Zephyr Lykos [Fri, 6 Oct 2023 10:55:02 +0000 (18:55 +0800)]
tailscale: Update to 1.50.1
https://github.com/tailscale/tailscale/releases/tag/v1.50.1
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
Oskari Rauta [Sun, 8 Oct 2023 14:51:50 +0000 (17:51 +0300)]
cni-protocol: update protocol
Changes to protocol file and it's description.
Works better now and restarts firewall automaticly
when tunnel comes available. More informative/guiding
description.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Leo Douglas [Fri, 29 Sep 2023 11:38:04 +0000 (19:38 +0800)]
sing-box: update to v1.5.2
* Enable `with_ech` and `with_dhcp`, just like upstream
* See changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.5.2
Signed-off-by: Leo Douglas <douglarek@gmail.com>
sing-box: ShadowsocksR is marked as deprecated since v1.5.0
Signed-off-by: Leo Douglas <douglarek@gmail.com>
sing-box: remove dhcp by default
Signed-off-by: Leo Douglas <douglarek@gmail.com>
Stijn Tintel [Sat, 7 Oct 2023 22:47:09 +0000 (01:47 +0300)]
kea: bump to 2.4.0
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Stijn Tintel [Sat, 7 Oct 2023 12:26:07 +0000 (15:26 +0300)]
kea: bump to 2.2.1
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Nuno Gonçalves [Tue, 20 Jun 2023 15:54:16 +0000 (16:54 +0100)]
esp2net: add Espressif ESP chip USB-Network proxy
Signed-off-by: Nuno Gonçalves <nunojpg@gmail.com>
Glenn Strauss [Sat, 7 Oct 2023 06:24:55 +0000 (02:24 -0400)]
lighttpd: update to lighttpd 1.4.72 release hash
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Jianhui Zhao [Sun, 8 Oct 2023 08:20:08 +0000 (16:20 +0800)]
lua-eco: update to 3.0.1
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Olivier Poitrey [Sat, 7 Oct 2023 01:30:22 +0000 (01:30 +0000)]
nextdns: Update to version 1.41.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Sergey Ponomarev [Wed, 20 Sep 2023 14:27:45 +0000 (17:27 +0300)]
sshtunnel: update version to 5.1
Make it depends on ether Dropbear dbclient or OpenSSH client
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Sergey Ponomarev [Wed, 21 Jun 2023 17:01:31 +0000 (20:01 +0300)]
sshtunnel: allow empty port and user
A user may have some host configured in the .ssh/config with user and port.
But we anyway have to specify them in the sshtunnel.
The change fixes this
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Sergey Ponomarev [Wed, 21 Jun 2023 16:59:28 +0000 (19:59 +0300)]
sshtunnel: add enabled option
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Sergey Ponomarev [Wed, 21 Jun 2023 16:58:48 +0000 (19:58 +0300)]
sshtunnel: allow empty remoteaddress
Just empty or * may have some semantic difference on a server
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Sergey Ponomarev [Sat, 3 Jun 2023 11:23:33 +0000 (14:23 +0300)]
sshtunnel: StrictHostKeyChecking for Dropbear
The dbclient doesn't support the -o StrictHostKeyChecking but it has it's own -y option:
-y Always accept remote host key if unknown
-y -y Don't perform any remote host key checking (caution)
So we can add these options to make the StrictHostKeyChecking working.
The dbclient will ignore -o StrictHostKeyChecking but use the -y or -yy instead.
The only problem is that the -y flag is also used by the openssh-client:
-y Send log information using the syslog(3) system module. By default this information is sent to stderr.
This is not critical and once the dbclient start to support the StrictHostKeyChecking we can remove the -y flag.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Sergey Ponomarev [Sat, 3 Jun 2023 10:23:35 +0000 (13:23 +0300)]
sshtunnel: Use -i $IdentityFile instead of -o IdentityFile=$IdentityFile
This makes the sshtunnel compatible with Dropbear.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Sergey Ponomarev [Sat, 3 Jun 2023 10:10:32 +0000 (13:10 +0300)]
sshtunnel: set StrictHostKeyChecking=accept-new by default
Without the option the ssh will propt a user to accept the host key.
So a user should perform a connection manualy and accept before useing the sshtunnel.
