Alexandru Ardelean [Fri, 23 Sep 2022 11:59:42 +0000 (14:59 +0300)]
django: bump to version 4.1.1
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Michael Heimpold [Thu, 6 Oct 2022 05:40:56 +0000 (07:40 +0200)]
Merge pull request #19534 from mhei/php8-pecl-http-update-4.2.3
php8-pecl-http: update to 4.2.3
Philip Prindeville [Wed, 5 Oct 2022 22:01:33 +0000 (16:01 -0600)]
Merge pull request #19532 from pprindeville/isc-dhcp-drop-gratuitous-named-reload
isc-dhcp: avoid gratuitous reload of named
Hirokazu MORIKAWA [Wed, 5 Oct 2022 02:27:26 +0000 (11:27 +0900)]
node: bump to v16.17.1
The following CVEs are fixed in this release:
* CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
* Insufficient fix for macOS devices on v18.5.0
* CVE-2022-32222: Node 18 reads openssl.cnf from /home/iojs/build/ upon startup on MacOS (Medium)
* CVE-2022-32213: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)
* Insufficient fix on v18.5.0
* CVE-2022-32215: HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)
* Insufficient fix on v18.5.0
* CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)
* CVE-2022-35255: Weak randomness in WebCrypto keygen
More detailed information on each of the vulnerabilities can be found in September 22nd 2022 Security Releases blog post.
llhttp updated to 6.0.10
llhttp is updated to 6.0.10 which includes fixes for the following vulnerabilities.
* HTTP Request Smuggling - CVE-2022-32213 bypass via obs-fold mechanic (Medium)(CVE-2022-32213 ): The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
* HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215): The llhttp parser in the http module does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
* HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)(CVE-35256): The llhttp parser in the http does not correctly handle header fields that are not terminated with CLRF. This can lead to HTTP Request Smuggling (HRS).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Glenn Strauss [Sat, 1 Oct 2022 07:58:16 +0000 (03:58 -0400)]
lighttpd: remove deprecated modules
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Michael Heimpold [Wed, 5 Oct 2022 18:52:38 +0000 (20:52 +0200)]
php8-pecl-http: update to 4.2.3
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Philip Prindeville [Wed, 5 Oct 2022 17:18:33 +0000 (11:18 -0600)]
isc-dhcp: avoid gratuitous reload of named
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Florian Eckert [Wed, 5 Oct 2022 14:27:46 +0000 (16:27 +0200)]
Merge pull request #19520 from dyarkovoy/master
mwan3: support offload routing modifier
Denys Yarkovyi [Tue, 4 Oct 2022 07:27:16 +0000 (00:27 -0700)]
mwan3: support offload routing modifier
Signed-off-by: Denys Yarkovyi <dyarkovoy@gmail.com>
Stan Grishin [Wed, 5 Oct 2022 06:41:06 +0000 (23:41 -0700)]
Merge pull request #19527 from stangri/master-https-dns-proxy
https-dns-proxy: add settings for canary domains
Stan Grishin [Tue, 4 Oct 2022 22:07:52 +0000 (22:07 +0000)]
https-dns-proxy: add settings for canary domains
* add setting to enable/disable blocking access to iCloud Private Relay resolvers
* add setting to enable/disable blocking access to Mozilla resolvers
* rename variables loaded from config in the init script
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Stan Grishin [Tue, 4 Oct 2022 22:06:09 +0000 (15:06 -0700)]
Merge pull request #19525 from stangri/master-https-dns-proxy
https-dns-proxy: bugfix: prevent canary domains duplicates
Stan Grishin [Tue, 4 Oct 2022 21:25:42 +0000 (21:25 +0000)]
https-dns-proxy: bugfix: prevent canary domains duplicates
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Petr Štetiar [Mon, 3 Oct 2022 17:03:15 +0000 (19:03 +0200)]
treewide: fix security issues by bumping all packages using libwolfssl
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit
ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.
