Glenn Strauss [Mon, 15 May 2023 03:41:28 +0000 (23:41 -0400)]
lighttpd: QUILT patches; fix build patches
QUILT patches; fix build patches to re-merge deprecated modules
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Glenn Strauss [Thu, 11 May 2023 00:52:05 +0000 (20:52 -0400)]
lighttpd: include mod_h2 in base package
The next version of lighttpd will move HTTP/2 support from the lighttpd
base executable into a separate module: mod_h2
Include patch to do so now, and update packaging to handle it.
HTTP/2 support is enabled by default since lighttpd 1.4.59, but if
HTTP/2 support is explicitly disabled in the configuration, then mod_h2
will not be loaded, thereby reducing lighttpd memory use.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
f4152fccadc021b016b341526ddf83ddcf593ca1)
Glenn Strauss [Thu, 11 May 2023 00:49:24 +0000 (20:49 -0400)]
lighttpd: update to lighttpd 1.4.70 release hash
remove patches included upstream
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
0d5b110077d4c51a12d797a844495ce63071a205)
Glenn Strauss [Wed, 12 Apr 2023 17:15:49 +0000 (13:15 -0400)]
lighttpd: adjust packages for built-in modules
(.so is no longer built, but package still contains config files)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
7fda9563de92e58f0ae5c388e66de1d66e3df7f0)
Glenn Strauss [Fri, 14 Apr 2023 19:19:36 +0000 (15:19 -0400)]
lighttpd: fix package DEPENDS syntax
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Co-authored-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
ae5135a9139425455e39b1030928786b5c0e37a9)
Tianling Shen [Wed, 26 Apr 2023 03:35:19 +0000 (11:35 +0800)]
librespeed-go: update file permissions for ujail
This fixes "permission denied" error when access files as a normal user.
Reported-by: Anya Lin <hukk1996@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
42d340bce0106538888f9e942dc3dd6f7f9e62ff)
Javier Marcet [Mon, 9 Jan 2023 15:29:47 +0000 (17:29 +0200)]
bind: disable geoip
Signed-off-by: Javier Marcet <javier@marcet.info>
[modified also PKG_RELEASE]
(cherry picked from commit
073ee02500ca5bd0b5b530efcc662690c55ca2ac)
Tianling Shen [Sat, 15 Apr 2023 20:08:06 +0000 (04:08 +0800)]
Merge pull request #20799 from gstrauss/lighttpd-1.4.69-1-openwrt-21.02
lighttpd: update to lighttpd 1.4.69 release hash - backport to openwrt 21.02
Glenn Strauss [Fri, 14 Apr 2023 06:28:45 +0000 (02:28 -0400)]
lighttpd: patch to restore removed modules
patch to restore removed modules to preserve state for 21.02
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Hannu Nyman [Mon, 9 Jan 2023 20:02:44 +0000 (22:02 +0200)]
ocserv: disable libmaxminddb detection
Disable libmaxminddb detection to fix a build error
due to missing dependency.
(the libmaxminddb library is now detected, but is unncessary.)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
508c4548dc7c73d6e824bd5a9b1dcb8fb7132ab3)
Hannu Nyman [Mon, 9 Jan 2023 20:01:32 +0000 (22:01 +0200)]
knot: disable libmaxminddb detection
Disable libmaxminddb detection to fix a build error due to
missing dependency.