The accept-new is a reasonable trade off.
Also the LogLevel is INFO by default.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Sergey Ponomarev [Sat, 3 Jun 2023 09:46:03 +0000 (12:46 +0300)]
sshtunnel: uci_sshtunnel use example.com
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Sergey Ponomarev [Sat, 3 Jun 2023 09:44:19 +0000 (12:44 +0300)]
sshtunnel: uci_sshtunnel simplify
Simplify comment and make it shorter.
Remove triling tab after retrydelay.
Use a full path for IdentityFile because otherwise the uci validation fails with the relative path ~/.ssh
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Daniel Golle [Fri, 6 Oct 2023 21:38:23 +0000 (23:38 +0200)]
exim: update to version 4.96.1
This is a security release.
JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which
could be triggered by externally-supplied input. Found by Trend Micro.
CVE-2023-42115
JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42116
JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
be triggered by externally-controlled input. Found by Trend Micro.
CVE-2023-42114
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Luiz Angelo Daros de Luca [Sat, 7 Oct 2023 03:00:07 +0000 (00:00 -0300)]
libvpx: update to 1.13.1
v1.13.0
This release includes more Neon and AVX2 optimizations, adds a new codec
control to set per frame QP, upgrades GoogleTest to v1.12.1, and includes
numerous bug fixes.
v1.13.1
This release contains two security related fixes. One each for VP8 and VP9.
- https://crbug.com/
1486441 (CVE-2023-5217)
- Fix bug with smaller width bigger size (CVE-2023-44488)
Fixes #22318
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Josef Schlehofer [Sat, 7 Oct 2023 17:34:22 +0000 (19:34 +0200)]
Merge pull request #22329 from jefferyto/golang-1.21.2
golang: Update to 1.21.2
Jeffery To [Sat, 7 Oct 2023 12:04:12 +0000 (20:04 +0800)]
golang: Update to 1.21.2
Includes fix for CVE-2023-39323 (cmd/go: line directives allows
arbitrary execution during build).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Sat, 7 Oct 2023 10:57:01 +0000 (18:57 +0800)]
Merge pull request #22306 from cotequeiroz/python3-rebuild
python3: avoid unnecessary rebuilds
Jeffery To [Sat, 7 Oct 2023 10:52:07 +0000 (18:52 +0800)]
Merge pull request #22309 from BKPepe/tor-fw-helper
tor-fw-helper: remove it
Stan Grishin [Fri, 6 Oct 2023 22:42:32 +0000 (16:42 -0600)]
Merge pull request #22311 from stangri/master-adblock-fast
adblock-fast: bugfix: properly identify hosts-files
Florian Eckert [Fri, 6 Oct 2023 06:34:24 +0000 (08:34 +0200)]
Merge pull request #22298 from TDT-AG/pr/
20231004-keepalived
keepalived: update to version 2.2.8
Alexandru Ardelean [Fri, 6 Oct 2023 06:34:00 +0000 (09:34 +0300)]
Merge pull request #22301 from cotequeiroz/pymysql_sha256
pymysql: add meta-package for sha256 support
Tianling Shen [Fri, 6 Oct 2023 05:44:33 +0000 (13:44 +0800)]
Merge pull request #22273 from ne20002/crowdsec-firewall-bouncer
crowdsec-firewall-bouncer: new upstream release version 0.0.28
John Audia [Wed, 4 Oct 2023 19:35:03 +0000 (15:35 -0400)]
openssh: bump to 9.5p1
Changelog: https://www.openssh.com/txt/release-9.5
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
Jeffery To [Fri, 29 Sep 2023 03:37:08 +0000 (11:37 +0800)]
python-twisted: Update to 23.8.0, rework patches
The package changed to the hatchling build backend.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jan Kratochvil [Wed, 4 Oct 2023 19:51:51 +0000 (03:51 +0800)]
ffmpeg: fix compilation error of ffmpeg-custom
Fixes: #12320
After plain enable of libffmpeg-custom and ffmpeg-custom which adds:
- CONFIG_PACKAGE_libbz2=m
- CONFIG_PACKAGE_libffmpeg-custom=m
- CONFIG_FFMPEG_CUSTOM_GPL=y
- CONFIG_PACKAGE_zlib=m
- CONFIG_PACKAGE_ffmpeg-custom=m
I get on v22.03.5 compilation error:
```
cp -fpR /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-install/usr/bin/ffmpeg /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-mips_24kc/ffmpeg-custom/usr/bin/
cp: cannot stat '/.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-install/usr/bin/ffmpeg': No such file or directory
