feed/packages.git
5 months agonfs-kernel-server: do not export /mnt by default
Yangyu Chen [Thu, 20 Jun 2024 07:04:30 +0000 (15:04 +0800)]
nfs-kernel-server: do not export /mnt by default

Currently, the nfs-kernel-server package exports /mnt by default after
it is installed. This is not a good default behavior, as it may expose
sensitive data to the network if a user mounts something on /mnt. This
commit commented out the line that exports /mnt, so the user has to
enable it explicitly.

Signed-off-by: Yangyu Chen <cyy@cyyself.name>
5 months agoopensc: update to version 0.25.1
Daniel Golle [Wed, 5 Jun 2024 01:09:21 +0000 (02:09 +0100)]
opensc: update to version 0.25.1

* New in 0.25.1; 2024-04-05
** General improvements
* Add missing file to dist tarball to build documentation (#3063)

** minidriver
* Fix RSA decryption with PKCS#1 v1.5 padding (#3077)
* Fix crash when app is not set (#3084)

* New in 0.25.0; 2024-03-06
** Security
* [CVE-2023-5992](https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992): Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC (#2948)
* [CVE-2024-1454](https://github.com/OpenSC/OpenSC/wiki/CVE-2024-1454): Potential use-after-free in AuthentIC driver during card enrollment in pkcs15init (#2962)

** General improvements
* Update OpenSSL 1.1.1 to 3.0 in MacOS build (#2930)
* Remove support for old card drivers Akis, GPK, Incrypto34 and Westcos, disable Cyberflex driver (#2885)
* Fix 64b to 32b conversions (#2993)
* Improvements for the p11test (#2991)
* Fix reader initialization without SCardControl (#3007)
* Make RSA PKCS#1 v1.5 depadding constant-time (#2948)
* Add option for disabling PKCS#1 v1.5 depadding (type 01 and 02) on the card (#2975)
* Enable MSI signing via Signpath CI integration for Windows (#2799)
* Fixed various issues reported by OSS-Fuzz and Coverity in drivers, PKCS#11 and PKCS#15 layer

** minidriver
* Fix wrong hash selection (#2932)

** pkcs11-tool
* Simplify printing EC keys parameters (#2960)
* Add option to import GENERIC key (#2955)
* Add support for importing Ed25518/448 keys (#2985)
** drust-tool
* Add tool for D-Trust cards (#3026, #3051)
** IDPrime
* Support uncompressed certificates on IDPrime 940 (#2958)
* Enhance IDPrime logging (#3003)
* Add SafeNet 5110+ FIPS token support (#3048)
** D-Trust Signature Cards
* Add support for RSA D-Trust Signature Card 4.1 and 4.4 (#2943)
** EstEID
* Remove expired EstEID 3.* card support (#2950)
** ePass2003
* Allow SW implementation with more SHA2 hashes and ECDSA (#3012)
* Fix EC key generation (#3045)
** SmartCard-HSM
* Fix SELECT APDU command (#2978)
** MyEID
* Update for PKCS#15 profile (#2965)
** Rutoken
* Support for RSA 4096 key algorithm (#3011)
** OpenPGP

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 months agopcsc-tools: update to version 1.7.1
Daniel Golle [Wed, 5 Jun 2024 01:07:51 +0000 (02:07 +0100)]
pcsc-tools: update to version 1.7.1

Adds a bunch of new ATRs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 months agopcsc-lite: update to version 2.2.3
Daniel Golle [Wed, 5 Jun 2024 01:05:13 +0000 (02:05 +0100)]
pcsc-lite: update to version 2.2.3

Switch to meson build system instead of autotools.

Changes since version 2.0.1:

2.2.3: Ludovic Rousseau
26 May 2024
- meson:
  . Fix build on Slackware 15
  . fail if both libusb and libudev are used
- Fix memory leak on exit
- libpcscspy: dump an output buffer only if the call succeeded
- Some code cleanup

2.2.2: Ludovic Rousseau
20 May 2024
- Serial support is ENABLED by default

2.2.1: Ludovic Rousseau
8 May 2024
- fix meson related issues
- Some code cleanup

2.2.0: Ludovic Rousseau
3 May 2024
- provide files for meson build tool (replaces autoconf/auoomake)
- fix a missing symbol in libpcscspy (bug introduced by the previous version)
- fix shutdown issues with hotplug_libusb
- update pcsc-spy manpage
- update copyright date
- Some other minor improvements

2.1.0: Ludovic Rousseau
12 April 2024
- LIBPCSCLITE_DELEGATE is used to redirect to another libpcsclite library
- setup_spy.sh displays the LIBPCSCLITE_DELEGATE value to use for spying
- provides libfake.c as a sample source code
- Some other minor improvements

2.0.3: Ludovic Rousseau
3 March 2024
- add SCARD_E_UNKNOWN_RES_MNG back

2.0.2: Ludovic Rousseau
3 March 2024
- SCardConnect() & SCardReconnect(): restrict the protocol used
- negotiate PTS also for the backup protocol
- pcscd.8:
  . document --disable-polkit
  . add "CONFIGURATION FILE" section
- Some other minor improvements

