feed/packages.git
20 months agohaproxy: update to v2.2.29
Christian Lachner [Sat, 18 Feb 2023 07:18:51 +0000 (08:18 +0100)]
haproxy: update to v2.2.29

- Update haproxy download URL and hash
- This release fixes a critial flaw known as CVE-2023-25725. See:
  http://git.haproxy.org/?p=haproxy-2.2.git;a=commit;h=4a4c90c2b04444d92c58873cfb19052f20280bc2

Signed-off-by: Christian Lachner <gladiac@gmail.com>
20 months agov2raya: drop wrong patches
Tianling Shen [Fri, 3 Mar 2023 03:52:58 +0000 (11:52 +0800)]
v2raya: drop wrong patches

These patches should not be backported to OpenWrt, otherwise tproxy
won't work for devices connected to br-lan (bypassed by the fw rules).

We have introduced a new compile-time flag for new version (which
is not released yet), but it's unnecessray to backport redudant
patches as here is still at the old version.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 40669c4135d829254ba66b0f1a6827f94d229c96)

20 months agoyq: Update to 4.31.2
Tianling Shen [Fri, 3 Mar 2023 03:58:41 +0000 (11:58 +0800)]
yq: Update to 4.31.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 1343bb585607295d2e466dfed0dd596a14570c54)

20 months agoyq: Update to 4.31.1
Tianling Shen [Tue, 21 Feb 2023 07:57:46 +0000 (15:57 +0800)]
yq: Update to 4.31.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit b76bd94605c9c53b64935c78bba6ff98e2847e16)

20 months agomsgpack-c: Update to 5.0.0
Tianling Shen [Fri, 24 Feb 2023 02:36:35 +0000 (10:36 +0800)]
msgpack-c: Update to 5.0.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 5890d2f2d76c31de85ae54a586c445a936cc4c14)

20 months agosed: remove old libpcre dependency
Alan Swanson [Tue, 28 Feb 2023 09:45:37 +0000 (09:45 +0000)]
sed: remove old libpcre dependency

Signed-off-by: Alan Swanson <reiver@improbability.net>
(cherry picked from commit 0a00f0f2a582bc11979ecef2c60a68584fe4e935)

21 months agoxfrpc: update to version 2.1.606
Dengfeng Liu [Sun, 22 Jan 2023 11:58:38 +0000 (11:58 +0000)]
xfrpc: update to version 2.1.606

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit db243b31c81a817c565feba7553c3b02d460d959)

21 months agoxfrpc: Update to 1.11.587
Dengfeng Liu [Sun, 20 Nov 2022 09:11:41 +0000 (09:11 +0000)]
xfrpc: Update to 1.11.587

refactor tcp mux

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit 419c4340026b585bfc558c3027d4308e862c795c)

21 months agoxfrpc: allow server_addr ip and domain
Dengfeng Liu [Fri, 14 Oct 2022 08:36:16 +0000 (08:36 +0000)]
xfrpc: allow server_addr ip and domain

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit a7e3f28c3761de6e7eed5423fbd116eeeec38491)

21 months agoxfrpc: Update to 1.07.582
Dengfeng Liu [Mon, 25 Jul 2022 02:29:20 +0000 (10:29 +0800)]
xfrpc: Update to 1.07.582

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit 9fbd26f1709d3fbabf043c110cb46922f2eb6750)

21 months agoxfrpc: update to 1.06.579
Dengfeng Liu [Thu, 30 Jun 2022 08:10:05 +0000 (16:10 +0800)]
xfrpc: update to 1.06.579

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit 5615ce33fa8c18944771c4aef0ce285bb3b60d47)

21 months agoxfrpc: set xfrpc's disabled default value to 0
Dengfeng Liu [Thu, 30 Jun 2022 05:54:19 +0000 (13:54 +0800)]
xfrpc: set xfrpc's disabled default value to 0

change this to satisfy luci-app-xfrpc's need

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit 10a24d4cad196b790b322bb4132086b1e350fde8)

21 months agoxfrpc: fix bug of xfrpc.init
Dengfeng Liu [Sat, 4 Jun 2022 11:55:27 +0000 (19:55 +0800)]
xfrpc: fix bug of xfrpc.init

replace xfrpc with xfrp

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit b3bd24f1afde9c1071b253959061ce4adc259d41)

21 months agoxfrpc: update to 1.05.561
Dengfeng Liu [Sat, 4 Jun 2022 04:28:55 +0000 (12:28 +0800)]
xfrpc: update to 1.05.561

support tcp mux and default to turn it on

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit d4430d2e89cd289807b4a9e21583cae245c1e81c)

