Michal Hrusecky [Wed, 7 Jul 2021 10:36:20 +0000 (12:36 +0200)]
libdaq3: New package, dependency of snort3
Backport from 21.02 in order to satisfy dependencies of snort3 to allow
upgrade to stable version of snort3 from beta available now.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
Alexandru Ardelean [Tue, 29 Jun 2021 09:03:16 +0000 (12:03 +0300)]
python-dateutil: disable setuptools-scm for build
Fixes https://github.com/openwrt/packages/issues/15988
It seems that the newer setuptools-scm package (6.0.1) has some
Python3-only syntax.
For the 19.07 release, where Python2 is still around this causes the
python-dateutil package to fail to build.
See https://github.com/pypa/setuptools_scm/issues/541
However, removing 'setuptools-scm' from the build also works.
This change does that.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Rosen Penev [Sat, 26 Jun 2021 19:44:24 +0000 (12:44 -0700)]
Merge pull request #15974 from rs/nextdns-1.33.11-openwrt-19.07
[19.07] nextdns: Update to version 1.33.11
Olivier Poitrey [Sat, 26 Jun 2021 18:00:29 +0000 (18:00 +0000)]
nextdns: Update to version 1.33.11
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Hannu Nyman [Thu, 17 Jun 2021 16:03:11 +0000 (19:03 +0300)]
nano: update to 5.8
Update nano editor version to 5.8.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
6f2ac237a18d0c8258ca838ff4df2245960b7aef)
Karl Palsson [Fri, 11 Jun 2021 13:00:35 +0000 (13:00 +0000)]
net/mosquitto: Update to 1.6.15
This is a security release
Full release notes: https://mosquitto.org/blog/2021/06/version-2-0-11-released/
Fixes a remotely triggered memory leak
Signed-off-by: Karl Palsson <karlp@etactica.com>
David Bauer [Tue, 8 Jun 2021 15:25:37 +0000 (17:25 +0200)]
Merge pull request #15806 from blocktrron/pr-xr-usb-serial-1907
xr_usb_serial_common: fix build
David Bauer [Tue, 8 Jun 2021 15:17:56 +0000 (17:17 +0200)]
xr_usb_serial_common: add PKG_MIRROR_HASH
The CI complained about a missing PKG_MIRROR_HASH.
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Sat, 22 May 2021 08:39:53 +0000 (10:39 +0200)]
xr_usb_serial_common: fix build
Building the xr_usb_serial module fails for recent 4.14 kernel with
CONFIG_PM enabled:
xr_usb_serial_common.c:1574:15: error: 'ASYNCB_INITIALIZED' undeclared
(first use in this function); did you mean 'RCU_INITIALIZER'?
Use tty_port_initialized in order to determine the status of the TTY
port.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
69cf7836df9e226b4d596d057ca6ad846201e0d0)
Rosen Penev [Sun, 6 Jun 2021 19:50:20 +0000 (12:50 -0700)]
Merge pull request #15770 from DeathCamel58/libnet-1.2.x-libnet-config-fix
[19.07] libnet-1.2.x: Export `libnet-config` in development environments
Rosen Penev [Sat, 5 Jun 2021 21:29:07 +0000 (14:29 -0700)]
Merge pull request #15780 from stangri/19.07-https-dns-proxy
[19.07] https-dns-proxy: update to 2021-06-03-1
Stan Grishin [Fri, 4 Jun 2021 23:34:20 +0000 (23:34 +0000)]
https-dns-proxy: update to 2021-06-03-1
Signed-off-by: Stan Grishin <stangri@melmac.net>
Dylan Corrales [Thu, 3 Jun 2021 18:36:49 +0000 (14:36 -0400)]
libnet: Export `libnet-config` in development enviornments
Affects `libnet-1.2.x`
Signed-off-by: Dylan Corrales <deathcamel58@gmail.com>
Dirk Brenken [Thu, 3 Jun 2021 05:02:42 +0000 (07:02 +0200)]
banip: remove logd dependency
* removed logd dependency, see openwrt#13820 for reference
Signed-off-by: Dirk Brenken <dev@brenken.org>
Rosen Penev [Wed, 2 Jun 2021 05:09:08 +0000 (22:09 -0700)]
