Rosen Penev [Tue, 11 Feb 2020 00:11:42 +0000 (16:11 -0800)]
Merge pull request #11299 from lucize/nsprup
nspr: update to 4.25
Lucian Cristian [Mon, 10 Feb 2020 22:42:48 +0000 (00:42 +0200)]
nspr: update to 4.25
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Etienne Champetier [Mon, 10 Feb 2020 02:58:21 +0000 (21:58 -0500)]
Merge pull request #11293 from champtar/phantap
phantap: update to latest commit
Etienne Champetier [Mon, 10 Feb 2020 02:46:41 +0000 (21:46 -0500)]
phantap: update to latest commit
fb3be84 Split out ebtables anti-leak rules in phantap-early, improve logs
e3fbe61 phantap-learn: use libnl instead of ip executable
b2c2514 phantap/Readme: Warn about OpenWrt failsafe leak
394d3b7 Readme: Update to add blogpost link and detection via Internet traffic
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Rosen Penev [Mon, 10 Feb 2020 02:28:37 +0000 (18:28 -0800)]
Merge pull request #11220 from jow-/openconnect-quote-fix
openconnect: preserve whitespace in arguments
Rosen Penev [Mon, 10 Feb 2020 02:26:04 +0000 (18:26 -0800)]
Merge pull request #11291 from mwarning/kadnode
kadnod: update to version 2.3.0
Moritz Warning [Mon, 10 Feb 2020 00:58:17 +0000 (01:58 +0100)]
kadnode: update to version 2.3.0
Signed-off-by: Moritz Warning <moritzwarning@web.de>
Rosen Penev [Sun, 9 Feb 2020 23:19:32 +0000 (15:19 -0800)]
Merge pull request #11286 from tsilia/libtins-config-options
libtins: Added menu configuration options
Rosen Penev [Sun, 9 Feb 2020 23:18:01 +0000 (15:18 -0800)]
Merge pull request #11253 from neheb/wav
wavemon: update to 0.9.1
Rosen Penev [Sun, 9 Feb 2020 23:04:13 +0000 (15:04 -0800)]
Merge pull request #11287 from farmergreg/patch-1
pingcheck: Fix spelling in description
Rosen Penev [Sun, 9 Feb 2020 22:50:54 +0000 (14:50 -0800)]
Merge pull request #11284 from peter-stadler/nginx-util
nginx-util: add tests, clean up and fix issues
Daniel Engberg [Sun, 9 Feb 2020 22:43:28 +0000 (23:43 +0100)]
Merge pull request #11289 from Andy2244/samba4-update-4.11.6
samba4: update to 4.11.6, add new UCI option
Daniel Engberg [Sun, 9 Feb 2020 22:41:55 +0000 (23:41 +0100)]
Merge pull request #11290 from Andy2244/ksmbd-update-3.1.3
ksmbd: update to 3.1.3, ksmbd-tools: update to 3.2.1, add smb1 support
Daniel Engberg [Sun, 9 Feb 2020 22:41:27 +0000 (23:41 +0100)]
Merge pull request #11288 from Andy2244/rpcsvc-proto_switch-to-git
rpcsvc-proto: switch to git release (2020-01-16)
Andy Walsh [Sun, 9 Feb 2020 22:25:56 +0000 (23:25 +0100)]
ksmbd: update to 3.1.3, ksmbd-tools: update to 3.2.1, add smb1 support
* ksmbd: update to 3.1.3
* ksmbd-tools: update to 3.2.1
* add new package build option "KSMBD_SMB_INSECURE_SERVER"
* enable smb1 support to kmod by default
* add new UCI option "allow_legacy_protocols" to section [globals]
* ksmbd: release 3.1.3 version
* ksmbd: lock SMB2_QUERY_INFO_HE request with read lock
* ksmbd: fix potential racy between query_dir and ksmbd_vfs_empty_dir
