feed/packages.git
3 years agoyggdrasil: bump to 0.3.13
William Fleurant [Sun, 23 Feb 2020 03:31:04 +0000 (22:31 -0500)]
yggdrasil: bump to 0.3.13

Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit 0642927d5dfc4dfe5fa1daa7d61d875677fbfa9c)

3 years agoyggdrasil: bump to 0.3.12
William Fleurant [Mon, 25 Nov 2019 00:18:53 +0000 (19:18 -0500)]
yggdrasil: bump to 0.3.12

Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit be4fe496ce7135bd4978cb7be7a563639babea69)

3 years agoyggdrasil: Change package configuration to UCI
George Iv [Thu, 14 Nov 2019 09:16:02 +0000 (04:16 -0500)]
yggdrasil: Change package configuration to UCI

Signed-off-by: George Iv <57254463+zhoreeq@users.noreply.github.com>
(cherry picked from commit 6857fd45c8498ea1fa97cfe8370ecaab2db03e5b)

3 years agoyggdrasil: fixes build name and version #10309
William Fleurant [Mon, 11 Nov 2019 05:10:48 +0000 (00:10 -0500)]
yggdrasil: fixes build name and version #10309

Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit bd415bc7bfd368f4dace5123cb6664344fc3011b)

3 years agoyggdrasil: uci firewall Section name and cover both IP versions
William Fleurant [Sat, 26 Oct 2019 17:41:13 +0000 (13:41 -0400)]
yggdrasil: uci firewall Section name and cover both IP versions
- rename the section instance to yggdrasil (feat. request)
- allow zone to cover both ip4 and ip6 fam

Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit 2baab77b77c3db5cb8bb61e5697373e5b8e9ac58)

3 years agoyggdrasil: bump to 0.3.11
William Fleurant [Sat, 26 Oct 2019 04:24:30 +0000 (00:24 -0400)]
yggdrasil: bump to 0.3.11

Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit 06bdd7aebfc5b84382af6f89e52aa96e6559d1d4)

3 years agoMerge pull request #16109 from nxhack/1907_libuv
Rosen Penev [Tue, 13 Jul 2021 06:15:11 +0000 (23:15 -0700)]
Merge pull request #16109 from nxhack/1907_libuv

[19.07] libuv: fix CVE-2021-22918

3 years agosyslog-ng: disable mqtt
Josef Schlehofer [Mon, 12 Jul 2021 14:14:31 +0000 (16:14 +0200)]
syslog-ng: disable mqtt

For now, disable mqtt as it was automatically enabled as the build
system finds compiled libpaho-mqtt-c and requires dependency.

---
Here is the output:
Package syslog-ng is missing dependencies for the following libraries:
libpaho-mqtt3c.so.1
---

This is a new feature since syslog-ng 3.33.1 and if anyone is interested
in it, it can be enabled.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit e319e89fde0f3c6b3c8ecfffe9bd759c9a44ac15)

3 years agolibuv: fix CVE-2021-22918 16109/head
Hirokazu MORIKAWA [Mon, 12 Jul 2021 06:13:13 +0000 (15:13 +0900)]
libuv: fix CVE-2021-22918

idna: fix OOB read in punycode decoder

libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii()
function which is used to convert strings to ASCII. This is called by
the DNS resolution function and can lead to information disclosures or
crashes.

libuv/libuv@b7466e3
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
3 years agosyslog-ng: update to version 3.33.1
Josef Schlehofer [Sun, 11 Jul 2021 18:16:47 +0000 (20:16 +0200)]
syslog-ng: update to version 3.33.1

- Release notes:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.33.1

- Bump version in config
It fixes:
WARNING: Configuration file format is too old, syslog-ng is running in compatibility mode. Please update it to use the syslog-ng 3.33 format at your time of convenience. To upgrade the configuration, please review the warnings about incompatible changes printed by syslog-ng, and once completed change the @version header at the top of the configuration file; config-version='3.31'

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 2b4be08a8c4fbe3d6dec90b91726375e9b38db61)

3 years agoMerge pull request #16087 from turris-cz/19.07/lxc-update-gpg-keyserver
Josef Schlehofer [Sun, 11 Jul 2021 18:44:23 +0000 (20:44 +0200)]
Merge pull request #16087 from turris-cz/19.07/lxc-update-gpg-keyserver

lxc: add patch to switch GPG server

3 years agoczmq: disable nss
Josef Schlehofer [Sun, 11 Jul 2021 17:38:48 +0000 (19:38 +0200)]
czmq: disable nss

While bumping czmq to version 4.2.1 from master branch into OpenWrt
19.07, it automatically detects nss when compiled before czmq.

