brantini [Wed, 3 Jul 2024 12:51:40 +0000 (20:51 +0800)]
tailscale: Update to 1.68.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
4 months agoopenvpn: fix startup with script-security lower than 2
Clemens Hopfer [Tue, 2 Jul 2024 20:49:02 +0000 (22:49 +0200)]
openvpn: fix startup with script-security lower than 2

External scripts may only be specified with script-security 2 or higher,
otherwise OpenVPN fails at tunnel startup with an error.
This changes the previously hardcoded hotplug scripts to only be added if
script-security is 2 or higher is used.

Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
4 months agoutils: lpac: fix passing CMAKE options
Robert Marko [Wed, 3 Jul 2024 11:43:16 +0000 (13:43 +0200)]
utils: lpac: fix passing CMAKE options

Turns out that having a comment for QMI over QRTR in the CMAKE_OPTIONS will
drop anything after it, so lets move the comment above CMAKE_OPTIONS.

Fixes: 34f9d96b4cc3 ("lpac: make APDU backends configurable")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
4 months agorust: select correct architecture for armv5
Lu jicong [Wed, 3 Jul 2024 11:51:28 +0000 (19:51 +0800)]
rust: select correct architecture for armv5

Currently, armv5 and armv6 targets are both using armv6 rustc.
Without this patch, rust programs in armv5 targets throw illegal instruction
error.

Signed-off-by: Lu jicong <jiconglu58@gmail.com>
4 months agov2ray-geodata: Update to latest version
Tianling Shen [Wed, 3 Jul 2024 18:06:49 +0000 (02:06 +0800)]
v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agoi2csfp: add package
Daniel Golle [Sun, 16 Jun 2024 11:35:36 +0000 (12:35 +0100)]
i2csfp: add package

Add i2csfp utility which comes handy when dealing with some SFP modules.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 months agopostgresql: update to version 16.3
Daniel Golle [Wed, 5 Jun 2024 02:44:09 +0000 (03:44 +0100)]
postgresql: update to version 16.3

Switch to new major version 16.
Use meson to build for target, however, old autotools-style configure is
needed to clean the source directory before being able to run meson, and
host build of the timezone compiler ('zic') also still requires using the
old build system.

See also https://www.postgresql.org/docs/16/release-16.html

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 months agolpac: make APDU backends configurable
Robert Marko [Tue, 2 Jul 2024 16:15:02 +0000 (18:15 +0200)]
lpac: make APDU backends configurable

Currently, lpac will be built with the PCSC and AT APDU backends by default
and its not configurable in OpenWrt.

Since smart card reads are not really common on OpenWrt devices lets
disable PCSC backend by default so we dont have to include PCSC lib and
daemon by default.

AT backend is left enabled by default since it has no external dependecies
and all modems have it.

QMI over QRTR backend is not selectable even though it is part of the 2.0.2
relase since it requires unstable libqmi 1.35.4 or newer and we are still
using 1.34 stable branch.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
4 months agominiupnpc: Update to 2.2.8
Tianling Shen [Tue, 2 Jul 2024 11:14:48 +0000 (19:14 +0800)]
miniupnpc: Update to 2.2.8

Updated binary path, rebased patches.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agolibnatpmp: Update to 20230423
Tianling Shen [Tue, 2 Jul 2024 11:07:30 +0000 (19:07 +0800)]
libnatpmp: Update to 20230423

Rebased patches.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
4 months agoopenssh: bump to 9.8p1
John Audia [Mon, 1 Jul 2024 10:20:33 +0000 (06:20 -0400)]
openssh: bump to 9.8p1

Release notes: https://www.openssh.com/txt/release-9.8

* 9.8p1 fixes CVE-2024-6387
* Adjusted Makefile to provide /usr/lib/sshd-session
* Given the troubles with -fzero-call-used-regs and all the
  broken checks, makes sense to skip it

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
4 months agolibs/glib2: update to 2.80.3
Yegor Yefremov [Mon, 15 Apr 2024 11:39:20 +0000 (13:39 +0200)]
libs/glib2: update to 2.80.3

Explicitly disable gobject introspection option.

Set runtime_dir to /var/run as current glib2 version sets this option
to /run by default.

Add a patch removing the Python packaging module dependency.

Refresh patches.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
4 months agoowut: update to 2024.07.01
Eric Fahlgren [Mon, 1 Jul 2024 23:45:02 +0000 (16:45 -0700)]
owut: update to 2024.07.01

- bugs
  https://github.com/efahl/owut/commit/1ed0c8d6c61988b400d963ba2a5efb857d3efdf6 partial fix for 'what-provides'
  https://github.com/efahl/owut/commit/189b27210ff32ac0a75c92fb0501d6674786d0fb bad sutype

Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
4 months agoMerge pull request #24497 from p-w-p/patch-5
Tianling Shen [Tue, 2 Jul 2024 11:01:09 +0000 (19:01 +0800)]
Merge pull request #24497 from p-w-p/patch-5

docker: Update to 27.0.3

4 months agodockerd: Update to 27.0.3 24497/head
Milinda Brantini [Tue, 2 Jul 2024 07:26:38 +0000 (15:26 +0800)]
dockerd: Update to 27.0.3

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
4 months agodocker: Update to 27.0.3
Milinda Brantini [Tue, 2 Jul 2024 07:25:31 +0000 (15:25 +0800)]
docker: Update to 27.0.3

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
4 months agolpac: update to 2.0.2
Robert Marko [Sun, 30 Jun 2024 19:35:31 +0000 (21:35 +0200)]
lpac: update to 2.0.2

Release notes:
https://github.com/estkme-group/lpac/releases/tag/v2.0.2

Signed-off-by: Robert Marko <robimarko@gmail.com>
5 months agoadblock: update 4.1.5-11
Dirk Brenken [Sun, 30 Jun 2024 17:30:11 +0000 (19:30 +0200)]
adblock: update 4.1.5-11