* ksmbd: fix racy issue between deleting file and checking empty directory
* ksmbd: don't register interface which are member of bridge
* ksmbd: SO_REUSEADDR is no property of tcp_setsockopt
* ksmbd: release 3.1.2 version
* ksmbd: fix read caching buffer size as max_read_size
* ksmbd: fix the infinite loop of handling FSCTL_QUERY_ALLOCATED_RANGES
* ksmbd: use compounding for smb2 flush
* ksmbd: downgrade error message to debug in get_file_all_info
* ksmbd: rename usmbd to ksmbd.mountd in trvis-ci
* ksmbd: release 3.1.1 version
* ksmbd: does not work if ipv6 module is not loaded or compiled in
* ksmbd: capsule ifdef CONFIG_SMB_INSECURE_SERVER with smb1 codes
* ksmbd: capsule ifdef CONFIG_SMB_INSECURE_SERVER with smb1 codes
* ksmbd: update README file
* ksmbd-tools: release 3.2.1 version
* ksmbd-tools: revert "remove glib2.0 dependancy" patch
* ksmbd-tools: release 3.2.0 version
* ksmbd-tools: update how to restart ksmbd in README file
* Revert "ksmbd-tools: disable tbuf and rbuf caching by default"
* ksmbd-tools: disable tbuf and rbuf caching by default
* ksmbd-tools: replace usmbd prefix with ksmbd prefix
* ksmbd-tools: update README file
* ksmbd-tools: fix warning ignoring return value of 'fread'
* ksmbd-tools: downgrade unsupported command print to debug
* ksmbd-tools: remove GLIB_LIBS in Makefiles
* ksmbd-tools: rename usmbd, smbuseradd, smbshareadd to ksmbd.mountd, ksmbd.adduser and ksmbd.addshare
* ksmbd-tools: fix null pointer dereference in _list_remove
* ksmbd-tools: fix the sanity check fails depending on the password length
* ksmbd-tools: fix build error(not found glib.h)
* ksmbd-tools: remove glib-2.0 dependancy
* ksmbd-tools: update README to add libglib2.0-dev for Ubuntu preprequisite packages
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Andy Walsh [Sun, 9 Feb 2020 22:21:35 +0000 (23:21 +0100)]
samba4: update to 4.11.6, add new UCI option
* update to 4.11.6
* add new UCI option "allow_legacy_protocols" to section [samba]
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Andy Walsh [Sun, 9 Feb 2020 22:18:18 +0000 (23:18 +0100)]
rpcsvc-proto: switch to git release (2020-01-16)
* switch to git release (2020-01-16)
* fixes #11249
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
Ilya Tsybulsky [Sun, 9 Feb 2020 19:48:43 +0000 (22:48 +0300)]
libtins: Added menu configuration options
Signed-off-by: Ilya Tsybulsky <ilya.tsybulsky@gmail.com>
Greg Dietsche [Sun, 9 Feb 2020 21:33:03 +0000 (15:33 -0600)]
pingcheck: Fix spelling in description
Correct: wether => whether
Signed-off-by: Greg Dietsche <gregory.dietsche@cuw.edu>
Peter Stadler [Tue, 4 Feb 2020 12:10:00 +0000 (13:10 +0100)]
nginx-util: add tests, clean up and fix issues
Add tests for nginx-ssl-util and nginx-ssl-util-nopcre using (fake)chroot.
Clean the code up making nginx-ssl-util a header file.
Both changes are for better (future) code quality only.