These steps can verify this:

make package/nss/compile V=s
make package/czmq/compile V=s

Then czmq requires many dependencies:
Package czmq is missing dependencies for the following libraries:
libnspr4.so
libnss3.so
libnssutil3.so
libplc4.so
libplds4.so
libsmime3.so
libsoftokn3.so
libssl3.so

And this fails. If you are using SDK and wants to have just a few
packages then czmq gets compiled if any of those packages are not
present in build system.

This was also mentioned in the release notes for czmq 4.2.1:
https://github.com/zeromq/czmq/releases/tag/v4.2.1

> Note for packagers: NSS can now be used and linked against to avoid using
an internal embedded reimplementation of SHA. It is enabled by default if
present.

NSS was disabled before, so let's disable it.

This is required only for OpenWrt 19.07 as this is done differently in OpenWrt 21.02 and OpenWrt
master and czmq is compiled there.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agoapache: update to 2.4.48
Rosen Penev [Wed, 16 Jun 2021 01:36:03 +0000 (18:36 -0700)]
apache: update to 2.4.48

Fixes:

CVE-2019-17567
CVE-2020-13938
CVE-2020-13950
CVE-2020-35452
CVE-2021-26690
CVE-2021-26691
CVE-2021-30641
CVE-2021-31618

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(partially cherry picked from commit 6dfd07097de4e737444cf70c62d34453bbf84f7a)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[removed patch, which is not in OpenWrt 19.07 branch, used integer in
PKG_RELEASE instead of autorelease]

3 years agoczmq: update to version 4.2.1
Jan Pavlinec [Fri, 22 Jan 2021 12:25:56 +0000 (13:25 +0100)]
czmq: update to version 4.2.1

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 39b4c6454561e09d51e8ec062920727c584dca08)

3 years agolxc: add patch to switch GPG server 16087/head
Josef Schlehofer [Sat, 10 Jul 2021 14:33:08 +0000 (16:33 +0200)]
lxc: add patch to switch GPG server

By default, there was used sks-keyservers.net pool, which has invalid
SSL certificate and they also announced that their service is deprecate
and no longer maintained.

Use the same GPG server as LXC is using by default in the newer
releases.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agomsmtp: update to version 1.8.15
Josef Schlehofer [Sun, 30 May 2021 22:37:42 +0000 (00:37 +0200)]
msmtp: update to version 1.8.15

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 110abfb9f6a1718d1817a27cab96c28db4ee6012)

3 years agoMerge pull request #16051 from BKPepe/openwrt-19.07
Josef Schlehofer [Tue, 6 Jul 2021 14:20:02 +0000 (16:20 +0200)]
Merge pull request #16051 from BKPepe/openwrt-19.07

python3: update to version 3.7.11

3 years agoyoutube-dl: update to version 2021.4.7
Josef Schlehofer [Tue, 6 Apr 2021 20:45:06 +0000 (22:45 +0200)]
youtube-dl: update to version 2021.4.7

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 701ded952a2505d3c39184767d2d55d1e299ec0f)

3 years agoyoutube-dl: update to version 2021.2.10
Josef Schlehofer [Thu, 11 Feb 2021 13:55:39 +0000 (14:55 +0100)]
youtube-dl: update to version 2021.2.10

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit a7523a9fabae8842a2fd015d416d6634d5fb7496)

3 years agopython3: update to version 3.7.11 16051/head
Josef Schlehofer [Tue, 6 Jul 2021 07:14:42 +0000 (09:14 +0200)]
python3: update to version 3.7.11

Fixes: CVE-2021-3426
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agoMerge pull request #16004 from commodo/python-dateutil-setuptools-scm
Rosen Penev [Sat, 3 Jul 2021 22:17:09 +0000 (15:17 -0700)]
Merge pull request #16004 from commodo/python-dateutil-setuptools-scm

[19.07] python-dateutil: pin setuptools-scm version to 5.0.2

3 years agoMerge pull request #16023 from rs/nextdns-1.34.2-openwrt-19.07
Rosen Penev [Sat, 3 Jul 2021 22:15:49 +0000 (15:15 -0700)]
Merge pull request #16023 from rs/nextdns-1.34.2-openwrt-19.07

[19.07] nextdns: Update to version 1.34.2

3 years agonextdns: Update to version 1.34.2 16023/head
Olivier Poitrey [Fri, 2 Jul 2021 18:54:53 +0000 (18:54 +0000)]
nextdns: Update to version 1.34.2

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agoMerge pull request #15663 from Ansuel/fix-ddns-script
Florian Eckert [Fri, 2 Jul 2021 06:57:15 +0000 (08:57 +0200)]
Merge pull request #15663 from Ansuel/fix-ddns-script

[19-07] ddns-scripts: standardize required params declaration

3 years agoddns-scripts: standardize required params declaration 15663/head
Ansuel Smith [Wed, 19 May 2021 17:50:37 +0000 (19:50 +0200)]
ddns-scripts: standardize required params declaration

