Dirk Brenken [Wed, 8 Apr 2020 07:36:03 +0000 (09:36 +0200)]
Merge pull request #11800 from dibdot/adblock-19.07
[19.07] adblock: release 4.0.3
Dirk Brenken [Tue, 7 Apr 2020 20:18:00 +0000 (22:18 +0200)]
adblock: release 4.0.3
* new package dependencies: coreultis-sort and
a download util with SSL support
* focus on speed (multicore-support) to handle quite big lists
* include more than 40 pre-configured blocklist sources in a compressed
json file (/etc/adblock/adblock.sources.gz)
* dynamic SafeSearch support for google, bing, duckduckgo,
yandex, youtube and pixabay (CNAME (bind) & IP (dnsmaq, unbound))
* DNS backend autodetection
* Download Utility autodetection
* Report Interface autodetection
* Easy cron wrapper to set an adblock related auto-timer for
automatic blocklist updates
* raw domain/blocklist support (e.g. for dnscrypt support)
* re-add restrictive Jaillist support
* rework online doc
* Complete LuCI rewrite (migrated to client side JS)
Signed-off-by: Dirk Brenken <dev@brenken.org>
Rosen Penev [Wed, 8 Apr 2020 01:39:30 +0000 (18:39 -0700)]
Merge pull request #11802 from stangri/19.07-simple-adblock
[19.07] simple-adblock: bugfixes: remove escape chars from log, restore from cache on boot
Stan Grishin [Tue, 7 Apr 2020 21:55:37 +0000 (21:55 +0000)]
simple-adblock: bugfixes: remove escape chars from log, restore from cache on boot
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Tue, 7 Apr 2020 15:05:11 +0000 (18:05 +0300)]
nano: update to 4.9.2
Update nano editor to version 4.9.2
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
f11833d46cf71be65439397e2a7e03643fc78af2)
Jan Pavlinec [Wed, 1 Apr 2020 11:16:57 +0000 (13:16 +0200)]
graphicsmagic: update to version 1.3.35 (security fix)
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit
171993f5a5449462a7b516c4f8824734e9863042)
Rosen Penev [Mon, 6 Apr 2020 21:08:34 +0000 (14:08 -0700)]
Merge pull request #11772 from micmac1/19.07-apache-2443
[19.07] apache: security bump to 2.4.43
Rosen Penev [Tue, 3 Mar 2020 22:03:48 +0000 (14:03 -0800)]
meson: update to 0.53.2
Switched to PyPI.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
ccb70a340769faf1c6e58c11a39e70f1216bf9eb)
Rosen Penev [Wed, 5 Feb 2020 10:31:05 +0000 (02:31 -0800)]
meson: update to 0.53.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
66bf801f3a6ff15db31eb689324917ec2cd312ec)
Andre Heider [Sat, 11 Jan 2020 17:40:41 +0000 (18:40 +0100)]
meson: fix building host binaries with ccache
With CONFIG_CCACHE, $HOSTCC is 'ccache gcc' while $TARGET_CC points to a
single wrapper script. Compiling target binaries with ccache works, but
doesn't for host binaries, because we need to supply an argv array for
argc > 1 in the meson cross file.
Always pass an array for the c and c++ compiler, and while at it, do it
for the target as well - just to be on the safe side if that ever
changes.
Fixes #10982.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit
f5c8565d1bbd8f97b1f62319398543a56d591814)
Javier Marcet [Sun, 1 Mar 2020 10:52:01 +0000 (11:52 +0100)]
python-requests: update to version 2.23.0
Package python-idna was updated 2 weeks ago in OpenWrt 19.07.
It causes an issue:
pkg_resources.ContextualVersionConflict: (idna 2.9 (/usr/lib/python3.7/site-packages), Requirement.parse('idna<2.9,>=2.5'), {'requests'})
This is fixed in 2.23.0.