* removed an accidentally commited flag of the upcoming adblock 5.x, this fixes a startup regression without trigger interface

Signed-off-by: Dirk Brenken <dev@brenken.org>
5 months agoMerge pull request #24488 from neheb/k
Nikos Mavrogiannopoulos [Sun, 30 Jun 2024 07:15:54 +0000 (09:15 +0200)]
Merge pull request #24488 from neheb/k

p11-kit: update to 0.25.3

5 months agoapinger: fix time_t format
Rosen Penev [Mon, 24 Jun 2024 21:42:36 +0000 (14:42 -0700)]
apinger: fix time_t format

Needs to be 64-bit.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agolibtalloc: update to 2.42
Rosen Penev [Wed, 26 Jun 2024 22:16:56 +0000 (15:16 -0700)]
libtalloc: update to 2.42

Refresh patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agounixobdc: fix compilation with GCC14 again
Rosen Penev [Sat, 29 Jun 2024 21:21:42 +0000 (14:21 -0700)]
unixobdc: fix compilation with GCC14 again

Use upstream backport.

Remove autoreconf for speed. Nothing is being patched anyway.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agop11-kit: update to 0.25.3 24488/head
Rosen Penev [Fri, 28 Jun 2024 20:03:50 +0000 (13:03 -0700)]
p11-kit: update to 0.25.3

Upstream backport fixing 32-bit -Wformat warning.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agoxmlrpc-c: update to 1.59.03
Rosen Penev [Mon, 10 Jun 2024 01:25:50 +0000 (18:25 -0700)]
xmlrpc-c: update to 1.59.03

Add nls.mk as libxml2 needs it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agojool: update to 4.1.12
Goetz Goerisch [Fri, 28 Jun 2024 07:29:01 +0000 (09:29 +0200)]
jool: update to 4.1.12

Update jool to 4.1.12
Changelog: https://github.com/NICMx/Jool/releases/tag/v4.1.12

Signed-off-by: Goetz Goerisch <ggoerisch@gmail.com>
5 months agolxc: update to 6.0.1
John Audia [Fri, 28 Jun 2024 20:23:48 +0000 (16:23 -0400)]
lxc: update to 6.0.1

Changelog: https://discuss.linuxcontainers.org/t/lxc-6-0-lts-has-been-released/19567

Required libdbus as a depends for liblxc.  I verified that both
lxc-create and lxc-checkconfig work with the rebases to the
following patches but do please review:

  020-lxc-checkconfig.patch
  025-remove-unsupported-option.patch

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
5 months agohwinfo: remove uuid hacks
Rosen Penev [Wed, 26 Jun 2024 22:15:51 +0000 (15:15 -0700)]
hwinfo: remove uuid hacks

util-linux uuid is used now.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agosumo: update to 1.16.0
Rosen Penev [Mon, 24 Jun 2024 05:17:27 +0000 (22:17 -0700)]
sumo: update to 1.16.0

Add patch for GCC14.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agoalist: Update to 3.35.0
Tianling Shen [Fri, 28 Jun 2024 10:08:24 +0000 (18:08 +0800)]
alist: Update to 3.35.0

Add GO_PKG_EXCLUDES to fix build on non-64bit (arm64/amd64) system.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
5 months agodnsproxy: Update to 0.71.2
Milinda Brantini [Fri, 28 Jun 2024 07:12:24 +0000 (15:12 +0800)]
dnsproxy: Update to 0.71.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agodocker: Update to 27.0.2
Milinda Brantini [Fri, 28 Jun 2024 06:03:15 +0000 (14:03 +0800)]
docker: Update to 27.0.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agorunc: Update to 1.1.13
Milinda Brantini [Fri, 28 Jun 2024 06:02:35 +0000 (14:02 +0800)]
runc: Update to 1.1.13

This is the thirteenth patch release in the 1.1.z release branch of runc.
Itbrings in Go 1.22.x compatibility and fixes a few issues,
including anoccasional wrong nofile rlimit in runc exec,
and a race between runc list and runc delete.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agodockerd: Update to 27.0.2
Milinda Brantini [Thu, 27 Jun 2024 13:18:59 +0000 (21:18 +0800)]
dockerd: Update to 27.0.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agofx: update to 35.0.0
Fabian Lipken [Thu, 27 Jun 2024 18:10:24 +0000 (20:10 +0200)]
fx: update to 35.0.0

Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
5 months agoMerge pull request #24468 from ne20002/master-crowdsec
Tianling Shen [Thu, 27 Jun 2024 18:06:43 +0000 (02:06 +0800)]
Merge pull request #24468 from ne20002/master-crowdsec

Update crowdsec to latest upstream release version 1.6.2

5 months agoknot: update to version 3.3.7
Jan Hák [Wed, 26 Jun 2024 08:50:00 +0000 (10:50 +0200)]
knot: update to version 3.3.7

Signed-off-by: Jan Hák <jan.hak@nic.cz>
5 months agocrowdsec: Update to latest upstream release version 1.6.2 24468/head
S. Brusch [Thu, 27 Jun 2024 10:58:15 +0000 (12:58 +0200)]
crowdsec: Update to latest upstream release version 1.6.2

Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Package tested: with manual install on different partition tested

Description: update to latest version of upstream

5 months agoadblock: update 4.1.5-10
Dirk Brenken [Thu, 27 Jun 2024 05:47:10 +0000 (07:47 +0200)]
adblock: update 4.1.5-10

* made the DNS Reporting / tcpdump parsing code more capable
* small init fixes
* update readme