make[2]: *** [Makefile:756: /.../openwrt-git/bin/packages/mips_24kc/packages/ffmpeg-custom_5.1-1_mips_24kc.ipk] Error 1
```
It is because configure is missing `ffmpeg` in its `Programs:` section:
```
( cd /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1; CFLAGS="-Os -pipe -mno-branch-likely -mips32r2 -mtune=24kc -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -msoft-float -mips16 -minterlink-mips16 -fmacro-prefix-map=/.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1=ffmpeg-5.1 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/usr/include -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/include/fortify -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/include -DPIC -fpic" LDFLAGS="-L/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/usr/lib -L/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/lib -znow -zrelro" ./configure --enable-cross-compile --cross-prefix="mips-openwrt-linux-musl-" --arch="mips" --cpu=24kc --target-os=linux --prefix="/usr" --pkg-config="pkg-config" --enable-shared --enable-static --enable-pthreads --enable-zlib --disable-doc --disable-debug --disable-lzma --disable-vaapi --disable-vdpau --disable-outdevs --disable-altivec --disable-vsx --disable-power8 --disable-armv5te --disable-armv6 --disable-armv6t2 --disable-fast-unaligned --disable-runtime-cpudetect --disable-x86asm --enable-small --enable-gpl --disable-programs --disable-avfilter --disable-swresample --disable-swscale --disable-everything --disable-postproc )
install prefix /usr
source path .
C compiler mips-openwrt-linux-musl-gcc
C library
host C compiler gcc
host C library glibc
ARCH mips (24kc)
big-endian yes
runtime cpu detection no
MIPS FPU enabled no
MIPS DSP R1 enabled no
MIPS DSP R2 enabled no
MIPS MSA enabled no
LOONGSON MMI enabled no
debug symbols no
strip symbols yes
optimize for size yes
optimizations yes
static yes
shared yes
postprocessing support no
network support yes
threading support pthreads
safe bitstream reader yes
texi2html enabled no
perl enabled yes
pod2man enabled yes
makeinfo enabled yes
makeinfo supports HTML no
xmllint enabled yes
External libraries:
alsa iconv
bzlib zlib
External libraries providing hardware acceleration:
cuda_llvm v4l2_m2m
Libraries:
avcodec avformat
avdevice avutil
Programs:
Enabled decoders:
Enabled encoders:
Enabled hwaccels:
Enabled parsers:
Enabled demuxers:
Enabled muxers:
Enabled protocols:
Enabled filters:
Enabled bsfs:
Enabled indevs:
Enabled outdevs:
License: GPL version 2 or later
```
Signed-off-by: Jan Kratochvil <jan@jankratochvil.net>
Eneas U de Queiroz [Wed, 4 Oct 2023 11:54:15 +0000 (08:54 -0300)]
pymysql: add meta-package for sha256 support
Replace the PYTHON3_PYMYSQL_SHA_PASSWORD_SUPPORT option, which is
causing circular dependencies, with a meta-package that installs both
python3-pymysql and python3-cryptography.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Stan Grishin [Thu, 5 Oct 2023 14:51:51 +0000 (14:51 +0000)]
adblock-fast: bugfix: properly identify hosts-files
* escape dots in grep command to properly identify hosts files
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Josef Schlehofer [Thu, 5 Oct 2023 12:16:07 +0000 (14:16 +0200)]
tor-fw-helper: remove it
This package does not receive any update since 2015. [1]
It seems unmaintained and most likely not used at all.
[1] https://gitweb.torproject.org/tor-fw-helper.git/
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Michael Heimpold [Thu, 5 Oct 2023 05:24:44 +0000 (07:24 +0200)]
Merge pull request #22289 from mhei/mmc-utils-update
mmc-utils: update to latest upstream revision
Michael Heimpold [Thu, 5 Oct 2023 05:24:27 +0000 (07:24 +0200)]
Merge pull request #22290 from mhei/php8-update-to-8.2.11
php8: update to 8.2.11
Eneas U de Queiroz [Wed, 4 Oct 2023 19:19:07 +0000 (16:19 -0300)]
python3: avoid unnecessary rebuilds
Move the order in which BuildPackage is called, so that the libpython
package is built ahead of the module packages, to avoid forcing a
clean-build of the package when 'make package/python3/compile' is called
a second time without changes.