There are minor functional improvements:
* fix compiler error of gcc7 by using std=c++17
* fix error if there is no lan/loopback interface
* notice instead of error message if there is no default server
* add ipv6-prefix-assignment.*.local-address.address for LAN
* add CONFLICTS in Makefile for choosing the right version
* add cast to release of unique_ptr to avoid warning
* add version message to help message
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
Alexander Ryzhov [Thu, 26 Sep 2019 12:51:13 +0000 (15:51 +0300)]
perl: define $sysroot for extensions
Signed-off-by: Alexander Ryzhov <github@ryzhov-al.ru>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sun, 9 Feb 2020 01:43:39 +0000 (17:43 -0800)]
Merge pull request #11244 from Robby-/master-rlmpython_and_fixproxycfgconflict
freeradius3: Fix proxy.conf file conflict and enable the rlm_python and rlm_python3 modules
Rosen Penev [Sun, 9 Feb 2020 00:48:27 +0000 (16:48 -0800)]
Merge pull request #11235 from neheb/rhgr
ttyd: fix compilation without deprecated OpenSSL APIs
Rosen Penev [Tue, 4 Feb 2020 02:18:06 +0000 (18:18 -0800)]
ttyd: fix compilation without deprecated OpenSSL APIs
Removed CMAKE_INSTALL as there's no need for InstallDev.
Added PKG_BUILD_PARALLEL for faster compilation.
Small cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sun, 9 Feb 2020 00:15:22 +0000 (16:15 -0800)]
Merge pull request #11274 from nxhack/libhttp-parser_293
libhttp-parser: update to v2.9.3
Stijn Tintel [Sat, 8 Feb 2020 23:34:02 +0000 (00:34 +0100)]
Merge pull request #11267 from aparcar/python-zipp
python-zipp: remove myself as maintainer
Stijn Tintel [Sat, 8 Feb 2020 23:33:05 +0000 (00:33 +0100)]
Merge pull request #11280 from BKPepe/nnn
nnn: update to version 2.9
Stijn Tintel [Sat, 8 Feb 2020 23:31:42 +0000 (00:31 +0100)]
Merge pull request #11271 from aparcar/prom2.15.2
prometheus: bump to 2.15.2
Hannu Nyman [Sat, 8 Feb 2020 09:24:35 +0000 (11:24 +0200)]
nano: update to 4.8
Update nano editor to version 4.8
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Rosen Penev [Sat, 8 Feb 2020 08:36:13 +0000 (00:36 -0800)]
Merge pull request #10179 from nxhack/node_v12
node: update to v12.15.0
Josef Schlehofer [Sat, 8 Feb 2020 08:33:18 +0000 (09:33 +0100)]
nnn: update to version 2.9
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Fri, 7 Feb 2020 00:03:43 +0000 (16:03 -0800)]
usbmuxd: enable systemd support
This is needed as the options loop is totally broken and doesn't accept
both -f and -z together.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sat, 8 Feb 2020 02:50:13 +0000 (18:50 -0800)]
Merge pull request #11102 from neheb/sys
sysstat: update to 2.2.1
Rosen Penev [Fri, 7 Feb 2020 23:55:39 +0000 (15:55 -0800)]
Merge pull request #11272 from aparcar/syncthing1.3.4
syncthing: bump to 1.3.4
Paul Spooren [Thu, 6 Feb 2020 22:38:13 +0000 (12:38 -1000)]
prometheus: bump to 2.15.2
Also remove fsnotify patch as compiling without it worked for mipsel64le
Signed-off-by: Paul Spooren <mail@aparcar.org>
Paul Spooren [Thu, 6 Feb 2020 22:40:52 +0000 (12:40 -1000)]
syncthing: bump to 1.3.4
Signed-off-by: Paul Spooren <mail@aparcar.org>
Rosen Penev [Fri, 7 Feb 2020 17:56:15 +0000 (09:56 -0800)]
Merge pull request #11270 from eduardoabinader/bump_check_0.14
check: bump 0.14.0
Robby K [Fri, 7 Feb 2020 16:02:18 +0000 (17:02 +0100)]
freeradius3: Enable the rlm_python and rlm_python3 modules.
Signed-off-by: Robby K <robbyke@gmail.com>
Robby K [Fri, 7 Feb 2020 16:00:02 +0000 (17:00 +0100)]
freeradius3: Fix proxy.conf file conflict.