Signed-off-by: Dirk Brenken <dev@brenken.org>
5 months agofreeradius3: add PKG_BUILD_PARALLEL:=0
Esaaprilia Salsabila [Tue, 25 Jun 2024 16:10:01 +0000 (17:10 +0100)]
freeradius3: add PKG_BUILD_PARALLEL:=0

freeradius-3.2.4 had a build failure in the snapshoot release but it builds successfully when doing a pull request
https://downloads.openwrt.org/snapshots/faillogs/aarch64_generic/packages/freeradius3/compile.txt

https://github.com/openwrt/packages/pull/24417

as a solution we need to add

PKG_BUILD_PARALLEL:=0

to prevent freeradius3 from doing the build in parallel

Signed-off-by: Esaaprilia Salsabila <esaapriliasalsabila@gmail.com>
5 months agoauc: remove package
Daniel Golle [Tue, 25 Jun 2024 16:10:01 +0000 (17:10 +0100)]
auc: remove package

With 'owut' there is now a much better alternative available.
Retire and remove 'auc' in favor of 'owut'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 months agosnort3: improve date filtering in report
Eric Fahlgren [Wed, 14 Feb 2024 15:14:31 +0000 (07:14 -0800)]
snort3: improve date filtering in report

 - Take advantage of bug fix in jsonfilter to get rid of array hack, should
   improve memory footprint quite a bit

 - Implement substring matching in dates so you can collect data for a specific
   day, hour or run bin reports for histograms

 - Report title now contains specified date range, footer percentages

Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
5 months agodocker-compose: Update to version 2.28.1
Javier Marcet [Mon, 24 Jun 2024 14:38:39 +0000 (16:38 +0200)]
docker-compose: Update to version 2.28.1

Release notes:
https://github.com/docker/compose/releases/tag/v2.28.1

Signed-off-by: Javier Marcet <javier@marcet.info>
5 months agoowut: update to 2024.06.24
Eric Fahlgren [Mon, 24 Jun 2024 19:33:22 +0000 (12:33 -0700)]
owut: update to 2024.06.24

- fix up versioning in Makefile
- change package description doc link to wiki entry instead of github
- changes
  https://github.com/efahl/owut/commit/73b70e52e912527dc0e2b52e8723d930c519a116
  https://github.com/efahl/owut/commit/714c462cc8ee6bd683ffec9a488c706dd5ac755c
  https://github.com/efahl/owut/commit/1b222bdcb803d3a762eaedac93a91e05272ef56d

Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
5 months agocloudflared: Fix incorrect uci config syntax
Ryan Keane [Thu, 20 Jun 2024 21:16:27 +0000 (17:16 -0400)]
cloudflared: Fix incorrect uci config syntax

Fix incorrect uci config syntax, caused by a careless newbie contributer.
Modify function append_param_arg() in init script, to support hyphenated
arguments.
Add more command parameters as uci options, no value is set to keep it default.

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
5 months agodnslookup: Update to 1.11.1
Milinda Brantini [Mon, 24 Jun 2024 04:04:00 +0000 (12:04 +0800)]
dnslookup: Update to 1.11.1

Fixed unnecessary error when running with no arguments.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agominiupnpd: Update package to 2.3.6
Self Hosting Group [Wed, 19 Jun 2024 00:00:00 +0000 (00:00 +0000)]
miniupnpd: Update package to 2.3.6

and change title to term used in LuCi

Signed-off-by: Self Hosting Group <155233284+Self-Hosting-Group@users.noreply.github.com>
5 months agoqrencode: add support for PNG output
Marius Dinu [Fri, 17 Nov 2023 11:59:45 +0000 (13:59 +0200)]
qrencode: add support for PNG output

Added menuconfig option to enable PNG output. Default=disabled.

Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
5 months agonet-snmp: include ipv6 address & route mibs
Peca Nesovanovic [Wed, 27 Mar 2024 14:33:32 +0000 (15:33 +0100)]
net-snmp: include ipv6 address & route mibs

description: Since IPv6 is present in everyday use, we need to include
  information about IPv6 addresses & routes in SNMP

example:
  IP-MIB::ipAddressOrigin.ipv6

  IP-MIB::ipAddressOrigin[ipv6]["00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:01"] = manual
  IP-MIB::ipAddressOrigin[ipv6]["fd:00:00:09:02:55:00:00:00:00:00:00:00:00:01:01"] = manual
  IP-MIB::ipAddressOrigin[ipv6]["fe:80:00:00:00:00:00:00:0c:00:09:ff:fe:06:01:01"] = linklayer
  IP-MIB::ipAddressOrigin[ipv6]["fe:80:00:00:00:00:00:00:0c:02:09:ff:fe:00:01:01"] = linklayer
  IP-MIB::ipAddressOrigin[ipv6]["fe:80:00:00:00:00:00:00:ae:84:c6:ff:fe:25:8c:ce"] = linklayer

tested:
  23.05-snapshot
  master snapshot
  with LibreNMS, OpenWRT device IPv6 Addresses & Routes are properly recognized

Signed-off-by: Peca Nesovanovic <peca.nesovanovic@sattrakt.com>
5 months agogatling: Add procd files
Martin Hübner [Sat, 23 Mar 2024 14:59:58 +0000 (15:59 +0100)]
gatling: Add procd files

This commit adds a uci configuration file and makes the gatling server
controllable by procd.

Co-authored-by: Moritz Warning <moritzwarning@web.de>
Signed-off-by: Martin Hübner <martin.hubner@web.de>
5 months agodatabag: add package
Roland Osborne [Wed, 3 Apr 2024 18:58:17 +0000 (11:58 -0700)]
databag: add package

Signed-off-by: Roland Osborne <roland.osborne@gmail.com>
5 months agomodemmanager: add sourcefilter option support
Chen Minqiang [Mon, 22 Apr 2024 11:48:14 +0000 (19:48 +0800)]
modemmanager: add sourcefilter option support

This make source based IPv6 routing option available for
modemmanager case dhcpv6

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
5 months agospeedtest-netperf: add idle latency measurement
Tony Ambardar [Tue, 30 Apr 2024 02:52:59 +0000 (19:52 -0700)]
speedtest-netperf: add idle latency measurement

Allow measuring ping latency and CPU details at idle as a baseline before
measuring under data transfer loading. This allows better determination of
Latency Under Load, a critical bufferbloat parameter. The CPU details can
also be used to verify idle conditions or examine CPU frequency against
ping variations and jitter.