Merge pull request #15728 from stangri/19.07-https-dns-proxy
[19.07] https-dns-proxy: 2021-05-14 bugfix: fallback to HTTP/1 by default
Stan Grishin [Tue, 1 Jun 2021 04:32:42 +0000 (04:32 +0000)]
https-dns-proxy: 2021-05-14 bugfix: fallback to HTTP/1 by default
Signed-off-by: Stan Grishin <stangri@melmac.net>
Josef Schlehofer [Wed, 14 Apr 2021 22:39:03 +0000 (00:39 +0200)]
netdata: update to version 1.30.1
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
1d532fa545eef1ebd3ebef6ab41dfd709ad991e1)
Rosen Penev [Sat, 29 May 2021 22:00:04 +0000 (15:00 -0700)]
Merge pull request #15717 from stangri/19.07-https-dns-proxy
[19.07] https-dns-proxy: update to 2021-05-14-1; bugfixes for dhcp server backup
Stan Grishin [Sat, 29 May 2021 20:12:27 +0000 (20:12 +0000)]
https-dns-proxy: update to 2021-05-14-1; bugfixes for dhcp server backup
Signed-off-by: Stan Grishin <stangri@melmac.net>
W. Michael Petullo [Mon, 10 May 2021 17:59:28 +0000 (12:59 -0500)]
syslog-ng: update to 3.32.1
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit
f93ef647932aa05a7a4eab69ffd9f49441076f81)
Hannu Nyman [Sat, 1 May 2021 20:50:21 +0000 (23:50 +0300)]
nano: update version to 5.7
Upgrade nano editor to version 5.7.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
765e9868579e1da270b3c831ecf34949013cdf01)
Olivier Poitrey [Fri, 30 Apr 2021 15:51:03 +0000 (15:51 +0000)]
nextdns: Update to version 1.32.1
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Noah Meyerhans [Thu, 29 Apr 2021 18:08:58 +0000 (11:08 -0700)]
bind: bump to 9.16.15
Fixes the following security issues:
* CVE-2021-25216 - A specially crafted GSS-TSIG query could cause a buffer
overflow in the ISC implementation of SPNEGO.
* CVE-2021-25215 - named crashed when a DNAME record placed in the ANSWER
section during DNAME chasing turned out to be the final
answer to a client query.
* CVE-2021-25214 - Insufficient IXFR checks could result in named serving a
zone without an SOA record at the apex, leading to a
RUNTIME_CHECK assertion failure when the zone was
subsequently refreshed. This has been fixed by adding an
owner name check for all SOA records which are included
in a zone transfer.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
Moritz Warning [Tue, 27 Apr 2021 15:13:27 +0000 (17:13 +0200)]
zerotier: update to 1.6.5
Minor ZeroTier update. Refreshed patches.
Signed-off-by: Moritz Warning <moritzwarning@web.de>
Josef Schlehofer [Wed, 28 Apr 2021 08:06:26 +0000 (10:06 +0200)]
Merge pull request #15509 from hswong3i/openwrt-19.07-SQUID_enable-ssl-crtd
[openwrt-19.07][cherry-pick] squid: Enable dynamic SSL certificate generation
Wong Hoi Sing Edison [Sun, 25 Apr 2021 02:38:14 +0000 (10:38 +0800)]
squid: Enable dynamic SSL certificate generation
Maintainer: @neheb / @BKPepe / @zhanhb
Compile tested: ipq806x, generic, netgear_r7800, master
Run tested: ipq806x, generic, netgear_r7800, openwrt-19.07
Description:
Squid now only support HTTPS proxy in TCP tunnel mode (e.g. `ssl_bump splice all`):
https_port 3128 ssl-bump tls-cert=/etc/squid/squid.pem generate-host-certificates=on
ssl_bump splice all
In order to operate in SSL Bump mode, we need to compile with `--enable-ssl-crtd` for following configuration:
https_port 3128 ssl-bump tls-cert=/etc/squid/squid.pem generate-host-certificates=on
sslcrtd_program /usr/lib/squid/security_file_certgen -s /car/cache/squid/ssl_db -M 4MB
ssl_bump stare all
ssl_bump bump all
This PR switch the `SQUID_enable-ssl-crtd` into `default y`, therefore default enable SSL Bump mode.