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 months agocontainerd: Update to 1.7.18
Milinda Brantini [Sun, 23 Jun 2024 08:09:02 +0000 (16:09 +0800)]
containerd: Update to 1.7.18

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agodocker: Update to 26.1.4
Milinda Brantini [Sun, 23 Jun 2024 08:12:39 +0000 (16:12 +0800)]
docker: Update to 26.1.4

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agokafs-client: introduce package
Nathaniel Wesley Filardo [Sat, 22 Jun 2024 22:56:08 +0000 (23:56 +0100)]
kafs-client: introduce package

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
5 months agokeyutils: package into the right directories
Nathaniel Wesley Filardo [Wed, 19 Jun 2024 23:59:39 +0000 (00:59 +0100)]
keyutils: package into the right directories

The kernel knows about /sbin/request-key *at that path*, and the shipped
configuration file presumes that /sbin/key.dns_resolver and /bin/keyctl are the
correct paths.

Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
5 months agonode: bump to v20.15.0
Hirokazu MORIKAWA [Sun, 23 Jun 2024 06:05:29 +0000 (15:05 +0900)]
node: bump to v20.15.0

Notable Changes
* test_runner: support test plans
* inspector: introduce the --inspect-wait flag
* zlib: expose zlib.crc32()
* cli: allow running wasm in limited vmem with --disable-wasm-trap-handler

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
5 months agonetatalk: update to 3.2.0.
Antonio Pastor [Wed, 29 May 2024 00:24:13 +0000 (20:24 -0400)]
netatalk: update to 3.2.0.

Commit restores package after it was removed from OpenWrt 21.02.
Signed-off-by: Antonio Pastor <apccv@outlook.com>
5 months agomonit: update to 5.34.0
Yaroslav Petrov [Sat, 22 Jun 2024 04:50:14 +0000 (06:50 +0200)]
monit: update to 5.34.0
Compile tested: x86_64, PC Engines APU4, OpenWrt 22.03.5/main
Run tested: x86_64, PC Engines APU4, OpenWrt 22.03.5/main, div. tests

* update from 5.33.0 to 5.34.0 (See changelog: https://mmonit.com/monit/changes/)
* remove upstream (obsolete) patch

Signed-off-by: Yaroslav Petrov <info@lank.me>
5 months agomoreutils: fix depencies for ts
Erwan MAS [Sat, 22 Jun 2024 22:57:04 +0000 (18:57 -0400)]
moreutils: fix depencies for ts

Signed-off-by: Erwan MAS <erwan@mas.nom.fr>
5 months agoboost: Updates package to version 1.85.0
Carlos Miguel Ferreira [Sun, 23 Jun 2024 03:51:53 +0000 (04:51 +0100)]
boost: Updates package to version 1.85.0

This commit updates boost to version 1.85.0

New available libraries:
* *Charconv:* A high quality implementation of <charconv> in C++11,
  from Matt Borland. [2]
* *Scope:* A collection of scope guard utilities and a
  unique_resource wrapper, from Andrey Semashev. [3]

More info about Boost 1.85.0 can be found at the usual place [1].

[1]: https://www.boost.org/users/history/version_1_85_0.html
[2]: https://www.boost.org/libs/charconv/
[3]: https://www.boost.org/libs/scope/

Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
5 months agodocker-compose: Update to version 2.28.0
Javier Marcet [Fri, 21 Jun 2024 16:28:00 +0000 (18:28 +0200)]
docker-compose: Update to version 2.28.0

Release notes:
https://github.com/docker/compose/releases/tag/v2.28.0

Signed-off-by: Javier Marcet <javier@marcet.info>
5 months agodocker-compose: Update to version 2.27.3
Javier Marcet [Fri, 21 Jun 2024 16:27:35 +0000 (18:27 +0200)]
docker-compose: Update to version 2.27.3

Release notes:
https://github.com/docker/compose/releases/tag/v2.27.3

Signed-off-by: Javier Marcet <javier@marcet.info>
5 months agobanip: update 1.0.0-4
Dirk Brenken [Sat, 22 Jun 2024 08:12:59 +0000 (10:12 +0200)]
banip: update 1.0.0-4

* relax the firewall pre-check if fw4 is not running
* replace former stale tor feed source with 'https://www.dan.me.uk/torlist/?exit'
* add openvpn log term/search pattern example to the readme
* the default config now includes only log terms for dropbear and LuCI, all others are optional
* readme update

Signed-off-by: Dirk Brenken <dev@brenken.org>
5 months agofreeradius3: update version 3.2.4
Esaaprilia Salsabila [Wed, 19 Jun 2024 04:54:51 +0000 (12:54 +0800)]
freeradius3: update version 3.2.4

https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_2_4

don't make the DH file. It's not needed for OpenSSL >=1.1.0
FreeRADIUS/freeradius-server@afbf93b

update freeradius version 3.2.4

added freeradius3 package module

Signed-off-by: Esaaprilia Salsabila <esaapriliasalsabila@gmail.com>
5 months agoopenvpn: update to 2.6.11
Ivan Pavlov [Fri, 21 Jun 2024 05:10:44 +0000 (08:10 +0300)]
openvpn: update to 2.6.11

This is a bugfix release containing several security fixes.