Change the default test duration to 30 seconds, which is adequate for SQM
tuning while reducing bandwidth consumption for upstream netperf servers.

Change the default ping host from gstatic.com to one.one.one.one, which is
widely available and generally shows lower latency.

When warning of internal netperf errors, suggest running netperf directly
to view error details.

Other minor updates include:
  - clear tmp file names for safety in case of traps
  - simplify ping code, argument parsing and number validation
  - fix cases of wrong protocol usage with hostname as ping target
  - drop unneeded egrep usage

Also update README accordingly, with clearer usage text and terminology.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
5 months agotinyproxy: fix upstream config generation
Daniel Kucera [Thu, 25 Apr 2024 06:47:29 +0000 (08:47 +0200)]
tinyproxy: fix upstream config generation

Signed-off-by: Daniel Kucera <daniel.kucera@gmail.com>
5 months agotinc: fix regression bring by commit fd61f2d
Erwan MAS [Sun, 23 Jun 2024 20:27:39 +0000 (16:27 -0400)]
tinc: fix regression bring by commit fd61f2d

Signed-off-by: Erwan MAS <erwan@mas.nom.fr>
5 months agoknot: fix EXTRA_DEPENDS for APK version schema
Christopher Ng [Wed, 1 May 2024 12:10:35 +0000 (13:10 +0100)]
knot: fix EXTRA_DEPENDS for APK version schema

EXTRA_DEPENDS now requires an `r` before the `PKG_RELEASE` because of
https://github.com/openwrt/openwrt/commit/e8725a932e16eaf6ec51add8c084d959cbe32ff2.

Fixes https://github.com/openwrt/packages/issues/23735

Signed-off-by: Christopher Ng <facboy@gmail.com>
5 months agodockerd: Update to 26.1.4
Milinda Brantini [Sun, 23 Jun 2024 07:12:20 +0000 (15:12 +0800)]
dockerd: Update to 26.1.4

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agozabbix: update to 7.0.0
Yanase Yuki [Wed, 5 Jun 2024 13:22:32 +0000 (22:22 +0900)]
zabbix: update to 7.0.0

License has been changed to AGPL-3.0-only

Signed-off-by: Yanase Yuki <dev@zpc.st>
5 months agozabbix: update to 6.4.15
Yanase Yuki [Wed, 5 Jun 2024 13:18:46 +0000 (22:18 +0900)]
zabbix: update to 6.4.15

Signed-off-by: Yanase Yuki <dev@zpc.st>
5 months agozabbix: update to 6.4.14
Yanase Yuki [Tue, 30 Apr 2024 03:26:03 +0000 (12:26 +0900)]
zabbix: update to 6.4.14

Signed-off-by: Yanase Yuki <dev@zpc.st>
5 months agozabbix: update to 6.4.13
Yanase Yuki [Wed, 27 Mar 2024 09:32:28 +0000 (18:32 +0900)]
zabbix: update to 6.4.13

Signed-off-by: Yanase Yuki <dev@zpc.st>
5 months agozabbix: update to 6.4.12
Yanase Yuki [Thu, 7 Mar 2024 08:23:55 +0000 (17:23 +0900)]
zabbix: update to 6.4.12

Signed-off-by: Yanase Yuki <dev@zpc.st>
5 months agozabbix: zabbix-agentd: depend on libevent2-pthreads
Yanase Yuki [Thu, 7 Mar 2024 08:15:22 +0000 (17:15 +0900)]
zabbix: zabbix-agentd: depend on libevent2-pthreads

zabbix-agentd requires libevent2-pthreads to build
correctly, so add it to DEPENDS.

Signed-off-by: Yanase Yuki <dev@zpc.st>
5 months agonginx-util: Rework ptr cleanup and error handling
Sean Khan [Wed, 5 Jun 2024 03:20:14 +0000 (23:20 -0400)]
nginx-util: Rework ptr cleanup and error handling

As per @Ansuel's not about ctx cleanup in error path, decided to rework
the patch.

Changes and Improvements:

Smart Pointers for Memory Management:
* The `EVP_PKEY_ptr` and `X509_NAME_ptr` smart pointers
  are used to manage the memory of `EVP_PKEY` and `X509_NAME`
  objects respectively to ensure proper cleanup.

Error Handling:
* Improved error messages and exception handling to provide
  more information about what went wrong.

Resource Cleanup:
* Ensured all allocated resources are now properly freed
  in case of an error to prevent memory leaks.

Signed-off-by: Sean Khan <datapronix@protonmail.com>
5 months agonginx-util: fix deprecated openssl 3.0 functions
Sean Khan [Mon, 15 Apr 2024 00:07:30 +0000 (20:07 -0400)]
nginx-util: fix deprecated openssl 3.0 functions

Since upstream openwrt has been using openssl 3.0 for quite some time,
figured we could clean up some of the legacy code.

This PR updates the code for EC/RSA key generation.

nginx-util currently only generates 'ecc' keys, even though the
framework is there for rsa as well.

In order properly test the changes, I created two binaries:

'nginx-util-ssl'     (generates ec keys)
'nginx-util-ssl-rsa' (generates rsa keys)

where I would change line:455 in `src/nginx-ssl-util.hpp`

`auto pkey = gen_eckey(NID_secp384r1)` to `auto pkey = gen_rsakey(2048)`

Example with UCI config

```
config server '_rsa'
list listen '443 ssl default_server'
list listen '[::]:443 ssl default_server'
option server_name '_rsa'
list include 'restrict_locally'
list include 'conf.d/*.locations'
option uci_manage_ssl 'self-signed'
option key_type 'rsa'
option ssl_certificate '/etc/nginx/conf.d/_rsa.crt'
option ssl_certificate_key '/etc/nginx/conf.d/_rsa.key'
option ssl_session_cache 'shared:SSL:32k'
option ssl_session_timeout '64m'
option access_log 'off; # logd openwrt'
```

➤ /opt/bin/nginx-ssl-util-rsa add_ssl _rsa
Adding SSL directives to UCI server: nginx._rsa
uci_manage_ssl='self-signed'
Created self-signed SSL certificate '/etc/nginx/conf.d/_rsa.crt' with key '/etc/nginx/conf.d/_rsa.key'.