The luci app scan the script and search for params in the form of
$required_params.
This script use the form "${required_params}" and cause confusion
with the luci app by hiding needed values. Fix this by using the
standard way to declare required params following other ddns scripts.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
3 years agopython-dateutil: pin setuptools-scm version to 5.0.2 16004/head
Alexandru Ardelean [Wed, 30 Jun 2021 14:24:25 +0000 (17:24 +0300)]
python-dateutil: pin setuptools-scm version to 5.0.2

This is known to still work with Python2.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agoRevert "python-dateutil: disable setuptools-scm for build"
Alexandru Ardelean [Wed, 30 Jun 2021 14:23:00 +0000 (17:23 +0300)]
Revert "python-dateutil: disable setuptools-scm for build"

This reverts commit 29da5d65b6dc10ee6c2f8bfc7c868245289b2157.

That fix doesn't work fully correct as the egg directory has version 0.0.0.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agopython-dateutil: disable setuptools-scm for build
Alexandru Ardelean [Tue, 29 Jun 2021 09:03:16 +0000 (12:03 +0300)]
python-dateutil: disable setuptools-scm for build

Fixes https://github.com/openwrt/packages/issues/15988

It seems that the newer setuptools-scm package (6.0.1) has some
Python3-only syntax.
For the 19.07 release, where Python2 is still around this causes the
python-dateutil package to fail to build.

See https://github.com/pypa/setuptools_scm/issues/541

However, removing 'setuptools-scm' from the build also works.
This change does that.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agoMerge pull request #15974 from rs/nextdns-1.33.11-openwrt-19.07
Rosen Penev [Sat, 26 Jun 2021 19:44:24 +0000 (12:44 -0700)]
Merge pull request #15974 from rs/nextdns-1.33.11-openwrt-19.07

[19.07] nextdns: Update to version 1.33.11

3 years agonextdns: Update to version 1.33.11 15974/head
Olivier Poitrey [Sat, 26 Jun 2021 18:00:29 +0000 (18:00 +0000)]
nextdns: Update to version 1.33.11

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agonano: update to 5.8
Hannu Nyman [Thu, 17 Jun 2021 16:03:11 +0000 (19:03 +0300)]
nano: update to 5.8

Update nano editor version to 5.8.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 6f2ac237a18d0c8258ca838ff4df2245960b7aef)

3 years agonet/mosquitto: Update to 1.6.15
Karl Palsson [Fri, 11 Jun 2021 13:00:35 +0000 (13:00 +0000)]
net/mosquitto: Update to 1.6.15

This is a security release

Full release notes: https://mosquitto.org/blog/2021/06/version-2-0-11-released/

Fixes a remotely triggered memory leak

Signed-off-by: Karl Palsson <karlp@etactica.com>
3 years agoMerge pull request #15806 from blocktrron/pr-xr-usb-serial-1907
David Bauer [Tue, 8 Jun 2021 15:25:37 +0000 (17:25 +0200)]
Merge pull request #15806 from blocktrron/pr-xr-usb-serial-1907

xr_usb_serial_common: fix build

3 years agoxr_usb_serial_common: add PKG_MIRROR_HASH 15806/head
David Bauer [Tue, 8 Jun 2021 15:17:56 +0000 (17:17 +0200)]
xr_usb_serial_common: add PKG_MIRROR_HASH

The CI complained about a missing PKG_MIRROR_HASH.

Signed-off-by: David Bauer <mail@david-bauer.net>
3 years agoxr_usb_serial_common: fix build
David Bauer [Sat, 22 May 2021 08:39:53 +0000 (10:39 +0200)]
xr_usb_serial_common: fix build

Building the xr_usb_serial module fails for recent 4.14 kernel with
CONFIG_PM enabled:

xr_usb_serial_common.c:1574:15: error: 'ASYNCB_INITIALIZED' undeclared
(first use in this function); did you mean 'RCU_INITIALIZER'?

Use tty_port_initialized in order to determine the status of the TTY
port.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 69cf7836df9e226b4d596d057ca6ad846201e0d0)

3 years agoMerge pull request #15770 from DeathCamel58/libnet-1.2.x-libnet-config-fix
Rosen Penev [Sun, 6 Jun 2021 19:50:20 +0000 (12:50 -0700)]
Merge pull request #15770 from DeathCamel58/libnet-1.2.x-libnet-config-fix

[19.07] libnet-1.2.x: Export `libnet-config` in development environments

3 years agoMerge pull request #15780 from stangri/19.07-https-dns-proxy
Rosen Penev [Sat, 5 Jun 2021 21:29:07 +0000 (14:29 -0700)]
Merge pull request #15780 from stangri/19.07-https-dns-proxy