21 months agoxfrpc: Update to 1.05.548
Dengfeng Liu [Sun, 8 May 2022 04:02:04 +0000 (12:02 +0800)]
xfrpc: Update to 1.05.548

deprecated xfrps, compatible with frps

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit 2cb01429b198702decc2744fc470270b3b328c63)

21 months agoxfrpc: fast reverve proxy client in c language
Dengfeng Liu [Tue, 5 Apr 2022 01:53:59 +0000 (01:53 +0000)]
xfrpc: fast reverve proxy client in c language

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit 9af01c87bfb3007e0a169b57bf9762c88098dff9)

21 months agogit: update to 2.34.7
Michal Vasilek [Thu, 16 Feb 2023 09:20:13 +0000 (10:20 +0100)]
git: update to 2.34.7

Fixes CVE-2023-22490, CVE-2023-23946

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 06f466cc61ce5e5c98d1147c165d3e96c31e41cc)

21 months agoCI: do not crash during PKG-INFO generation if there are no packages
Peter van Dijk [Fri, 5 Nov 2021 12:06:15 +0000 (13:06 +0100)]
CI: do not crash during PKG-INFO generation if there are no packages

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit b5132de5cf4f7d0562445cf3c65f9f1a4bcb1bbf)

21 months agoCI: add PKG-INFO metadata file
Peter van Dijk [Fri, 5 Nov 2021 12:06:15 +0000 (13:06 +0100)]
CI: add PKG-INFO metadata file

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit a40c1b3e442eccbf0619f06b473705f4a4a0ac6d)

21 months agoCI: use git commit sha in name
Peter van Dijk [Fri, 5 Nov 2021 12:06:15 +0000 (13:06 +0100)]
CI: use git commit sha in name

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit bbf983721cf41fd94388b16ce90f018d6c0496f5)

21 months agoMerge pull request #20526 from nxhack/2102_node_14213
Eneas U de Queiroz [Mon, 20 Feb 2023 12:37:44 +0000 (09:37 -0300)]
Merge pull request #20526 from nxhack/2102_node_14213

[21.02] node: bump to v14.21.3

21 months agoMerge pull request #20518 from commodo/django-21.02
Alexandru Ardelean [Mon, 20 Feb 2023 09:10:36 +0000 (11:10 +0200)]
Merge pull request #20518 from commodo/django-21.02

[21.02] django: bump to version 3.2.18

21 months agonode: bump to v14.21.3 20526/head
Hirokazu MORIKAWA [Sun, 19 Feb 2023 06:07:45 +0000 (15:07 +0900)]
node: bump to v14.21.3

Thursday February 16 2023 Security Releases

Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
* CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low)
More detailed information on each of the vulnerabilities can be found in February 2023 Security Releases blog post.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
21 months agosnowflake: update to v2.5.1
Nick Hainke [Tue, 24 Jan 2023 22:25:22 +0000 (23:25 +0100)]
snowflake: update to v2.5.1

Changes in version v2.4.3 - 2023-01-16
- Fix version number in version.go

(Changes for v2.5.1 are missing)

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit ac9027aebb5b9ed01cf9db28abec6bb4d0025afe)

21 months agodjango: bump to version 3.2.18 20518/head
Alexandru Ardelean [Fri, 17 Feb 2023 17:25:41 +0000 (19:25 +0200)]
django: bump to version 3.2.18

Fixes:
  https://nvd.nist.gov/vuln/detail/CVE-2023-23969

Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
21 months agoxray-core: Update to 1.7.5
Tianling Shen [Thu, 9 Feb 2023 23:28:57 +0000 (07:28 +0800)]
xray-core: Update to 1.7.5

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit b4c4b17308d8ca742c4522810b3a8134049f3810)
[Updated geodata to latest version, based on 669357351c1625]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
21 months agobind: update to 9.18.11
Noah Meyerhans [Thu, 26 Jan 2023 18:45:55 +0000 (10:45 -0800)]
bind: update to 9.18.11

Fixes CVEs:
      - CVE-2022-3924: Fix serve-stale crash when recursive clients
      soft quota is reached.
      - CVE-2022-3736: Handle RRSIG lookups when serve-stale is
      active.
      - CVE-2022-3094: An UPDATE message flood could cause named to
      exhaust all available memory. This flaw was addressed by adding
      a new "update-quota" statement that controls the number of
      simultaneous UPDATE messages that can be processed or
      forwarded. The default is 100. A stats counter has been added to
      record events when the update quota is exceeded, and the XML and
      JSON statistics version numbers have been updated.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit 47fcec43abedab5c409259db1ac14c1ccc86bd02)

21 months agocrun: update to 1.3
Oskari Rauta [Wed, 24 Nov 2021 23:28:25 +0000 (01:28 +0200)]
crun: update to 1.3

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 7034d3cbba813f8b19294667f058513e5745056e)

21 months agocrun: update to version 1.2
Oskari Rauta [Thu, 4 Nov 2021 23:41:20 +0000 (01:41 +0200)]
crun: update to version 1.2

release notes:

0.20.1
 - container: ignore error when resetting the SELinux label for the keyring.