[04/14/24 18:37:15](K-6.6.27)
root@WRX36 ~
➤ openssl x509 -in /etc/nginx/conf.d/_rsa.crt -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:55:a6:cd:52:25:31:fd:3c:78:66:24:82:5f:bb:b6:a6:fe:8f:c7
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = ZZ, ST = Somewhere, L = None, CN = OpenWrt, O = OpenWrtBF399B64ACF71BC3
        Validity
            Not Before: Apr 14 22:37:15 2024 GMT
            Not After : Jul 16 22:37:15 2027 GMT
        Subject: C = ZZ, ST = Somewhere, L = None, CN = OpenWrt, O = OpenWrtBF399B64ACF71BC3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ac:52:71:af:25:e9:05:0a:a5:d7:86:d3:8d:0b:
                    66:e0:09:cf:2a:cd:a1:63:57:36:46:61:04:16:fe:
                    94:84:d0:20:ab:01:15:55:aa:a1:89:c2:85:a9:84:
                    47:ba:84:d7:1f:a9:0c:c0:f0:67:2f:81:1d:1b:3b:
                    31:d5:94:6e:a0:f0:e6:ec:26:91:4a:e2:fd:58:4c:
                    ac:b5:9e:a1:cd:7d:91:51:29:81:1d:3e:4a:d9:d1:
                    d5:f1:2f:34:2f:ca:95:dc:42:d5:c4:d3:d6:b2:91:
                    d5:19:61:a2:b5:b1:90:f0:83:88:ef:92:c9:bf:a4:
                    59:a9:d6:00:6f:1c:0d:70:16:40:cc:cb:c0:de:c4:
                    8f:00:83:a3:2f:77:ca:18:cd:7b:d4:77:96:47:78:
                    1b:c1:ff:08:86:93:79:91:8f:a7:95:71:46:06:69:
                    fc:cc:65:64:e7:99:11:cc:82:bb:39:6b:12:27:73:
                    0e:d1:e7:65:51:9e:ad:dc:b3:ff:3f:ba:b0:72:4f:
                    22:ad:7e:41:bb:3c:c7:80:30:81:5f:8b:32:f4:7f:
                    22:48:3f:3d:a9:eb:28:27:12:db:a9:63:c9:7e:e2:
                    ed:36:de:e7:68:31:4e:9c:c0:36:e8:f2:d9:3f:50:
                    09:50:a3:e8:7a:03:00:4f:8d:e1:10:eb:a1:87:44:
                    be:23
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        06:7d:84:00:ac:8f:8b:a6:b6:b7:b5:ed:ee:7f:61:76:6d:ee:
        11:53:f6:d1:f8:95:ad:6c:d7:d0:3e:01:ac:bb:d7:7a:8d:59:
        80:ec:ba:b2:7b:78:5c:4f:5e:3f:f1:74:ad:d9:8c:a2:6b:08:
        9c:bf:b1:42:fd:8d:a6:35:48:4d:a7:2d:92:c9:45:66:77:32:
        a4:e0:ea:eb:e0:4a:42:f5:dd:ea:a2:c0:0a:66:5a:32:03:1d:
        e7:87:3a:7f:1e:00:ed:d0:21:01:d5:f9:e2:b1:e6:b7:cb:1c:
        67:11:de:69:7f:a2:ce:d0:fc:2d:f2:6c:33:84:4c:3d:f4:f6:
        60:6b:2e:31:b7:0c:41:2c:73:31:7e:94:19:a2:2b:6a:56:3f:
        07:37:71:97:28:58:91:63:b2:58:97:b2:aa:1e:d5:d9:6d:af:
        6f:a0:02:e0:06:39:b0:c9:f5:50:41:b5:58:41:6a:30:72:89:
        9a:67:7e:a1:7a:a5:02:b9:2a:f3:f8:93:4f:59:6e:b1:27:54:
        86:d1:ec:96:7a:dd:d1:44:6b:1e:3b:17:cf:15:64:ad:83:6b:
        63:20:2d:42:c3:28:68:14:de:12:4e:8a:c3:f3:10:c8:4b:4f:
        c7:d8:2b:a8:45:fb:3a:bd:9d:bd:08:71:08:09:ed:ea:9b:b9:
        3b:33:a6:a6

[04/14/24 18:37:27](K-6.6.27)
root@WRX36 ~
➤ /opt/bin/nginx-ssl-util add_ssl _ec
Adding SSL directives to UCI server: nginx._ec
uci_manage_ssl='self-signed'
Created self-signed SSL certificate '/etc/nginx/conf.d/_ec.crt' with key '/etc/nginx/conf.d/_ec.key'.

