Rosen Penev [Wed, 13 Nov 2019 20:32:14 +0000 (12:32 -0800)]
Merge pull request #10520 from Kulipator/libmraa_ramips_fix
[18.06] Libmraa compilation fix
Archil Pirmisashvili [Wed, 13 Nov 2019 20:28:37 +0000 (22:28 +0200)]
Compilation fix & upgrade to version 0.8.1
Signed-off-by: Archil Pirmisashvili <kulipator@gmail.com>
RF-Networks [Sun, 10 Nov 2019 19:35:06 +0000 (21:35 +0200)]
Libmraa compilation fix
Signed-off-by: Archil Pirmisashvili <kulipator@gmail.com>
RF-Networks [Sun, 10 Nov 2019 19:02:14 +0000 (21:02 +0200)]
Libmraa compilation fix
Signed-off-by: Archil Pirmisashvili <kulipator@gmail.com>
Signed-off-by: RF-Networks <archil@rf-networks.com>
Jakub Piotr Cłapa [Thu, 22 Aug 2019 08:55:03 +0000 (10:55 +0200)]
perl: fixed host compilation of static perl on MacOS
All symbols on MacOS are prefixed with an underscore which
interfered with the filtering mechanism (added in perl 5.28)
for extension libraries to be linked into static perl.
Signed-off-by: Jakub Piotr Cłapa <jpc@loee.pl>
Rosen Penev [Sun, 10 Nov 2019 02:52:17 +0000 (18:52 -0800)]
Merge pull request #9671 from BKPepe/clamav1806
[OpenWrt 18.06] clamav: update to version 0.100.3
Rosen Penev [Sat, 2 Nov 2019 03:27:06 +0000 (20:27 -0700)]
protobuf-c: Fix typo on build dependency.
This was fixed in
3bcaa7a4fe4d2231788c20367aed2993a86490c2
Backported the fix here.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sat, 10 Aug 2019 20:44:07 +0000 (13:44 -0700)]
libgd: Properly disable iconv support
HAVE_ICONV and HAVE_ICONV_H are two different headers that both need to
evaluate to false. Added the extra CONFIGURE_VARS.
This can be verified by passing -Werror=implicit-function-declaration
Added PKG_LICENSE_FILES
Updated homepage URL.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
bf2f1a02636a9b74e1d824cab384b8f3f9e7d819)
Yousong Zhou [Mon, 9 Sep 2019 02:59:50 +0000 (02:59 +0000)]
wget: provides gnu-wget
So that packages like acme requiring features from it can depend on it
explicitly, not the more basic "wget" which is also provided by
"uclient-fetch"
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
[port to 18.06 to fix acme package backport]
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Toke Høiland-Jørgensen [Tue, 29 Oct 2019 08:44:47 +0000 (09:44 +0100)]
acme: Bring up-to-date with master
There are quite a few bugfixes in the version of the ACME package in
master, and the old version in 18.06 have some issues as seen in #10328.
This commit ports over all changes from the master branch in one go.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Luiz Angelo Daros de Luca [Sun, 27 Oct 2019 14:40:26 +0000 (11:40 -0300)]
ruby: bump to 2.5.7
2.5.7 fixes:
* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick’s Digest access authentication
2.5.6 fixes:
* Multiple jQuery vulnerabilities in RDoc
* About 40 bugs
Changelog: https://github.com/ruby/ruby/compare/v2_5_5...v2_5_7
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Josef Schlehofer [Tue, 22 Oct 2019 12:36:23 +0000 (14:36 +0200)]
python-cryptography: fix CVE-2018-10903
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Tue, 22 Oct 2019 11:29:26 +0000 (13:29 +0200)]
python-cryptography: Add support for LibreSSL 2.7.x
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Hannu Nyman [Mon, 21 Oct 2019 18:54:57 +0000 (21:54 +0300)]