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
(cherry picked from commit
dbda77686d5dccb3d3999ed2e7dec18aab11fff8)
Karl Palsson [Mon, 26 Apr 2021 09:29:57 +0000 (09:29 +0000)]
mosquitto: fix log_type config support
As pointed out in https://github.com/openwrt/packages/issues/15506
The remainder of that patch isn't appropriate for 1907 however.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Rosen Penev [Sat, 24 Apr 2021 09:18:40 +0000 (02:18 -0700)]
ksmbd-tools: update to 3.3.9
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
2e7c403fff0d3c07bdd6e5d8f925ce154a473491)
Josef Schlehofer [Wed, 10 Feb 2021 10:37:09 +0000 (11:37 +0100)]
dnscrypt-proxy2: sync blocked-names to upstream one
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
d53d2df2832c392b8426cda4c99efeda17039ca7)
James Long [Wed, 10 Feb 2021 03:49:13 +0000 (11:49 +0800)]
dnscrypt-proxy2: upgrade to 2.0.45
Signed-off-by: James Long <james@jclong.net>
(cherry picked from commit
6467b6535b401bfc046096dc535729896697b0a1)
Dirk Brenken [Thu, 22 Apr 2021 13:16:03 +0000 (15:16 +0200)]
adblock: fix polish source URL
Signed-off-by: Dirk Brenken <dev@brenken.org>
Rosen Penev [Wed, 21 Apr 2021 00:29:37 +0000 (17:29 -0700)]
Merge pull request #15477 from rs/nextdns-1.32.0-openwrt-19.07
[19.07] nextdns: Update to version 1.32.0
Olivier Poitrey [Tue, 20 Apr 2021 15:08:39 +0000 (15:08 +0000)]
nextdns: Update to version 1.32.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Rosen Penev [Tue, 20 Apr 2021 01:59:37 +0000 (18:59 -0700)]
Merge pull request #15468 from rs/nextdns-1.12.5-openwrt-19.07
[19.07] nextdns: Update to version 1.12.5
Olivier Poitrey [Tue, 20 Apr 2021 01:38:38 +0000 (01:38 +0000)]
nextdns: Update to version 1.12.5
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Hannu Nyman [Sun, 18 Apr 2021 15:26:43 +0000 (18:26 +0300)]
irqbalance: upgrade to version 1.8.0
Upgrade irqbalance to version 1.8.0
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
6631cfaa61ff75d97ef1a41c6ec031198103c7df)
Rosen Penev [Tue, 24 Nov 2020 01:26:43 +0000 (17:26 -0800)]
pulseaudio: update to 14.0
Remove upstreamed OpenSSL patch.
Update MESON_ARGS.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
325c5650406f43106c594c1886e1031cc94ed60a)
Rosen Penev [Mon, 10 Aug 2020 20:47:10 +0000 (13:47 -0700)]
pulseaudio: fix compilation without deprecated OpenSSL APIs
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
ca2da3f3158beb865da373b03bd184d57f33dd25)
Rosen Penev [Thu, 30 Jul 2020 23:41:16 +0000 (16:41 -0700)]
pulseaudio: fix compilation with ICONV_FULL
Reordered check to check external iconv first.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
67f8f57d06ab8776ad58371bb2a3be5cc995fcd6)
Jeffery To [Sun, 10 May 2020 19:02:05 +0000 (03:02 +0800)]
pulseaudio: Update ARM NEON/VFP detection
With openwrt/openwrt@
8dcc1087602e2dd606e4f6e81a06aee62cfd4f4c, the ARM
FPU compiler options are no longer part of CONFIG_TARGET_OPTIMIZATION.