[04/14/24 18:37:43](K-6.6.27)
root@WRX36 ~
➤ openssl x509 -in /etc/nginx/conf.d/_ec.crt -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:32:fe:07:09:79:d1:40:d7:43:2e:45:3d:98:4a:77:65:d0:29:41
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C = ZZ, ST = Somewhere, L = None, CN = OpenWrt, O = OpenWrt2EDD40F41960C8C1
        Validity
            Not Before: Apr 14 22:37:43 2024 GMT
            Not After : Jul 16 22:37:43 2027 GMT
        Subject: C = ZZ, ST = Somewhere, L = None, CN = OpenWrt, O = OpenWrt2EDD40F41960C8C1
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:97:d2:b2:f0:c9:60:60:89:7e:ea:6f:48:1c:90:
                    8e:6d:1d:d8:58:46:8c:de:e9:50:e2:74:ea:d8:dd:
                    8c:d9:ed:f4:4c:b7:41:95:55:98:38:5a:9e:66:83:
                    b9:7c:79:71:9b:ec:18:ed:d9:09:3c:f7:64:32:ae:
                    59:ad:92:de:d7:c4:15:2e:e5:89:65:f4:29:8a:62:
                    a0:85:21:95:22:3a:38:e3:11:e6:f2:01:f6:50:62:
                    01:ed:68:0d:d0:0c:d4
                ASN1 OID: secp384r1
                NIST CURVE: P-384
    Signature Algorithm: ecdsa-with-SHA256
    Signature Value:
        30:65:02:30:78:af:d1:4f:57:b1:97:2b:87:aa:7f:a2:26:39:
        19:30:5c:4f:9c:f0:d7:ee:24:8e:a2:39:ec:70:af:16:eb:a6:
        72:96:d4:a7:2f:c1:38:f4:65:ed:ed:bf:22:c6:a4:6d:02:31:
        00:bc:ec:19:0e:3d:6a:d1:5a:ae:6d:5c:a3:ec:96:60:32:f9:
        6a:88:06:92:ed:c1:a7:44:2c:33:7a:22:72:0f:2a:ce:83:f0:
        f2:04:9e:49:60:ef:83:b4:7f:8b:af:61:c9

```

Maintainer: Peter Stadler <peter.stadler@student.uibk.ac.at>
Compile tested: aarch64, qualcommax, Master Branch
Run tested: aarch64, Dynalink DL-WRX36, Master Branch

Signed-off-by: Sean Khan <datapronix@protonmail.com>
5 months agomwan3: "use" action: run process via `exec` and handle whitespace
Lars Kruse [Mon, 6 May 2024 10:09:56 +0000 (12:09 +0200)]
mwan3: "use" action: run process via `exec` and handle whitespace

Previously the "use" command had the following shortcomings:
* a subprocess was created instead of replacing the shell process
* whitespace in arguments was not handled correctly

Implementation detail:
In shell context the `"$@"` expression should be used (instead of `$*`).
This allows the safe handling of arguments containing whitespace.

Closes: #20001
Signed-off-by: Lars Kruse <devel@sumpfralle.de>
5 months agoshairport-sync: fixed diagnostics settings
David Andreoletti [Tue, 2 Apr 2024 15:53:17 +0000 (23:53 +0800)]
shairport-sync: fixed diagnostics settings

shairport-sync expects statistics/log_verbosity/log_output_to settings
to be in the diagnostics section of shairport-sync's native config.

Prior to this commit, these settings were either missing (log_output_to)
or generated in the incorrect (general) native config section bloc.

Signed-off-by: David Andreoletti <david@andreoletti.net>
5 months agolibjwt: add package
Daniel Golle [Sat, 22 Jun 2024 14:34:02 +0000 (15:34 +0100)]
libjwt: add package

Add package for JWT C Library built against OpenSSL.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 months agolua-ffi: Add package
Jianhui Zhao [Sat, 22 Jun 2024 15:09:37 +0000 (23:09 +0800)]
lua-ffi: Add package

Lua-ffi is a portable lightweight C FFI for Lua, based on libffi
and aiming to be mostly compatible with LuaJIT FFI, but written
from scratch in C language.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
5 months agosane-backends: update to 1.3.1
Luiz Angelo Daros de Luca [Mon, 3 Jun 2024 04:58:06 +0000 (01:58 -0300)]
sane-backends: update to 1.3.1

Many changes since 1.0.31. See:

- https://gitlab.com/sane-project/backends/-/releases/1.0.32
- https://gitlab.com/sane-project/backends/-/releases/1.1.1
- https://gitlab.com/sane-project/backends/-/releases/1.2.1
- https://gitlab.com/sane-project/backends/-/releases/1.3.1

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
5 months agoowut: add new package
Eric Fahlgren [Tue, 4 Jun 2024 16:52:13 +0000 (09:52 -0700)]
owut: add new package

owut (OpenWrt Update Tool) is a command line program that gathers
information from the various openwrt.org build sites and reports
status on various aspects of builds and package availability.
It also shows many details about your current configuration and
installed packages, allowing it to create, download, verify and
install new images containing the user-installed packages.

It is written completely in 'ucode', allowing for user customization
on the installed device, without the need for compilers and linkers.

Documentation is available at https://github.com/efahl/owut
Forum thread at https://forum.openwrt.org/t/owut-openwrt-upgrade-tool/200035

Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
5 months agonfs-kernel-server: do not export /mnt by default
Yangyu Chen [Thu, 20 Jun 2024 07:04:30 +0000 (15:04 +0800)]
nfs-kernel-server: do not export /mnt by default

Currently, the nfs-kernel-server package exports /mnt by default after
it is installed. This is not a good default behavior, as it may expose
sensitive data to the network if a user mounts something on /mnt. This
commit commented out the line that exports /mnt, so the user has to
enable it explicitly.

Signed-off-by: Yangyu Chen <cyy@cyyself.name>
5 months agoopensc: update to version 0.25.1
Daniel Golle [Wed, 5 Jun 2024 01:09:21 +0000 (02:09 +0100)]
opensc: update to version 0.25.1

* New in 0.25.1; 2024-04-05
** General improvements
* Add missing file to dist tarball to build documentation (#3063)