(the libmaxminddb library is now detected, but is unncessary.)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
ce46bf8a4307ae2e0ec6d3f517cad05666eb7a22)
Glenn Strauss [Fri, 14 Apr 2023 19:19:36 +0000 (15:19 -0400)]
lighttpd: fix package DEPENDS syntax
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Co-authored-by: Tianling Shen <cnsztl@immortalwrt.org>
Rosen Penev [Wed, 4 Jan 2023 00:15:16 +0000 (16:15 -0800)]
libmaxminddb: install pkgconfig file
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
fe018482f83d51b9005c44d25652ea323aa338a2)
(cherry pick reduced for backport)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Glenn Strauss [Sun, 12 Feb 2023 05:29:06 +0000 (00:29 -0500)]
lighttpd: update to lighttpd 1.4.69 release hash
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
8f2fbf093a42040dcc226dee4fcd493a215645ed)
Glenn Strauss [Sat, 21 Jan 2023 01:07:36 +0000 (20:07 -0500)]
lighttpd: add lighttpd-mod-webdav_min package
add lighttpd-mod-webdav_min package alternative to lighttpd-mod-webdav
lighttpd-mod-webdav_min is more minimal than full lighttpd-mod-webdav.
lighttpd-mod-webdav_min does not support PROPPATCH, LOCK, UNLOCK, and
by not supporting those methods, removes dependencies on libxml2,
libsqlite3, and libuuid.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
ed6fe528c1efc549891144967eefe51a73999511)
Glenn Strauss [Wed, 4 Jan 2023 02:19:46 +0000 (21:19 -0500)]
lighttpd: collect mods now built into lighttpd exe
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
85279b49ceeb411f98623e6febef48b83f04813b)
Glenn Strauss [Tue, 3 Jan 2023 18:09:52 +0000 (13:09 -0500)]
lighttpd: remove patch included upstream
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
66001d5a91087dec6ff9e620b995beaff60506d7)
Glenn Strauss [Tue, 3 Jan 2023 17:52:02 +0000 (12:52 -0500)]
lighttpd: update to lighttpd 1.4.68 release hash
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
6383ae9407280df7f2ac29065bfe22d7bca73ed7)
Glenn Strauss [Thu, 24 Nov 2022 07:18:09 +0000 (02:18 -0500)]
lighttpd: modify build cmd for type: feature opts
modify build command for meson type: feature options
remove -Dwith_libev=disabled (option no longer has any effect)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
4a3b62a92ab21bb6ae373dbbbfc1c5eb16ebc3f5)
Glenn Strauss [Wed, 30 Nov 2022 05:21:49 +0000 (00:21 -0500)]
lighttpd: add lighttpd-mod-rrdtool dep on rrdtool1
add lighttpd-mod-rrdtool dependency on rrdtool1
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
9f299e881ba7ae665d5251d1e4c8a9585b039911)
Glenn Strauss [Wed, 30 Nov 2022 04:32:44 +0000 (23:32 -0500)]
lighttpd: lighttpd-1.4.67-4
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
a09dbfcf976f8d0c0247f068945dbd321e314bf8)
Glenn Strauss [Thu, 6 Oct 2022 08:32:04 +0000 (04:32 -0400)]
lighttpd: document crypto lib options in Makefile
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
43741e748f8569be4aaf3ba3a99867eef32c74e4)
Tianling Shen [Sun, 9 Apr 2023 19:48:23 +0000 (03:48 +0800)]
v2raya: Update to 2.0.5
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
23e134816688793d42cc52ad78a9fc65f4e6d3bc)
Ryan Shi [Mon, 10 Apr 2023 18:16:10 +0000 (21:16 +0300)]
rrdtool: update PKG_SOURCE_URL
Signed-off-by: Ryan Shi <qweaszxcdf@users.noreply.github.com>
(cherry picked from commit
164e0257e7c079b06e5d862cbc31e1f11ac651cb)
Tianling Shen [Mon, 3 Apr 2023 10:29:41 +0000 (18:29 +0800)]
yq: Update to 4.33.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
0b255830e9b33c4848c4ee65419ca3755baf883f)
Tianling Shen [Mon, 27 Mar 2023 11:43:11 +0000 (19:43 +0800)]
yq: Update to 4.33.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
e2cf4fa9a119076d23f26e3803247b5d83c71547)
Hannu Nyman [Wed, 5 Apr 2023 17:41:25 +0000 (20:41 +0300)]
nano: make nanorc world readable
If file /etc/nanorc is readable by everyone, "default" settings
are available for users as well without necessarily requiring
their own customized .nanorc in their home directory. Or if
they want one, but want it to be based on system's default
nanorc, they can copy it from /etc - without chmodding
file, it is in-accessible for users.