Security fixes
--------------
 - CVE-2024-4877: Windows: harden interactive service pipe.
   Security scope: a malicious process with "some" elevated privileges
   could open the pipe a second time, tricking openvn GUI
   into providing user credentials (tokens),  getting full access
   to the account openvpn-gui.exe runs as.

 - CVE-2024-5594: control channel: refuse control channel messages
   with nonprintable characters in them.
   Security scope: a malicious openvpn peer can send garbage to openvpn log,
   or cause high CPU load.

 - CVE-2024-28882: only call schedule_exit() once (on a given peer).
   Security scope: an authenticated client can make the server "keep the session"
   even when the server has been told to disconnect this client

Bug fixes
---------
 - fix connect timeout when using SOCKS proxies

 - work around LibreSSL crashing on OpenBSD 7.5 when enumerating ciphers

 - Add bracket in fingerprint message and do not warn about missing verification

For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.11/Changes.rst

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
5 months agodnsdist: add config options for --uid and --gid
Sebastian Hamann [Sun, 31 Mar 2024 18:49:22 +0000 (20:49 +0200)]
dnsdist: add config options for --uid and --gid

These options allow running dnsdist as a non-root user.

Signed-off-by: Sebastian Hamann <code@ares-macrotechnology.com>
5 months agodocker-compose: Update to version 2.27.2
Javier Marcet [Thu, 20 Jun 2024 23:10:42 +0000 (01:10 +0200)]
docker-compose: Update to version 2.27.2

Release notes:
https://github.com/docker/compose/releases/tag/v2.27.2

Signed-off-by: Javier Marcet <javier@marcet.info>
5 months agoxray-core: update to 1.8.16
Milinda Brantini [Fri, 21 Jun 2024 03:23:51 +0000 (11:23 +0800)]
xray-core: update to 1.8.16

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agonatmap: reset PKG_RELEASE to 1
Milinda Brantini [Thu, 20 Jun 2024 07:44:41 +0000 (15:44 +0800)]
natmap: reset PKG_RELEASE to 1

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agoqbee-agent: new package qbee-agent 2024.23
Jon Henrik Bjørnstad [Mon, 17 Jun 2024 11:13:43 +0000 (13:13 +0200)]
qbee-agent: new package qbee-agent 2024.23

Signed-off-by: Jon Henrik Bjørnstad <jonhenrik@qbee.io>
5 months agoyt-dlp: Update to 2024.5.27
Ryan Keane [Tue, 18 Jun 2024 12:47:38 +0000 (08:47 -0400)]
yt-dlp: Update to 2024.5.27

Set PYPI_SOURCE_NAME for downloading.
Add python-hatchling as host build dependencies.

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
5 months agoaardvark-dns: update to 1.11.0
Milinda Brantini [Tue, 18 Jun 2024 06:29:32 +0000 (14:29 +0800)]
aardvark-dns: update to 1.11.0

changelogs:
https://github.com/containers/aardvark-dns/compare/v1.10.0...v1.11.0

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agotailscale: Update to 1.68.1
Zephyr Lykos [Thu, 20 Jun 2024 16:48:52 +0000 (00:48 +0800)]
tailscale: Update to 1.68.1

Signed-off-by: Zephyr Lykos <git@mochaa.ws>
5 months agodnsdist: update to 1.9.5
Peter van Dijk [Thu, 20 Jun 2024 08:38:12 +0000 (10:38 +0200)]
dnsdist: update to 1.9.5

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
5 months agoperl: update version 5.40.0
Esaaprilia Salsabila [Mon, 17 Jun 2024 23:43:33 +0000 (07:43 +0800)]
perl: update version 5.40.0

https://metacpan.org/release/HAARG/perl-5.40.0

remove bytes_heavy.pl
Perl/perl5#22047

perl update version 5.40.0

Signed-off-by: Esaaprilia Salsabila <esaapriliasalsabila@gmail.com>
5 months agodelve: Remove maintainership
Niels Widger [Thu, 20 Jun 2024 13:41:42 +0000 (09:41 -0400)]
delve: Remove maintainership

Signed-off-by: Niels Widger <niels.widger@gmail.com>
Signed-off-by: Niels Widger <niels@qacafe.com>
5 months agodelve: update to 1.22.1
Aleksey Kolosov [Tue, 18 Jun 2024 11:11:00 +0000 (14:11 +0300)]
delve: update to 1.22.1