** minidriver
* Fix RSA decryption with PKCS#1 v1.5 padding (#3077)
* Fix crash when app is not set (#3084)

* New in 0.25.0; 2024-03-06
** Security
* [CVE-2023-5992](https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992): Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC (#2948)
* [CVE-2024-1454](https://github.com/OpenSC/OpenSC/wiki/CVE-2024-1454): Potential use-after-free in AuthentIC driver during card enrollment in pkcs15init (#2962)

** General improvements
* Update OpenSSL 1.1.1 to 3.0 in MacOS build (#2930)
* Remove support for old card drivers Akis, GPK, Incrypto34 and Westcos, disable Cyberflex driver (#2885)
* Fix 64b to 32b conversions (#2993)
* Improvements for the p11test (#2991)
* Fix reader initialization without SCardControl (#3007)
* Make RSA PKCS#1 v1.5 depadding constant-time (#2948)
* Add option for disabling PKCS#1 v1.5 depadding (type 01 and 02) on the card (#2975)
* Enable MSI signing via Signpath CI integration for Windows (#2799)
* Fixed various issues reported by OSS-Fuzz and Coverity in drivers, PKCS#11 and PKCS#15 layer

** minidriver
* Fix wrong hash selection (#2932)

** pkcs11-tool
* Simplify printing EC keys parameters (#2960)
* Add option to import GENERIC key (#2955)
* Add support for importing Ed25518/448 keys (#2985)
** drust-tool
* Add tool for D-Trust cards (#3026, #3051)
** IDPrime
* Support uncompressed certificates on IDPrime 940 (#2958)
* Enhance IDPrime logging (#3003)
* Add SafeNet 5110+ FIPS token support (#3048)
** D-Trust Signature Cards
* Add support for RSA D-Trust Signature Card 4.1 and 4.4 (#2943)
** EstEID
* Remove expired EstEID 3.* card support (#2950)
** ePass2003
* Allow SW implementation with more SHA2 hashes and ECDSA (#3012)
* Fix EC key generation (#3045)
** SmartCard-HSM
* Fix SELECT APDU command (#2978)
** MyEID
* Update for PKCS#15 profile (#2965)
** Rutoken
* Support for RSA 4096 key algorithm (#3011)
** OpenPGP

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 months agopcsc-tools: update to version 1.7.1
Daniel Golle [Wed, 5 Jun 2024 01:07:51 +0000 (02:07 +0100)]
pcsc-tools: update to version 1.7.1

Adds a bunch of new ATRs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 months agopcsc-lite: update to version 2.2.3
Daniel Golle [Wed, 5 Jun 2024 01:05:13 +0000 (02:05 +0100)]
pcsc-lite: update to version 2.2.3

Switch to meson build system instead of autotools.

Changes since version 2.0.1:

2.2.3: Ludovic Rousseau
26 May 2024
- meson:
  . Fix build on Slackware 15
  . fail if both libusb and libudev are used
- Fix memory leak on exit
- libpcscspy: dump an output buffer only if the call succeeded
- Some code cleanup

2.2.2: Ludovic Rousseau
20 May 2024
- Serial support is ENABLED by default

2.2.1: Ludovic Rousseau
8 May 2024
- fix meson related issues
- Some code cleanup

2.2.0: Ludovic Rousseau
3 May 2024
- provide files for meson build tool (replaces autoconf/auoomake)
- fix a missing symbol in libpcscspy (bug introduced by the previous version)
- fix shutdown issues with hotplug_libusb
- update pcsc-spy manpage
- update copyright date
- Some other minor improvements

2.1.0: Ludovic Rousseau
12 April 2024
- LIBPCSCLITE_DELEGATE is used to redirect to another libpcsclite library
- setup_spy.sh displays the LIBPCSCLITE_DELEGATE value to use for spying
- provides libfake.c as a sample source code
- Some other minor improvements

2.0.3: Ludovic Rousseau
3 March 2024
- add SCARD_E_UNKNOWN_RES_MNG back

2.0.2: Ludovic Rousseau
3 March 2024
- SCardConnect() & SCardReconnect(): restrict the protocol used
- negotiate PTS also for the backup protocol
- pcscd.8:
  . document --disable-polkit
  . add "CONFIGURATION FILE" section
- Some other minor improvements

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 months agocontainerd: Update to 1.7.18
Milinda Brantini [Sun, 23 Jun 2024 08:09:02 +0000 (16:09 +0800)]
containerd: Update to 1.7.18

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agodocker: Update to 26.1.4
Milinda Brantini [Sun, 23 Jun 2024 08:12:39 +0000 (16:12 +0800)]
docker: Update to 26.1.4

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agokafs-client: introduce package
Nathaniel Wesley Filardo [Sat, 22 Jun 2024 22:56:08 +0000 (23:56 +0100)]
kafs-client: introduce package

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
5 months agokeyutils: package into the right directories
Nathaniel Wesley Filardo [Wed, 19 Jun 2024 23:59:39 +0000 (00:59 +0100)]
keyutils: package into the right directories

The kernel knows about /sbin/request-key *at that path*, and the shipped
configuration file presumes that /sbin/key.dns_resolver and /bin/keyctl are the
correct paths.

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
5 months agonode: bump to v20.15.0
Hirokazu MORIKAWA [Sun, 23 Jun 2024 06:05:29 +0000 (15:05 +0900)]
node: bump to v20.15.0

Notable Changes
* test_runner: support test plans
* inspector: introduce the --inspect-wait flag
* zlib: expose zlib.crc32()
* cli: allow running wasm in limited vmem with --disable-wasm-trap-handler

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
5 months agonetatalk: update to 3.2.0.
Antonio Pastor [Wed, 29 May 2024 00:24:13 +0000 (20:24 -0400)]
netatalk: update to 3.2.0.

Commit restores package after it was removed from OpenWrt 21.02.
Signed-off-by: Antonio Pastor <apccv@outlook.com>
5 months agomonit: update to 5.34.0