This updates various packages that look for NEON/VFP support to search
CONFIG_CPU_TYPE instead.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Rosen Penev [Tue, 5 May 2020 01:04:19 +0000 (18:04 -0700)]
pulseaudio: do not build NEON with unsupported platforms
Unfortunately, meson's check is totally broken.
Fortunately, it's fairly easy to workaround.
Fixes compilation with all ARM platforms that don't support NEON.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
91e80e5442484e5bbb8515e686631c7e937f3a10)
Rosen Penev [Sun, 26 Apr 2020 03:27:28 +0000 (20:27 -0700)]
pulseaudio: add lto and gc-sections to reduce size
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
45e58e1cc34be2836a7baadfae8e0ccebd693cf9)
Rosen Penev [Sat, 18 Apr 2020 23:48:30 +0000 (16:48 -0700)]
pulseaudio: fix pkgconfig paths
Turns out, packages like mpd that use pkgconfig to find pulseaudio
end up using host paths.
Fixes compilation with at least mpd.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
21f67bf59915e2905b30de0f85219bcfbd23e14d)
Rosen Penev [Sat, 18 Apr 2020 09:27:55 +0000 (02:27 -0700)]
pulseaudio: update to 13.0
Converted to use meson for compilation speed.
Removed libwrap dependency. Upstream no longer supports it.
Removed intltool and glib2 host dependencies. They seem to be no
longer needed.
Removed upstream patch.
Minor cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
78d84d4c9cb4c6da404d47ddc7dc5c18fa4c33cb)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[rebased on commit from master branch]
Rosen Penev [Tue, 17 Sep 2019 23:36:31 +0000 (16:36 -0700)]
pulseaudio: Backport upstream patch
Fixes compilation with recent alsa-libs.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
123373b1b7de076ca58b25b1116cc4801e483cb0)
Rosen Penev [Sat, 17 Apr 2021 16:05:05 +0000 (09:05 -0700)]
Merge pull request #15384 from VolunteerComputingHelp/openwrt-19.07
Transfer of boinc 7.16.16 from 21.02 to 19.07
Josef Schlehofer [Tue, 13 Apr 2021 12:55:18 +0000 (14:55 +0200)]
Merge pull request #15413 from luizluca/19.07/ruby-2.6.7
[19.07] ruby: update to 2.6.7
Luiz Angelo Daros de Luca [Mon, 12 Apr 2021 17:58:39 +0000 (14:58 -0300)]
ruby: update to 2.6.7
Fixes two CVEs:
CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick
CVE-2021-28965: XML round-trip vulnerability in REXML
After this release, ruby 2.6 is now in security maintenance phase.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Tiago Gaspar [Sat, 10 Apr 2021 23:21:58 +0000 (00:21 +0100)]
netdata: disable shared memory totals by default
Fix log spam:
daemon.err netdata[2090]: PROCFILE: Cannot open file '/proc/sysvipc/shm'
This is caused by a non existant /proc/sysvipc/shm because of the
CONFIG_PROC_STRIPPED option that is enabled by default in the kernel
generic target config
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit
5f65d87bb7727be85e7d3e02045302d6eb76ff7e)
Stan Grishin [Sun, 11 Apr 2021 01:30:45 +0000 (01:30 +0000)]
https-dns-proxy: bugfix: race condition with dnsmasq
Signed-off-by: Stan Grishin <stangri@melmac.net>
Steffen Moeller [Fri, 9 Apr 2021 01:16:10 +0000 (03:16 +0200)]
boinc: Transfer v7.16.16 from 21.02 to 19.07
Intentionally unchanged from
43d21e650d4409b45ccc2c70fe507a29f783dda3,
i.e. the pull request #14862 from neheb/boi
Signed-off-by: Steffen Moeller <moeller@debian.org>
Dirk Brenken [Fri, 9 Apr 2021 16:38:16 +0000 (18:38 +0200)]
adblock: fix games_tracking source url
Signed-off-by: Dirk Brenken <dev@brenken.org>
Dirk Brenken [Fri, 9 Apr 2021 16:34:08 +0000 (18:34 +0200)]
Merge pull request #15254 from dibdot/19.07
[19.07] travelmate: minimal change to fix cp detection
Dirk Brenken [Thu, 25 Mar 2021 11:07:32 +0000 (12:07 +0100)]
travelmate: minimal change to fix cp detection
* fix cp detection proposed by @ChristianKuehnel
* add/adapt mikrotik login script provided by @Christian Kuehnel
Signed-off-by: Dirk Brenken <dev@brenken.org>
Karel Kočí [Mon, 7 Dec 2020 15:54:11 +0000 (16:54 +0100)]
rpcd-mod-lxc: add postinst to reload rpcd on update/installation
This is dependency of luci-app-lxc and when users install that package
it is no way clear that they have to reload rpcd to get it working
correctly. Without it container listing does not work.