Signed-off-by: Aleksey Kolosov <softovick@gmail.com>
5 months agoMerge pull request #24414 from Ra2-IFV/curl
Tianling Shen [Thu, 20 Jun 2024 10:42:58 +0000 (18:42 +0800)]
Merge pull request #24414 from Ra2-IFV/curl

curl: upstream backports for mbedtls

5 months agocurl: upstream backports for mbedtls 24414/head
Ryan Keane [Wed, 19 Jun 2024 11:09:47 +0000 (07:09 -0400)]
curl: upstream backports for mbedtls

tlsv1.3 support is broken in curl 8.8.0 with mbedtls 3.6.0.
See curl/curl#13653 and Mbed-TLS/mbedtls#9210 for more details.
A workaround was implemented in upsteam code, see curl/curl@0c4b4c1 and curl/curl@5f9017d
This commit includes patches generated from upstream commits.

fix #24365 #24386

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
5 months agocloudflared: Add more run parameters in UCI
Ryan Keane [Wed, 19 Jun 2024 10:25:28 +0000 (06:25 -0400)]
cloudflared: Add more run parameters in UCI

https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-run-parameters/

Close #24122

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
5 months agov2raya: update to 2.2.5.5
Milinda Brantini [Wed, 19 Jun 2024 16:05:51 +0000 (16:05 +0000)]
v2raya: update to 2.2.5.5

Fix: docker dev environment build.
Remove is-text in button style.
Add tun mode with sing-tun.
Publish docker images on Github Container Registry.
Ci: add separated singtun workflow.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agoyggdrasil: bump to 0.5.6
William Fleurant [Tue, 18 Jun 2024 18:30:11 +0000 (20:30 +0200)]
yggdrasil: bump to 0.5.6

Signed-off-by: William Fleurant <meshnet@protonmail.com>
5 months agoyggdrasil-jumper: bump to 0.3.1
Remy D. Farley [Wed, 19 Jun 2024 09:27:19 +0000 (09:27 +0000)]
yggdrasil-jumper: bump to 0.3.1

Signed-off-by: Remy D. Farley <one-d-wide@protonmail.com>
5 months agongtcp2: Update to 1.6.0
Ryan Keane [Tue, 18 Jun 2024 12:50:28 +0000 (08:50 -0400)]
ngtcp2: Update to 1.6.0

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
5 months agonghttp3: Update to 1.4.0
Ryan Keane [Tue, 18 Jun 2024 12:49:53 +0000 (08:49 -0400)]
nghttp3: Update to 1.4.0

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
5 months agocloudflared: Update to 2024.6.1
Milinda Brantini [Tue, 18 Jun 2024 15:07:55 +0000 (23:07 +0800)]
cloudflared: Update to 2024.6.1

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agodnslookup: Update to 1.11.0
Milinda Brantini [Tue, 18 Jun 2024 15:04:35 +0000 (23:04 +0800)]
dnslookup: Update to 1.11.0

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agofrr: link zlib in host build
Michael Pratt [Tue, 18 Jun 2024 02:17:06 +0000 (22:17 -0400)]
frr: link zlib in host build

Due to changes in elfutils in order to
simplify the build for static libraries only,
the zlib functions that libelf depends on
are no longer linked within the static libelf library.

If frr were to use pkg-config, no change would be necessary,
however, the AC_CHECK_LIB macro is used, so add the link manually.

Signed-off-by: Michael Pratt <mcpratt@pm.me>
5 months agobanip: update 1.0.0-3
Dirk Brenken [Tue, 18 Jun 2024 15:03:23 +0000 (17:03 +0200)]
banip: update 1.0.0-3

* fixed a regression in the split Set function (reported in the forum)
* fixed regex for urlhaus feed

Signed-off-by: Dirk Brenken <dev@brenken.org>
5 months agoxray-core: update to 1.8.15
Milinda Brantini [Tue, 18 Jun 2024 06:13:43 +0000 (14:13 +0800)]
xray-core: update to 1.8.15

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agoknxd: bump to new release 0.14.62
Othmar Truniger [Mon, 17 Jun 2024 17:30:56 +0000 (19:30 +0200)]
knxd: bump to new release 0.14.62

Signed-off-by: Othmar Truniger <github@truniger.ch>
5 months agoknot: update to version 3.3.6
Jan Hák [Mon, 17 Jun 2024 11:34:41 +0000 (13:34 +0200)]
knot: update to version 3.3.6

Signed-off-by: Jan Hák <jan.hak@nic.cz>
5 months agonginx: bump to 1.26.1 release
Christian Marangi [Mon, 17 Jun 2024 13:19:20 +0000 (15:19 +0200)]
nginx: bump to 1.26.1 release

Bump nginx to 1.26.1 release.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
5 months agouwsgi: bump to latest 2.0.26 release
Christian Marangi [Mon, 17 Jun 2024 13:14:39 +0000 (15:14 +0200)]
uwsgi: bump to latest 2.0.26 release

Bump to latest 2.0.26 release

apache2/mod_proxy_uwsgi: let httpd handle CL/TE for non-http handlers CVE-2024-24795 (Eric Covener)
remove race-condition over termination of uWSGI process when using need-app and lazy-apps (Hanan .T)
fix 32-bit compilation with GCC14 (Rosen Penev)
uwsgiconfig: get compiler version with -dumpfullversion (Riccardo Magliocchetti)
Fix uwsgi_regexp_match() with pcre2 (Alexandre Rossi)