The library must be built first, so that when the buildsystem checks for
ABI version changes using libpython3.version, its timestamp should be
older than the dependent package's STAMP_PREPARED file.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Josef Schlehofer [Wed, 4 Oct 2023 10:26:54 +0000 (12:26 +0200)]
syslog-ng: update to version 4.4.0
- Release notes:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.4.0
- Bump version in config file
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Florian Eckert [Thu, 10 Nov 2022 14:04:11 +0000 (15:04 +0100)]
keepalived: add notify_up and notify_down for virtual server
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Thu, 10 Nov 2022 14:11:04 +0000 (15:11 +0100)]
keepalived: add PING_CHECK to real_server
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Mon, 17 Jul 2023 06:48:41 +0000 (08:48 +0200)]
keepalived: update to version 2.2.8
See release-notes:
https://www.keepalived.org/release-notes/Release-2.2.8.html
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Hannu Nyman [Wed, 4 Oct 2023 11:38:20 +0000 (14:38 +0300)]
Merge pull request #22295 from
1715173329/wget
wget: Update to 1.21.4
Tianling Shen [Wed, 4 Oct 2023 02:31:50 +0000 (10:31 +0800)]
wget: Update to 1.21.4
Removed upstreamed patches and unneeded autoreconf.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Jan Kratochvil [Wed, 4 Oct 2023 02:13:20 +0000 (10:13 +0800)]
ffmpeg: bump PKG_RELEASE
Suggested by @neheb.
Signed-off-by: Jan Kratochvil <jan@jankratochvil.net>
Jan Kratochvil [Tue, 3 Oct 2023 04:46:43 +0000 (12:46 +0800)]
ffmpeg: Add avi muxer
Otherwise one cannot produce *.avi containers needed for some H.264
camera codecs.
Signed-off-by: Jan Kratochvil <jan@jankratochvil.net>
Amnon Paz [Tue, 26 Sep 2023 20:01:39 +0000 (23:01 +0300)]
lua-openssl: Update to version 0.8.5-1
Signed-off-by: Amnon Paz <pazamnon@gmail.com>
John Audia [Sun, 1 Oct 2023 14:30:44 +0000 (10:30 -0400)]
ncdu: update to 1.19
Upstream bump
Build system: x86_64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
Jeffery To [Tue, 3 Oct 2023 14:59:58 +0000 (22:59 +0800)]
python-packaging: Update to 23.2
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Dirk Brenken [Tue, 3 Oct 2023 19:30:15 +0000 (21:30 +0200)]
banip: release 0.9.1-1
* drop packets silently on input and forwardwan chains or actively reject the traffic, set 'ban_blocktype' accordingly
* optimized banIP boot/reload handling
* removed pppoe quirk in device detection
* small fixes and optimizations
Signed-off-by: Dirk Brenken <dev@brenken.org>
Michael Heimpold [Tue, 3 Oct 2023 18:37:33 +0000 (20:37 +0200)]
mmc-utils: update to latest upstream revision
This also requires updating our patch for fortify-ing.