In general this reload should be in this package simply because other
rpcd-mod-* packages reload rpcd as well.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit
54b6116d7d3f6df94df621dcabdc0c158fd4b5f2)
Rosen Penev [Wed, 7 Apr 2021 04:50:36 +0000 (21:50 -0700)]
ksmbd-tools: update to 3.3.8
Major changes are:
disable symlink by default.
remove smack inherit leftovers.
Enable guest access on IPC$ share by default.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
c6fa2d5bfaf24f347efd7156b2ad5b1cf62bd9a9)
Kirill Nikolaev [Mon, 5 Apr 2021 23:03:18 +0000 (01:03 +0200)]
ksmbd-tools: Add a mDNS TXT record for the ksmbd service
MacOS ignores Bonjour services for which TXT records are not returned. This changes forces umdns service to return a TXT record (`daemon=ksmbd`) for the ksmbd service. The exact content is unimportant and to the best of my knowledge nothing reads the `daemon` tag.
Symptoms of the problem (which are also debugging steps):
* Finder refuses to open the OpenWRT "computer" in the Network list.
* Discovery.app (Bonjour Browser) lists the _ssh._tcp service, but the submenu for it doesn't unfold and no address is shown.
* `dns-sd -L OpenWrt _smb._tcp` doesn't return any address.
Signed-off-by: Kirill Nikolaev <cyril7@gmail.com>
(cherry picked from commit
272b0a5c1873a34f6609e7af38395cea3f02bda5)
Rosen Penev [Sat, 13 Mar 2021 02:14:23 +0000 (18:14 -0800)]
ksmbd-tools: update to 3.3.7
Major change are:
ksmbd.control -s terminate ksmbd.mountd as well as kernel server.
Update configuration.txt and README.
Turn off smb2 leases by default again.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
7a1a8f3659cf79237fba6394fbea42755af38a52)
Rosen Penev [Fri, 12 Mar 2021 20:44:39 +0000 (12:44 -0800)]
ksmbd-tools: update to 3.3.6
Major changes are:
Add missing g_rwlock_init() for rpc_samr and rpc_lsaprc.
Fix potential potential null pointer dereferencing error.
Fix memleak.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
d95edf16eff9fe7ee27eb084764d5cc329155b15)
Martin Blumenstingl [Sat, 20 Feb 2021 14:30:03 +0000 (15:30 +0100)]
ksmbd-tools: update to 3.3.5
Major changes for version 3.3.5 are:
- Rename "streams" parameter to "vfs objects = streams_xattr".
- Enable smb2 leases by default.
- Ignore ksmbd.subauth creation failure.
- Fix bugs that related to guest ok = yes.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
(cherry picked from commit
58f91090f598892d12f435e02e09f3b37fd059d3)
Sven Roederer [Sat, 3 Apr 2021 20:00:31 +0000 (22:00 +0200)]
nut: fix typo in nutshutdown script
Even it's only cosmetic and should not affect the function of regular system,
fix the name of the IPKG_INSTROOT variable.