Yaroslav Petrov [Sat, 22 Jun 2024 04:50:14 +0000 (06:50 +0200)]
monit: update to 5.34.0
Compile tested: x86_64, PC Engines APU4, OpenWrt 22.03.5/main
Run tested: x86_64, PC Engines APU4, OpenWrt 22.03.5/main, div. tests

* update from 5.33.0 to 5.34.0 (See changelog: https://mmonit.com/monit/changes/)
* remove upstream (obsolete) patch

Signed-off-by: Yaroslav Petrov <info@lank.me>
5 months agomoreutils: fix depencies for ts
Erwan MAS [Sat, 22 Jun 2024 22:57:04 +0000 (18:57 -0400)]
moreutils: fix depencies for ts

Signed-off-by: Erwan MAS <erwan@mas.nom.fr>
5 months agoboost: Updates package to version 1.85.0
Carlos Miguel Ferreira [Sun, 23 Jun 2024 03:51:53 +0000 (04:51 +0100)]
boost: Updates package to version 1.85.0

This commit updates boost to version 1.85.0

New available libraries:
* *Charconv:* A high quality implementation of <charconv> in C++11,
  from Matt Borland. [2]
* *Scope:* A collection of scope guard utilities and a
  unique_resource wrapper, from Andrey Semashev. [3]

More info about Boost 1.85.0 can be found at the usual place [1].

[1]: https://www.boost.org/users/history/version_1_85_0.html
[2]: https://www.boost.org/libs/charconv/
[3]: https://www.boost.org/libs/scope/

Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
5 months agodocker-compose: Update to version 2.28.0
Javier Marcet [Fri, 21 Jun 2024 16:28:00 +0000 (18:28 +0200)]
docker-compose: Update to version 2.28.0

Release notes:
https://github.com/docker/compose/releases/tag/v2.28.0

Signed-off-by: Javier Marcet <javier@marcet.info>
5 months agodocker-compose: Update to version 2.27.3
Javier Marcet [Fri, 21 Jun 2024 16:27:35 +0000 (18:27 +0200)]
docker-compose: Update to version 2.27.3

Release notes:
https://github.com/docker/compose/releases/tag/v2.27.3

Signed-off-by: Javier Marcet <javier@marcet.info>
5 months agobanip: update 1.0.0-4
Dirk Brenken [Sat, 22 Jun 2024 08:12:59 +0000 (10:12 +0200)]
banip: update 1.0.0-4

* relax the firewall pre-check if fw4 is not running
* replace former stale tor feed source with 'https://www.dan.me.uk/torlist/?exit'
* add openvpn log term/search pattern example to the readme
* the default config now includes only log terms for dropbear and LuCI, all others are optional
* readme update

Signed-off-by: Dirk Brenken <dev@brenken.org>
5 months agofreeradius3: update version 3.2.4
Esaaprilia Salsabila [Wed, 19 Jun 2024 04:54:51 +0000 (12:54 +0800)]
freeradius3: update version 3.2.4

https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_2_4

don't make the DH file. It's not needed for OpenSSL >=1.1.0
FreeRADIUS/freeradius-server@afbf93b

update freeradius version 3.2.4

added freeradius3 package module

Signed-off-by: Esaaprilia Salsabila <esaapriliasalsabila@gmail.com>
5 months agoopenvpn: update to 2.6.11
Ivan Pavlov [Fri, 21 Jun 2024 05:10:44 +0000 (08:10 +0300)]
openvpn: update to 2.6.11

This is a bugfix release containing several security fixes.

Security fixes
--------------
 - CVE-2024-4877: Windows: harden interactive service pipe.
   Security scope: a malicious process with "some" elevated privileges
   could open the pipe a second time, tricking openvn GUI
   into providing user credentials (tokens),  getting full access
   to the account openvpn-gui.exe runs as.

 - CVE-2024-5594: control channel: refuse control channel messages
   with nonprintable characters in them.
   Security scope: a malicious openvpn peer can send garbage to openvpn log,
   or cause high CPU load.

 - CVE-2024-28882: only call schedule_exit() once (on a given peer).
   Security scope: an authenticated client can make the server "keep the session"
   even when the server has been told to disconnect this client

Bug fixes
---------
 - fix connect timeout when using SOCKS proxies

 - work around LibreSSL crashing on OpenBSD 7.5 when enumerating ciphers

 - Add bracket in fingerprint message and do not warn about missing verification

For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.11/Changes.rst

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
5 months agodnsdist: add config options for --uid and --gid
Sebastian Hamann [Sun, 31 Mar 2024 18:49:22 +0000 (20:49 +0200)]
dnsdist: add config options for --uid and --gid

These options allow running dnsdist as a non-root user.

Signed-off-by: Sebastian Hamann <code@ares-macrotechnology.com>
5 months agodocker-compose: Update to version 2.27.2
Javier Marcet [Thu, 20 Jun 2024 23:10:42 +0000 (01:10 +0200)]
docker-compose: Update to version 2.27.2

Release notes:
https://github.com/docker/compose/releases/tag/v2.27.2

Signed-off-by: Javier Marcet <javier@marcet.info>
5 months agoxray-core: update to 1.8.16
Milinda Brantini [Fri, 21 Jun 2024 03:23:51 +0000 (11:23 +0800)]
xray-core: update to 1.8.16

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agonatmap: reset PKG_RELEASE to 1
Milinda Brantini [Thu, 20 Jun 2024 07:44:41 +0000 (15:44 +0800)]
natmap: reset PKG_RELEASE to 1

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agoqbee-agent: new package qbee-agent 2024.23
Jon Henrik Bjørnstad [Mon, 17 Jun 2024 11:13:43 +0000 (13:13 +0200)]
qbee-agent: new package qbee-agent 2024.23

Signed-off-by: Jon Henrik Bjørnstad <jonhenrik@qbee.io>
5 months agoyt-dlp: Update to 2024.5.27
Ryan Keane [Tue, 18 Jun 2024 12:47:38 +0000 (08:47 -0400)]
yt-dlp: Update to 2024.5.27

Set PYPI_SOURCE_NAME for downloading.
Add python-hatchling as host build dependencies.

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>