It was provided by both the freeradius3 and freeradius3-mod-realm packages.
Now provided by the freeradius3 package only.
Signed-off-by: Robby K <robbyke@gmail.com>
Hannu Nyman [Fri, 7 Feb 2020 13:35:11 +0000 (15:35 +0200)]
Merge pull request #11276 from zhaojh329/rtty
rtty: update to 7.1.0
Toke Høiland-Jørgensen [Fri, 7 Feb 2020 09:28:53 +0000 (10:28 +0100)]
Merge pull request #11261 from neheb/rhgerg344
sqm-scripts: fix hash and simplify Makefile slightly
Jianhui Zhao [Fri, 7 Feb 2020 08:02:23 +0000 (16:02 +0800)]
rtty: update to 7.1.0
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
Hirokazu MORIKAWA [Fri, 7 Feb 2020 01:43:20 +0000 (10:43 +0900)]
libhttp-parser: update to v2.9.3
Support multi-coding Transfer-Encoding
CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding header.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Rosen Penev [Thu, 6 Feb 2020 20:34:57 +0000 (12:34 -0800)]
sqm-scripts: fix hash and simplify Makefile slightly
The previous commit required the hash to be updated.
Removed a bunch of redundant variables.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Etienne Champetier [Thu, 6 Feb 2020 22:15:49 +0000 (17:15 -0500)]
Merge pull request #11265 from neheb/rhhethert
zabbix: remove configure patch
Paul Spooren [Thu, 6 Feb 2020 20:52:15 +0000 (10:52 -1000)]
python-zipp: remove myself as maintainer
Jan Pavlinec <jan.pavlinec@nic.cz> stays maintainer for the package.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Eduardo Abinader [Wed, 5 Feb 2020 19:29:06 +0000 (20:29 +0100)]
check: bump 0.14.0
Compiled and run in x86_64.
This release adds support for CMake's FetchContent.
Changes:
-Add support for FetchContent in CMake
-Rename CMake project from 'check' to 'Check'
-Fix for checking for wrong tool when building docs in Autotools
-Fix compiler warning with printf format
Signed-off-by: Eduardo Abinader <eduardoabinader@gmail.com>
Rosen Penev [Thu, 6 Feb 2020 21:15:25 +0000 (13:15 -0800)]
Merge pull request #11262 from neheb/rhgerg345
canutils: update to 2020.02.04
Rosen Penev [Tue, 4 Feb 2020 08:16:58 +0000 (00:16 -0800)]
zabbix: remove configure patch
Allows removing autoreconf.
Added PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 6 Feb 2020 04:10:35 +0000 (20:10 -0800)]
canutils: update to 2020.02.04
Removed upstream patch.