Signed-off-by: Javier Marcet <javier@marcet.info>
(cherry picked from commit
d62e8b9f3cd3ab9a0df23f721c24f9ef4d16836c)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[add commit message]
Josef Schlehofer [Sun, 29 Mar 2020 01:06:19 +0000 (03:06 +0200)]
dnscrypt-proxy2: update to version 2.0.42
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
296a58491b6830624e580ee2f068d80878abb615)
Sebastian Kemper [Sun, 5 Apr 2020 19:08:03 +0000 (21:08 +0200)]
apache: security bump to 2.4.43
This minor version bump fixes:
CVE-2020-1934
CVE-2020-1927
Upstream added cross-compile compatibility to apxs, so we can drop a sed
script. Upstream also added the OpenWrt layout, so we can drop our local
copy.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Hannu Nyman [Sun, 5 Apr 2020 16:20:19 +0000 (19:20 +0300)]
nano: update to 4.9.1
Update nano editor to version 4.9.1
2020.03.31 - GNU nano 4.9.1 "Sapperdeflap"
Two bugs introduced in version 4.9 are fixed: the cursor
getting misplaced when undoing line cuts, and filtering
of the whole buffer to a new buffer not working.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
f5c47a2606cea00ef70ae696224cd201ca1aceb8)
Hannu Nyman [Fri, 3 Apr 2020 13:46:56 +0000 (16:46 +0300)]
Merge pull request #11755 from gladiac1337/haproxy-2.0.14-openwrt-19.07
[openwrt-19.07] haproxy: Update HAProxy to v2.0.14
Christian Lachner [Fri, 3 Apr 2020 06:45:14 +0000 (08:45 +0200)]
haproxy: Update HAProxy to v2.0.14
- Update haproxy download URL and hash
- Add new patches (see https://www.haproxy.org/bugs/bugs-2.0.14.html)
- This fixes CVE-2020-11100 (http://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=
b9cac598021e2b0d4ae2cfecf9825a3469328093)
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Hannu Nyman [Wed, 1 Apr 2020 06:07:01 +0000 (09:07 +0300)]
Merge pull request #11729 from stangri/19.07-vpn-policy-routing
[19.07] vpn-policy-routing: separation between auto/all proto; mwan3 compatibility; README update
Stan Grishin [Tue, 31 Mar 2020 23:05:46 +0000 (23:05 +0000)]
vpn-policy-routing: separation between auto/all proto; compatibility with mwan3; README update
Signed-off-by: Stan Grishin <stangri@melmac.net>
Nikos Mavrogiannopoulos [Tue, 31 Mar 2020 20:56:08 +0000 (22:56 +0200)]
gnutls: updated to 3.6.13
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Hannu Nyman [Sun, 29 Mar 2020 07:00:52 +0000 (10:00 +0300)]
Merge pull request #11699 from stangri/19.07-simple-adblock
[19.07] simple-adblock: support multiple dnsmasq instances + internal refactoring
Stan Grishin [Sun, 29 Mar 2020 05:13:18 +0000 (05:13 +0000)]
simple-adblock: support multiple dnsmasq instances; rework communication between principal package and luci app
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Wed, 26 Feb 2020 03:31:34 +0000 (19:31 -0800)]
avahi: update to 0.8
Clean up Makefile slightly.
Update configure options for the new version.
Remove first patch and update the other one.
Use a different solution for the stack protector on certain platforms.
Run script through shellcheck. Small quote fix.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
9290d4107722146d5c8b6e500eb2c3ce0b0a9e67)
Rosen Penev [Thu, 6 Feb 2020 03:28:25 +0000 (19:28 -0800)]
avahi: convert to procd
Add license information.
Small cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
f41612bc9c8633f931517c59f145a86f9e09eca3)
Rosen Penev [Sat, 28 Sep 2019 23:42:15 +0000 (16:42 -0700)]
avahi: Fix pkgconfig files to be cross compile friendly
libdir should not point to the host.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
736ebb16b68d3708a0071268736e02c6bcfd5a05)
Rosen Penev [Fri, 9 Aug 2019 18:31:00 +0000 (11:31 -0700)]
flac: Update to 1.33
Some adjustments to the configure flags.
Removed upstreamed patches.
Added PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
b82bdd3f0ebd8ee1cb444bd450efce6fe7856b89)
Rosen Penev [Mon, 16 Mar 2020 02:57:06 +0000 (19:57 -0700)]
msmtp: remove myself as maintainer
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
842b9f0f4d3f6b6f5d3984c3c998dcc3baaba2e5)
Rosen Penev [Fri, 3 Jan 2020 02:29:04 +0000 (18:29 -0800)]
msmtp: Update to 1.8.7
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
9a67d3bfb303bc464523fdd5dc4a98bdb27cdbd3)
Rosen Penev [Fri, 18 Oct 2019 21:47:45 +0000 (14:47 -0700)]
msmtp: Update to 1.8.6
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
04b9f209a067ad378cfd69f18429db5a570852c2)
Rosen Penev [Fri, 1 Nov 2019 01:26:26 +0000 (18:26 -0700)]
mpg123: Update to 1.25.13
Fixed license information.