0.21
 - when compiled with krun, automatically use it if the current executable file is called "krun"
 - cgroup: lookup pids controller as well when the memory controller is not available
 - status: add fields for owner and created timestamp
 - honor memory swappiness set to 0

1.0
 - Fix symlink target mangling for tmpcopyup targets.
 - Makefile.am: fix link error when using directly libcrun.
 - cgroup: add support for setting memory.use_hierarchy on cgroup v1.
 - linux: treat pidfd_open failures EINVAL as ESRCH.
 - cgroup: chown the current container cgroup to root in the container.

1.1
 - utils: retry openat2 on EAGAIN. If the openat2 syscall is interrupted, try again.
 - criu: fix save of external descriptors. Now restored containers attach correctly their standard streams.
 - criu: Add support for external PID namespace.
 - container: Set primary process to 1 via LISTEN_PID by default if user configuration is missing.
 - exec: refuse to exec in a paused container/cgroup.
 - cgroup: use cgroup.kill when available. It is faster to kill a container through its cgroup as there is no need to recurse over the cgroup pids and terminate each one of them.

1.2
 - criu: add support for external ipc, uts and time namespaces.
 - exec: fix regression in 1.1 where containers are being wrongly reported as paused.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 3873a850a5219bfb3143594843964a15860f3235)

21 months agopodman: update to v3.4.4
Oskari Rauta [Thu, 16 Dec 2021 00:25:58 +0000 (02:25 +0200)]
podman: update to v3.4.4

list of changes: https://github.com/containers/podman/releases

Added patch for compiling with musl. Patch can be removed on next
release as it is already merged to podman git but not on this release.
Patch moves definition in source so definition is available before it
is being used.

Patch source: https://github.com/containers/podman/pull/12564

Patch re-created with quilt.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 5ff3b25509c9c1e5d1d43044fcc22dd19a10d779)

21 months agopodman: update to 3.4.2
Oskari Rauta [Wed, 24 Nov 2021 23:14:07 +0000 (01:14 +0200)]
podman: update to 3.4.2

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit b011f3faf8f84d398c197773d711ac0cdde31aa3)

22 months agonextdns: Update to version 1.39.4
Olivier Poitrey [Thu, 26 Jan 2023 18:45:53 +0000 (18:45 +0000)]
nextdns: Update to version 1.39.4

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
22 months agoksmbd: select ASN1 explicitly to reduce dependencies
Rafał Miłecki [Wed, 25 Jan 2023 11:34:15 +0000 (12:34 +0100)]
ksmbd: select ASN1 explicitly to reduce dependencies

ksmbd requires ASN.1 grammar compiler so it depends on CONFIG_ASN1. It
should select kmod-asn1-decoder for above reason.

Due to some problems with kmod-asn1-decoder in the past ksmbd was
selecting kmod-nf-nathelper-extra instead. That was affecting network
performance in kernel as each loaded conntrack module adds some overhead
to packets processing.

Fix this unwanted side effect by depending on kmod-asn1-decoder
directly.

Link: http://lists.openwrt.org/pipermail/openwrt-devel/2023-January/040298.html
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
22 months agoMerge pull request #20406 from realizelol/openwrt-21.02
Dirk Brenken [Fri, 27 Jan 2023 10:19:47 +0000 (11:19 +0100)]
Merge pull request #20406 from realizelol/openwrt-21.02

[21.02] banip: renew tor urls

22 months agobanip: renew tor urls as previous ones were death. 20406/head
Chris [Fri, 27 Jan 2023 09:58:06 +0000 (10:58 +0100)]
banip: renew tor urls as previous ones were death.