Alphabetized tools and added jcat tool.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 6 Feb 2020 20:24:12 +0000 (12:24 -0800)]
usbmuxd: Update to 2020-01-20
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 6 Feb 2020 20:23:01 +0000 (12:23 -0800)]
idevicerestore: Update to 2019-12-26
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 6 Feb 2020 20:22:24 +0000 (12:22 -0800)]
libirecovery: Update to 1.0.0
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Thu, 6 Feb 2020 20:21:37 +0000 (12:21 -0800)]
libimobiledevice: Update to 2020-01-20
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Yousong Zhou [Thu, 6 Feb 2020 19:09:39 +0000 (03:09 +0800)]
qemu: enable guest_agent no matter whether softmmu is enabled
Fixes: openwrt/packages#11067
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Josef Schlehofer [Thu, 6 Feb 2020 12:50:38 +0000 (13:50 +0100)]
Merge pull request #11118 from traud/patch-1
syslog-ng: listen not globally but just locally
Hirokazu MORIKAWA [Tue, 8 Oct 2019 04:51:59 +0000 (13:51 +0900)]
node: update to v12.15.0
Update to v12.15.0
Support Python3 : https://github.com/openwrt/packages/issues/8893
Preparing to deprecate nosnapshot builds.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Rosen Penev [Thu, 6 Feb 2020 03:46:59 +0000 (19:46 -0800)]
Merge pull request #11242 from peter-stadler/nginx
nginx: fix endianness issue with http2
Daniel Golle [Wed, 5 Feb 2020 21:23:31 +0000 (23:23 +0200)]
python-libmodbus: depend on python-cffi
Dependency on python{,3}-cffi was missing. Add it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Wed, 5 Feb 2020 20:04:55 +0000 (22:04 +0200)]
python-libmodbus: fix dependencies
python3-libmodbus should depend on python3-variants.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hannu Nyman [Wed, 5 Feb 2020 16:23:02 +0000 (18:23 +0200)]
Merge pull request #11251 from val-kulkov/graphicsmagick-package
graphicsmagick: update to the latest release
Hannu Nyman [Wed, 5 Feb 2020 11:43:45 +0000 (13:43 +0200)]
Merge pull request #11256 from valdi74/update_python-curl
python-curl: update to version 7.43.0.5
Rosen Penev [Wed, 5 Feb 2020 10:46:49 +0000 (02:46 -0800)]
Merge pull request #11254 from neheb/rhgerg34233
ninja: updated to 1.10.0
Rosen Penev [Wed, 5 Feb 2020 10:31:05 +0000 (02:31 -0800)]
meson: update to 0.53.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Waldemar Konik [Wed, 5 Feb 2020 07:37:39 +0000 (08:37 +0100)]
python-curl: update to version 7.43.0.5
PycURL changeLog:
Version 7.43.0.5 - 2020-01-29
-----------------------------------------------------------------
- Fixed build with recent Pythons on RHEL/CentOS.
Signed-off-by: Waldemar Konik <informatyk74@interia.pl>
Compile tested: mipsel_24kc
Rosen Penev [Wed, 5 Feb 2020 06:36:04 +0000 (22:36 -0800)]
Merge pull request #11255 from jefferyto/golang-reorg
golang: More updates
Rosen Penev [Wed, 5 Feb 2020 03:51:34 +0000 (19:51 -0800)]
wavemon: update to 0.9.1
Remove upstreamed patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Jeffery To [Tue, 4 Feb 2020 18:09:59 +0000 (02:09 +0800)]
golang: Update files installed
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Tue, 4 Feb 2020 13:48:08 +0000 (21:48 +0800)]
golang: Reorganize GoPackage/Environment and Makefile variables
* Move more environment variables into GoPackage/Environment
* Split GoPackage/Environment into target and build sections
* Do not set GOROOT_FINAL for Go packages (setting it should only affect
the Go compiler and not Go packages)
* Set CGO_LDFLAGS to $(TARGET_LDFLAGS)
* Move GO_TARGET_* variables from golang-values.mk, and GO_VERSION_*
variables from golang-version.mk, into golang/Makefile
This also updates runc, containerd, and docker-ce to reflect the changes
in GoPackage/Environment.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Rosen Penev [Tue, 4 Feb 2020 08:31:23 +0000 (00:31 -0800)]
ninja: updated to 1.10.0
Removed upstreamed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Val Kulkov [Wed, 5 Feb 2020 00:49:28 +0000 (19:49 -0500)]
graphicsmagick: update to the latest release