Small Makefile rearrangements for consistency.
Added PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
aaca589342d793b37afb922ae06b00316ad9c4c4)
Rosen Penev [Wed, 12 Feb 2020 02:36:05 +0000 (18:36 -0800)]
screen: update to 4.8.0
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
318d2dd74bd231418efaa388f3f428cbedf1e32e)
Rosen Penev [Fri, 18 Oct 2019 22:13:59 +0000 (15:13 -0700)]
screen: Update to 4.7.0
Remove all patches. They have all been merged upstream.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
29b39264d618a6b9c90e6e72e69abf51bf21b4cf)
Rosen Penev [Mon, 2 Dec 2019 04:49:23 +0000 (20:49 -0800)]
zstd: Fix compilation with uClibc-ng
Upstream backports.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
54266c99b2a2e37a4c01b02ae74346874db7003c)
Rosen Penev [Thu, 7 Nov 2019 01:19:16 +0000 (17:19 -0800)]
zstd: Update to 1.4.4
More speed improvements.
Remove upstreamed patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
aaccad695e51bc3b05699fc8f2db70bc7157dd9e)
Hannu Nyman [Thu, 26 Mar 2020 19:36:36 +0000 (21:36 +0200)]
nano: update to 4.9
Update nano editor to version 4.9
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
09fd4445b3f7c426212ed61b3989e1994255a8aa)
Jan Pavlinec [Tue, 24 Mar 2020 11:02:30 +0000 (12:02 +0100)]
tor: update to version 0.4.2.7 (security fix)
Fixes:
CVE-2020-10592
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Hannu Nyman [Thu, 26 Mar 2020 16:44:42 +0000 (18:44 +0200)]
collectd: disable onewire plugin, BROKEN since 2009
Mark the onewire plugin as disabled, as the plugin
has been marked BROKEN since it was introduced in 2009 by
https://git.openwrt.org/?p=openwrt/svn-archive/packages.git;a=commitdiff;h=
0de38b88d6ba8c52b8386d3059baba7dca22961f
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
286557e906613757e4b903a8aa4b734682aec85d)
Hannu Nyman [Mon, 23 Mar 2020 05:58:25 +0000 (07:58 +0200)]
collectd: disable dpdk_telemetry module
Explicitly disable the new dpdk_telemetry module to fix
compilation in buildbot.
(other dpdk modules are aleady disabled)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
b936fc4e0da71df1b8ea17ed6ed3f4eedb664106)
Hannu Nyman [Sun, 22 Mar 2020 20:48:31 +0000 (22:48 +0200)]
collectd: update to 5.11.0
* Update collectd to version 5.11.0
* Refresh patches
Release notes:
https://github.com/collectd/collectd/releases/tag/collectd-5.11.0
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
1d11a0c892d953d7053b4548d957e3ec6a153b99)
Toke Høiland-Jørgensen [Thu, 26 Mar 2020 15:37:09 +0000 (16:37 +0100)]
acme: Backport two bug fixes from master
This backports the following bug-fix commits from the master branch:
c6b4d7f367de ("acme: Include empty 'dns' config option by default")
983cc995a3b2 ("acme: Correctly handle domain state dir for ECC certificates")
Fixes #11675.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Yousong Zhou [Wed, 25 Mar 2020 15:04:12 +0000 (23:04 +0800)]
openvswitch: depend on IPV6 for intree kmods
Ref: https://github.com/openwrt/packages/issues/11665
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
88dcd094873dd9d28515cd3408077f4d5574eccb)
Yousong Zhou [Thu, 20 Jun 2019 03:22:45 +0000 (03:22 +0000)]
openvswitch: rework skipping intree kmod build for unsupported kernels
This is a workaround to prevent the whole build from failing because of
the intree kmods are not supported yet by upstream project.
Root cause is that kernel version should not play a part when making
DEPENDS as the generated kconfig was for all targets that may have
different kernel versions.
One less than ideal effect of this change is that for an unsupported
kernel version, people can still select the intree kmod but it won't be
built. This may contradict expectation if the warning was not noticed
by them
Resolves openwrt/packages#9274
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
a6ec885522ced8185cfe66c0ab467d902f043b65)
Rosen Penev [Wed, 19 Feb 2020 03:32:08 +0000 (19:32 -0800)]
fish: update to 3.1.0
Remove upstreamed patches.