Merge pull request #10324 from jefferyto/python-2.7.17-openwrt-18.06
[openwrt-18.06] python: Update to 2.7.17, refresh patches
Jeffery To [Mon, 21 Oct 2019 15:30:53 +0000 (23:30 +0800)]
python: Update to 2.7.17, refresh patches
Patches already merged and so removed:
* 019-bpo-36216-Add-check-for-characters-in-netloc-that-normalize-to-separators-GH-12216.patch
* 020-bpo-36216-Only-print-test-messages-when-verbose-GH-12291.patch
* 021-2.7-bpo-35121-prefix-dot-in-domain-for-proper-subdom.patch
* 027-bpo-38243-Escape-the-server-title-of-DocXMLRPCServer.patch
* 028-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
Patches no longer necessary and so removed:
* 017_lib2to3_fix_pyc_search.patch
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
83b300aa83f3cf663747998f4500a8592acf9959)
Rosen Penev [Mon, 21 Oct 2019 16:14:14 +0000 (09:14 -0700)]
Merge pull request #10312 from stangri/18.06-vpnbypass
[18.06] vpnbypass: bugfix: PROCD command not found on stop
Stan Grishin [Mon, 21 Oct 2019 04:21:30 +0000 (21:21 -0700)]
vpnbypass: bugfix: PROCD command not found on stop
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Sun, 20 Oct 2019 17:16:28 +0000 (10:16 -0700)]
Merge pull request #10279 from BKPepe/sudo-18.06
[OpenWrt 18.06] sudo: Update to version 1.8.28p1
Josef Schlehofer [Sat, 19 Oct 2019 14:32:44 +0000 (16:32 +0200)]
sudo: Update to version 1.8.28p1
- Use HTTPS for downloading tarball and for their website
- Add PKG_CPE_ID
- Remove inactive maintainer
- Refreshed patches
Fixes: CVE-2019-14287
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Jan Pavlinec [Wed, 18 Sep 2019 11:30:11 +0000 (13:30 +0200)]
irssi: update to version 1.2.2 (security fix)
Fixes CVE-2019-15717
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from commit
b42159dea3ed38c3755c1b641d47209878247763)
Noah Meyerhans [Wed, 16 Oct 2019 15:38:11 +0000 (08:38 -0700)]
Merge branch 'pr/10215' into openwrt-18.06
https://github.com/openwrt/packages/pull/10215
Josef Schlehofer [Mon, 14 Oct 2019 19:21:03 +0000 (21:21 +0200)]
Merge pull request #9997 from flyn-org/openldap-18.06
openldap: update to 2.4.48
Rosen Penev [Mon, 14 Oct 2019 16:29:16 +0000 (09:29 -0700)]
Merge pull request #10237 from jefferyto/gammu-fix-lib-symlinks-openwrt-18.06
[openwrt-18.06] gammu: Fix lib symlinks
Jeffery To [Mon, 14 Oct 2019 09:12:41 +0000 (17:12 +0800)]
gammu: Fix lib symlinks
This fixes the symlinks for libGammu.so and libgsmsd.so. Previously, the
symlinks were overwritten by $(INSTALL_BIN) with copies of their
sources.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Josef Schlehofer [Sun, 13 Oct 2019 09:04:48 +0000 (11:04 +0200)]
bind: Update to version 9.11.11
Change License to MPL-2.0 and add PKG_LICENSE_FILES.
For more details look at https://www.isc.org/blogs/bind9-adopts-the-mpl-2-0-license-with-bind-9-11-0/
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Fri, 11 Oct 2019 19:49:51 +0000 (12:49 -0700)]
Merge pull request #10108 from BKPepe/expat-1806
[OpenWrt 18.06] expat: Update to version 2.2.9
Rosen Penev [Tue, 8 Oct 2019 20:58:14 +0000 (13:58 -0700)]
Merge pull request #10167 from BKPepe/unbound18.06
[OpenWrt 18.06] unbound: Update to version 1.9.4
Alexandru Ardelean [Wed, 27 Feb 2019 10:18:17 +0000 (12:18 +0200)]
python3-pip: fix install rule
This seems to have slipped for some time. No idea if it ever worked.
It could be that this worked at some point.