Update to v1.3.34. This service release provides a number of bug
fixes, including security fixes.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
Rosen Penev [Tue, 4 Feb 2020 23:26:47 +0000 (15:26 -0800)]
Merge pull request #11236 from neheb/rhgerg34ege4
h2o: fix compilation without deprecated OpenSSL APIs
Rosen Penev [Tue, 4 Feb 2020 22:24:24 +0000 (14:24 -0800)]
Merge pull request #11231 from nxhack/mraa_210
libmraa: update to 2.1.0
Rosen Penev [Tue, 4 Feb 2020 22:23:58 +0000 (14:23 -0800)]
Merge pull request #11250 from micmac1/apache-conf-vars-apr
apache: apr update + configure vars
Rosen Penev [Tue, 4 Feb 2020 22:22:36 +0000 (14:22 -0800)]
Merge pull request #11238 from peter-stadler/ariang
ariang: use new configuration of Nginx
Rosen Penev [Tue, 4 Feb 2020 22:22:04 +0000 (14:22 -0800)]
Merge pull request #11248 from ejurgensen/forked-daapd_update_271
forked-daapd: update to 27.1
Rosen Penev [Tue, 4 Feb 2020 21:14:13 +0000 (13:14 -0800)]
Merge pull request #11247 from micmac1/maria104-CVE-2020-7221
mariadb: follow up on CVE-2020-7221
Rosen Penev [Tue, 4 Feb 2020 21:02:41 +0000 (13:02 -0800)]
Merge pull request #11232 from neheb/lswan
libreswan: fix compilation with musl
Sebastian Kemper [Tue, 4 Feb 2020 21:00:55 +0000 (22:00 +0100)]
apache: add gettid support
gettid happens to be supported by all glibc, musl and uclibc, but
configure cannot detect it when cross-compiling. This adds a configure
variable for it.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Sebastian Kemper [Tue, 4 Feb 2020 20:54:22 +0000 (21:54 +0100)]
apr-util: add configure vars
Adds configure variables for features that the compiler or the libc
supports and which cannot be detected by apr-util's configure script
when cross-compiling.
Also removes one call to INSTALL_DIR (no functional change here).
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Sebastian Kemper [Tue, 4 Feb 2020 20:39:43 +0000 (21:39 +0100)]
apr: add configure vars and caches
apr's configure script uses lots of AC_TRY_RUNs and when cross-compiling
needs a leg-up. This commit adds more configure variables (and removes
one, too).
Notable changes:
- apr_cv_use_lfs64=yes is removed (again) after having a discussion
about it with the musl developers. The conclusion was that
_LARGEFILE64_SOURCE is a horrible thing that we don't want and should
avoid (hence the removal of the variable, because defining
_LARGEFILE64_SOURCE is all it does).
- ap_cv_atomic_builtins is set to "yes" for 64-bit platforms. If
anybody is interested in enabling this for other targets feel free to
send a patch after testing it.
- configure doesn't add -lpthread to LIBS when cross-compiling. This is
not a problem for musl but might be for other libcs. This commit adds
to related variable.
- configure caches are added (via patches) for strerror and /dev/zero
mmap tests. The former fixes a warning on musl (where strerror
returns int instead of a pointer) and the latter is required for
pthread pshared mutex apr_lock implementation and cannot be detected
during cross-compile either.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Sebastian Kemper [Tue, 4 Feb 2020 20:33:12 +0000 (21:33 +0100)]
apr: bump to 1.7.0
Version bump + patches refresh.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
tripolar [Tue, 4 Feb 2020 20:06:38 +0000 (21:06 +0100)]
Merge pull request #11246 from ja-pa/tor-update-0.4.2.6
tor: update to version 0.4.2.6
Sebastian Kemper [Tue, 4 Feb 2020 18:58:59 +0000 (19:58 +0100)]
mariadb: follow up on CVE-2020-7221
Today CVE-2020-7221 was publicly discussed on oss-sec [1]. MariaDB
upstream had not mentioned this CVE in their last release notes. The CVE
is related to auth-pam and the possibility of a local mariadb to root
user exploit in the mysql_install_db script.
Upstream has made amendments to the script, but according to the oss-sec
posts the folder permissions were not updated as they should have been.
In OpenWrt the script mysql_install_db is actually patched to never run
the commands in question. This has been this way since MariaDB 10.4 was
made available.