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
5 months agolibcbor: fix license info in Makefile
Rahul Thakur [Fri, 14 Jun 2024 12:28:50 +0000 (17:58 +0530)]
libcbor: fix license info in Makefile

libcbor is licensed under the MIT license as per:
https://github.com/PJK/libcbor/tree/master#license

Update package Makefile to reflect the same

Signed-off-by: Rahul Thakur <rahul.thakur@iopsys.eu>
5 months agotgt: update to 1.0.92
Maxim Storchak [Sat, 15 Jun 2024 12:52:35 +0000 (15:52 +0300)]
tgt: update to 1.0.92

refresh patches and build flags according to the upstream changes

Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
5 months agolibfido2: fix license info in Makefile
Rahul Thakur [Fri, 14 Jun 2024 12:18:54 +0000 (17:48 +0530)]
libfido2: fix license info in Makefile

libfido2 is licensed under the BSD 2-clause license as per:
https://github.com/Yubico/libfido2/

Update package Makefile to correctly reflect this.

Signed-off-by: Rahul Thakur <rahul.thakur@iopsys.eu>
5 months agotailscale: Update to 1.68.0
Milinda Brantini [Thu, 13 Jun 2024 06:30:46 +0000 (14:30 +0800)]
tailscale: Update to 1.68.0

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agoruby: update to 3.3.3
Luiz Angelo Daros de Luca [Mon, 3 Jun 2024 04:13:14 +0000 (01:13 -0300)]
ruby: update to 3.3.3

Ruby 3.3 adds a new parser named Prism, uses Lrama as a parser
generator, adds a new pure-Ruby JIT compiler named RJIT, and many
performance improvements especially YJIT.

See: https://www.ruby-lang.org/en/news/2023/12/25/ruby-3-3-0-released/

The 3.3.1 release includes security fixes.

- CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search
- CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc
- CVE-2024-27280: Buffer overread vulnerability in StringIO

See: https://www.ruby-lang.org/en/news/2024/04/23/ruby-3-3-1-released/

The 3.3.2 release includes many bug-fixes.

See: https://www.ruby-lang.org/en/news/2024/05/30/ruby-3-3-2-released/

Packaging changes since 3.2.2:
- New packages: ruby-prism and ruby-rjit
- Added /usr/bin/rdbg to ruby-debug
- Added /usr/bin/syntax_suggest to ruby-syntax_suggest

The 3.3.3 release includes:

- RubyGems 3.5.11
- Bundler 2.5.11
- REXML 3.2.8
- strscan 3.0.9
- --dump=prism_parsetree is replaced by --parser=prism --dump=parsetree
- Invalid encoding symbols raise SyntaxError instead of EncodingError
- Memory leak fix in Ripper parsing
- Bugfixes for YJIT, **{}, Ripper.tokenize,
- RubyVM::InstructionSequence#to_binary, --with-gmp, and some build
  environments

See: https://www.ruby-lang.org/en/news/2024/06/12/ruby-3-3-3-released/

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
5 months agohaproxy: update to v3.0.2
Christian Lachner [Sun, 16 Jun 2024 16:08:14 +0000 (18:08 +0200)]
haproxy: update to v3.0.2

- Update haproxy PKG_VERSION and PKG_HASH
- See changes: http://git.haproxy.org/?p=haproxy-3.0.git;a=shortlog

Signed-off-by: Christian Lachner <gladiac@gmail.com>
5 months agounbound: Update to 1.20.0
Ryan Keane [Sun, 16 Jun 2024 00:45:29 +0000 (20:45 -0400)]
unbound: Update to 1.20.0

Updated 010-configure-uname.patch as source changed.
Removed 100-example-conf-in.patch as not needed any more.

Release message:

This release has a fix for the DNSBomb issue CVE-2024-33655. This has a
low severity for Unbound, since it makes Unbound complicit in targeting
others, but does not affect Unbound so much.

To mitigate the issue new configuration options are introduced.
The options discard-timeout: 1900, wait-limit: 1000
and wait-limit-cookie: 10000 are enabled by default. They limit the
number of outstanding queries that a querier can have. This limits
the reply pulse, and make Unbound less favorable for the issue.
With the config wait-limit-netblock and wait-limit-cookie-netblock
the parameters can be fine tuned for specific destinations.
More information on the attack and Unbound's mitigations are
presented further down.

Other fixes in this release are that Unbound no longer follows symlinks
when truncating the pidfile. Unbound also does not chown the pidfile,
this is for safety reasons. There are also a number of fixes for RPZ, in
handling CNAMEs. There is a memory leak fix for the edns client subnet
cache. For DNSSEC validation a case is fixed when the query is of type
DNAME. The unbound-anchor program is fixed to first write to a temporary
file, before replacing the original. This handles disk full situations,
and because of it unbound-anchor needs permission to create that file,
in the same directory as the original file. There is also a fix for
IP_DONTFRAG, to disable fragmentation instead of the opposite.

The option cache-min-negative-ttl can be used to set the minimum TTL
for negative responses in the cache. It complements existing options to
set the maximum ttl for negative responses and to set the minimum and
maximum ttl but not specifically for negative responses.