Signed-off-by: Chris Schulten <bsw.bsw@gmx.de>
22 months agoknot: update to version 3.2.4
Jan Hák [Mon, 12 Dec 2022 14:15:45 +0000 (15:15 +0100)]
knot: update to version 3.2.4

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit c933a15cebe43e6d35d59281a5414438cd3c1455)

22 months agoknot: update to version 3.2.3
Jan Hák [Tue, 22 Nov 2022 10:25:02 +0000 (11:25 +0100)]
knot: update to version 3.2.3

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit 4370e457c8eabc6c4c3decdb197fccc876f45a19)

22 months agoknot: update to version 3.2.2
Jan Hák [Tue, 1 Nov 2022 13:15:24 +0000 (14:15 +0100)]
knot: update to version 3.2.2

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit a5913d51c7024b9f62e213541812a0bdd67e2984)

22 months agoMerge pull request #20270 from mhei/21.02-php8-update-8.0.27
Michael Heimpold [Sun, 22 Jan 2023 22:51:56 +0000 (23:51 +0100)]
Merge pull request #20270 from mhei/21.02-php8-update-8.0.27

[21.02] php8: update to 8.0.27

22 months agoMerge pull request #20358 from hnyman/rtty2102
Hannu Nyman [Sat, 21 Jan 2023 20:09:37 +0000 (22:09 +0200)]
Merge pull request #20358 from hnyman/rtty2102

Rtty2102

22 months agoatlas-sw-probe: add more binaries
Josef Schlehofer [Wed, 18 Jan 2023 06:57:20 +0000 (07:57 +0100)]
atlas-sw-probe: add more binaries

They were added in these commits [1] [2] and if they are not included,
the RIPE Atlas SW Probe does not work correctly.

This should also prevent this from happening in the future as it now. We include all
files with .sh extension file type.

[1] https://github.com/RIPE-NCC/ripe-atlas-software-probe/commit/70ced29fc3217dd8d61e2b78506b6103ded100aa
[2] https://github.com/RIPE-NCC/ripe-atlas-software-probe/commit/71a4ff0e68c55464f766ddb9f1dfe21b22e530db

Fixes: https://github.com/openwrt/packages/issues/20338
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 1a368a54095d67ea2efb25b7a205999650793bee)

22 months agoMerge pull request #20357 from hnyman/wifidog2102
Hannu Nyman [Sat, 21 Jan 2023 19:37:18 +0000 (21:37 +0200)]
Merge pull request #20357 from hnyman/wifidog2102

[21.02] wifidog: fix compilation with more recent wolfssl

22 months agoMerge pull request #20356 from hnyman/libuhttpd2102
Hannu Nyman [Sat, 21 Jan 2023 19:30:18 +0000 (21:30 +0200)]
Merge pull request #20356 from hnyman/libuhttpd2102

[21.02] fix libuhttpd

22 months agortty: update to 8.0.1 20358/head
Jianhui Zhao [Sun, 22 May 2022 14:01:18 +0000 (22:01 +0800)]
rtty: update to 8.0.1

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 0ea357c164d4d265d750459de2ad6a63149fe89e)
(cherry picked from commit 8377e516e90364e26a510dbc1140cc6a1907700b)

22 months agortty: add compatibility for wolfssl >= 5.0
Sergey V. Lobanov [Mon, 3 Jan 2022 18:10:50 +0000 (21:10 +0300)]
rtty: add compatibility for wolfssl >= 5.0

NTRU support has been removed in wolfssl 5.0 so it is required to
mask NTRU specific code if wolfssl >= 5.0

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit 9913c0899a8fb6bfbda33e7a1fd84f2fa6c3ddda)

22 months agortty: update to 8.0.0
Jianhui Zhao [Mon, 27 Sep 2021 11:23:34 +0000 (11:23 +0000)]
rtty: update to 8.0.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 12c5ed9a4c971a5cf314831a1a01d851be976120)

22 months agortty: update to 7.4.1
Jianhui Zhao [Mon, 31 May 2021 06:10:29 +0000 (14:10 +0800)]
rtty: update to 7.4.1

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 110e24ad9c29f2bf7d200322c816a02028ccd6a3)

22 months agortty: update to 7.4.0
Jianhui Zhao [Fri, 19 Feb 2021 11:04:10 +0000 (19:04 +0800)]
rtty: update to 7.4.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit a9a1d8740b3cd9fdffd3ebf7f76dec8224611917)

22 months agowifidog: fix compilation with more recent wolfssl 20357/head
Rosen Penev [Sat, 21 Jan 2023 19:09:37 +0000 (21:09 +0200)]
wifidog: fix compilation with more recent wolfssl

Needs an extra header. pthread.h is also no longer implicitly included.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 4605f98b413b4b0433199e4fe6d3685344cbf933)

22 months agolibuhttpd: add compatibility for wolfssl >= 5.0 20356/head
Sergey V. Lobanov [Mon, 3 Jan 2022 16:41:37 +0000 (19:41 +0300)]
libuhttpd: add compatibility for wolfssl >= 5.0