[19.07] https-dns-proxy: update to 2021-06-03-1

3 years agohttps-dns-proxy: update to 2021-06-03-1 15780/head
Stan Grishin [Fri, 4 Jun 2021 23:34:20 +0000 (23:34 +0000)]
https-dns-proxy: update to 2021-06-03-1

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agolibnet: Export `libnet-config` in development enviornments 15770/head
Dylan Corrales [Thu, 3 Jun 2021 18:36:49 +0000 (14:36 -0400)]
libnet: Export `libnet-config` in development enviornments

Affects `libnet-1.2.x`

Signed-off-by: Dylan Corrales <deathcamel58@gmail.com>
3 years agobanip: remove logd dependency
Dirk Brenken [Thu, 3 Jun 2021 05:02:42 +0000 (07:02 +0200)]
banip: remove logd dependency

* removed logd dependency, see openwrt#13820 for reference

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agoMerge pull request #15728 from stangri/19.07-https-dns-proxy
Rosen Penev [Wed, 2 Jun 2021 05:09:08 +0000 (22:09 -0700)]
Merge pull request #15728 from stangri/19.07-https-dns-proxy

[19.07] https-dns-proxy: 2021-05-14 bugfix: fallback to HTTP/1 by default

3 years agohttps-dns-proxy: 2021-05-14 bugfix: fallback to HTTP/1 by default 15728/head
Stan Grishin [Tue, 1 Jun 2021 04:32:42 +0000 (04:32 +0000)]
https-dns-proxy: 2021-05-14 bugfix: fallback to HTTP/1 by default

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agonetdata: update to version 1.30.1
Josef Schlehofer [Wed, 14 Apr 2021 22:39:03 +0000 (00:39 +0200)]
netdata: update to version 1.30.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 1d532fa545eef1ebd3ebef6ab41dfd709ad991e1)

3 years agoMerge pull request #15717 from stangri/19.07-https-dns-proxy
Rosen Penev [Sat, 29 May 2021 22:00:04 +0000 (15:00 -0700)]
Merge pull request #15717 from stangri/19.07-https-dns-proxy

[19.07] https-dns-proxy: update to 2021-05-14-1; bugfixes for dhcp server backup

3 years agohttps-dns-proxy: update to 2021-05-14-1; bugfixes for dhcp server backup 15717/head
Stan Grishin [Sat, 29 May 2021 20:12:27 +0000 (20:12 +0000)]
https-dns-proxy: update to 2021-05-14-1; bugfixes for dhcp server backup

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agosyslog-ng: update to 3.32.1
W. Michael Petullo [Mon, 10 May 2021 17:59:28 +0000 (12:59 -0500)]
syslog-ng: update to 3.32.1

Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit f93ef647932aa05a7a4eab69ffd9f49441076f81)

3 years agonano: update version to 5.7
Hannu Nyman [Sat, 1 May 2021 20:50:21 +0000 (23:50 +0300)]
nano: update version to 5.7

Upgrade nano editor to version 5.7.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 765e9868579e1da270b3c831ecf34949013cdf01)

3 years agonextdns: Update to version 1.32.1
Olivier Poitrey [Fri, 30 Apr 2021 15:51:03 +0000 (15:51 +0000)]
nextdns: Update to version 1.32.1

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agobind: bump to 9.16.15
Noah Meyerhans [Thu, 29 Apr 2021 18:08:58 +0000 (11:08 -0700)]
bind: bump to 9.16.15

Fixes the following security issues:

* CVE-2021-25216 - A specially crafted GSS-TSIG query could cause a buffer
                   overflow in the ISC implementation of SPNEGO.
* CVE-2021-25215 - named crashed when a DNAME record placed in the ANSWER
                   section during DNAME chasing turned out to be the final
                   answer to a client query.
* CVE-2021-25214 - Insufficient IXFR checks could result in named serving a
                   zone without an SOA record at the apex, leading to a
                   RUNTIME_CHECK assertion failure when the zone was
                   subsequently refreshed. This has been fixed by adding an
                   owner name check for all SOA records which are included
                   in a zone transfer.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
3 years agozerotier: update to 1.6.5
Moritz Warning [Tue, 27 Apr 2021 15:13:27 +0000 (17:13 +0200)]
zerotier: update to 1.6.5

Minor ZeroTier update. Refreshed patches.