In any case, the shebang is properly updated now.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit
1b96dc01715f4f03f758ff1d087caf15726016af)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(bump PKG_RELEASE for python3-pip)
Hannu Nyman [Mon, 7 Oct 2019 15:17:03 +0000 (18:17 +0300)]
nano: update to 4.5
Update nano editor to version 4.5.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
bfd66f2d23483513f80e109df2e0e02de782e5b4)
(fix also license tag and add CVE)
Hannu Nyman [Mon, 7 Oct 2019 15:08:58 +0000 (18:08 +0300)]
Merge pull request #10164 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfix: proper dnsmasq reload on stop, rework start/stop logic
Josef Schlehofer [Fri, 4 Oct 2019 09:57:24 +0000 (11:57 +0200)]
unbound: Update to version 1.9.4
Fixes CVE-2019-16866
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Eric Luehrsen [Fri, 30 Aug 2019 02:45:45 +0000 (22:45 -0400)]
unbound: update to 1.9.3
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
Stan Grishin [Sun, 6 Oct 2019 16:33:48 +0000 (09:33 -0700)]
simple-adblock: bugfix: proper dnsmasq reload on stop, rework start/stop logic
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Sat, 5 Oct 2019 14:17:46 +0000 (17:17 +0300)]
Merge pull request #10156 from gladiac1337/haproxy-1.8.21-openwrt-18.06
[openwrt-18.06] haproxy: Update HAProxy to v1.8.21
Christian Lachner [Sat, 5 Oct 2019 11:26:02 +0000 (13:26 +0200)]
haproxy: Update HAProxy to v1.8.21
- Update haproxy download URL and hash
- Add new patches (see https://www.haproxy.org/bugs/bugs-1.8.21.html)
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Hannu Nyman [Sat, 5 Oct 2019 08:27:49 +0000 (11:27 +0300)]
Merge pull request #10155 from jefferyto/python-bpo-38243-34155-openwrt-18.06
[openwrt-18.06] python: Fix CVE-2019-16056, CVE-2019-16935
Hannu Nyman [Sat, 5 Oct 2019 08:26:08 +0000 (11:26 +0300)]
Merge pull request #10143 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfix and improvements (check description)
Jeffery To [Fri, 4 Oct 2019 16:58:08 +0000 (00:58 +0800)]
python: Fix CVE-2019-16056, CVE-2019-16935
These patches address issues:
CVE-2019-16056: email.utils.parseaddr mistakenly parse an email
CVE-2019-16935: A reflected XSS in python/Lib/DocXMLRPCServer.py
Links to Python issues:
https://bugs.python.org/issue34155
https://bugs.python.org/issue38243
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Stan Grishin [Fri, 4 Oct 2019 01:42:02 +0000 (18:42 -0700)]
simple-adblock: bugfix and improvements (check description)
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Wed, 1 May 2019 02:37:52 +0000 (19:37 -0700)]
clamav: Remove build hacks
Simplified the Makefile and fixes compilation with uClibc-ng. Also added
IPv6 support.
Took the time to clean up the Makefile with other useful options.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from commit
012e4c1)
Josef Schlehofer [Tue, 6 Aug 2019 20:42:44 +0000 (22:42 +0200)]
clamav: update to version 0.100.3
Fixes CVEs:
0.100.1
- CVE-2017-16932
- CVE-2018-0360
- CVE-2018-0361
0.100.2
- CVE-2018-15378
- CVE-2018-14680
- CVE-2018-14681
- CVE-2018-14682
0.100.3
- CVE-2019-1787
- CVE-2019-1788
- CVE-2019-1789
Use HTTPS in URL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Wed, 2 Oct 2019 19:05:53 +0000 (12:05 -0700)]
Merge pull request #10120 from BKPepe/youtubedl-1806
[OpenWrt 18.06] youtube-dl: Update to version 2019.9.28
Hannu Nyman [Tue, 1 Oct 2019 20:18:46 +0000 (23:18 +0300)]
haveged: convert to procd
Convert haveged init script to use procd
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
4f717a6f65b5c495aec770b507913befa40b8997)
Hannu Nyman [Tue, 1 Oct 2019 18:38:11 +0000 (21:38 +0300)]
haveged: update to 1.9.8
Update haveged to 1.9.8
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
e5b308308b528b912ec1352b85bf2de13d94ce3f)
Josef Schlehofer [Mon, 30 Sep 2019 21:23:16 +0000 (23:23 +0200)]
youtube-dl: Update to version 2019.9.28
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Mon, 30 Sep 2019 20:30:46 +0000 (13:30 -0700)]
Merge pull request #10118 from BKPepe/libgcrypt-1806
[OpenWrt 18.06] libgcrypt: backport fix for CVE-2019-13627
Josef Schlehofer [Mon, 30 Sep 2019 15:22:00 +0000 (17:22 +0200)]
python3: fix CVE-2019-16056 and delete two patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sat, 28 Sep 2019 23:11:44 +0000 (01:11 +0200)]
python3: backport three security patches
Fixes: CVE-2019-16935
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
80def9e)
Josef Schlehofer [Sun, 29 Sep 2019 09:03:40 +0000 (11:03 +0200)]
expat: Update to version 2.2.9
Fixes CVE-2019-15903
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Jan Pavlinec [Wed, 10 Jul 2019 14:17:52 +0000 (16:17 +0200)]
expat: update to version 2.2.7 (security fix)
Fixes:
CVE-2018-20843
Changes:
add PKG_CPE_ID
switch to xz
remove maintainer
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Michael Heimpold [Mon, 3 Sep 2018 11:36:08 +0000 (13:36 +0200)]
expat: fix host build issue with docbook
Additionally to the fix issued for #6923, we need to disable the docbook
usage also for the host build. This prevents the following error:
checking for docbook2man... docbook2man
configure: error: Your local docbook2man was found to work with SGML rather
than XML. Please install docbook2X and use variable DOCBOOK_TO_MAN to point
configure to command docbook2x-man of docbook2X.