Same bump has been done in buildroot in commit
f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Michael Heimpold [Tue, 4 Oct 2022 05:25:06 +0000 (07:25 +0200)]
Merge pull request #19512 from mhei/php8-update-8.1.11
php8: update to 8.1.11
Stan Grishin [Tue, 4 Oct 2022 03:59:51 +0000 (20:59 -0700)]
Merge pull request #19501 from stangri/master-simple-adblock
simple-adblock: allow domains bugfix & canary domains support
Nick Hainke [Fri, 30 Sep 2022 10:03:05 +0000 (12:03 +0200)]
expat: update to 2.4.9
Fixes CVE-2022-40674.
Release Notes:
- https://github.com/libexpat/libexpat/blob/R_2_4_8/expat/Changes
- https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes
Signed-off-by: Nick Hainke <vincent@systemli.org>
Andrew Sim [Sat, 1 Oct 2022 10:12:34 +0000 (12:12 +0200)]
samba4: update waf-cross-answers
* update waf-cross-answers for 4.14.x
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Andrew Sim [Sat, 1 Oct 2022 10:09:32 +0000 (12:09 +0200)]
samba4: update to 4.14.14
* update to 4.14.14
* fixes: CVE-2022-2031, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746, CVE-2022-32742
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Javier Marcet [Sun, 2 Oct 2022 16:58:15 +0000 (18:58 +0200)]
python-stem: update to v1.8.1
Signed-off-by: Javier Marcet <javier@marcet.info>
Michael Heimpold [Mon, 3 Oct 2022 09:08:08 +0000 (11:08 +0200)]
php8: update to 8.1.11
This fixes:
- CVE-2022-31628
- CVE-2022-31629
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Michael Heimpold [Mon, 3 Oct 2022 08:01:29 +0000 (10:01 +0200)]
Merge pull request #19478 from mhei/libmodbus-update-3.1.8
libmodbus: update to 3.1.8
Michael Heimpold [Mon, 3 Oct 2022 08:01:15 +0000 (10:01 +0200)]
Merge pull request #19497 from mhei/php8-ext-sodium
php8: php8-pecl-sodium with php8-mod-sodium (refs #18997)
Vladimir Ulrich [Sun, 2 Oct 2022 02:26:50 +0000 (05:26 +0300)]
zoneinfo: updated to the latest release
Signed-off-by: Vladimir Ulrich <admin@evl.su>
Tianling Shen [Sun, 2 Oct 2022 04:58:23 +0000 (12:58 +0800)]
gg: Update to 0.2.13
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Sun, 2 Oct 2022 04:55:46 +0000 (12:55 +0800)]
dnsproxy: Update to 0.45.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Sun, 2 Oct 2022 04:57:25 +0000 (12:57 +0800)]
cloudflared: Update to 2022.9.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Stan Grishin [Sat, 1 Oct 2022 23:11:28 +0000 (23:11 +0000)]
simple-adblock: allow domains bugfix & canary domains support
* fix bug in download_lists and adb_allow to prevent unintended exclisions from
the block-lists of domains containing allowed domain. Fixes issue:
https://github.com/stangri/source.openwrt.melmac.net/issues/160
* add support for returning NXDOMAIN/blocking iCloud & Mozilla canary domains,
disabled by default
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Stan Grishin [Sat, 1 Oct 2022 23:01:33 +0000 (16:01 -0700)]
Merge pull request #19489 from stangri/master-https-dns-proxy
https-dns-proxy: uci wrappers & iCloud canary domains
Michael Heimpold [Tue, 23 Aug 2022 16:19:56 +0000 (18:19 +0200)]
php8-pecl-sodium: drop package, replaced by php8-mod-sodium (refs #18997)
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Michael Heimpold [Tue, 9 Aug 2022 21:30:41 +0000 (23:30 +0200)]
php8: add sodium extensions (refs #18997)
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Stan Grishin [Thu, 29 Sep 2022 23:58:53 +0000 (23:58 +0000)]