Signed-off-by: Moritz Warning <moritzwarning@web.de>
3 years agoMerge pull request #15509 from hswong3i/openwrt-19.07-SQUID_enable-ssl-crtd
Josef Schlehofer [Wed, 28 Apr 2021 08:06:26 +0000 (10:06 +0200)]
Merge pull request #15509 from hswong3i/openwrt-19.07-SQUID_enable-ssl-crtd

[openwrt-19.07][cherry-pick] squid: Enable dynamic SSL certificate generation

3 years agosquid: Enable dynamic SSL certificate generation 15509/head
Wong Hoi Sing Edison [Sun, 25 Apr 2021 02:38:14 +0000 (10:38 +0800)]
squid: Enable dynamic SSL certificate generation

Maintainer: @neheb / @BKPepe / @zhanhb
Compile tested: ipq806x, generic, netgear_r7800, master
Run tested: ipq806x, generic, netgear_r7800, openwrt-19.07

Description:

Squid now only support HTTPS proxy in TCP tunnel mode (e.g. `ssl_bump splice all`):

    https_port 3128 ssl-bump tls-cert=/etc/squid/squid.pem generate-host-certificates=on
    ssl_bump splice all

In order to operate in SSL Bump mode, we need to compile with `--enable-ssl-crtd` for following configuration:

    https_port 3128 ssl-bump tls-cert=/etc/squid/squid.pem generate-host-certificates=on
    sslcrtd_program /usr/lib/squid/security_file_certgen -s /car/cache/squid/ssl_db -M 4MB
    ssl_bump stare all
    ssl_bump bump all

This PR switch the `SQUID_enable-ssl-crtd` into `default y`, therefore default enable SSL Bump mode.

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
(cherry picked from commit dbda77686d5dccb3d3999ed2e7dec18aab11fff8)

3 years agomosquitto: fix log_type config support
Karl Palsson [Mon, 26 Apr 2021 09:29:57 +0000 (09:29 +0000)]
mosquitto: fix log_type config support

As pointed out in https://github.com/openwrt/packages/issues/15506

The remainder of that patch isn't appropriate for 1907 however.

Signed-off-by: Karl Palsson <karlp@etactica.com>
3 years agoksmbd-tools: update to 3.3.9
Rosen Penev [Sat, 24 Apr 2021 09:18:40 +0000 (02:18 -0700)]
ksmbd-tools: update to 3.3.9

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 2e7c403fff0d3c07bdd6e5d8f925ce154a473491)

3 years agodnscrypt-proxy2: sync blocked-names to upstream one
Josef Schlehofer [Wed, 10 Feb 2021 10:37:09 +0000 (11:37 +0100)]
dnscrypt-proxy2: sync blocked-names to upstream one

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit d53d2df2832c392b8426cda4c99efeda17039ca7)

3 years agodnscrypt-proxy2: upgrade to 2.0.45
James Long [Wed, 10 Feb 2021 03:49:13 +0000 (11:49 +0800)]
dnscrypt-proxy2: upgrade to 2.0.45

Signed-off-by: James Long <james@jclong.net>
(cherry picked from commit 6467b6535b401bfc046096dc535729896697b0a1)

3 years agoadblock: fix polish source URL
Dirk Brenken [Thu, 22 Apr 2021 13:16:03 +0000 (15:16 +0200)]
adblock: fix polish source URL

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agoMerge pull request #15477 from rs/nextdns-1.32.0-openwrt-19.07
Rosen Penev [Wed, 21 Apr 2021 00:29:37 +0000 (17:29 -0700)]
Merge pull request #15477 from rs/nextdns-1.32.0-openwrt-19.07

[19.07] nextdns: Update to version 1.32.0

3 years agonextdns: Update to version 1.32.0 15477/head
Olivier Poitrey [Tue, 20 Apr 2021 15:08:39 +0000 (15:08 +0000)]
nextdns: Update to version 1.32.0

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agoMerge pull request #15468 from rs/nextdns-1.12.5-openwrt-19.07
Rosen Penev [Tue, 20 Apr 2021 01:59:37 +0000 (18:59 -0700)]
Merge pull request #15468 from rs/nextdns-1.12.5-openwrt-19.07

[19.07] nextdns: Update to version 1.12.5

3 years agonextdns: Update to version 1.12.5 15468/head
Olivier Poitrey [Tue, 20 Apr 2021 01:38:38 +0000 (01:38 +0000)]
nextdns: Update to version 1.12.5

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agoirqbalance: upgrade to version 1.8.0
Hannu Nyman [Sun, 18 Apr 2021 15:26:43 +0000 (18:26 +0300)]
irqbalance: upgrade to version 1.8.0

Upgrade irqbalance to version 1.8.0

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 6631cfaa61ff75d97ef1a41c6ec031198103c7df)

3 years agopulseaudio: update to 14.0
Rosen Penev [Tue, 24 Nov 2020 01:26:43 +0000 (17:26 -0800)]
pulseaudio: update to 14.0

Remove upstreamed OpenSSL patch.