The option cachedb-check-when-serve-expired option makes Unbound use
cachedb to check for expired responses, when serve-expired is enabled,
and cachedb is used. It is enabled by default.

The -q option for unbound-checkconf can be added to silence it when
there are no errors.

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
5 months agopowertop: update to 2.15
Milinda Brantini [Wed, 12 Jun 2024 06:38:03 +0000 (14:38 +0800)]
powertop: update to 2.15

Release mainly focuses on bug fixes and patching compatibility issues.
Also, adds support to multiple platforms.
Removed obsolete patch as upstream has fixed.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agohplip: update to 3.23.12
Luiz Angelo Daros de Luca [Sun, 16 Jun 2024 04:51:58 +0000 (01:51 -0300)]
hplip: update to 3.23.12

See: https://developers.hp.com/hp-linux-imaging-and-printing/release_notes

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
5 months agolibvpx: update to 1.14.1
Luiz Angelo Daros de Luca [Sun, 16 Jun 2024 04:40:28 +0000 (01:40 -0300)]
libvpx: update to 1.14.1

This release includes enhancements and bug fixes.
This release is ABI compatible with the previous release.

See: https://github.com/webmproject/libvpx/releases/tag/v1.14.1

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
5 months agosquid: update to 6.10
Aleksey Vasilenko [Sat, 15 Jun 2024 10:15:04 +0000 (13:15 +0300)]
squid: update to 6.10

Remove one patch - instead of messing with BUILDCXXFLAGS there we
properly define it via CONFIGURE_ARGS inside Makefile of the package.

Refresh remaining patch.

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
5 months agobanip: update 1.0.0-2
Dirk Brenken [Sun, 16 Jun 2024 19:50:40 +0000 (21:50 +0200)]
banip: update 1.0.0-2

* fixed a possible "Argument list too long" error in the f_log function
* fixed multiple, incomplete digit character classes
* fixed/optimized split file handling
* cosmetics

Signed-off-by: Dirk Brenken <dev@brenken.org>
5 months agosqm-scripts-extra: remove the ancient package
Hannu Nyman [Sun, 16 Jun 2024 14:03:24 +0000 (17:03 +0300)]
sqm-scripts-extra: remove the ancient package

Remove the ancient package with experimental cake options,
from time when cake was not yet officially here.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
5 months agoprometheus-node-exporter-lua: Add optional mwan3 collector
Ryan Doyle [Mon, 20 Feb 2023 08:46:15 +0000 (19:46 +1100)]
prometheus-node-exporter-lua: Add optional mwan3 collector

Supports interface metrics exposed by mwan3. The performance is a
little slow compared to other collectors (~300ms) as the ubus call is
where most of the time is spent. Any future speedups are likely better
put into mwan3's rpcd binary.

Signed-off-by: Ryan Doyle <ryan@doylenet.net>
[rename metrics,bump version]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 months agoprometheus-node-exporter-lua: Add "node_textfile_mtime_seconds" metric
Rob Hoelz [Fri, 2 Dec 2022 15:25:17 +0000 (09:25 -0600)]
prometheus-node-exporter-lua: Add "node_textfile_mtime_seconds" metric

…for textfile collector, to make it more consistent with the upstream
Prometheus node-exporter

Signed-off-by: Rob Hoelz <rob@hoelz.ro>
[bump version]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 months agohaproxy: update to v3.0.1 20022/head
Christian Lachner [Wed, 12 Jun 2024 06:04:40 +0000 (08:04 +0200)]
haproxy: update to v3.0.1

- Update haproxy PKG_VERSION and PKG_HASH
- See changes: http://git.haproxy.org/?p=haproxy-3.0.git;a=shortlog

Signed-off-by: Christian Lachner <gladiac@gmail.com>
5 months agocroc: update to 10.0.8
Jonas Jelonek [Thu, 13 Jun 2024 12:28:33 +0000 (14:28 +0200)]
croc: update to 10.0.8

release notes:
10.0.6: https://github.com/schollz/croc/releases/tag/v10.0.6
10.0.7: https://github.com/schollz/croc/releases/tag/v10.0.7
10.0.8: https://github.com/schollz/croc/releases/tag/v10.0.8

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
5 months agoeza: update to 0.18.18
Jonas Jelonek [Thu, 13 Jun 2024 11:41:01 +0000 (13:41 +0200)]
eza: update to 0.18.18

release notes:
0.18.16: https://github.com/eza-community/eza/releases/tag/v0.18.16
0.18.17: https://github.com/eza-community/eza/releases/tag/v0.18.17
0.18.18: https://github.com/eza-community/eza/releases/tag/v0.18.18

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
5 months agolua-eco: update to 3.5.2
Jianhui Zhao [Wed, 12 Jun 2024 06:44:03 +0000 (14:44 +0800)]
lua-eco: update to 3.5.2

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
5 months agoprometheus-node-exporter-lua: remove duplicated nat samples
Antoine C [Wed, 5 Jun 2024 18:34:33 +0000 (19:34 +0100)]
prometheus-node-exporter-lua: remove duplicated nat samples