Suggested-by: Oskari Rauta <oskari.rauta@gmail.com>
[switched approach to use INSTALL_DATA]
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
76d02f933f006fb854c03fa1738ed795acc32e50)
Vladimir Ulrich [Sat, 25 Sep 2021 19:17:18 +0000 (22:17 +0300)]
zoneinfo: Updated to the latest release
Signed-off-by: Vladimir Ulrich <admin@evl.su>
(cherry picked from commit
7259eea63fcbeb0955c8f390562c88590a3e1ae7)
(cherry picked from commit
00f1c78a647c5b1ddc8347d0bacbfdec3c743536)
(cherry picked from commit
453be8f179e78a00048deff746e74244b39f7ad8)
(cherry picked from commit
3185feda499ab68ca463696c0e673d8056ec4429)
(cherry picked from commit
b15721d6d64686933cf982c9fe303845565a1bc0)
(cherry picked from commit
cb5bf2b007940c14825dc734814bfe5ceae5b09f)
(cherry picked from commit
89c2fa9d9b5cd8f6e1cf9859965de04b3707fa5a)
(cherry picked from commit
8d693a79bedd8a4bf00c2e14f43b0c95ec950155)
(cherry picked from commit
5a9e8698c94fcfa14ab6a0c314881eb4be1d47c7)
Updated zoneinfo-all meta-package to fix warnings on build
Removed zoneinfo-simple from dependencies of zoneinfo-all as its contents are included in other packages.
(cherry picked from commit
1d88250815b5efe623bb01a591c4ca651c8f5600)
(cherry picked from commit
23e6200e4d0a435915ab4ef9700a7297e89b68b3)
(cherry picked from commit
0ff1a8666be7cc3ebde5838c4b166a2438f87567)
Josef Schlehofer [Tue, 17 Jan 2023 23:01:42 +0000 (00:01 +0100)]
unbound: update to version 1.17.1
- Refreshed one patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
97e69ec89c8bdb1c6d092eb5e8491467a06a9963)
[Use AUTORELEASE]
Josef Schlehofer [Mon, 13 Feb 2023 08:52:43 +0000 (09:52 +0100)]
ffmpeg: update to version 4.3.5
Fixes: CVE-2020-21041
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Tianling Shen [Sat, 18 Mar 2023 15:13:26 +0000 (23:13 +0800)]
v2raya: Update to 2.0.4
- Added TproxyNotSkipBr flag for OpenWrt.
- Removed all upstreamed patches.
- Removed deprecated option.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
5062779dc79091d63929d44b6354e1cbefa2e8f5)
[removed nftables-related changes]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Mon, 20 Mar 2023 07:25:35 +0000 (15:25 +0800)]
yq: Update to 4.32.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
65dc683efe329a13afdc632150f886b88d7f5edf)
Florian Eckert [Fri, 17 Mar 2023 15:29:32 +0000 (16:29 +0100)]
Merge pull request #20671 from TDT-AG/pr/
20220415-openwrt-21.2-strongswan-cves
strongswan: backport CVE fixes
Florian Eckert [Thu, 16 Mar 2023 14:05:46 +0000 (15:05 +0100)]
strongswan: bump PKG_RELEASE because of CVEs backports
CVE-2022-40617
45774858e8c99d4486aae384d32fb41837618c73
CVE-2021-41990
05836ef6685fea058fa91b5c0fd17abb77b72469
CVE-2021-45079
e4d4e9dc4844e3f05858c7e2bf7ba0787587518c
CVE-2021-41991
d1bc776958b2d4297bbdf92531d092c3bb0f093f
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Wed, 15 Mar 2023 07:19:50 +0000 (08:19 +0100)]
strongswan: add fix for CVE-2022-40617
Full details of the CVE can be found at the following link:
https://www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 14 Mar 2023 09:11:38 +0000 (10:11 +0100)]
strongswan: add fix for CVE-2021-41990