https-dns-proxy: uci wrappers & iCloud canary domains
* switch to using uci wrappers instead of direct uci calls
* add support for iCloud canary domains
https://developer.apple.com/support/prepare-your-network-for-icloud-private-relay
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Rosen Penev [Sun, 18 Sep 2022 00:26:50 +0000 (17:26 -0700)]
bandwidthd: fix format warnings
Should fix crashing errors under musl 1.2
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Javier Marcet [Tue, 27 Sep 2022 18:10:56 +0000 (20:10 +0200)]
docker-compose: Update to version 2.11.2
Signed-off-by: Javier Marcet <javier@marcet.info>
Josef Schlehofer [Thu, 29 Sep 2022 05:11:41 +0000 (07:11 +0200)]
Merge pull request #19447 from turris-cz/unbound
unbound: update to version 1.16.3
Michael Heimpold [Wed, 28 Sep 2022 19:23:58 +0000 (21:23 +0200)]
libmodbus: update to 3.1.8
- drop obsolete configure argument
- update download url
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Rosen Penev [Sun, 25 Sep 2022 05:07:46 +0000 (22:07 -0700)]
python3: use tools/expat for host build
Oversight from when the expat host build was removed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rafał Miłecki [Wed, 28 Sep 2022 07:50:51 +0000 (09:50 +0200)]
Merge pull request #19470 from rmilecki/ddns-scripts-code-cleanup
ddns-scripts: clean up code a bit to make it easier to understand
Rafał Miłecki [Tue, 27 Sep 2022 15:42:58 +0000 (17:42 +0200)]
ddns-scripts: add explicit "-d" switch for Dry Run
It was a bit confusing to use *verbosity* level for Dry Run mode. Add
explicity switch for it and designed DRY_RUN variable to make code
easier to understand.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Tue, 27 Sep 2022 15:42:58 +0000 (17:42 +0200)]
ddns-scripts: rename variable: s/ERR_UPDATE/RETRY_COUNT/
Rename variable to make code easier to understand. This variable
specifies how many times in row ddns script tried to update IP without a
success.
Previous name ("ERR_UPDATE") didn't suggest it was for counting
anything. It also didn't specify was error was it related to.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Tue, 27 Sep 2022 15:42:58 +0000 (17:42 +0200)]
ddns-scripts: replace IP type (name) "local" with "current"
Local suggests something related to the local network or available
locally only. All that code related to the "local" IP was actually
dealing with *current* device external IP address. Using name "current"
should make code a bit easier to understand.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Tue, 27 Sep 2022 15:42:58 +0000 (17:42 +0200)]
ddns-scripts: rename variable: s/retry_count/retry_max_count/
Rename variable to make code easier to understand. This variable
specifies how many times ddns script should try to send a request.
Previous name ("retry_count") suggested it was for *counting* attempts.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Stan Grishin [Tue, 27 Sep 2022 10:37:57 +0000 (03:37 -0700)]
Merge pull request #19448 from stangri/master-simple-adblock
simple-adblock: update to 1.9.1-1
Etienne Champetier [Mon, 26 Sep 2022 19:31:12 +0000 (15:31 -0400)]
Merge pull request #19465 from TELUS-BBA/zabbix6.2
zabbix: update to 6.2.3
Stan Grishin [Mon, 26 Sep 2022 19:07:38 +0000 (12:07 -0700)]
Merge pull request #19460 from stangri/master-curl
curl: bugfix: github source url
Scott Roberts [Mon, 26 Sep 2022 15:41:21 +0000 (09:41 -0600)]
zabbix: update to 6.2.3
Refreshed patches.