NTRU support has been removed in wolfssl 5.0 so it is required to
mask NTRU specific code if wolfssl >= 5.0

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit 9a9f26796bdf4bd6ebe5a9aee9dcb2feee54780f)

22 months agolibuhttp: don't build examples
Rosen Penev [Mon, 6 Sep 2021 08:55:37 +0000 (01:55 -0700)]
libuhttp: don't build examples

Speeds up compilation and potentially fixes it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 21e5a1e7d3e55a0c49af9e5a6c8dee6c0255f507)

22 months agolibuhttpd: Update to 3.12.1
Jianhui Zhao [Mon, 7 Jun 2021 02:22:12 +0000 (10:22 +0800)]
libuhttpd: Update to 3.12.1

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 4c163b0b123d26538710b78f1ef8f4f47bcdbc0b)

22 months agolibuhttpd: Update to 3.12.0
Jianhui Zhao [Fri, 4 Jun 2021 12:08:46 +0000 (20:08 +0800)]
libuhttpd: Update to 3.12.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 756d9e906bfeb713e6b5e3e16939d8eed4f66b9f)

22 months agolibuhttpd: Update to 3.11.0
Jianhui Zhao [Thu, 8 Apr 2021 06:58:57 +0000 (14:58 +0800)]
libuhttpd: Update to 3.11.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 3aa128f00745db22d1f2ed81d3bb3704d6c65780)

22 months agolibuhttpd: Update to 3.10.1
Jianhui Zhao [Mon, 1 Mar 2021 09:26:11 +0000 (17:26 +0800)]
libuhttpd: Update to 3.10.1

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 20328691d3a254c598c9d49e55530190dd97fe16)

22 months agolibuhttpd: Update to 3.10.0
Jianhui Zhao [Fri, 26 Feb 2021 16:40:47 +0000 (00:40 +0800)]
libuhttpd: Update to 3.10.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit a5fbbb9970864934de080940d07d84bf4b0e00b4)

22 months agolibuhttpd: Update to 3.9.0
Jianhui Zhao [Fri, 19 Feb 2021 04:23:56 +0000 (12:23 +0800)]
libuhttpd: Update to 3.9.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit 696d5021da247bb31a2b0dfe0a3a53da9fdb9ab0)

22 months agonano: update to 7.2
Hannu Nyman [Sat, 21 Jan 2023 10:20:16 +0000 (12:20 +0200)]
nano: update to 7.2

Update nano editor to version 7.2.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 6a3d2386fa3060d47cc027767926ce26697949d3)

22 months agobash: update to 5.1.16
Huangbin Zhan [Sat, 20 Nov 2021 13:56:30 +0000 (21:56 +0800)]
bash: update to 5.1.16

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit 15c6fa3ddda45345948781d395d9ec9a757c7ccc)

22 months agobash: add /etc/profile.d/sys_bashrc.sh as conffile
Huangbin Zhan [Thu, 11 Nov 2021 08:21:08 +0000 (16:21 +0800)]
bash: add /etc/profile.d/sys_bashrc.sh as conffile

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit 2977360e46c124e4e429ea1da93494a85475bffe)

22 months agobash: update to 5.1.8
Rosen Penev [Wed, 21 Jul 2021 03:31:54 +0000 (20:31 -0700)]
bash: update to 5.1.8

Switch to AUTORELEASE for simplicity.

Remove upstream backports.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 069f1a80b65ebde9d1df7f3a9a468660b1a451d7)

22 months agobash: fixing missing PARAMS() macro in strtod.c
Philip Prindeville [Tue, 2 Mar 2021 21:43:37 +0000 (14:43 -0700)]
bash: fixing missing PARAMS() macro in strtod.c

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit fd9012836aefc9abd6da8ee1c34119d193d3449d)

22 months agogit: update to 2.34.6
Michal Vasilek [Wed, 18 Jan 2023 12:00:54 +0000 (13:00 +0100)]
git: update to 2.34.6

Fixes CVE-2022-23521
Fixes CVE-2022-41903
Fixes CVE-2022-39260
Fixes CVE-2022-39253
Fixes CVE-2022-29187

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 96e8ff604f5d980360e1ab9c0cdd22269888885c)

22 months agoxray-core: Update to 1.7.2
Tianling Shen [Mon, 9 Jan 2023 07:08:16 +0000 (15:08 +0800)]
xray-core: Update to 1.7.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 65ccc4c913a2e737ce8bf37d2e0bcad95c221e61)

22 months agoyq: Update to 4.30.8
Tianling Shen [Mon, 16 Jan 2023 08:26:41 +0000 (16:26 +0800)]
yq: Update to 4.30.8