Added missing libatomic dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
bee0bfe8621516a776e3e3712348ea0b21cf3dd7)
Rosen Penev [Sat, 14 Dec 2019 05:51:29 +0000 (21:51 -0800)]
fish: Fix compilation with libcxx
cxxabi.h is a useless header that libcxx does not include.
Remove indent on postint script. It should be on the same as the above
section.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
a135cbb9f1cf568d35e4eb62e154286ab05ccc19)
Rosen Penev [Wed, 20 Nov 2019 05:01:15 +0000 (21:01 -0800)]
fish: Convert to CMake
CMake is faster and allows to simplify the Makefile slightly. It also
creates a slightly smaller package for some reason.
Fixed license information.
Ran postinst through shellcheck. It was using bashisms.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
faa89621783bda6bc1128822aac4995be487a39d)
Marc Benoit [Mon, 2 Mar 2020 14:31:12 +0000 (09:31 -0500)]
syncthing: configuration cleanup & hardening
Run the service under an unprivileged
user account
The following parameters are now configurable
niceness
max concurrency (defaults to number of CPUs)
user
Added flags "-no-browser"
Disabled in-place upgrades (disabled in the
build already)
Redirected stderr/stdout to syslog
Added support for "reload_config"
Increased "term_timeout" to 15s to give it
plenty of time to shut down gracefully
Properly handled non-existing directories
Removed a softlink that assumes a specific naming
convention in syncthing
Added a comment that using external storage is a
recommend configration
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
[increased package release]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
a9443eb0eb9f5f8eacdb1daaa0f30f9deec1853d)
Tested-by: Marc Benoit <marcb62185@gmail.com>
Paul Spooren [Tue, 24 Mar 2020 02:34:36 +0000 (16:34 -1000)]
syncthing: bump to 1.4.0
Release information:
https://github.com/syncthing/syncthing/releases/tag/v1.4.0
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
3a651638ce9c45b47e821aed5ea3086ce0290d6f)
Tested-by: Marc Benoit <marcb62185@gmail.com>
Paul Spooren [Tue, 24 Mar 2020 02:21:10 +0000 (16:21 -1000)]
syncthing: fixup version detection
Since upstream commit
dc92994 the LDFLAGS used for settings the version
(and build host and user) changed resulting in "unknown" versions in
syncthing.
Correct version detection is important for syncthing to assure
compatibility with other running instances. The "unknown" version fails
to communicate and sync with correctly compiled instances.
This patch updates the syncthing Makefile to inject the correct
variables and thereby fixes the version detection in syncthing.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
b85e387cc2dec49ccaf0063f2b109e5c6151de39)
Tested-by: Marc Benoit <marcb62185@gmail.com>
Sven Roederer [Wed, 25 Mar 2020 11:03:48 +0000 (12:03 +0100)]
strongswan: add conffiles for swanctl util
Add a conffiles-section for the /etc/swanctl folder, which is used by the swanctl util. This will keep the configfiles during an sysupgrade.
Signed-off-by: Sven Roederer <S.Roederer@colvistec.de>
(cherry picked from commit
49f298eb745000c66169cee4791ca6e587a13ce7)
Eneas U de Queiroz [Wed, 18 Mar 2020 12:37:26 +0000 (09:37 -0300)]
strongswan: quote 'comment' parameter in Config.in
Newer versions of the kconfig generator require quotes. Prepare the
package for an eventual update.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
404c113bc25ac95bf08ba1b904dbbde8875c00eb)
Karl Palsson [Mon, 23 Mar 2020 22:52:31 +0000 (22:52 +0000)]
net/pagekitec: support status reporting json file
Allows luci webapp to report health more dynamically.
Signed-off-by: Karl Palsson <karlp@tweak.net.au>
Karl Palsson [Mon, 23 Mar 2020 22:50:53 +0000 (22:50 +0000)]
net/pagekitec: Update to newest version
Drops a patch, adds support for a status file for health tracking.