Signed-off-by: Scott Roberts <ttocsr@gmail.com>
Eneas U de Queiroz [Mon, 8 Aug 2022 13:30:56 +0000 (10:30 -0300)]
lua-eco: adapt SSL choice to libwolfsslcpu-crypto
libwolfsslcpu-crypto has to be taken into consideration when selecting
the default SSL backend.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Florian Eckert [Mon, 26 Sep 2022 09:41:43 +0000 (11:41 +0200)]
Merge pull request #19446 from jamesmacwhite/mwan3-config-replace-google-dns
mwan3: Switch default track_ip targets from Google DNS to Cloudflare DNS
Karl Palsson [Fri, 23 Sep 2022 12:15:56 +0000 (12:15 +0000)]
libs/libwebsockets: Update to 4.3.x
Changes since 4.2 are extensive, as always.
https://libwebsockets.org/git/libwebsockets/tree/changelog?h=v4.3-stable#n4
Eg, Adds CBOR, support for reduced memory CA verification, cookie jars,
mqtt client gains qos2, mbedtls v3, fault injection apis, better support
for event loops.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Karl Palsson [Fri, 23 Sep 2022 12:48:32 +0000 (12:48 +0000)]
lang: lua-penlight: update to 1.13.1
These are bugfix and feature releases.
Changes from 1.11->1.12:
https://github.com/lunarmodules/Penlight/blob/master/CHANGELOG.md#1120-2022-jan-10
Changes from 1.12->1.13:
https://github.com/lunarmodules/Penlight/blob/master/CHANGELOG.md#1130-2022-jul-22
Signed-off-by: Karl Palsson <karlp@etactica.com>
Karl Palsson [Fri, 23 Sep 2022 12:01:25 +0000 (12:01 +0000)]
libs/cjson: bump to 1.7.15
This is a bugfix release.
Full release notes available at: https://github.com/DaveGamble/cJSON/releases/tag/v1.7.15
Signed-off-by: Karl Palsson <karlp@etactica.com>
Karl Palsson [Mon, 19 Sep 2022 14:15:27 +0000 (14:15 +0000)]
pagekite: add patchs for 64bit time
Source: https://github.com/pagekite/libpagekite/pull/78
Signed-off-by: Karl Palsson <karlp@etactica.com>
Karl Palsson [Mon, 19 Sep 2022 11:45:13 +0000 (11:45 +0000)]
mosquitto: bump to 2.0.15
Changelog: https://mosquitto.org/blog/2022/08/version-2-0-15-released/
Changelog: https://mosquitto.org/blog/2021/11/version-2-0-14-released/
2.0.15 is bigger security and bugfix release. 2.0.14 had a couple of
minor changes and was skipped for OpenWrt.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Ptilopsis Leucotis [Sun, 15 May 2022 04:02:40 +0000 (07:02 +0300)]
mosquitto: add missing 'persistence' section in config
Section 'Persistence' in 'luci-app-mosquitto' is unusable without 'persistence'
section in config file.
Signed-off-by: Ptilopsis Leucotis <PtilopsisLeucotis@yandex.com>
Nick Hainke [Sat, 24 Sep 2022 15:59:40 +0000 (17:59 +0200)]
tor: update to 0.4.7.9
Release Notes:
https://forum.torproject.net/t/urgent-stable-release-0-4-5-14-0-4-6-12-and-0-4-7-10
Signed-off-by: Nick Hainke <vincent@systemli.org>
Stan Grishin [Mon, 26 Sep 2022 08:31:56 +0000 (08:31 +0000)]
curl: bugfix: github source url
* fixes https://github.com/openwrt/packages/issues/19456
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Javier Marcet [Sat, 24 Sep 2022 15:49:53 +0000 (17:49 +0200)]
docker-compose: Update to version 2.11.1
Signed-off-by: Javier Marcet <javier@marcet.info>
Christian Lachner [Sat, 24 Sep 2022 08:14:54 +0000 (10:14 +0200)]
haproxy: Update HAProxy to v2.6.6
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Michael Heimpold [Mon, 26 Sep 2022 05:43:35 +0000 (07:43 +0200)]
Merge pull request #19455 from mhei/mmc-utils-update
mmc-utils: update to latest upstream revision