Or use DOCBOOK_TO_MAN="xmlto man --skip-validation" if you have xmlto around.
You can also configure using --without-docbook if you can do without a man
page for xmlwf.
Signed-off-by: Michael Heimpold <michael.heimpold@i2se.com>
Andy Walsh [Sat, 1 Sep 2018 12:16:16 +0000 (14:16 +0200)]
expat: disable docbook
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Daniel Engberg [Tue, 28 Aug 2018 20:42:05 +0000 (22:42 +0200)]
lib/expat: Update to 2.2.6
Update (lib)expat to 2.2.6
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Josef Schlehofer [Sat, 28 Sep 2019 09:52:27 +0000 (11:52 +0200)]
Merge pull request #9893 from BKPepe/bind-18.06
[OpenWrt 18.06] bind: update to version 9.11.10
Rosen Penev [Fri, 27 Sep 2019 19:24:47 +0000 (12:24 -0700)]
Merge pull request #9798 from ja-pa/zmq-security-fix-18.06
[OpenWrt 18.06] zeromq: update to version 4.1.7 (security fix)
Karl Palsson [Fri, 27 Sep 2019 13:31:27 +0000 (13:31 +0000)]
net/mosquitto: bump to 1.5.9 for CVE
Fixes CVE-2019-11779
Release notes at https://mosquitto.org/blog/2019/09/version-1-6-6-released/
Signed-off-by: Karl Palsson <karlp@etactica.com>
Rosen Penev [Mon, 27 Aug 2018 04:12:54 +0000 (21:12 -0700)]
python-crypto: Fix two CVEs
CVE-2013-7459 and CVE-2018-6594. Both patches taken from Fedora.
Also took the liberty to update the PKG_SOURCE_URL to a standard one.
Updated the home URL as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
32b23e28ad892395a5575c09606cd07db175f7cc)
Josef Schlehofer [Thu, 26 Sep 2019 18:27:41 +0000 (20:27 +0200)]
libgcrypt: backport fix for CVE-2019-13627
Refresh patches due to offsets
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Hannu Nyman [Wed, 25 Sep 2019 16:13:10 +0000 (19:13 +0300)]
Merge pull request #10063 from stangri/18.06-simple-adblock
[18.06] simple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README
Stan Grishin [Tue, 24 Sep 2019 16:11:57 +0000 (09:11 -0700)]
simple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README
Signed-off-by: Stan Grishin <stangri@melmac.net>
Josef Schlehofer [Fri, 20 Sep 2019 12:38:22 +0000 (14:38 +0200)]
zmq: fix CVE-2019-13132
- Use HTTPS in their website
- Remove unnecessary space between PKG_SOURCE_URL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Rosen Penev [Fri, 20 Sep 2019 20:07:47 +0000 (13:07 -0700)]
Merge pull request #10041 from neheb/djj
[18.06]django: Update to 1.8.19
Rosen Penev [Fri, 20 Sep 2019 18:45:06 +0000 (11:45 -0700)]
django: Update to 1.8.19
Fixes:
CVE-2018-7536
CVE-2018-7537
Switches to pypi, as in upstream. Updated maintainer as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
W. Michael Petullo [Sat, 14 Sep 2019 16:08:53 +0000 (12:08 -0400)]
openldap: update to 2.4.48
Fixes CVE-2019-13565.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Rosen Penev [Wed, 31 Jul 2019 06:41:22 +0000 (23:41 -0700)]
openldap: Add static function declaration
Fixes compilation with -Werror=implicit-function-declaration .