Merge duplicate src/dest samples by suming their value (bytes count)

Fixes #24166

Signed-off-by: Antoine C <hi@acolombier.dev>
[bump version number]
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 months agoapfree-wifidog: update to 7.06.2008
Dengfeng Liu [Thu, 13 Jun 2024 07:59:50 +0000 (15:59 +0800)]
apfree-wifidog: update to 7.06.2008

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
5 months agoapfree-wifidog: support rule group and websocket&dns proxy flag
Dengfeng Liu [Thu, 13 Jun 2024 07:57:58 +0000 (15:57 +0800)]
apfree-wifidog: support rule group and websocket&dns proxy flag

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
5 months agobtrfs-progs: update to 6.9
Ryan Keane [Tue, 11 Jun 2024 23:39:18 +0000 (19:39 -0400)]
btrfs-progs: update to 6.9

GCC14 is now supported in this release.
Release notes: https://github.com/kdave/btrfs-progs/releases/tag/v6.9

Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
5 months agoMerge pull request #24370 from osedlbauer/pr/20240611-modemmanager-force-connection
Florian Eckert [Wed, 12 Jun 2024 06:31:52 +0000 (08:31 +0200)]
Merge pull request #24370 from osedlbauer/pr/20240611-modemmanager-force-connection

modemmanager: improve reconnect handling

5 months agoMerge pull request #24367 from mhei/php8-update-to-8.3.8-with-libgd-fixup
Michael Heimpold [Wed, 12 Jun 2024 05:35:51 +0000 (07:35 +0200)]
Merge pull request #24367 from mhei/php8-update-to-8.3.8-with-libgd-fixup

php8: workaround libgd capability detection (refs #23846)

5 months agotor: update to 0.4.8.12 stable
Rui Salvaterra [Fri, 7 Jun 2024 11:47:17 +0000 (12:47 +0100)]
tor: update to 0.4.8.12 stable

Minor release, see the changelog [1] for what's new.

[1] https://gitlab.torproject.org/tpo/core/tor/-/blob/tor-0.4.8.12/ChangeLog

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
5 months agomodemmanager: remove status message from errors 24370/head
Oliver Sedlbauer [Tue, 11 Jun 2024 14:00:17 +0000 (16:00 +0200)]
modemmanager: remove status message from errors

The message 'MM_CONNECT_IN_PROGRESS' is a status message, not an error
message. To avoid confusion, the message has been removed.

Signed-off-by: Oliver Sedlbauer <osedlbauer@tdt.de>
5 months agomodemmanager: add option to force connection
Oliver Sedlbauer [Tue, 11 Jun 2024 13:48:51 +0000 (15:48 +0200)]
modemmanager: add option to force connection

This commit improves the automatic reconnect logic. If the modem cannot
establish a connection, for example due to poor reception, the
proto_block_restart prevents the interface from trying to reconnect.
To enforce the connection, this commit adds a new option that allows the
system to attempt to establish a connection indefinitely.

Signed-off-by: Oliver Sedlbauer <osedlbauer@tdt.de>
5 months agoadguardhome: Update to 0.107.51
Milinda Brantini [Fri, 7 Jun 2024 07:22:22 +0000 (15:22 +0800)]
adguardhome: Update to 0.107.51

View the release notes for more information:
https://github.com/AdguardTeam/AdGuardHome/releases/tag/v0.107.51

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agocollectd: fix compilation with GCC14
Rosen Penev [Mon, 10 Jun 2024 02:16:34 +0000 (19:16 -0700)]
collectd: fix compilation with GCC14

Upstream backport.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agosoftethervpn5: update to 5.02.5184
Rosen Penev [Sun, 9 Jun 2024 23:13:52 +0000 (16:13 -0700)]
softethervpn5: update to 5.02.5184

Fixes compilation with GCC14.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agolzmq: fix compilation with GCC14
Rosen Penev [Mon, 10 Jun 2024 01:31:28 +0000 (18:31 -0700)]
lzmq: fix compilation with GCC14

Missing header.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agofio: update to 3.37
Rosen Penev [Sun, 9 Jun 2024 03:16:36 +0000 (20:16 -0700)]
fio: update to 3.37

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agoifstat: fix compilation with GCC14
Rosen Penev [Mon, 10 Jun 2024 01:25:28 +0000 (18:25 -0700)]
ifstat: fix compilation with GCC14

Need explicit int.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agosnowflake: update to 2.9.2
Nick Hainke [Fri, 31 May 2024 06:20:51 +0000 (08:20 +0200)]
snowflake: update to 2.9.2

ChangeLog:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/blob/main/ChangeLog

Signed-off-by: Nick Hainke <vincent@systemli.org>
5 months agoMerge pull request #24339 from mhei/php8-update-to-8.3.8
Michael Heimpold [Mon, 10 Jun 2024 04:51:59 +0000 (06:51 +0200)]
Merge pull request #24339 from mhei/php8-update-to-8.3.8

php8: update to 8.3.8

5 months agolibdaq3: update to 3.0.15
John Audia [Thu, 6 Jun 2024 18:36:25 +0000 (14:36 -0400)]
libdaq3: update to 3.0.15

Update to latest version.