Signed-off-by: Karl Palsson <karlp@tweak.net.au>
Hannu Nyman [Mon, 23 Mar 2020 19:11:09 +0000 (21:11 +0200)]
Merge pull request #11647 from jefferyto/byobu-5.133-openwrt-19.07
[openwrt-19.07] byobu: Update to 5.133
Hannu Nyman [Mon, 23 Mar 2020 19:10:54 +0000 (21:10 +0200)]
Merge pull request #11646 from jefferyto/python-pyasn1-modules-0.2.8-openwrt-19.07
[openwrt-19.07] python-pyasn1-modules: Update to 0.2.8
Hannu Nyman [Mon, 23 Mar 2020 19:10:36 +0000 (21:10 +0200)]
Merge pull request #11645 from jefferyto/python-idna-2.9-openwrt-19.07
[openwrt-19.07] python-idna: Update to 2.9
Hannu Nyman [Mon, 23 Mar 2020 19:10:12 +0000 (21:10 +0200)]
Merge pull request #11644 from jefferyto/python-pycparser-2.20-openwrt-19.07
[openwrt-19.07] python-pycparser: Update to 2.20
Hannu Nyman [Mon, 23 Mar 2020 19:09:57 +0000 (21:09 +0200)]
Merge pull request #11643 from jefferyto/python-enum34-1.1.10-openwrt-19.07
[openwrt-19.07] python-enum34: Update to 1.1.10
Hannu Nyman [Mon, 23 Mar 2020 19:09:08 +0000 (21:09 +0200)]
Merge pull request #11641 from jefferyto/python-zope-interface-4.7.2-openwrt-19.07
[openwrt-19.07] python-zope-interface: Update to 4.7.2, refresh patch
Hannu Nyman [Mon, 23 Mar 2020 19:08:12 +0000 (21:08 +0200)]
Merge pull request #11639 from jefferyto/python-twisted-security-fix-openwrt-19.07
[openwrt-19.07] python-twisted: Fix several request smuggling attacks
Hannu Nyman [Mon, 23 Mar 2020 19:04:56 +0000 (21:04 +0200)]
Merge pull request #11636 from jefferyto/golang-1.13.9-openwrt-19.07
[openwrt-19.07] golang: Update to 1.13.9
Jeffery To [Tue, 18 Feb 2020 09:30:41 +0000 (17:30 +0800)]
byobu: Update to 5.133
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
847d9f18ccfcad3ae4911941488057142f91e852)
Jeffery To [Tue, 14 Jan 2020 21:06:21 +0000 (05:06 +0800)]
python-pyasn1-modules: Update to 0.2.8
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
a6f1e7689b806e3a2baf1446cb8cb547cbc03797)
Jeffery To [Sun, 23 Feb 2020 20:45:09 +0000 (04:45 +0800)]
python-idna: Update to 2.9
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
111d7ae088545615aeb453cee20cf5e9f91c82c9)
Jeffery To [Mon, 16 Mar 2020 14:46:25 +0000 (22:46 +0800)]
python-pycparser: Update to 2.20
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
931dcfe3aa992a9d23323d749a806d9627e88fa7)
Jeffery To [Mon, 16 Mar 2020 17:49:24 +0000 (01:49 +0800)]
python-enum34: Update to 1.1.10, refresh patch
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
48af5b2abb2bc3fff18aba9951d274252e7d5c19)
Jeffery To [Sun, 23 Feb 2020 20:43:23 +0000 (04:43 +0800)]
python-enum34: Update to 1.1.9, refresh patch
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
87150b43a8c5328edd7c84f2b51f16c18e0c8dde)
Jeffery To [Mon, 16 Mar 2020 18:04:38 +0000 (02:04 +0800)]
python-zope-interface: Update to 4.7.2, refresh patch
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
a178662fcef00a1cebbe78253ae28eb1edb418f4)
Jeffery To [Mon, 23 Mar 2020 15:22:39 +0000 (23:22 +0800)]
python-twisted: Fix several request smuggling attacks
This backports a patch[1] to fix several request smuggling attacks.