Typo was added long ago with
8400c9a6ec799.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
(cherry picked from commit
f25f49a8b7c5a038f8a50dbb74e10db19f26d15a)
Josef Schlehofer [Sun, 21 Mar 2021 23:56:07 +0000 (00:56 +0100)]
netdata: update to version 1.29.3
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
5074fbbfdc8536daf1d979f7ead32cebb1ec2acb)
(cherry picked from commit
4322399166a0083ff090714ab022d8be72fdb257)
Josef Schlehofer [Sun, 21 Mar 2021 23:50:54 +0000 (00:50 +0100)]
syslog-ng: update to version 3.31.2
Bump config file
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
3d817e968e8d9289255f1eea293363835f6e74a7)
Dirk Brenken [Thu, 1 Apr 2021 18:55:45 +0000 (20:55 +0200)]
adblock: fix init status command
Signed-off-by: Dirk Brenken <dev@brenken.org>
Rosen Penev [Sun, 28 Mar 2021 21:48:00 +0000 (14:48 -0700)]
Merge pull request #15295 from lucize/librefix
[19.07] libreswan: update cu 3.32
Lucian Cristian [Sun, 28 Mar 2021 18:47:50 +0000 (21:47 +0300)]
libreswan: update cu 3.32
CVE and NSS fix
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Nikos Mavrogiannopoulos [Fri, 26 Mar 2021 20:55:20 +0000 (21:55 +0100)]
Merge pull request #15252 from ja-pa/gnutls-security-fix-19.07
[OpenWrt 19.07] gnutls: patch security issue
Rosen Penev [Fri, 26 Mar 2021 20:24:25 +0000 (13:24 -0700)]
Merge pull request #15255 from ja-pa/mariadb-10.2.37-openwrt-19.07
[OpenWrt 19.07] mariadb: update to version 10.2.37
Rosen Penev [Fri, 26 Mar 2021 20:23:13 +0000 (13:23 -0700)]
Merge pull request #15256 from cartender/pr_libftdi1_19
[19.07] libftdi1: Improve build binary reproducibility
Giovanni Giacobbi [Thu, 25 Mar 2021 14:59:51 +0000 (14:59 +0000)]
libftdi1: Improve build binary reproducibility
The library embeds the result of "git describe" inside the source code, making the binary result dependent of the particular commit being used in the build root when building inside a git working copy.
As this is unnecessary information, remove this option and fallback to the default "unknown", which is also the value compiled by tools that do not clone but export the openwrt base tree.
Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
Josef Schlehofer [Thu, 25 Mar 2021 23:48:13 +0000 (00:48 +0100)]
Merge pull request #15214 from BKPepe/aiohttp-19.07
python-aiohttp: backport fix for CVE-2021-21330
Stan Grishin [Thu, 25 Mar 2021 22:55:51 +0000 (22:55 +0000)]
https-dns-proxy: bugfix: correct PROCD firewall object
Signed-off-by: Stan Grishin <stangri@melmac.net>
Jan Pavlinec [Thu, 25 Mar 2021 13:30:10 +0000 (14:30 +0100)]
mariadb: update to version 10.2.37
Fixes CVE-2021-27928
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Jan Pavlinec [Thu, 25 Mar 2021 09:34:29 +0000 (10:34 +0100)]
gnutls: patch security issue
Fixes
CVE-2021-20231
CVE-2021-20232
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Rosen Penev [Mon, 22 Mar 2021 18:56:50 +0000 (11:56 -0700)]
Merge pull request #15221 from stangri/19.07-https-dns-proxy
[19.07] https-dns-proxy: support for additional Force DNS ports
Josef Schlehofer [Mon, 22 Mar 2021 12:53:24 +0000 (13:53 +0100)]
php: add fix for updated ICU 68+
Recently, I updated icu for issues with node feed, but it broke
compiling of php7.