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 99d6d25bb5ce31f0a12d230b91c56b0097a7bb58)

22 months agoyq: Update to 4.30.7
Tianling Shen [Sat, 14 Jan 2023 12:51:54 +0000 (20:51 +0800)]
yq: Update to 4.30.7

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 3c34ef4c991f6257b55e57f8ea08357d0066117e)

22 months agosnowflake: update to 2.4.2
Nick Hainke [Sun, 15 Jan 2023 19:13:16 +0000 (20:13 +0100)]
snowflake: update to 2.4.2

Changes in version v2.4.2 - 2023-01-13
- Issue 40208: Enhance help info for capacity flag
- Issue 40232: Update README and fix help output
- Issue 40173: Increase clientIDAddrMapCapacity
- Issue 40177: Manually unlock mutex in ClientMap.SendQueue
- Issue 40177: Have SnowflakeClientConn implement io.WriterTo
- Issue 40179: Reduce turbotunnel queueSize from 2048 to 512
- Issue 40187/40199: Take ownership of buffer in QueuePacketConn QueueIncoming/WriteTo
- Add more tests for URL encoded IPs (safelog)
- Fix server flag name
- Issue 40200: Use multiple parallel KCP state machines in the server
- Add a num-turbotunnel server transport option
- Issue: 40241: Switch default proxy STUN server to stun.l.google.com

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 5435ddb8f8f626997202b96d0cc1306c2da03a75)

22 months agomiredo: add miredo.conf conffile
ValdikSS ValdikSS [Sat, 14 Jan 2023 22:32:19 +0000 (01:32 +0300)]
miredo: add miredo.conf conffile

Keep miredo.conf modified configuration upon upgrades

Signed-off-by: ValdikSS ValdikSS <iam@valdikss.org.ru>
(cherry picked from commit 95acb627f4b6853cd8fa0329f127d52118013e65)

22 months agoatlas-sw-probe: update to version 5080
Josef Schlehofer [Sun, 15 Jan 2023 12:18:35 +0000 (13:18 +0100)]
atlas-sw-probe: update to version 5080

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 12fd3cfe1e2d96f9e5d9c69260cf21e7f6bede45)

22 months agoatlas-probe: update to 2.6.3
Rosen Penev [Sat, 14 Jan 2023 01:08:54 +0000 (17:08 -0800)]
atlas-probe: update to 2.6.3

Switch to git tarballs.

Remove upstreamed patches and add OpenSSL patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 3eace67a3001b68052c81a18ee361dc7597cf71a)

22 months agogolang: Update to 1.18.10
Tianling Shen [Wed, 11 Jan 2023 03:39:33 +0000 (11:39 +0800)]
golang: Update to 1.18.10

go1.18.10 (released 2023-01-10) includes fixes to cgo, the compiler,
the linker, and the crypto/x509, net/http, and syscall packages.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
22 months agophp8: update to 8.0.27 20270/head
Michael Heimpold [Wed, 11 Jan 2023 21:14:59 +0000 (22:14 +0100)]
php8: update to 8.0.27

This fixes:
    - CVE-2022-31631

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
22 months agolibtorrent-rasterbar: Update to 2.0.8
Tianling Shen [Sun, 1 Jan 2023 08:33:26 +0000 (16:33 +0800)]
libtorrent-rasterbar: Update to 2.0.8

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 991c2d452cd12bd49c65a945a966f09223542c4b)

22 months agobind: update to version 9.18.10
Philip Prindeville [Wed, 28 Dec 2022 08:21:34 +0000 (01:21 -0700)]
bind: update to version 9.18.10

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit 07f528b33121c5b26b868b6a72700e4029fe8f81)
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
23 months agoMerge pull request #20168 from 1715173329/my/2102-adg
Josef Schlehofer [Wed, 28 Dec 2022 10:49:18 +0000 (11:49 +0100)]
Merge pull request #20168 from 1715173329/my/2102-adg

[openwrt-21.02] adguardhome: update to v0.107.21

23 months agoMerge pull request #20155 from paper42/libarchive-cve-21
Josef Schlehofer [Wed, 28 Dec 2022 10:47:15 +0000 (11:47 +0100)]
Merge pull request #20155 from paper42/libarchive-cve-21

[21.02] libarchive: update to 3.5.3, fix CVE-2022-36227

23 months agoxray-core: Update to 1.7.0
Tianling Shen [Tue, 27 Dec 2022 08:42:00 +0000 (16:42 +0800)]
xray-core: Update to 1.7.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 9a7926339bba3e5d3830e2674021365f65bc83dd)
[Updated geodata to latest version, based on ea969a117a2a94]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
23 months agorclone: Update to 1.61.1
Tianling Shen [Sat, 24 Dec 2022 03:23:26 +0000 (11:23 +0800)]
rclone: Update to 1.61.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 822d44e8f8637c028b66cdf0ae84869699c24788)