Michael Heimpold [Sun, 25 Sep 2022 20:13:16 +0000 (22:13 +0200)]
mmc-utils: update to latest upstream revision
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Dirk Brenken [Sun, 25 Sep 2022 19:00:00 +0000 (21:00 +0200)]
adblock: update 4.1.4-5
* auto-whitelist ext. dns lookup domain
* add public doh server blocklist source
* whitespace fixes in adblock.sources
Signed-off-by: Dirk Brenken <dev@brenken.org>
John Audia [Sun, 25 Sep 2022 12:04:14 +0000 (08:04 -0400)]
ffmpeg: update to 5.1.2
Bump to latest upstream version
Signed-off-by: John Audia <therealgraysky@proton.me>
Alexandru Ardelean [Sun, 25 Sep 2022 14:44:00 +0000 (17:44 +0300)]
openblas: bump to version 0.3.21
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Stan Grishin [Fri, 23 Sep 2022 20:44:12 +0000 (20:44 +0000)]
simple-adblock: update to 1.9.1-1
* remove obsolete block-lists from config
* add removal of obsolete lists to config-update
* add AdGuard team's block-list to config
* improve allow command
* improve nftset support
* move config load to uci_load_validate, which required some code refactoring which
looks dramatic, but isn't
* always use dnsmasq_restart instead of dnsmasq_hup for all dns resolution options
for dnsmasq
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Josef Schlehofer [Sun, 25 Sep 2022 10:00:55 +0000 (12:00 +0200)]
unbound: update to version 1.16.3
Changelog: https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-16-3
- Fixes: CVE-2022-3204
Refreshed one patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Thu, 22 Sep 2022 23:04:25 +0000 (16:04 -0700)]
tang: update directory
There's no more cache.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 22 Sep 2022 23:02:24 +0000 (16:02 -0700)]
Revert "jose: remove libjose"
This reverts commit
02d6c8346cfae7c2de456800a862a7dd90782858.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 22 Sep 2022 23:02:05 +0000 (16:02 -0700)]
Revert "jose: fix static library usage"
This reverts commit
c61b70918b6c10f6fd726b098474736a7e0ae9cd.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Michael Heimpold [Sun, 25 Sep 2022 08:21:56 +0000 (10:21 +0200)]
Merge pull request #19439 from mhei/php8-more-extensions-19424
php8-pecl-xdebug: add package (refs #19424)
James White [Sun, 25 Sep 2022 08:05:27 +0000 (09:05 +0100)]
mwan3: Switch default track_ip targets from Google DNS to Cloudflare DNS
Signed-off-by: James White <james@jmwhite.co.uk>
Dirk Brenken [Sun, 25 Sep 2022 06:55:45 +0000 (08:55 +0200)]
Merge pull request #19419 from james-mcguire/master
adblock: add lightswitch05 source
Daniel Golle [Sun, 25 Sep 2022 00:28:43 +0000 (01:28 +0100)]
snowflake: run snowflake-proxy with procd-ujail
snowflake-proxy doesn't write any files
=> run in read-only rootfs environment
the process needs to read SSL certs but no other files
=> only exposed path is /etc/ssl/certificates (read-only)
running as unpriviledged user with no additional capabilities
=> set no-new-privs bit
By default procd-ujail also isolates the process by executing it in
a separate new IPC and PID namespace.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
James McGuire [Sat, 24 Sep 2022 21:49:21 +0000 (14:49 -0700)]
adblock: add lightswitch05 blocklist source
Signed-off-by: James McGuire <jamesm51@gmail.com>
Daniel Golle [Sat, 24 Sep 2022 02:03:22 +0000 (03:03 +0100)]
snowflake: add package
Package Tor's Snowflake system components so users can offer e.g.