We now also pass the version as define during compilation.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Michael Heimpold [Mon, 2 Oct 2023 13:03:01 +0000 (15:03 +0200)]
php8: update to 8.2.11
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Alexandru Ardelean [Tue, 3 Oct 2023 17:20:09 +0000 (20:20 +0300)]
Merge pull request #22280 from dynasticorpheus/irssi-1.4.5
irssi: update to 1.4.5
Alexandru Ardelean [Tue, 3 Oct 2023 17:18:31 +0000 (20:18 +0300)]
Merge pull request #22268 from stangri/master-adblock-fast
adblock-fast: update to 1.0.0-5
Alexandru Ardelean [Tue, 3 Oct 2023 17:15:23 +0000 (20:15 +0300)]
Merge pull request #22284 from jefferyto/python-charset-normalizer-3.3.0
python-charset-normalizer: Update to 3.3.0
Alexandru Ardelean [Tue, 3 Oct 2023 17:14:42 +0000 (20:14 +0300)]
Merge pull request #22283 from jefferyto/python-cffi-1.16.0
python-cffi: Update to 1.16.0
Jeffery To [Tue, 3 Oct 2023 14:54:02 +0000 (22:54 +0800)]
python-charset-normalizer: Update to 3.3.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Tue, 3 Oct 2023 14:26:02 +0000 (22:26 +0800)]
python-cffi: Update to 1.16.0
This includes a patch to unpin the version of setuptools required for
build; the required version is newer than the version bundled with
Python 3.11. This patch should not be necessary when Python 3.12 is
available.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Josef Schlehofer [Tue, 3 Oct 2023 13:29:20 +0000 (15:29 +0200)]
Merge pull request #22228 from Ansuel/atftp
atftp: bump to release 0.8.0 + PCRE2
Josef Schlehofer [Tue, 3 Oct 2023 13:18:59 +0000 (15:18 +0200)]
Merge pull request #22256 from Ansuel/aircrack-ng-pcre2
aircrack-ng: bump to release 1.7 + PCRE2
Tianling Shen [Mon, 2 Oct 2023 13:30:26 +0000 (21:30 +0800)]
yq: Update to 4.35.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Josef Schlehofer [Fri, 29 Sep 2023 15:40:29 +0000 (17:40 +0200)]
prometheus-node-exporter-lua: drop bmx6 package
In the OpenWrt routing feed, package bmx6 and luci-app-bmx6 were removed because the LuCI app was vulnerable to several CVEs, as found by dependabot. It has been reporting it for a few months and has even created an issue. These two packages are not maintained in OpenWrt as well in upstream.
Users should switch to the bmx7 package.
Fixes: 9fb9d9343ea27d6dbb5008ece10c0c843dd2c781 ("bmx6: drop package") in the routing feed
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Fabian Lipken [Tue, 3 Oct 2023 09:46:08 +0000 (11:46 +0200)]
irssi: update to 1.4.5
Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
Stan Grishin [Sun, 1 Oct 2023 23:52:15 +0000 (23:52 +0000)]
adblock-fast: update to 1.0.0-5
* improve processing of dnsmasq config files
* do not run sed/show error if allow_filter is empty
Signed-off-by: Stan Grishin <stangri@melmac.ca>
S. Brusch [Mon, 2 Oct 2023 15:30:48 +0000 (17:30 +0200)]
crowdsec-firewall-bouncer: new upstream release version 0.0.28
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Run tested: mediatek/filogic, BPI-R3, Openwrt 23.05.0-rc3
Description: Update crowdsec-firewall-bouncer to latest upstream release version 0.0.28
Jeffery To [Fri, 29 Sep 2023 02:42:55 +0000 (10:42 +0800)]
python-bcrypt: Update to 4.0.1, add myself as maintainer
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Fri, 29 Sep 2023 02:11:05 +0000 (10:11 +0800)]
python-pyopenssl: Update to 23.2.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Oskari Rauta [Sun, 1 Oct 2023 16:27:49 +0000 (19:27 +0300)]
netavark: update to 1.8.0
changelog:
- iptables: improve error when ip6?tables commands are missing
- docs: Convert markdown with go-md2man instead of mandown
- iptables: drop invalid packages
- bump rust edition to 2021
- Add ACCEPT rules in firewall for bridge network with internal dns
- Add vrf support for bridges
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Oskari Rauta [Sun, 1 Oct 2023 16:31:33 +0000 (19:31 +0300)]
aardvark-dns: update to 1.8.0
changes:
- dependency updates
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Oskari Rauta [Sun, 1 Oct 2023 16:40:03 +0000 (19:40 +0300)]
netbird: update to 0.23.6
A lot of changes since previous packaged openwrt version of netbird,
changes available at: https://github.com/netbirdio/netbird/releases
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Jianhui Zhao [Sun, 1 Oct 2023 09:32:09 +0000 (17:32 +0800)]
lua-eco: update to 3.0.0
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Fabian Lipken [Fri, 29 Sep 2023 08:39:43 +0000 (10:39 +0200)]
irssi: update to 1.4.4
update to 1.4.4
switch to meson
remove obsolete patch
Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
Oskari Rauta [Sun, 1 Oct 2023 16:57:18 +0000 (19:57 +0300)]
podman: update to 4.7.0
A lot of changes. Changelog available at https://github.com/containers/podman/releases/tag/v4.7.0
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Oskari Rauta [Sun, 1 Oct 2023 16:18:02 +0000 (19:18 +0300)]
crun: update to 1.9.2
changelog 1.9.2:
- cgroup: reset the inherited cpu affinity after moving to cgroup. Old kernels do that automatically, but new kernels remember the affinity that was set before the cgroup move, so we need to reset it in order to honor the cpuset configuration.