Full details of the CVE can be found at the following link:
https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41990).html
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 14 Mar 2023 09:10:55 +0000 (10:10 +0100)]
strongswan: add fix for CVE-2021-45079
Full details of the CVE can be found at the following link:
https://www.strongswan.org/blog/2022/01/24/strongswan-vulnerability-(cve-2021-45079).html
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 14 Mar 2023 09:09:53 +0000 (10:09 +0100)]
strongswan: add fix for CVE-2021-41991
Full details of the CVE can be found at the following link:
https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41991).html
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Michael Heimpold [Thu, 16 Mar 2023 06:30:35 +0000 (07:30 +0100)]
Merge pull request #20667 from mhei/21.02-php8-update-to-8.0.28
[21.02] php8: update to 8.0.28
Michael Heimpold [Tue, 14 Mar 2023 20:56:06 +0000 (21:56 +0100)]
php8: update to 8.0.28
This fixes:
- CVE-2023-0567
- CVE-2023-0568
- CVE-2023-0662
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Etienne Champetier [Sat, 11 Mar 2023 19:17:19 +0000 (14:17 -0500)]
mv88e6xxx_dump: update to 2023.03.08
This fixes 2 issues where mv88e6xxx_dump was displaying
data incorrectly for --vtu and --global2
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit
2bf3832193fdfe86e948f35fcc08b3ea5a341562)
Etienne Champetier [Sat, 28 Jan 2023 22:19:10 +0000 (00:19 +0200)]
mv88e6xxx_dump: add new packages to debug switch issues
Reviewed-by: Chris Healy cphealy@gmail.com
Reviewed-by: Robert Marko <robimarko@gmail.com>
Reviewed-by: Andre Heider <a.heider@gmail.com>
Tested-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit
167c6234d01e72da447e47e2c1b3f7a3195aab83)
Christian Marangi [Tue, 25 Oct 2022 09:03:01 +0000 (11:03 +0200)]
ci: update github actions to v3
Update checkout and upload-artifact action to v3 to mute nodejs
deprecation warning.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
52570d4242822e3db678f5484c2ca3e72f485d52)
Jeffery To [Tue, 31 May 2022 07:02:04 +0000 (15:02 +0800)]
ci: Use openwrt/gh-action-sdk@v5
The previous build errors with v5 have been fixed. This version builds
packages as a normal user instead of as root.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
37f9b77b01fd148c946dc313869602fb8203eaea)
Jeffery To [Fri, 15 Apr 2022 20:55:04 +0000 (04:55 +0800)]
golang: Fix conditionals not stripped
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
86fd1ebbe44e5c0747b8429493257e9317eacb07)
Christian Lachner [Sat, 18 Feb 2023 07:18:51 +0000 (08:18 +0100)]
haproxy: update to v2.2.29
- Update haproxy download URL and hash
- This release fixes a critial flaw known as CVE-2023-25725. See:
http://git.haproxy.org/?p=haproxy-2.2.git;a=commit;h=
4a4c90c2b04444d92c58873cfb19052f20280bc2
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Tianling Shen [Fri, 3 Mar 2023 03:52:58 +0000 (11:52 +0800)]
v2raya: drop wrong patches
These patches should not be backported to OpenWrt, otherwise tproxy
won't work for devices connected to br-lan (bypassed by the fw rules).