a standalone Snowflake proxy on their routers or other devices.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
David Bauer [Fri, 23 Sep 2022 11:15:37 +0000 (13:15 +0200)]
poemgr: update to latest HEAD
8988247 Makefile: Enable warnings as errors (-Werror)
aea39ca Makefile: Respect the CFLAGS and LDFLAGS that have been passed in
189594f poemgr: Fix compiler warnings in poemgr.c
0e1a8cf pd69104: Avoid self-induced pointer casts
2d53298 uswflex: Remove unused variables and declarations
d345441 poemgr: Reorganize poemgr.h to remove forward declarations
df1a7bc contrib: remove unneccessary functions.sh loading
056a6a9 poemgr: Fix name based profile selection
b8f8f23 poemgr: prolong the power budget detection delay
9e8344a poemgr: configure power_budget to override detected limit
Signed-off-by: David Bauer <mail@david-bauer.net>
Michael Heimpold [Sat, 24 Sep 2022 07:50:28 +0000 (09:50 +0200)]
php8-pecl-xdebug: add package (refs 19424)
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Martin Hübner [Tue, 2 Aug 2022 12:42:06 +0000 (14:42 +0200)]
gatling: add package gatling
Gatling is a high-performance webserver from fefe. It gives a
fairly decent feature-set at really small size. And its fast.
Co-authored-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Martin Hübner <martin.hubner@web.de>
Tianling Shen [Fri, 23 Sep 2022 06:56:50 +0000 (14:56 +0800)]
dnsproxy: Update to 0.45.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Fri, 23 Sep 2022 06:58:22 +0000 (14:58 +0800)]
dnslookup: Update to 1.8.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Rosen Penev [Thu, 22 Sep 2022 18:51:35 +0000 (11:51 -0700)]
glib2: backport locale fix
Fixes compilation with non English locale.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 22 Sep 2022 23:51:17 +0000 (16:51 -0700)]
libowfat: fix glibc compilation
Ported Fedora patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 22 Sep 2022 22:48:52 +0000 (15:48 -0700)]
libsoup3: update maintainer
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Josef Schlehofer [Thu, 22 Sep 2022 22:43:04 +0000 (00:43 +0200)]
Merge pull request #19422 from paper42/knot-resolver-5.5.3
knot-resolver: update to 5.5.3
Peter van Dijk [Wed, 21 Sep 2022 10:31:25 +0000 (12:31 +0200)]
pdns-recursor: update to 4.7.3
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Michal Vasilek [Thu, 22 Sep 2022 17:47:41 +0000 (19:47 +0200)]
knot-resolver: update to 5.5.3
* fixes CVE-2022-40188
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Rosen Penev [Thu, 9 Jun 2022 01:06:38 +0000 (18:06 -0700)]
libsoup3: add
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Nick Hainke [Sun, 3 Jul 2022 09:23:50 +0000 (11:23 +0200)]
openwisp-config: cleanup Makefile
The license identifier has a typo. Fix it.
Use SPDX instead of license boilerplate.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Nick Hainke [Sun, 3 Jul 2022 09:21:11 +0000 (11:21 +0200)]
openwisp-monitoring: cleanup Makefile
The license identifier has a typo. Fix it.
Use SPDX instead of license boilerplate.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Martin Blumenstingl [Wed, 6 Jul 2022 23:46:02 +0000 (01:46 +0200)]
netsniff-ng: Build and package mausezahn
mausezahn is a multicast traffic generator which is part of the
netsniff-ng sources. This utility is needed for the upcoming
kernel-selftests-net-forwarding package. Add a new package for it.