changelog 1.9.1:
- utils: ignore ENOTSUP when chmod a symlink. It fixes a problem on Linux 6.6 that always refuses chmod on a symlink.
- build: fix build on CentOS 7
- linux: add new fallback when mount fails with EBUSY, so that there is not an additional tmpfs mount if not needed.
- utils: improve error message when a directory cannot be created as a component of the path is already existing as a non directory.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Daniel Golle [Sun, 1 Oct 2023 17:28:53 +0000 (18:28 +0100)]
exim: apply hotfix for some ZDI reported vulnerabilities
Apply preliminary hotfix for some (three?) of the 0-day
vulnerabilities reported by ZDI.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Christian Marangi [Sat, 30 Sep 2023 22:45:06 +0000 (00:45 +0200)]
aircrack-ng: backport patch and move package to pcre2
Backport patch merged upstream for PCRE2 support and move package to
pcre2.
Also add an additional patch pending to fix linking both pcre and pcre2
if autotools detect both library. (aircrack-ng prefer pcre2 in presence
of both)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Sat, 30 Sep 2023 22:43:21 +0000 (00:43 +0200)]
aircrack-ng: bump to release 1.7
Bump aircrack-ng to release 1.7
Changelog from [1]
Airdecap-ng: Endianness fixes
Airdecap-ng: Output PCAP as little endian
Airodump-ng: Fixed blank encryption field when APs have TKIP (and/or CCMP) with WPA2
Airodump-ng: Updated encryption filter (-t/--encrypt) for WPA3 and OWE
Airodump-ng: Fixed out-of-order timestamp captures
Airodump-ng: Ignore NULL PMKID
Airodump-ng: Fixed dropping management frames with zeroed timestamp
Airodump-ng: Fixed sorting where sometimes it started with a different field
Airodump-ng: Allow setting colors only in AP selection mode
Airodump-ng: Fix crash on 4K Linux console
Airodump-ng: Fixed issue where existing clients not linked to an AP become hidden when hitting 'o'
Airodump-ng: Allow use of WiFi 6E 6GHz frequencies
Airodump-ng: Look for oui.txt in /usr/share/hwdata
Airgraph-ng: Fixed graphviz package conflict
Airgraph-ng: Fixed downloading OUI with python3
Airgraph-ng: Ensure support/ directory is created when installing
Aircrack-ng: Fixed static compilation
Aircrack-ng: Fix handshake replay counter logic
Aircrack-ng: Handle timeout when parsing EAPOL
Aircrack-ng: Fixed WEP display
Aircrack-ng: Fixed spurious EXIT messages
Aircrack-ng: Improved handshake selection by fixing EAPOL timing and clearing state
Aircrack-ng: Ignore NULL PMKID
Aircrack-ng: Added Apple M1 detection
Aireplay-ng: In test mode, detect tampering of sequence number by firmware/driver
Aireplay-ng: Fixed incorrectly rewritten loops affecting fragmentation attack, and in some cases, SKA fake auth
Aireplay-ng: Fixed a bunch of instances where packets had their duration updated instead of the sequence number
Airmon-ng: Fix avahi killing
Airmon-ng: rewrite service stopping entirely
Airmon-ng: Codestyle fixes and code cleanup
Airmon-ng: Added a few Raspberry Pi hardware revisions
Airmon-ng: Fixes for 8812au driver
Airmon-ng: Fix iwlwifi firmware formatting
Airmon-ng: Remove broken KVM detection
Airmon-ng: Show regdomain in verbose mode
Airmon-ng: Updated Raspberry Pi hardware revisions
Airmon-ng: Document frequency usage
Airmon-ng: Add a sleep to help predictable names due to udev sometimes renaming interface
Airmon-ng: Added warning for broken radiotap headers in kernel 5.15 to 5.15.4