Changelog: https://github.com/snort3/libdaq/releases/tag/v3.0.15

   ,,_     -*> Snort++ <*-
  o"  )~   Version 3.1.84.0
   ''''    By Martin Roesch & The Snort Team
           http://snort.org/contact#team
           Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved.
           Copyright (C) 1998-2013 Sourcefire, Inc., et al.
           Using DAQ version 3.0.15
           Using LuaJIT version 2.1.0-beta3
           Using OpenSSL 3.0.13 30 Jan 2024
           Using libpcap version 1.10.4 (with TPACKET_V3)
           Using PCRE version 10.42 2022-12-11
           Using ZLIB version 1.3.1
           Using Hyperscan version 5.4.2 2024-05-26
           Using LZMA version 5.4.6

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
5 months agognuplot: update to 6.0.1
Aleksey Vasilenko [Sun, 9 Jun 2024 08:46:16 +0000 (11:46 +0300)]
gnuplot: update to 6.0.1

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
5 months agologrotate: update to 3.22.0
Aleksey Vasilenko [Sun, 9 Jun 2024 08:50:45 +0000 (11:50 +0300)]
logrotate: update to 3.22.0

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
5 months agosing-box: update to 1.9.3
Milinda Brantini [Sun, 9 Jun 2024 16:50:11 +0000 (00:50 +0800)]
sing-box: update to 1.9.3

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agogolang: Update to 1.22.4
Milinda Brantini [Sun, 9 Jun 2024 13:22:45 +0000 (21:22 +0800)]
golang: Update to 1.22.4

go1.22.4 (released 2024-06-04) includes
security fixes to the archive/zip and net/netip packages,
as well as bug fixes to the compiler,
the go command, the linker,
the runtime, and the os package.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agonvme-cli: update to 2.9.1
Aleksey Vasilenko [Sun, 9 Jun 2024 09:12:33 +0000 (12:12 +0300)]
nvme-cli: update to 2.9.1

- Add patch to compile on musl

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
5 months agolibnvme: update to 1.9
Aleksey Vasilenko [Sun, 9 Jun 2024 09:10:25 +0000 (12:10 +0300)]
libnvme: update to 1.9

- Don't set default Meson option

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
5 months agoMerge pull request #24314 from commodo/python-updates1
Alexandru Ardelean [Sun, 9 Jun 2024 09:50:19 +0000 (12:50 +0300)]
Merge pull request #24314 from commodo/python-updates1

django,python-{requests,evdev,lxml}: bump versions

5 months agoerlang: fix mis-detection of transparent hugepages
Aleksey Vasilenko [Fri, 7 Jun 2024 07:48:51 +0000 (10:48 +0300)]
erlang: fix mis-detection of transparent hugepages

Latest Erlang update incorrectly detects THP as always enabled,
which leads to segmentation fault on systems without transparent hugepages.
Here we manually override configure flag by checking actual option of target kernel.

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
5 months agoperl: fix compilation with GCC14
Rosen Penev [Sun, 9 Jun 2024 00:00:32 +0000 (17:00 -0700)]
perl: fix compilation with GCC14

Need the header for fegetround.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agosing-box: update to 1.9.2
Milinda Brantini [Sun, 9 Jun 2024 00:24:06 +0000 (08:24 +0800)]
sing-box: update to 1.9.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
5 months agogit: update to 2.45.2
Aleksey Vasilenko [Sun, 9 Jun 2024 00:16:52 +0000 (03:16 +0300)]
git: update to 2.45.2

- Replace one patch with configure vars override
- Refresh other patches

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
5 months agolibtirpc: update to 1.3.4
Rosen Penev [Wed, 24 Apr 2024 22:37:47 +0000 (15:37 -0700)]
libtirpc: update to 1.3.4

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agozsh: fix compilation with GCC14
Rosen Penev [Sat, 8 Jun 2024 23:38:04 +0000 (16:38 -0700)]
zsh: fix compilation with GCC14

Upstream backport and local patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 months agostress-ng: bump to version 0.17.08
Alexandru Ardelean [Mon, 3 Jun 2024 06:35:21 +0000 (09:35 +0300)]
stress-ng: bump to version 0.17.08

Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
5 months agoutils/findutils: update to 4.10.0
Bernhard Voelker [Sat, 1 Jun 2024 22:48:44 +0000 (00:48 +0200)]
utils/findutils: update to 4.10.0

* utils/findutils/Makefile (PKG_VERSION): Update to latest.
(PKG_HASH): Update.

Signed-off-by: Bernhard Voelker <mail@bernhard-voelker.de>
5 months agoiperf3: fix usage with big endian
Rosen Penev [Sat, 8 Jun 2024 22:40:19 +0000 (15:40 -0700)]
iperf3: fix usage with big endian

Upstream submissions.

Signed-off-by: Rosen Penev <rosenp@gmail.com>