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Val Kulkov [Fri, 21 Dec 2018 17:22:33 +0000 (12:22 -0500)]
openldap: version update and new build parameters
This patch updates OpenLDAP to 2.4.47, introduces new build
parameters and places openldap-server, openldap-utils and
libopenldap under a separate menu item in Network.
OpenLDAP is difficult to find in menuconfig at present. Making
a separate menu item for OpenLDAP for selection of packages and
enabling or disabling build parameters makes better sense.
To have access to the loglevel directive, OpenLDAP must be built
with debugging information. Having access to the loglevel directive
is essential during the initial configuration of OpenLDAP server.
International users may want to enable ICU support to have access
to international characters.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Daniel Engberg [Sat, 9 Jun 2018 20:18:12 +0000 (22:18 +0200)]
openldap: Switch tarball sources to https and http
Switch from ftp which can be broken on corp firewalls to https and http.
Mirrors taken from https://www.openldap.org/software/download/ and
https://www.openldap.org/software/download/OpenLDAP/MIRRORS
Place master site as last resort.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: W. Michael Petullo <mike@flyn.org>
W. Michael Petullo [Wed, 24 Apr 2019 19:57:34 +0000 (15:57 -0400)]
lighttpd: mark module configuration files
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from
9cf412c0cba38f1251e9d8c1fd9afbb86caee88a)
Josef Schlehofer [Sun, 8 Sep 2019 21:38:08 +0000 (23:38 +0200)]
dovecot: Update to version 2.2.36.4
- Fix CVE-2019-11500
- Download tarball from HTTPS instead of HTTP
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sun, 1 Sep 2019 17:42:48 +0000 (19:42 +0200)]
wget: fix CVE-2018-20483
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Matthias Schiffer [Wed, 4 Sep 2019 20:49:12 +0000 (22:49 +0200)]
fastd: fix init script for multiple VPN instances
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
b7ff8b8087c6e948aba45b74c261cd7337433523)
Hannu Nyman [Mon, 2 Sep 2019 18:02:17 +0000 (21:02 +0300)]
haveged: update to 1.9.6
Update haveged to 1.9.6
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
c933ac5dcb85361baeb9ff9ec424533b67bb2578)
Florian Eckert [Mon, 2 Sep 2019 07:27:24 +0000 (09:27 +0200)]
Merge pull request #9894 from BKPepe/keepalived-18.06
[OpenWrt 18.06] keepalived: Update to version 1.4.5
Rosen Penev [Mon, 2 Sep 2019 07:13:59 +0000 (00:13 -0700)]
Merge pull request #9904 from RussellSenior/my-18.06
patch: cherry pick CVE fixes to 18.06 branch
Russell Senior [Sun, 1 Sep 2019 22:50:25 +0000 (15:50 -0700)]
patch: rename CVE-2019-13638 patch to mollify uscan
Signed-off-by: Russell Senior <russell@personaltelco.net>
Russell Senior [Sun, 11 Aug 2019 19:43:41 +0000 (12:43 -0700)]
patch: apply upstream patch for CVE-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style
diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-
1000156.
https://nvd.nist.gov/vuln/detail/CVE-2019-13638
Signed-off-by: Russell Senior <russell@personaltelco.net>
Russell Senior [Mon, 29 Jul 2019 20:14:19 +0000 (13:14 -0700)]
tools/patch: apply upstream patch for CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.
https://nvd.nist.gov/vuln/detail/CVE-2019-13636
Signed-off-by: Russell Senior <russell@personaltelco.net>
DENG Qingfang [Sat, 31 Aug 2019 14:29:29 +0000 (22:29 +0800)]
exfat-nofuse: drop BUILD_PATENTED
Microsoft has published technical specification for exFAT [1]
and the driver has been added to Linux staging tree [2].
It's now safe to drop BUILD_PATENTED label.