Update MESON_ARGS.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 325c5650406f43106c594c1886e1031cc94ed60a)

3 years agopulseaudio: fix compilation without deprecated OpenSSL APIs
Rosen Penev [Mon, 10 Aug 2020 20:47:10 +0000 (13:47 -0700)]
pulseaudio: fix compilation without deprecated OpenSSL APIs

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit ca2da3f3158beb865da373b03bd184d57f33dd25)

3 years agopulseaudio: fix compilation with ICONV_FULL
Rosen Penev [Thu, 30 Jul 2020 23:41:16 +0000 (16:41 -0700)]
pulseaudio: fix compilation with ICONV_FULL

Reordered check to check external iconv first.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 67f8f57d06ab8776ad58371bb2a3be5cc995fcd6)

3 years agopulseaudio: Update ARM NEON/VFP detection
Jeffery To [Sun, 10 May 2020 19:02:05 +0000 (03:02 +0800)]
pulseaudio: Update ARM NEON/VFP detection

With openwrt/openwrt@8dcc1087602e2dd606e4f6e81a06aee62cfd4f4c, the ARM
FPU compiler options are no longer part of CONFIG_TARGET_OPTIMIZATION.

This updates various packages that look for NEON/VFP support to search
CONFIG_CPU_TYPE instead.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
3 years agopulseaudio: do not build NEON with unsupported platforms
Rosen Penev [Tue, 5 May 2020 01:04:19 +0000 (18:04 -0700)]
pulseaudio: do not build NEON with unsupported platforms

Unfortunately, meson's check is totally broken.

Fortunately, it's fairly easy to workaround.

Fixes compilation with all ARM platforms that don't support NEON.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 91e80e5442484e5bbb8515e686631c7e937f3a10)

3 years agopulseaudio: add lto and gc-sections to reduce size
Rosen Penev [Sun, 26 Apr 2020 03:27:28 +0000 (20:27 -0700)]
pulseaudio: add lto and gc-sections to reduce size

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 45e58e1cc34be2836a7baadfae8e0ccebd693cf9)

3 years agopulseaudio: fix pkgconfig paths
Rosen Penev [Sat, 18 Apr 2020 23:48:30 +0000 (16:48 -0700)]
pulseaudio: fix pkgconfig paths

Turns out, packages like mpd that use pkgconfig to find pulseaudio
end up using host paths.

Fixes compilation with at least mpd.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 21f67bf59915e2905b30de0f85219bcfbd23e14d)

3 years agopulseaudio: update to 13.0
Rosen Penev [Sat, 18 Apr 2020 09:27:55 +0000 (02:27 -0700)]
pulseaudio: update to 13.0

Converted to use meson for compilation speed.

Removed libwrap dependency. Upstream no longer supports it.

Removed intltool and glib2 host dependencies. They seem to be no
longer needed.

Removed upstream patch.

Minor cleanups.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 78d84d4c9cb4c6da404d47ddc7dc5c18fa4c33cb)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[rebased on commit from master branch]

3 years agopulseaudio: Backport upstream patch
Rosen Penev [Tue, 17 Sep 2019 23:36:31 +0000 (16:36 -0700)]
pulseaudio: Backport upstream patch

Fixes compilation with recent alsa-libs.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 123373b1b7de076ca58b25b1116cc4801e483cb0)

3 years agoMerge pull request #15384 from VolunteerComputingHelp/openwrt-19.07
Rosen Penev [Sat, 17 Apr 2021 16:05:05 +0000 (09:05 -0700)]
Merge pull request #15384 from VolunteerComputingHelp/openwrt-19.07

Transfer of boinc 7.16.16 from 21.02 to 19.07

3 years agoMerge pull request #15413 from luizluca/19.07/ruby-2.6.7
Josef Schlehofer [Tue, 13 Apr 2021 12:55:18 +0000 (14:55 +0200)]
Merge pull request #15413 from luizluca/19.07/ruby-2.6.7

[19.07] ruby: update to 2.6.7

3 years agoruby: update to 2.6.7 15413/head
Luiz Angelo Daros de Luca [Mon, 12 Apr 2021 17:58:39 +0000 (14:58 -0300)]
ruby: update to 2.6.7

Fixes two CVEs:

CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick
CVE-2021-28965: XML round-trip vulnerability in REXML

After this release, ruby 2.6 is now in security maintenance phase.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
3 years agonetdata: disable shared memory totals by default
Tiago Gaspar [Sat, 10 Apr 2021 23:21:58 +0000 (00:21 +0100)]
netdata: disable shared memory totals by default

Fix log spam:
daemon.err netdata[2090]: PROCFILE: Cannot open file '/proc/sysvipc/shm'
This is caused by a non existant /proc/sysvipc/shm because of the
CONFIG_PROC_STRIPPED option that is enabled by default in the kernel
generic target config