Airmon-ng: shellcheck fixes
Airmon-ng: support systemctl as some systems don't support 'service' anymore
Airmon-ng: Fixes for pciutils 3.8, backward compatible
Airbase-ng: use enum for frame type/subtype
Airbase-ng: remove a few IE in association responses
Besside-ng: Support and detect all channels in 5GHz in Auto-Channel mode
OSdep: Search additional IE for channel information
OSdep: Android macro fixes
Patches: Add missing patches that were on https://patches.aircrack-ng.org but not in repo
Patches: Updated freeradius-wpe patch for v3.2.0
Patches: Updated hostapd-wpe patch for v2.10
Patches: Added docker containers to test WPE patches
Autotools: make dist now creates VERSION file
Autotools: Added maintainer mode
Autotools: Initial support for Link Time Optimization (LTO) builds
Integration tests: Added a new test, and improved some existing ones
Airgraph-ng: switch airodump-join to Python 3
Manpages: Fixes (typos, tools name, etc.) and improvements
README: Updated dependencies and their installation on various distros in README.md and INSTALLING
README: Fixed typos and spelling in README.md and INSTALLING
Packages: Packages on PackageCloud now support any distro using .deb and .rpm, however, it requires reinstalling repo (BREAKING CHANGE)
General: Fix compilation with LibreSSL 3.5
General: Fix issues reported by Infer
General: Updated buildbots
General: Add Linux uclibc support
General: Compilation fixes on macOS with the Apple M1 CPU
General: Removed TravisCI and AppVeyor
General: Use Github Actions for CI (Linux, Win, macOS, code style, and PVS-Studio)
General: Added vscode devcontainer and documentation
General: Fix warnings from PVS-Studio and build with pedantic (See PR2174)
General: Shell script fixes thanks to shellcheck
General: Fixes for GCC 10 and 11
General: Fixed cross-compilation
General: Code refactoring, deduplication, cleanup, and misc code improvements
General: Coverity Scan fixes, which includes memory leaks, race conditions, division by 0, and other issues
General: PVS Studio improvements,fixes and updates
General: Code formatting/style fixes
General: Various fixes and improvements (code, CI, integration tests, coverity)
General: Update bug reporting template and update the process
[1] https://aircrack-ng.blogspot.com/2022/05/aircrack-ng-17.html
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Stijn Tintel [Sat, 30 Sep 2023 20:40:42 +0000 (23:40 +0300)]
Merge pull request #22254 from Ansuel/net-snmp-pcre2
net-snmp: move to PCRE2 library
Christian Marangi [Sat, 30 Sep 2023 14:09:18 +0000 (16:09 +0200)]
net-snmp: move to PCRE2 library
Add upstream patch adding support for pcre2 and update dependency to
require libpcre2 instead of libpcre.
--with-pcre2-8 is now needed to exclude support for pcre and only
require pcre2 as net-snmp still use and try to use pcre by default.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Stan Grishin [Fri, 29 Sep 2023 18:00:13 +0000 (12:00 -0600)]
Merge pull request #22241 from stangri/master-adblock-fast
adblock-fast: better error reporting when nothing to do
Josef Schlehofer [Thu, 28 Sep 2023 07:56:02 +0000 (09:56 +0200)]
kismet: drop the package
This package is no longer maintained in OpenWrt even though it is maintained by upstream.
The last update was done in August 2016 and because we have 2023, drop this package
without replacement.