Error:
/foo/target-aarch64_cortex-a53_musl/php-7.2.34/ext/intl/collator/collator_sort.c:349:26: error: 'TRUE' undeclared (first use in this function)
collator_sort_internal( TRUE, INTERNAL_FUNCTION_PARAM_PASSTHRU );
^~~~
/foo/target-aarch64_cortex-a53_musl/php-7.2.34/ext/intl/collator/collator_sort.c:349:26: note: each undeclared identifier is reported only once for each function it appears in
/foo/target-aarch64_cortex-a53_musl/php-7.2.34/ext/intl/collator/collator_sort.c: In function 'zif_collator_asort':
/foo/target-aarch64_cortex-a53_musl/php-7.2.34/ext/intl/collator/collator_sort.c:543:26: error: 'FALSE' undeclared (first use in this function); did you mean 'FILE'?
collator_sort_internal( FALSE, INTERNAL_FUNCTION_PARAM_PASSTHRU );
^~~~~
FILE
make[3]: *** [Makefile:1031: ext/intl/collator/collator_sort.lo] Error 1
More details:
https://github.com/php/php-src/commit/
8eaaabd
Backport of patch from PHP7.3 didn't work for me, but this one was suggested that
Homebrew is using it and it works for me. However, PHP7.2 is EoL.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Stan Grishin [Mon, 22 Mar 2021 07:29:14 +0000 (07:29 +0000)]
https-dns-proxy: support for additional Force DNS ports
Signed-off-by: Stan Grishin <stangri@melmac.net>
Josef Schlehofer [Mon, 22 Mar 2021 00:08:52 +0000 (01:08 +0100)]
bind: update to version 9.16.13
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Fri, 2 Oct 2020 21:12:14 +0000 (23:12 +0200)]
nnn: update to version 3.4
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
53f54c45e4a016dbcd90703fa6f9ebfe2b26b94b)
Josef Schlehofer [Mon, 22 Mar 2021 00:40:41 +0000 (01:40 +0100)]
python-aiohttp: backport fix for CVE-2021-21330
More details:
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Hirokazu MORIKAWA [Thu, 24 Dec 2020 06:18:56 +0000 (15:18 +0900)]
icu: update to 68.2
Maintainer: me
Compile tested: head r15324-
920b692, aarch64, x86_64
Run tested: (qemu-5.2.0) aarch64
Description:
Update to 68.2
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
d6317132dd7040fcab492ba76ec60b6fa8ae4fe6)
Hirokazu MORIKAWA [Mon, 9 Nov 2020 03:49:56 +0000 (12:49 +0900)]
icu: update to 68.1
It updates to CLDR 38. New features including locale-dependent smart unit preferences (road distance, temperature, etc.) and locale ID canonicalization conformant with CLDR.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
4f3a8c153535d7613249c567df9840ed23fa7ef1)
Rosen Penev [Mon, 31 Aug 2020 07:32:38 +0000 (00:32 -0700)]
icu: fix compilation under CentOS 7
CentOS 7's GCC is quite old and does not put max_align_t under std.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
6255a77128d0ea4e1aa1b24ef9fa06ba71072e2e)
Hirokazu MORIKAWA [Tue, 18 Aug 2020 06:13:35 +0000 (15:13 +0900)]
icu: update to 67.1
Unicode 13 & CLDR 37. Bug fixes for date and number formatting, enhanced support for user preferences in the locale identifier. LocaleMatcher code and data improved. Number skeletons have a new “concise” form that can be used in MessageFormat strings.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
e3be3aadc122c9e7689541bdbcd3e785b70b63ad)
Rosen Penev [Fri, 19 Mar 2021 22:51:45 +0000 (15:51 -0700)]
Merge pull request #15165 from gladiac1337/haproxy-2.0.21-19.07
[openwrt-19.07] haproxy: Update HAProxy to v2.0.21
Christian Lachner [Fri, 19 Mar 2021 17:38:26 +0000 (18:38 +0100)]
haproxy: Update HAProxy to v2.0.21
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Tianling Shen [Thu, 18 Mar 2021 05:12:13 +0000 (13:12 +0800)]
tmate: add new package
Tmate is a fork of tmux. It provides an instant pairing solution.