[1] https://docs.microsoft.com/windows/win32/fileio/exfat-specification
[2] http://lkml.iu.edu/hypermail/linux/kernel/1908.3/04254.html
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry-picked from commit
4c9d0c7b56365761fd1986ff954edf963feb2931)
Josef Schlehofer [Sun, 1 Sep 2019 15:40:55 +0000 (17:40 +0200)]
keepalived: add patch for CVE-2018-19115
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sun, 1 Sep 2019 15:39:15 +0000 (17:39 +0200)]
keepalived: Update to version 1.4.5
- Use HTTPS for PKG_SOURCE_URL and as well for URL in description
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sun, 1 Sep 2019 15:01:22 +0000 (17:01 +0200)]
bind: Update to version 9.11.10
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Sun, 1 Sep 2019 11:15:34 +0000 (13:15 +0200)]
lighttpd: fix CVE-2018-19052
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Fri, 30 Aug 2019 17:13:47 +0000 (10:13 -0700)]
Merge pull request #9841 from cshoredaniel/pr-18.06-nut-targetted
[18.06] Targeted fixes based on 19.07/master
Josef Schlehofer [Thu, 29 Aug 2019 21:40:33 +0000 (23:40 +0200)]
Merge pull request #9703 from BKPepe/squid-18.06
[OpenWrt 18.06] squid: update to version 3.5.28
Hannu Nyman [Thu, 29 Aug 2019 17:41:04 +0000 (20:41 +0300)]
Merge pull request #9814 from guidosarducci/speedtest-18.06
[18.06] speedtest-netperf: backport stable package from 19.07 and master
Rosen Penev [Wed, 28 Aug 2019 01:55:27 +0000 (18:55 -0700)]
Merge pull request #9777 from BKPepe/tar_1806
[OpenWrt 18.06] tar: update to version 1.3.2
Rosen Penev [Tue, 27 Aug 2019 18:31:22 +0000 (11:31 -0700)]
Merge pull request #9821 from cotequeiroz/vim_host
[18.06] vim: Add host build to install xxd
Daniel F. Dickinson [Tue, 27 Aug 2019 05:22:41 +0000 (01:22 -0400)]
nut: Bump PKG_RELEASE
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 04:56:42 +0000 (00:56 -0400)]
nut: Handle FSD properly
Make sure we force shutdown of UPS only when we should, and when
we should that shutdown happens.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 04:53:42 +0000 (00:53 -0400)]
nut: Fix init actions (server/driver)
The server and driver were not starting/restarting reliably. In
addition on interface changes NUT got very confused. So we fix
handling of restarts and add a reload trigger for interface
changes.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 04:49:46 +0000 (00:49 -0400)]
nut: Fix extra diver params config
Extra parameters for the UPS driver were not being handled correctly.
Fix that (was wrong variable name).
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 04:43:25 +0000 (00:43 -0400)]
nut: Fix permissions with runas
Fix directory and conf file creation and owner/mode setting
for when running as non-root.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 04:19:03 +0000 (00:19 -0400)]
nut: Fix statepath handling
The statepath was getting the wrong permission and/or not created
at the right time. This commit includes fixes for handling the
statepath (typically /var/run/nut).
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 04:15:12 +0000 (00:15 -0400)]
nut: Fix unset of runas user (ups server)
Running as non-root was failing due to misplace local keyword
causing runas to be unset from calling value.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 03:48:49 +0000 (23:48 -0400)]
nut: Fix bad check for conf exists
We were `cat`ing the file instead of just checking for non-empty
existance. Fix that.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 03:43:16 +0000 (23:43 -0400)]
nut: Fix upsmon init actions
1) For upsmon start and stop were at wrong position in rc.d
2) Stop needs more than just killing the procd instead but rather
needs a stop command to be issued.
3) Interface up/down was causing not to enter a crashloop (we fix this
with procd trigger on interface changes).
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 03:38:10 +0000 (23:38 -0400)]
nut: Fix unset of runas user (upsmon)
Running as non-root was failing due to misplace local keyword
causing runas to be unset from calling value.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Tue, 27 Aug 2019 03:18:05 +0000 (23:18 -0400)]
nut: Remove unecessary libwrap dependency
CONFIG_ARGS has --without-wrap so libwrap as a dependency is
extraneous as it is not actually used.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Hannu Nyman [Sun, 25 Aug 2019 17:38:01 +0000 (20:38 +0300)]
nano: update to 4.4
Update nano editor to 4.4
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
d9347059a80fc8977a1e148153693a2851b4e253)
Rosen Penev [Wed, 10 Apr 2019 21:55:37 +0000 (14:55 -0700)]
ttyd: Add dependency for vim
Needed to avoid error in case xxd is not installed:
[ 16%] Generating html.h from index.html
/bin/sh: 1: CMAKE_XXD-NOTFOUND: not found
CMakeFiles/ttyd.dir/build.make:61: recipe for target 'html.h' failed
make[6]: *** [html.h] Error 127
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
773c19afad0723bc2ba49b36e8172776e2eaf207)