23 months agoxray-core: Update to 1.6.6-2
Tianling Shen [Sun, 25 Dec 2022 07:01:03 +0000 (15:01 +0800)]
xray-core: Update to 1.6.6-2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 4afc17e6e0784bd507994c0e53e13a5aa21af2d6)

23 months agoyq: Update to 4.30.6
Tianling Shen [Sun, 25 Dec 2022 06:58:12 +0000 (14:58 +0800)]
yq: Update to 4.30.6

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 071e97949f75de5a7dc1d19c48663e01f0c02a00)

23 months agonode: bump to v14.21.2
Hirokazu MORIKAWA [Sat, 24 Dec 2022 02:35:08 +0000 (11:35 +0900)]
node: bump to v14.21.2

Notable changes
* CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address (Medium)
* OpenSSL 1.1.1s
* Root certificates updated to NSS 3.85
* Time zone update to 2022f

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
23 months agoAdGuardHome: update to v0.107.21 20168/head
YiZhen Choo [Thu, 15 Dec 2022 18:28:38 +0000 (02:28 +0800)]
AdGuardHome: update to v0.107.21

Signed-off-by: YiZhen Choo <yizhen.c02@gmail.com>
(cherry picked from commit 60ae1e56378e7e614918f6ecda52f92ab6e18c73)

23 months agoadguardhome: bump to 0.107.18
Dobroslaw Kijowski [Wed, 16 Nov 2022 17:12:28 +0000 (18:12 +0100)]
adguardhome: bump to 0.107.18

* Full changelog available at:
  * https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.17
  * https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.18

Signed-off-by: Dobroslaw Kijowski <dobo90@gmail.com>
(cherry picked from commit e3dc7537812338a6200b16ba7b218ce5e6745cf4)

23 months agoadguardhome: Increase init start value to avoid network race conditions
James White [Mon, 30 May 2022 08:04:53 +0000 (09:04 +0100)]
adguardhome: Increase init start value to avoid network race conditions

Signed-off-by: James White <james@jmwhite.co.uk>
(cherry picked from commit cd4c7b3ac32838fa8987095bc1ecef2d7c6007b5)

23 months agoAdGuardHome: update to v0.107.16
YiZhen Choo [Fri, 7 Oct 2022 15:47:50 +0000 (23:47 +0800)]
AdGuardHome: update to v0.107.16

Signed-off-by: YiZhen Choo <yizhen.c02@gmail.com>
(cherry picked from commit 64dabe2d681f013c834f447496ad57b413790b0b)

23 months agoAdGuardHome: update to v0.107.12
YiZhen Choo [Wed, 7 Sep 2022 16:05:16 +0000 (00:05 +0800)]
AdGuardHome: update to v0.107.12

Signed-off-by: YiZhen Choo <yizhen.c02@gmail.com>
(cherry picked from commit e806d85e46ae563e9fd334972dcb019a88442cbd)

23 months agoAdGuardHome: update to v0.107.11
YiZhen Choo [Fri, 19 Aug 2022 15:31:46 +0000 (23:31 +0800)]
AdGuardHome: update to v0.107.11

Signed-off-by: YiZhen Choo <yizhen.c02@gmail.com>
(cherry picked from commit 79acc3c21f48b5d38f9e43d802d7dcdfee9f6606)

23 months agolibarchive: add missing CONFLICT 20155/head
Michal Vasilek [Thu, 22 Dec 2022 12:05:51 +0000 (13:05 +0100)]
libarchive: add missing CONFLICT

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
23 months agolibarchive: fix CVE-2022-36227
Michal Vasilek [Thu, 22 Dec 2022 10:16:29 +0000 (11:16 +0100)]
libarchive: fix CVE-2022-36227

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
23 months agolibarchive: update to 3.5.3
Michal Vasilek [Thu, 22 Dec 2022 10:16:02 +0000 (11:16 +0100)]
libarchive: update to 3.5.3

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
23 months agolibarchive: update to 3.5.2
Rosen Penev [Sun, 19 Sep 2021 07:52:57 +0000 (00:52 -0700)]
libarchive: update to 3.5.2

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 537f743c492bac2385db19fd26bd3924d8e6ea04)

rebased to remove AUTORELEASE
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
23 months agoMerge pull request #20144 from turris-cz/openwrt-21.02/python3-update
Alexandru Ardelean [Wed, 21 Dec 2022 17:53:26 +0000 (19:53 +0200)]
Merge pull request #20144 from turris-cz/openwrt-21.02/python3-update