We have introduced a new compile-time flag for new version (which
is not released yet), but it's unnecessray to backport redudant
patches as here is still at the old version.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
40669c4135d829254ba66b0f1a6827f94d229c96)
Tianling Shen [Fri, 3 Mar 2023 03:58:41 +0000 (11:58 +0800)]
yq: Update to 4.31.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
1343bb585607295d2e466dfed0dd596a14570c54)
Tianling Shen [Tue, 21 Feb 2023 07:57:46 +0000 (15:57 +0800)]
yq: Update to 4.31.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
b76bd94605c9c53b64935c78bba6ff98e2847e16)
Tianling Shen [Fri, 24 Feb 2023 02:36:35 +0000 (10:36 +0800)]
msgpack-c: Update to 5.0.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
5890d2f2d76c31de85ae54a586c445a936cc4c14)
Alan Swanson [Tue, 28 Feb 2023 09:45:37 +0000 (09:45 +0000)]
sed: remove old libpcre dependency
Signed-off-by: Alan Swanson <reiver@improbability.net>
(cherry picked from commit
0a00f0f2a582bc11979ecef2c60a68584fe4e935)
Dengfeng Liu [Sun, 22 Jan 2023 11:58:38 +0000 (11:58 +0000)]
xfrpc: update to version 2.1.606
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
db243b31c81a817c565feba7553c3b02d460d959)
Dengfeng Liu [Sun, 20 Nov 2022 09:11:41 +0000 (09:11 +0000)]
xfrpc: Update to 1.11.587
refactor tcp mux
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
419c4340026b585bfc558c3027d4308e862c795c)
Dengfeng Liu [Fri, 14 Oct 2022 08:36:16 +0000 (08:36 +0000)]
xfrpc: allow server_addr ip and domain
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
a7e3f28c3761de6e7eed5423fbd116eeeec38491)
Dengfeng Liu [Mon, 25 Jul 2022 02:29:20 +0000 (10:29 +0800)]
xfrpc: Update to 1.07.582
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
9fbd26f1709d3fbabf043c110cb46922f2eb6750)
Dengfeng Liu [Thu, 30 Jun 2022 08:10:05 +0000 (16:10 +0800)]
xfrpc: update to 1.06.579
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
5615ce33fa8c18944771c4aef0ce285bb3b60d47)
Dengfeng Liu [Thu, 30 Jun 2022 05:54:19 +0000 (13:54 +0800)]
xfrpc: set xfrpc's disabled default value to 0
change this to satisfy luci-app-xfrpc's need
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
10a24d4cad196b790b322bb4132086b1e350fde8)
Dengfeng Liu [Sat, 4 Jun 2022 11:55:27 +0000 (19:55 +0800)]
xfrpc: fix bug of xfrpc.init
replace xfrpc with xfrp
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
b3bd24f1afde9c1071b253959061ce4adc259d41)
Dengfeng Liu [Sat, 4 Jun 2022 04:28:55 +0000 (12:28 +0800)]
xfrpc: update to 1.05.561
support tcp mux and default to turn it on
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
d4430d2e89cd289807b4a9e21583cae245c1e81c)
Dengfeng Liu [Sun, 8 May 2022 04:02:04 +0000 (12:02 +0800)]
xfrpc: Update to 1.05.548
deprecated xfrps, compatible with frps
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
2cb01429b198702decc2744fc470270b3b328c63)
Dengfeng Liu [Tue, 5 Apr 2022 01:53:59 +0000 (01:53 +0000)]
xfrpc: fast reverve proxy client in c language
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit
9af01c87bfb3007e0a169b57bf9762c88098dff9)
Michal Vasilek [Thu, 16 Feb 2023 09:20:13 +0000 (10:20 +0100)]
git: update to 2.34.7
Fixes CVE-2023-22490, CVE-2023-23946
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit
06f466cc61ce5e5c98d1147c165d3e96c31e41cc)
Peter van Dijk [Fri, 5 Nov 2021 12:06:15 +0000 (13:06 +0100)]
CI: do not crash during PKG-INFO generation if there are no packages
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit
b5132de5cf4f7d0562445cf3c65f9f1a4bcb1bbf)
Peter van Dijk [Fri, 5 Nov 2021 12:06:15 +0000 (13:06 +0100)]
CI: add PKG-INFO metadata file
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit
a40c1b3e442eccbf0619f06b473705f4a4a0ac6d)
Peter van Dijk [Fri, 5 Nov 2021 12:06:15 +0000 (13:06 +0100)]