This includes fixes for:
* CVE-2020-10108
* CVE-2020-10109
[1]: https://github.com/twisted/twisted/commit/
4a7d22e490bb8ff836892cc99a1f54b85ccb0281
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Mon, 23 Mar 2020 13:55:51 +0000 (21:55 +0800)]
golang: Update to 1.13.9
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Josef Schlehofer [Mon, 27 Jan 2020 21:44:00 +0000 (22:44 +0100)]
libredblack: pass CFLAGS properly
Fixes build with enabled ASLR PIE
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
a615a821d949f7e12874b1e0e4deb68ec08af104)
Hannu Nyman [Sat, 21 Mar 2020 07:47:01 +0000 (09:47 +0200)]
Merge pull request #11615 from stangri/19.07-https-dns-proxy
[19.07] https-dns-proxy: support for dnsmasq noresolv option
Rosen Penev [Fri, 20 Mar 2020 23:01:09 +0000 (16:01 -0700)]
Merge pull request #11617 from nxhack/19_07_icu_66_1
[openwrt-19.07] icu: update to 66.1 & fix CVE-2020-10531
Stan Grishin [Fri, 20 Mar 2020 21:22:39 +0000 (21:22 +0000)]
https-dns-proxy: support for dnsmasq noresolv option
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hirokazu MORIKAWA [Thu, 19 Mar 2020 07:26:30 +0000 (16:26 +0900)]
icu: update to 66.1
ICU 66 updates to Unicode 13, including new characters, scripts, emoji, and corresponding API constants. It also updates to CLDR 36.1 with Unicode 13 updates and bug fixes.
Create symbolic link to current version.
FIX CVE-2020-10531
An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Josef Schlehofer [Sun, 8 Mar 2020 13:16:49 +0000 (14:16 +0100)]
youtube-dl: update to version 2020.3.8
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
5d565db22234f72df7f10c874b033de4a9e6bd96)
Karel Kočí [Wed, 11 Mar 2020 10:17:33 +0000 (11:17 +0100)]
haveged: move init script from 13 to 01
This is intended as a match with standard urngd. They serve same purpose
and urngd starts as first with 00. Starting haveged later can create
issues if you replace urngd with it. The example problem is if
uci-defaults script decides to generate certificate. Haveged can supply
entropy but it is started later and to mitigate this urngd would still
have to be installed. This means that haveget can't serve as replacement
without moving it to match start order of urngd.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit
1ef38f45d982beb46b2df6d3582ad0bc2b0007ca)
Rosen Penev [Sat, 22 Feb 2020 02:55:13 +0000 (18:55 -0800)]
libarchive: update to 3.4.2
Switch to normal tarballs. Remove autoreconf as a result.
Several Makefile cleanups for consistency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
c22dd1bf74fa5836a88fa417b467767bcfe8a4ff)
Hannu Nyman [Mon, 16 Mar 2020 18:22:12 +0000 (20:22 +0200)]
Merge pull request #11566 from BKPepe/python3-update-19.07
[19.07] python3: update to version 3.7.7
Yousong Zhou [Mon, 16 Mar 2020 07:25:51 +0000 (15:25 +0800)]
openvswitch: fix PIE build against 4.14 kernel
Reported-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/pull/11567
(cherry picked from commit
e9d6414437d27803a16b5d96c48b45140e989e5e)
Josef Schlehofer [Mon, 2 Mar 2020 22:59:10 +0000 (23:59 +0100)]
x264: add CONFIGURE_VARS and MAKE_FLAGS when NASM is not selected
- Remove dot in TITLE
- Use HTTPS in URL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
faac2352e2d3f14de8dfd69f1801e6561ccb156c)
Rosen Penev [Tue, 25 Jun 2019 17:45:58 +0000 (10:45 -0700)]
nfs-kernel-server: Fix compile with uClibc-ng
NS_MAXMSG is not defined.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
732b1c4c0e1203cf3f07459694680a6a830a6d71)
Martin Schiller [Thu, 14 Nov 2019 07:27:05 +0000 (08:27 +0100)]
xtables-addons: disable ASLR PIE
This package uses ld for linking and therefor does not support the
-specs option.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit
3804006e60579ed9f44c5b315d186ed364f04455)
Josef Schlehofer [Fri, 13 Mar 2020 23:47:42 +0000 (00:47 +0100)]
python3: update to version 3.7.7
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Alexandru Ardelean [Wed, 11 Mar 2020 07:28:31 +0000 (09:28 +0200)]
django: bump to version 1.11.29
Includes several CVE fixes.
- CVE-2020-7471 in 1.11.28
- CVE-2020-9402 in 1.11.29
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Rosen Penev [Wed, 11 Mar 2020 03:29:30 +0000 (20:29 -0700)]
Merge pull request #11540 from neheb/softee
[19.07]softethervpn: Update to rtm version 4.29-9680
Rosen Penev [Mon, 9 Mar 2020 20:53:17 +0000 (13:53 -0700)]
softethervpn: disable PIC
Compilation is broken on AArch64.
Reordered some things for consistency between packages.