For more details, see https://tmate.io.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
ccfe1bfa508e7041c4b5f902f1354ef9566bff28)
Tianling Shen [Thu, 18 Mar 2021 05:08:45 +0000 (13:08 +0800)]
msgpack-c: add new package
This is needed by tmate.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
cfc965b10754fea8c71dad79e6b4cd7c02f47a9b)
Rosen Penev [Sun, 29 Nov 2020 23:58:20 +0000 (15:58 -0800)]
minidlna: update to 1.3.0
Fixes two CVEs relating to UPnP.
Removed libuuid dependency. It is not used.
Remove clock_gettime hack. It seems to have been fixed.
Removed upstream patches.
Refreshed the other ones.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
f5689796481c5b8e89cd3fff8b10ea6f675f85e9)
Hannu Nyman [Wed, 17 Mar 2021 17:55:45 +0000 (19:55 +0200)]
Merge pull request #15149 from ja-pa/tor-0.4.4.8-openwrt-19.07
[openwrt 19.07] tor: update to version 0.4.4.8 (security fix)
Jan Pavlinec [Wed, 17 Mar 2021 09:34:52 +0000 (10:34 +0100)]
tor: update to version 0.4.4.8
Fixes CVE-2021-28089 and CVE-2021-28090
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Florian Eckert [Tue, 16 Mar 2021 13:14:24 +0000 (14:14 +0100)]
Merge pull request #15136 from TDT-AG/pr/
2021015-openwrt-19.07-mwan3
mwan3: remove mwan3 ubus call on mwan3 iface hotplug ACTION
Florian Eckert [Mon, 15 Mar 2021 13:15:39 +0000 (14:15 +0100)]
mwan3: remove mwan3 ubus call on mwan3 iface hotplug ACTION
With this change, the interface status is no longer read from the mwan3 ubus.
The status of the interface is read directly from the status directory.
This was already implemented in the master with the
commit
c07f5230be128669f7b6731415de26f8176fbf5b.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Karl Palsson [Mon, 15 Mar 2021 10:41:31 +0000 (10:41 +0000)]
net/mosquitto: bump to 1.6.14
This is a minor security fix for outgoing bridges and the client
library.
Full details: https://mosquitto.org/blog/2021/03/version-2-0-9-released/
Signed-off-by: Karl Palsson <karlp@etactica.com>
Paul Spooren [Fri, 12 Mar 2021 00:14:25 +0000 (14:14 -1000)]
CI: backport GitHub action CI
The CI is working fine with OpenWrt snapshots and 21.02, so backport it.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Olivier Poitrey [Mon, 8 Mar 2021 23:48:42 +0000 (23:48 +0000)]
nextdns: Update to version 1.11.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Rosen Penev [Mon, 8 Mar 2021 20:26:46 +0000 (12:26 -0800)]
Merge pull request #15054 from stangri/19.07-vpn-policy-routing
[19.07] vpn-policy-routing: better processing of custom user files
Stan Grishin [Mon, 8 Mar 2021 10:35:01 +0000 (10:35 +0000)]
vpn-policy-routing: better processing of custom user files
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Mon, 30 Nov 2020 00:48:36 +0000 (16:48 -0800)]
libpam: update to 1.5.1
Fix installed paths. After
e52d0487e88c3c8c57e1310d1a02b18eae0d142e
upstream, this bug was exposed.
Instead of working around it, fix the patch.
After this, everything consistently gets installed to ipkg-install/usr.
Minor Makefile reorganization.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
b75f250f3bf378bcaa0784d44f64ff2bb4e7af9a)
Rosen Penev [Wed, 25 Nov 2020 00:52:51 +0000 (16:52 -0800)]
libpam: update to 1.5.0
Fixes CVE-2020-27780
Removed upstreamed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
0f317e9fbde341549c0cd7c3d43742739d123c97)