CI: use git commit sha in name
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit
bbf983721cf41fd94388b16ce90f018d6c0496f5)
Eneas U de Queiroz [Mon, 20 Feb 2023 12:37:44 +0000 (09:37 -0300)]
Merge pull request #20526 from nxhack/2102_node_14213
[21.02] node: bump to v14.21.3
Alexandru Ardelean [Mon, 20 Feb 2023 09:10:36 +0000 (11:10 +0200)]
Merge pull request #20518 from commodo/django-21.02
[21.02] django: bump to version 3.2.18
Hirokazu MORIKAWA [Sun, 19 Feb 2023 06:07:45 +0000 (15:07 +0900)]
node: bump to v14.21.3
Thursday February 16 2023 Security Releases
Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
* CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low)
More detailed information on each of the vulnerabilities can be found in February 2023 Security Releases blog post.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Nick Hainke [Tue, 24 Jan 2023 22:25:22 +0000 (23:25 +0100)]
snowflake: update to v2.5.1
Changes in version v2.4.3 - 2023-01-16
- Fix version number in version.go
(Changes for v2.5.1 are missing)
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
ac9027aebb5b9ed01cf9db28abec6bb4d0025afe)
Alexandru Ardelean [Fri, 17 Feb 2023 17:25:41 +0000 (19:25 +0200)]
django: bump to version 3.2.18
Fixes:
https://nvd.nist.gov/vuln/detail/CVE-2023-23969
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Tianling Shen [Thu, 9 Feb 2023 23:28:57 +0000 (07:28 +0800)]
xray-core: Update to 1.7.5
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
b4c4b17308d8ca742c4522810b3a8134049f3810)
[Updated geodata to latest version, based on
669357351c1625]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Noah Meyerhans [Thu, 26 Jan 2023 18:45:55 +0000 (10:45 -0800)]
bind: update to 9.18.11
Fixes CVEs:
- CVE-2022-3924: Fix serve-stale crash when recursive clients
soft quota is reached.
- CVE-2022-3736: Handle RRSIG lookups when serve-stale is
active.
- CVE-2022-3094: An UPDATE message flood could cause named to
exhaust all available memory. This flaw was addressed by adding
a new "update-quota" statement that controls the number of
simultaneous UPDATE messages that can be processed or
forwarded. The default is 100. A stats counter has been added to
record events when the update quota is exceeded, and the XML and
JSON statistics version numbers have been updated.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
47fcec43abedab5c409259db1ac14c1ccc86bd02)
Oskari Rauta [Wed, 24 Nov 2021 23:28:25 +0000 (01:28 +0200)]
crun: update to 1.3
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
7034d3cbba813f8b19294667f058513e5745056e)
Oskari Rauta [Thu, 4 Nov 2021 23:41:20 +0000 (01:41 +0200)]
crun: update to version 1.2
release notes:
0.20.1
- container: ignore error when resetting the SELinux label for the keyring.
0.21
- when compiled with krun, automatically use it if the current executable file is called "krun"
- cgroup: lookup pids controller as well when the memory controller is not available
- status: add fields for owner and created timestamp
- honor memory swappiness set to 0
1.0
- Fix symlink target mangling for tmpcopyup targets.
- Makefile.am: fix link error when using directly libcrun.
- cgroup: add support for setting memory.use_hierarchy on cgroup v1.
- linux: treat pidfd_open failures EINVAL as ESRCH.
- cgroup: chown the current container cgroup to root in the container.
1.1
- utils: retry openat2 on EAGAIN. If the openat2 syscall is interrupted, try again.
- criu: fix save of external descriptors. Now restored containers attach correctly their standard streams.
- criu: Add support for external PID namespace.
- container: Set primary process to 1 via LISTEN_PID by default if user configuration is missing.
- exec: refuse to exec in a paused container/cgroup.