Fixed license information.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
b8b4e7e2694bb9b6e678f1b06bbe793c9bde0535)
Rosen Penev [Sat, 7 Sep 2019 02:51:05 +0000 (19:51 -0700)]
softethervpn: Fix openssl header patch
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
41fe5a8335dee6e59e3053feb3667d718517fb88)
Rosen Penev [Sun, 11 Aug 2019 23:21:51 +0000 (16:21 -0700)]
softethervpn: Add missing OpenSSL header
Fixes compilation without OpenSSL deprecated APIs as well as
-Werror=implicit-function-declaration.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
b80b614f8f659e352723a49cc4459521049198ab)
Philipp Schuster [Fri, 12 Jul 2019 02:13:03 +0000 (04:13 +0200)]
softethervpn: Update to rtm version 4.29-9680
Update SoftEther VPN to the latest rtm version 4.29-9680
Compile tested: Atheros AR7xxx/AR9xxx, TP-LINK Archer C7 v2, 18.06.4
Signed-off-by: Philipp Schuster <philippschuster@gmx.com>
(rebased and refreshed patches).
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
34db38520b879ba8dcf637d2f8bdb365e545b5bb)
Rosen Penev [Thu, 27 Feb 2020 03:47:59 +0000 (19:47 -0800)]
stubby: fix init script
The configuration file was not being generated.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
b95699c6475795ae4d500a43a7cd382de655ec3f)
Rosen Penev [Fri, 21 Feb 2020 23:26:34 +0000 (15:26 -0800)]
stubby: makefile and init script cleanup
Reordered Makefile according to
https://github.com/openwrt/packages/pull/9399#issuecomment-
508727872 .
Added PKG_BUILD_PARALLEL for faster compilation.
Remove duplicated conffiles section.
Install /etc/config/stubby using INSTALL_CONF, as is done elsewhere
Run init script through shellcheck and clean it up.
Added chmod for the stubby config file, to fix a LuCI issue.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
eaf522532324f9155d2d038e27006e5caaf9874a)
Karel Kočí [Mon, 9 Mar 2020 14:29:16 +0000 (15:29 +0100)]
btrfs-progs: fix check for btrfs in btrfs scan
The previous implementation always succeeded so no scan was performed.
This now fixes that and it correctly scans for BTRFS devices if BTRFS
support is in kernel.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
Josef Schlehofer [Sat, 7 Mar 2020 08:54:13 +0000 (09:54 +0100)]
syslog-ng: update to version 3.26.1
- Bump version also in the config file
- Move logread to /sbin location instead of /usr/sbin
Because package logd in OpenWrt's ubox Makefile uses /sbin folder and LuCI has
the same path hardcoded in
modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json and using
different location results that LuCI is not able to load log data as it
is not found.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
fe165eeb94d2e7fb35fee93e64336afa024a1283)
Hannu Nyman [Sat, 7 Mar 2020 13:51:09 +0000 (15:51 +0200)]
Merge pull request #11526 from wvdakker/openwrt-19.07
[Openwrt 19.07] Shorewall: Bump to 5.2.3.7
Rosen Penev [Sat, 7 Mar 2020 10:18:23 +0000 (02:18 -0800)]
Merge pull request #11524 from micmac1/1907arc_aio2
[19.07] mariadb: add dependency on libaio for arc as well
W. van den Akker [Sat, 7 Mar 2020 09:28:10 +0000 (10:28 +0100)]
Shorewall6: Bump to 5.2.3.7.
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
W. van den Akker [Sat, 7 Mar 2020 09:27:15 +0000 (10:27 +0100)]
Shorewall: Bump to 5.2.3.7.
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
W. van den Akker [Sat, 7 Mar 2020 09:19:15 +0000 (10:19 +0100)]
Shorewall6-lite: Bump to 5.2.3.7.
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
W. van den Akker [Sat, 7 Mar 2020 09:17:52 +0000 (10:17 +0100)]
Shorewall-lite: Bump to 5.2.3.7.
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
W. van den Akker [Sat, 7 Mar 2020 09:16:01 +0000 (10:16 +0100)]
Shorewall-core: Bump to 5.2.3.7.
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
Sebastian Kemper [Mon, 24 Jun 2019 08:36:20 +0000 (10:36 +0200)]
mariadb: add dependency on libaio for arc as well
Now that libaio compiles on arc targets we need to add the dependency to
libaio on these targets as well.
resolves #9298
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>