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit 5f65d87bb7727be85e7d3e02045302d6eb76ff7e)

3 years agohttps-dns-proxy: bugfix: race condition with dnsmasq
Stan Grishin [Sun, 11 Apr 2021 01:30:45 +0000 (01:30 +0000)]
https-dns-proxy: bugfix: race condition with dnsmasq

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agoboinc: Transfer v7.16.16 from 21.02 to 19.07 15384/head
Steffen Moeller [Fri, 9 Apr 2021 01:16:10 +0000 (03:16 +0200)]
boinc: Transfer v7.16.16 from 21.02 to 19.07

Intentionally unchanged from 43d21e650d4409b45ccc2c70fe507a29f783dda3,
i.e. the pull request #14862 from neheb/boi

Signed-off-by: Steffen Moeller <moeller@debian.org>
3 years agoadblock: fix games_tracking source url
Dirk Brenken [Fri, 9 Apr 2021 16:38:16 +0000 (18:38 +0200)]
adblock: fix games_tracking source url

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agoMerge pull request #15254 from dibdot/19.07
Dirk Brenken [Fri, 9 Apr 2021 16:34:08 +0000 (18:34 +0200)]
Merge pull request #15254 from dibdot/19.07

[19.07] travelmate: minimal change to fix cp detection

3 years agotravelmate: minimal change to fix cp detection 15254/head
Dirk Brenken [Thu, 25 Mar 2021 11:07:32 +0000 (12:07 +0100)]
travelmate: minimal change to fix cp detection

* fix cp detection proposed by @ChristianKuehnel
* add/adapt mikrotik login script provided by @Christian Kuehnel

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agorpcd-mod-lxc: add postinst to reload rpcd on update/installation
Karel Kočí [Mon, 7 Dec 2020 15:54:11 +0000 (16:54 +0100)]
rpcd-mod-lxc: add postinst to reload rpcd on update/installation

This is dependency of luci-app-lxc and when users install that package
it is no way clear that they have to reload rpcd to get it working
correctly. Without it container listing does not work.
In general this reload should be in this package simply because other
rpcd-mod-* packages reload rpcd as well.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit 54b6116d7d3f6df94df621dcabdc0c158fd4b5f2)

3 years agoksmbd-tools: update to 3.3.8
Rosen Penev [Wed, 7 Apr 2021 04:50:36 +0000 (21:50 -0700)]
ksmbd-tools: update to 3.3.8

Major changes are:
  disable symlink by default.
  remove smack inherit leftovers.
  Enable guest access on IPC$ share by default.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit c6fa2d5bfaf24f347efd7156b2ad5b1cf62bd9a9)

3 years agoksmbd-tools: Add a mDNS TXT record for the ksmbd service
Kirill Nikolaev [Mon, 5 Apr 2021 23:03:18 +0000 (01:03 +0200)]
ksmbd-tools: Add a mDNS TXT record for the ksmbd service

MacOS ignores Bonjour services for which TXT records are not returned. This changes forces umdns service to return a TXT record (`daemon=ksmbd`) for the ksmbd service. The exact content is unimportant and to the best of my knowledge nothing reads the `daemon` tag.

Symptoms of the problem (which are also debugging steps):
* Finder refuses to open the OpenWRT "computer" in the Network list.
* Discovery.app (Bonjour Browser) lists the _ssh._tcp service, but the submenu for it doesn't unfold and no address is shown.
* `dns-sd -L OpenWrt _smb._tcp` doesn't return any address.

Signed-off-by: Kirill Nikolaev <cyril7@gmail.com>
(cherry picked from commit 272b0a5c1873a34f6609e7af38395cea3f02bda5)

3 years agoksmbd-tools: update to 3.3.7
Rosen Penev [Sat, 13 Mar 2021 02:14:23 +0000 (18:14 -0800)]
ksmbd-tools: update to 3.3.7

Major change are:

ksmbd.control -s terminate ksmbd.mountd as well as kernel server.
Update configuration.txt and README.
Turn off smb2 leases by default again.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 7a1a8f3659cf79237fba6394fbea42755af38a52)

3 years agoksmbd-tools: update to 3.3.6
Rosen Penev [Fri, 12 Mar 2021 20:44:39 +0000 (12:44 -0800)]
ksmbd-tools: update to 3.3.6

Major changes are:

Add missing g_rwlock_init() for rpc_samr and rpc_lsaprc.
Fix potential potential null pointer dereferencing error.
Fix memleak.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit d95edf16eff9fe7ee27eb084764d5cc329155b15)

3 years agoksmbd-tools: update to 3.3.5
Martin Blumenstingl [Sat, 20 Feb 2021 14:30:03 +0000 (15:30 +0100)]
ksmbd-tools: update to 3.3.5

Major changes for version 3.3.5 are:
- Rename "streams" parameter to "vfs objects = streams_xattr".
- Enable smb2 leases by default.
- Ignore ksmbd.subauth creation failure.
- Fix bugs that related to guest ok = yes.