netsniff-ng will automatically detect all installed dependencies and
build only the utilities whose dependencies are installed (meaning:
mausezahn is not build when for example libcli is not installed and
other tools are not build if for example zlib is missing). Depending
on the selected packages (netsniff-ng or mausezahn) the OpenWrt build
system has to trigger netsniff-ng's configure script, which will then
pick up and automatically build the programs (mausezahn, netsniff-ng,
trafgen, ...) for which all dependencies are installed.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Martin Blumenstingl [Wed, 6 Jul 2022 23:46:56 +0000 (01:46 +0200)]
libcli: Add new package
This package is a dependency for building mausezahn as part of the
netsniff-ng sources. mausezahn is a multicast traffic generator used by
the upcoming kernel-selftests-net-forwarding package.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Florian Eckert [Mon, 15 Feb 2021 10:35:46 +0000 (11:35 +0100)]
open-vm-tools: enable debugging for vcenter
Updating tools.conf to get more info during deployment and template
cloning.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Thu, 18 Mar 2021 14:23:40 +0000 (15:23 +0100)]
open-vm-tools: enable dnet support
Enable dnet support to get guestinfo and nicinfo
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Mon, 15 Feb 2021 12:01:30 +0000 (13:01 +0100)]
open-vm-tools: enable deploypkg plugin
Enable support functions for guest package deployment.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Mon, 15 Feb 2021 12:00:33 +0000 (13:00 +0100)]
libmspack: initial checkin
libmspack is a library for some loosely related Microsoft compression
formats: CAB, CHM, HLP, LIT, KWAJ and SZDD
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Alexander E. Patrakov [Sun, 4 Sep 2022 16:38:58 +0000 (00:38 +0800)]
hping3: add new package
The new package would help measuring one-way delays using ICMP type 13
packets. This is important for various scripts that automatically adjust
CAKE shaper bandwidth based on the observed bufferbloat. They need to
understand whether the delay is on the way up or on the way down, so
that they can adjust the bandwidth of the proper part of the shaper.
https://forum.openwrt.org/t/cake-w-adaptive-bandwidth-historic/108848
https://forum.openwrt.org/t/cake-w-adaptive-bandwidth/135379
V2: refreshed patches
Signed-off-by: Alexander E. Patrakov <patrakov@gmail.com>
Nick Hainke [Thu, 25 Aug 2022 09:11:43 +0000 (11:11 +0200)]
vim: update to 9.0
Remove upstreamed patches:
- 001-support-defining-compilation-date-in-SOURCE_DATE_EPOCH.patch
-> https://github.com/vim/vim/commit/
8f1dde5021d9623a951d1ccbc78cf1b1a55ccd7a
- 020-macos.patch
-> https://github.com/vim/vim/commit/
5289783e0b07cfc3f92ee933261ca4c4acdca007
Refresh patches:
- 002-remove_helptags_generation.patch
Release Notes:
https://www.vim.org/vim90.php
Add to configure_args:
--disable-libsodium
Signed-off-by: Nick Hainke <vincent@systemli.org>
Nick Hainke [Sun, 28 Aug 2022 04:23:40 +0000 (06:23 +0200)]
xz: update to 5.2.6
Release Notes:
https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD
Signed-off-by: Nick Hainke <vincent@systemli.org>
Alexandru Gagniuc [Sun, 18 Sep 2022 15:34:59 +0000 (10:34 -0500)]
realtek-poe: Update package to v1.0
v1.0 fixes a bug with MCU communication, and allows shutting down
individual ports over ubus. A summarry of commands can be shown with:
ubus -v list poe
Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Noah Meyerhans [Wed, 21 Sep 2022 18:57:50 +0000 (11:57 -0700)]
bind: bump to 9.18.7
Fixes multiple security issues:
CVE-2022-38178 - Fix memory leak in EdDSA verify processing
CVE-2022-3080 - Fix serve-stale crash that could happen when
stale-answer-client-timeout was set to 0 and there was
a stale CNAME in the cache for an incoming query
CVE-2022-2906 - Fix memory leaks in the DH code when using OpenSSL 3.0.0
and later versions. The openssldh_compare(),
openssldh_paramcompare(), and openssldh_todns()
functions were affected
CVE-2022-2881 - When an HTTP connection was reused to get
statistics from the stats channel, and zlib
compression was in use, each successive
response sent larger and larger blocks of memory,
potentially reading past the end of the allocated
buffer
CVE-2022-2795 - Prevent excessive resource use while processing large
delegations
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
Eneas U de Queiroz [Thu, 15 Sep 2022 00:21:50 +0000 (21:21 -0300)]
opendoas: avoid libpam dependency
Package is failing to build because it picks up libpam dependency
regardless of `BUSYBOX_CONFIG_PAM`.
Use configure args --with-pam, --without-pam to assert the option.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>