- cgroup: use cgroup.kill when available. It is faster to kill a container through its cgroup as there is no need to recurse over the cgroup pids and terminate each one of them.
1.2
- criu: add support for external ipc, uts and time namespaces.
- exec: fix regression in 1.1 where containers are being wrongly reported as paused.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
3873a850a5219bfb3143594843964a15860f3235)
Oskari Rauta [Thu, 16 Dec 2021 00:25:58 +0000 (02:25 +0200)]
podman: update to v3.4.4
list of changes: https://github.com/containers/podman/releases
Added patch for compiling with musl. Patch can be removed on next
release as it is already merged to podman git but not on this release.
Patch moves definition in source so definition is available before it
is being used.
Patch source: https://github.com/containers/podman/pull/12564
Patch re-created with quilt.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
5ff3b25509c9c1e5d1d43044fcc22dd19a10d779)
Oskari Rauta [Wed, 24 Nov 2021 23:14:07 +0000 (01:14 +0200)]
podman: update to 3.4.2
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
b011f3faf8f84d398c197773d711ac0cdde31aa3)
Olivier Poitrey [Thu, 26 Jan 2023 18:45:53 +0000 (18:45 +0000)]
nextdns: Update to version 1.39.4
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Rafał Miłecki [Wed, 25 Jan 2023 11:34:15 +0000 (12:34 +0100)]
ksmbd: select ASN1 explicitly to reduce dependencies
ksmbd requires ASN.1 grammar compiler so it depends on CONFIG_ASN1. It
should select kmod-asn1-decoder for above reason.
Due to some problems with kmod-asn1-decoder in the past ksmbd was
selecting kmod-nf-nathelper-extra instead. That was affecting network
performance in kernel as each loaded conntrack module adds some overhead
to packets processing.
Fix this unwanted side effect by depending on kmod-asn1-decoder
directly.
Link: http://lists.openwrt.org/pipermail/openwrt-devel/2023-January/040298.html
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Dirk Brenken [Fri, 27 Jan 2023 10:19:47 +0000 (11:19 +0100)]
Merge pull request #20406 from realizelol/openwrt-21.02
[21.02] banip: renew tor urls
Chris [Fri, 27 Jan 2023 09:58:06 +0000 (10:58 +0100)]
banip: renew tor urls as previous ones were death.
Signed-off-by: Chris Schulten <bsw.bsw@gmx.de>
Jan Hák [Mon, 12 Dec 2022 14:15:45 +0000 (15:15 +0100)]
knot: update to version 3.2.4
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
c933a15cebe43e6d35d59281a5414438cd3c1455)
Jan Hák [Tue, 22 Nov 2022 10:25:02 +0000 (11:25 +0100)]
knot: update to version 3.2.3
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
4370e457c8eabc6c4c3decdb197fccc876f45a19)
Jan Hák [Tue, 1 Nov 2022 13:15:24 +0000 (14:15 +0100)]
knot: update to version 3.2.2
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
a5913d51c7024b9f62e213541812a0bdd67e2984)
Michael Heimpold [Sun, 22 Jan 2023 22:51:56 +0000 (23:51 +0100)]
Merge pull request #20270 from mhei/21.02-php8-update-8.0.27
[21.02] php8: update to 8.0.27
Hannu Nyman [Sat, 21 Jan 2023 20:09:37 +0000 (22:09 +0200)]
Merge pull request #20358 from hnyman/rtty2102
Rtty2102
Josef Schlehofer [Wed, 18 Jan 2023 06:57:20 +0000 (07:57 +0100)]
atlas-sw-probe: add more binaries
They were added in these commits [1] [2] and if they are not included,
the RIPE Atlas SW Probe does not work correctly.
This should also prevent this from happening in the future as it now. We include all
files with .sh extension file type.