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
(cherry picked from commit 58f91090f598892d12f435e02e09f3b37fd059d3)

3 years agonut: fix typo in nutshutdown script
Sven Roederer [Sat, 3 Apr 2021 20:00:31 +0000 (22:00 +0200)]
nut: fix typo in nutshutdown script

Even it's only cosmetic and should not affect the function of regular system,
fix the name of the IPKG_INSTROOT variable.
Typo was added long ago with 8400c9a6ec799.

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
(cherry picked from commit f25f49a8b7c5a038f8a50dbb74e10db19f26d15a)

3 years agonetdata: update to version 1.29.3
Josef Schlehofer [Sun, 21 Mar 2021 23:56:07 +0000 (00:56 +0100)]
netdata: update to version 1.29.3

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 5074fbbfdc8536daf1d979f7ead32cebb1ec2acb)
(cherry picked from commit 4322399166a0083ff090714ab022d8be72fdb257)

3 years agosyslog-ng: update to version 3.31.2
Josef Schlehofer [Sun, 21 Mar 2021 23:50:54 +0000 (00:50 +0100)]
syslog-ng: update to version 3.31.2

Bump config file

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 3d817e968e8d9289255f1eea293363835f6e74a7)

3 years agoadblock: fix init status command
Dirk Brenken [Thu, 1 Apr 2021 18:55:45 +0000 (20:55 +0200)]
adblock: fix init status command

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agoMerge pull request #15295 from lucize/librefix
Rosen Penev [Sun, 28 Mar 2021 21:48:00 +0000 (14:48 -0700)]
Merge pull request #15295 from lucize/librefix

[19.07] libreswan: update cu 3.32

3 years agolibreswan: update cu 3.32 15295/head
Lucian Cristian [Sun, 28 Mar 2021 18:47:50 +0000 (21:47 +0300)]
libreswan: update cu 3.32

CVE and NSS fix

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
3 years agoMerge pull request #15252 from ja-pa/gnutls-security-fix-19.07
Nikos Mavrogiannopoulos [Fri, 26 Mar 2021 20:55:20 +0000 (21:55 +0100)]
Merge pull request #15252 from ja-pa/gnutls-security-fix-19.07

[OpenWrt 19.07] gnutls: patch security issue

3 years agoMerge pull request #15255 from ja-pa/mariadb-10.2.37-openwrt-19.07
Rosen Penev [Fri, 26 Mar 2021 20:24:25 +0000 (13:24 -0700)]
Merge pull request #15255 from ja-pa/mariadb-10.2.37-openwrt-19.07

[OpenWrt 19.07] mariadb: update to version 10.2.37

3 years agoMerge pull request #15256 from cartender/pr_libftdi1_19
Rosen Penev [Fri, 26 Mar 2021 20:23:13 +0000 (13:23 -0700)]
Merge pull request #15256 from cartender/pr_libftdi1_19

[19.07] libftdi1: Improve build binary reproducibility

3 years agolibftdi1: Improve build binary reproducibility 15256/head
Giovanni Giacobbi [Thu, 25 Mar 2021 14:59:51 +0000 (14:59 +0000)]
libftdi1: Improve build binary reproducibility

The library embeds the result of "git describe" inside the source code, making the binary result dependent of the particular commit being used in the build root when building inside a git working copy.

As this is unnecessary information, remove this option and fallback to the default "unknown", which is also the value compiled by tools that do not clone but export the openwrt base tree.

Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
3 years agoMerge pull request #15214 from BKPepe/aiohttp-19.07
Josef Schlehofer [Thu, 25 Mar 2021 23:48:13 +0000 (00:48 +0100)]
Merge pull request #15214 from BKPepe/aiohttp-19.07

python-aiohttp: backport fix for CVE-2021-21330

3 years agohttps-dns-proxy: bugfix: correct PROCD firewall object
Stan Grishin [Thu, 25 Mar 2021 22:55:51 +0000 (22:55 +0000)]
https-dns-proxy: bugfix: correct PROCD firewall object

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agomariadb: update to version 10.2.37 15255/head
Jan Pavlinec [Thu, 25 Mar 2021 13:30:10 +0000 (14:30 +0100)]
mariadb: update to version 10.2.37

Fixes CVE-2021-27928

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agognutls: patch security issue 15252/head
Jan Pavlinec [Thu, 25 Mar 2021 09:34:29 +0000 (10:34 +0100)]
gnutls: patch security issue

Fixes
CVE-2021-20231
CVE-2021-20232

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>