Still, the directory permissions set by the postinstall script are too
lax. To quote the discoverer of the issue, Matthias Gerstner from Suse,
they exhibit "the dangerous situation of a setuid-root binary residing
in a directory owned by an unprivileged user".
This commit fixes this by changing the permissions to the following:
root:mariadb 0750 /usr/lib/mariadb/plugin/auth_pam_tool_dir
This way the setuid-root binary is only available to root and the
mariadb user, while at the same time the mariadb user has no ownership
of the directory.
[1] https://seclists.org/oss-sec/2020/q1/55
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Jan Pavlinec [Tue, 4 Feb 2020 17:54:06 +0000 (18:54 +0100)]
tor: update to version 0.4.2.6
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Peter Stadler [Tue, 4 Feb 2020 15:14:46 +0000 (16:14 +0100)]
nginx: fix endianness issue #8988
Patch the auto/endianess file to use CONFIG_BIG_ENDIAN.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
Peter Stadler [Tue, 4 Feb 2020 12:14:15 +0000 (13:14 +0100)]
ariang: use new configuration of Nginx
Remove the superfluous parts of the uci-defaults file.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
Rosen Penev [Tue, 4 Feb 2020 11:01:52 +0000 (03:01 -0800)]
Merge pull request #11233 from neheb/hhg
zerotier: fix compilation with libcxx
Rosen Penev [Tue, 4 Feb 2020 04:51:49 +0000 (20:51 -0800)]
nmap: fix compilation with libcxx
Missing headers and confusion between std::bind and bind.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Tue, 4 Feb 2020 05:40:16 +0000 (21:40 -0800)]
mpd: fix ffmpeg AIFF and AMR support
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Tue, 4 Feb 2020 05:19:33 +0000 (21:19 -0800)]
h2o: fix compilation without deprecated OpenSSL APIs
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Tue, 4 Feb 2020 05:04:48 +0000 (21:04 -0800)]
zerotier: fix compilation with libcxx
Missing header.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Tue, 4 Feb 2020 05:05:52 +0000 (21:05 -0800)]
libreswan: fix compilation with musl
Added missing limits header. This is normally included in fortify-headers,
which I have disabled locally.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hirokazu MORIKAWA [Tue, 4 Feb 2020 04:53:05 +0000 (13:53 +0900)]
libmraa: update to 2.1.0
update to 2.1.0
The MRAA project is joining the Eclipse Foundation as an Eclipse IoT project.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Rosen Penev [Tue, 4 Feb 2020 04:44:37 +0000 (20:44 -0800)]
Merge pull request #11145 from jefferyto/aircrack-ng-1.6
aircrack-ng: Update to 1.6
Rosen Penev [Tue, 4 Feb 2020 04:29:28 +0000 (20:29 -0800)]
Merge pull request #11188 from neheb/mpd
mpd changes
Rosen Penev [Fri, 31 Jan 2020 05:07:25 +0000 (21:07 -0800)]
mpd: replace mpg123 with libmad
libmad is almost half the size of libmpg123. The docoding is done with
integers instead of floats.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Fri, 31 Jan 2020 05:02:11 +0000 (21:02 -0800)]
mpd: fix compilation with uClibc-ng
With mpd's build system, it requires either an iconv built into the libc
or icu. Since uClibc-ng as configured by OpenWrt currently has no iconv,
use icu for it to work around the problem. This is the simplest solution.
Added a patch to use boost's rounding functions. They are more appropriate
and work with uClibc-ng.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Etienne Champetier [Tue, 4 Feb 2020 04:26:26 +0000 (23:26 -0500)]
Merge pull request #11221 from blocktrron/prom-hostapd
prometheus-node-exporter-lua: add hostapd exporter
Rosen Penev [Tue, 4 Feb 2020 01:06:01 +0000 (17:06 -0800)]
Merge pull request #11212 from adde88/master
hcxtools: update to latest version