If anyone from the community wants to step in and retake the maintainership together with the update,
feel free to do it.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Stan Grishin [Thu, 28 Sep 2023 21:30:55 +0000 (21:30 +0000)]
adblock-fast: better error reporting when nothing to do
* also nicer file type output in high verbosity
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Rosen Penev [Wed, 23 Aug 2023 19:20:27 +0000 (12:20 -0700)]
openthread-br: fix actually building
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Wed, 27 Sep 2023 17:39:47 +0000 (10:39 -0700)]
mdnsresponder: move libdns_sd into own directory
Prevents conflicts with avahi, which is better maintained.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Stan Grishin [Thu, 28 Sep 2023 03:35:46 +0000 (21:35 -0600)]
Merge pull request #22221 from stangri/master-adblock-fast
adblock-fast: bugfix: better detect ABP lists
Jeffery To [Wed, 13 Sep 2023 04:33:51 +0000 (12:33 +0800)]
python-cryptography: Update to 41.0.4
This includes a patch to update the version of ouroboros (Rust crate)
used, to fix RUSTSEC-2023-0042[1]. Upstream has switch from ouroboros to
self_cell so this patch should only be necessary for cryptography 41.
[1]: https://rustsec.org/advisories/RUSTSEC-2023-0042.html
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Wed, 13 Sep 2023 04:15:18 +0000 (12:15 +0800)]
python: Add environment variables to build Rust extensions
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Wed, 13 Sep 2023 04:13:52 +0000 (12:13 +0800)]
python-setuptools-rust: Add new host-only package
From the README:
setuptools-rust is a plugin for setuptools to build Rust Python
extensions implemented with PyO3 or rust-cpython.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Wed, 13 Sep 2023 04:11:52 +0000 (12:11 +0800)]
python-semantic-version: Add new host-only package
From the README:
This small python library provides a few tools to handle SemVer in
Python. It follows strictly the 2.0.0 version of the SemVer scheme.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Mon, 25 Sep 2023 16:42:33 +0000 (00:42 +0800)]
python-typing-extensions: Update to 4.8.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Mon, 25 Sep 2023 16:41:17 +0000 (00:41 +0800)]
python-trove-classifiers: Update to 2023.9.19
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Mon, 25 Sep 2023 16:38:11 +0000 (00:38 +0800)]
python-setuptools: Update to 68.2.2
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Florian Eckert [Tue, 21 Feb 2023 09:29:32 +0000 (10:29 +0100)]
stunnel: update version to 5.71
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Noah Meyerhans [Wed, 27 Sep 2023 17:42:59 +0000 (10:42 -0700)]
bind: bump to 9.18.19
Fixes CVEs:
CVE-2023-3341 - Previously, sending a specially crafted message over the
control channel could cause the packet-parsing code to run out of available
stack memory, causing named to terminate unexpectedly.
CVE-2023-4236 - A flaw in the networking code handling DNS-over-TLS queries
could cause named to terminate unexpectedly due to an assertion failure under
significant DNS-over-TLS query load.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
Zephyr Lykos [Tue, 26 Sep 2023 11:46:01 +0000 (19:46 +0800)]
tailscale: Update to 1.50.0
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
Christian Marangi [Wed, 27 Sep 2023 14:28:14 +0000 (16:28 +0200)]
apache: move to PCRE2
Move apache to PCRE2 now that PCRE is flagged EOL and won't receive any
security update.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Wed, 27 Sep 2023 14:27:44 +0000 (16:27 +0200)]
apache: bump to release 2.4.57
Bump apache to release 2.4.57 and refresh patch automatically.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Alexandru Ardelean [Wed, 27 Sep 2023 06:16:16 +0000 (09:16 +0300)]
libwebp: bump to version 1.3.2
From https://github.com/webmproject/libwebp/releases/tag/v1.3.2
- 9/13/2023: version 1.3.2
This is a binary compatible release.
* security fix for lossless decoder (chromium: #
1479274, CVE-2023-4863)
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Wojciech Dubowik [Tue, 26 Sep 2023 05:57:21 +0000 (07:57 +0200)]
linuxptp: Bump to version 4.1
From release notes:
"This release is the first of our regular quarterly releases.
It includes a new feature (multi-domain synchronization for phc2sys)
and several minor bug fixes. Users are encouraged to upgrade."
Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@westermo.com>
Christian Marangi [Wed, 27 Sep 2023 17:10:39 +0000 (19:10 +0200)]
atftp: move to PCRE2
Move atftp to PCRE2 as PCRE is flagged as EOL and won't receive security
updates anymore.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Christian Marangi [Wed, 27 Sep 2023 17:09:56 +0000 (19:09 +0200)]
atftp: bump to release 0.8.0
Bump to release 0.8.0. Autorecong is now needed to correctly compile the
package.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>