[1] https://github.com/RIPE-NCC/ripe-atlas-software-probe/commit/
70ced29fc3217dd8d61e2b78506b6103ded100aa
[2] https://github.com/RIPE-NCC/ripe-atlas-software-probe/commit/
71a4ff0e68c55464f766ddb9f1dfe21b22e530db
Fixes: https://github.com/openwrt/packages/issues/20338
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
1a368a54095d67ea2efb25b7a205999650793bee)
Hannu Nyman [Sat, 21 Jan 2023 19:37:18 +0000 (21:37 +0200)]
Merge pull request #20357 from hnyman/wifidog2102
[21.02] wifidog: fix compilation with more recent wolfssl
Hannu Nyman [Sat, 21 Jan 2023 19:30:18 +0000 (21:30 +0200)]
Merge pull request #20356 from hnyman/libuhttpd2102
[21.02] fix libuhttpd
Jianhui Zhao [Sun, 22 May 2022 14:01:18 +0000 (22:01 +0800)]
rtty: update to 8.0.1
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
0ea357c164d4d265d750459de2ad6a63149fe89e)
(cherry picked from commit
8377e516e90364e26a510dbc1140cc6a1907700b)
Sergey V. Lobanov [Mon, 3 Jan 2022 18:10:50 +0000 (21:10 +0300)]
rtty: add compatibility for wolfssl >= 5.0
NTRU support has been removed in wolfssl 5.0 so it is required to
mask NTRU specific code if wolfssl >= 5.0
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit
9913c0899a8fb6bfbda33e7a1fd84f2fa6c3ddda)
Jianhui Zhao [Mon, 27 Sep 2021 11:23:34 +0000 (11:23 +0000)]
rtty: update to 8.0.0
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
12c5ed9a4c971a5cf314831a1a01d851be976120)
Jianhui Zhao [Mon, 31 May 2021 06:10:29 +0000 (14:10 +0800)]
rtty: update to 7.4.1
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
110e24ad9c29f2bf7d200322c816a02028ccd6a3)
Jianhui Zhao [Fri, 19 Feb 2021 11:04:10 +0000 (19:04 +0800)]
rtty: update to 7.4.0
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
a9a1d8740b3cd9fdffd3ebf7f76dec8224611917)
Rosen Penev [Sat, 21 Jan 2023 19:09:37 +0000 (21:09 +0200)]
wifidog: fix compilation with more recent wolfssl
Needs an extra header. pthread.h is also no longer implicitly included.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
4605f98b413b4b0433199e4fe6d3685344cbf933)
Sergey V. Lobanov [Mon, 3 Jan 2022 16:41:37 +0000 (19:41 +0300)]
libuhttpd: add compatibility for wolfssl >= 5.0
NTRU support has been removed in wolfssl 5.0 so it is required to
mask NTRU specific code if wolfssl >= 5.0
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry picked from commit
9a9f26796bdf4bd6ebe5a9aee9dcb2feee54780f)
Rosen Penev [Mon, 6 Sep 2021 08:55:37 +0000 (01:55 -0700)]
libuhttp: don't build examples
Speeds up compilation and potentially fixes it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
21e5a1e7d3e55a0c49af9e5a6c8dee6c0255f507)
Jianhui Zhao [Mon, 7 Jun 2021 02:22:12 +0000 (10:22 +0800)]
libuhttpd: Update to 3.12.1
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
4c163b0b123d26538710b78f1ef8f4f47bcdbc0b)
Jianhui Zhao [Fri, 4 Jun 2021 12:08:46 +0000 (20:08 +0800)]
libuhttpd: Update to 3.12.0
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
756d9e906bfeb713e6b5e3e16939d8eed4f66b9f)
Jianhui Zhao [Thu, 8 Apr 2021 06:58:57 +0000 (14:58 +0800)]
libuhttpd: Update to 3.11.0
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
3aa128f00745db22d1f2ed81d3bb3704d6c65780)
Jianhui Zhao [Mon, 1 Mar 2021 09:26:11 +0000 (17:26 +0800)]
libuhttpd: Update to 3.10.1
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
20328691d3a254c598c9d49e55530190dd97fe16)