[21.02] python3: update to version 3.9.16

23 months agopython3: update to version 3.9.16 20144/head
Josef Schlehofer [Tue, 20 Dec 2022 22:59:44 +0000 (23:59 +0100)]
python3: update to version 3.9.16

Release notes:
https://www.python.org/downloads/release/python-3916/

Fixes:
CVE-2022-43680
CVE-2022-37454
CVE-2022-45061
CVE-2022-42919
CVE-2015-20107

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
23 months agosnowflake: update to version 2.4.1
Daniel Golle [Mon, 5 Dec 2022 01:18:43 +0000 (01:18 +0000)]
snowflake: update to version 2.4.1

Changes in version v2.4.1 - 2022-12-01
 - Issue 40224: Bug fix in utls roundtripper

Changes in version v2.4.0 - 2022-11-29
 - Fix proxy command line help output
 - Issue 40123: Reduce multicast DNS candidates
 - Add ICE ephemeral ports range setting
 - Reformat using Go 1.19
 - Update CI tests to include latest and minimum Go versions
 - Issue 40184: Use fixed unit for bandwidth logging
 - Update gorilla/websocket to v1.5.0
 - Issue 40175: Server performance improvements
 - Issue 40183: Change snowflake proxy log verbosity
 - Issue 40117: Display proxy NAT type in logs
 - Issue 40198: Add a `orport-srcaddr` server transport option
 - Add gofmt output to CI test
 - Issue 40185:  Change bandwidth type from int to int64 to prevent overflow
 - Add version output support to snowflake
 - Issue 40229: Change regexes for ipv6 addresses to catch url-encoded addresses
 - Issue 40220: Close stale connections in standalone proxy

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit f60f11f9277ee30fa0699cdf1aded5a0bc50aac6)

23 months agoapr-util: disable parallel build
Michal Vasilek [Thu, 15 Dec 2022 10:18:00 +0000 (11:18 +0100)]
apr-util: disable parallel build

Build reliably fails with -j20

    crypto/apr_passwd.c:200:1: fatal error: error closing -: Broken pipe
      200 | }
          | ^
    compilation terminated.

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit bd9e119d68fba792a1f760525540c0e0cf10e63f)

23 months agonano: update to 7.1
Hannu Nyman [Thu, 15 Dec 2022 15:54:26 +0000 (17:54 +0200)]
nano: update to 7.1

Update nano editor to version 7.1
* drop the backported upstream fix for 7.0
* drop AUTORELEASE
* disable justify from 'plus'. Rarely needed with OpenWrt

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 89dc1b17e9d8234c8085ffdb4fbe00d0e9093725)

23 months agoruby: update to 3.0.5
Luiz Angelo Daros de Luca [Mon, 12 Dec 2022 17:32:10 +0000 (14:32 -0300)]
ruby: update to 3.0.5

This release includes a security fix.

- CVE-2021-33621: HTTP response splitting in CGI

For more details:
- https://www.ruby-lang.org/en/news/2022/11/24/ruby-3-0-5-released/

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
23 months agoMerge pull request #20038 from 1715173329/g1189
Josef Schlehofer [Fri, 9 Dec 2022 10:53:45 +0000 (11:53 +0100)]
Merge pull request #20038 from 1715173329/g1189

[openwrt-21.02] golang: Update to 1.18.9

23 months agogithub-ci: error on any shell errors
Alois Klink [Wed, 23 Nov 2022 18:37:01 +0000 (18:37 +0000)]
github-ci: error on any shell errors

Enable `errexit` and `nounset` [POSIX shell options][1]
in `.github/workflows/entrypoint.sh` so that the script fails
if any command within the script fails.

[1]: https://pubs.opengroup.org/onlinepubs/9699919799//utilities/V3_chap02.html#set

Reported-by: Marius Dinu <m95d+git@psihoexpert.ro>
Fixes: https://github.com/openwrt/packages/issues/19953
Signed-off-by: Alois Klink <alois@aloisklink.com>
(cherry picked from commit 18d3c529fa4ab8dafcf6c147cf3cb55792d8ca10)

23 months agosnowflake: update to version 2.3.1
Daniel Golle [Thu, 6 Oct 2022 15:48:23 +0000 (16:48 +0100)]
snowflake: update to version 2.3.1

 03b2b56f Fix broker race condition
 36f03dfd Record proxy type for proxy relay stats

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 15fdb5fa166c1d41236c519821cad6e92fbb8e68)