Alexandru Ardelean [Tue, 25 Jun 2019 06:39:54 +0000 (09:39 +0300)]
django-appconf: update packaging format + add python3 variant
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit
3392fbc6fcfee2b2ee4aa661261fee7e27ce8100)
Alexandru Ardelean [Tue, 4 Jun 2019 11:29:00 +0000 (14:29 +0300)]
seafile-seahub: whitespace update
Just un-indent the package definition a bit.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit
0b29c86969fbac23a3d6b7d0fa41c6949fa560e1)
Alexandru Ardelean [Thu, 14 Mar 2019 09:12:30 +0000 (11:12 +0200)]
django-constance: convert to python pkg format + add python3 variant
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit
1b2936a2d0dc469f1c9e42bf694cc5d4c6bb974d)
Alexandru Ardelean [Mon, 3 Jun 2019 12:25:39 +0000 (15:25 +0300)]
django: convert to python pkg format + add python3 variant
This also updates all dependencies to use the new `python-django` package.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit
f026dba26ee31877d5170b9cbfc68d0eddcdb305)
Alexandru Ardelean [Mon, 3 Jun 2019 12:17:23 +0000 (15:17 +0300)]
seafile-seahub: de-couple build a bit more
seafile-seahub's build is a mess.
It hijacks some OpenWrt mk files into the build.
This can be avoided by provided some of the required parameters via
env-vars and patching the env-vars into the build.
Which is what this patch does.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit
cf9975544476fc268432fcb24b07707b4f5ba39a)
Alexandru Ardelean [Mon, 3 Jun 2019 10:58:39 +0000 (13:58 +0300)]
seafile-seahub: move all prefix-ed python packages to var
The change is mostly organizational.
More packages will be moved to have python- or python3- prefixes.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit
1c5f5b61d3c8515177c6a81be2806a0afd848fe4)
Sven Roederer [Mon, 10 Jun 2019 13:18:26 +0000 (15:18 +0200)]
collectd: build RouterOS modules
This allows collectd to get data of Mikrotik devices in a improved way than via SNMP.
closes #10327
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
cherry-pick does not apply cleanly changed PKG_RELEASE number.
(cherry picked from commit
4261f45734d13eb0f2b552b84cf2fac6d7875a6e)
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Alexandru Ardelean [Wed, 9 Oct 2019 08:53:46 +0000 (11:53 +0300)]
python-pillow: bump to version 6.2.0
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Josef Schlehofer [Mon, 4 Mar 2019 11:54:30 +0000 (12:54 +0100)]
pillow: add Python3 variant and update to 6.1.0
- Add @commodo as maintainer
Co-Authored-By: Jeffery To <jeffery.to@gmail.com>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Mon, 14 Oct 2019 21:41:56 +0000 (14:41 -0700)]
klish: Remove unused libstdcpp dependency
This is not a C++ project.
Added PKG_BUILD_PARALLEL for faster compilation.
Cleaned up Makefile to modern standards.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
b2885143080b0da5709fcbc18cb07ed962515d34)
Josef Schlehofer [Wed, 16 Oct 2019 13:15:09 +0000 (15:15 +0200)]
youtube-dl: Update to version 2019.10.16
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
07d5595)
Sven Roederer [Mon, 10 Jun 2019 13:13:43 +0000 (15:13 +0200)]
librouteros: add package
librouteros is a library to communicate with RouterOS, the operating system of MikroTik's
RouterBoards. It uses the API port provided by those systems to connect and talk to the
devices.
API connections must be explicitly enabled. To do so, issue the following command:
> /ip service enable api
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
(cherry-picked from commit
abaca50b5775bfe18104580598877312ee8876d3)
Hannu Nyman [Mon, 21 Oct 2019 18:53:43 +0000 (21:53 +0300)]
Merge pull request #10323 from jefferyto/python-2.7.17-openwrt-19.07
[openwrt-19.07] python: Update to 2.7.17, refresh patches
Rosen Penev [Mon, 21 Oct 2019 16:12:14 +0000 (09:12 -0700)]
Merge pull request #10311 from stangri/19.07-vpnbypass
[19.07] vpnbypass: bugfix: PROCD command not found on stop
Jeffery To [Mon, 21 Oct 2019 15:30:53 +0000 (23:30 +0800)]
python: Update to 2.7.17, refresh patches
Patches already merged and so removed:
* 011-fix-ssl-build-use-have-npn.patch
* 019-bpo-36216-Add-check-for-characters-in-netloc-that-normalize-to-separators-GH-12216.patch
* 020-bpo-36216-Only-print-test-messages-when-verbose-GH-12291.patch
* 021-2.7-bpo-35121-prefix-dot-in-domain-for-proper-subdom.patch
* 022-bpo-30458-Disallow-control-chars-in-http-URLs-GH-13315.patch
* 023-bpo-35907-Avoid-file-reading-as-disallowing-the-unnecessary-URL-scheme-in-urllib-GH-11842.patch
* 027-bpo-38243-Escape-the-server-title-of-DocXMLRPCServer.patch
* 028-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
Patches no longer necessary and so removed:
* 017_lib2to3_fix_pyc_search.patch
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
83b300aa83f3cf663747998f4500a8592acf9959)
Josef Schlehofer [Sat, 19 Oct 2019 17:59:59 +0000 (19:59 +0200)]
python3: Update to version 3.7.5
setuptools: Updated to version 41.2.0
pip: Updated to version 19.2.3
Removed patches:
- 017: code was refactored
- 02{5,6,7,8}: those patches were backported from upstream and they are
included in 3.7.5
Refreshed patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Jeffery To [Sun, 20 Oct 2019 21:44:55 +0000 (05:44 +0800)]
python-ipaddress: Update to 1.0.23
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
21858952976aad8ad92cbe76351c5535c39a3f2f)
Jeffery To [Sun, 20 Oct 2019 21:06:35 +0000 (05:06 +0800)]
python-automat: Update to 0.8.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
57b4938babc41aa6e80709e4ba29bc6bec6a9472)
Jeffery To [Sun, 20 Oct 2019 20:43:23 +0000 (04:43 +0800)]
python-attrs: Update to 19.3.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
8c3f7dcc36a7b8af2069bbbd67cb745ac4b21dec)
Jeffery To [Sun, 20 Oct 2019 21:32:59 +0000 (05:32 +0800)]
python-cryptography: Update to 2.8
With this update, the package no longer depends on python-asn1crypto[1].
[1]: https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst#28---2019-10-16
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
23f308123c39236c6ceeaa7ffa8ecf18fda29e4d)
Jeffery To [Sun, 20 Oct 2019 21:19:23 +0000 (05:19 +0800)]
python-cffi: Update to 1.13.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
141ead6bd7f2a7860b24b08897aabf542a25e389)
Stan Grishin [Mon, 21 Oct 2019 04:25:48 +0000 (21:25 -0700)]
vpnbypass: bugfix: PROCD command not found on stop
Signed-off-by: Stan Grishin <stangri@melmac.net>
Josef Schlehofer [Sat, 19 Oct 2019 23:58:02 +0000 (01:58 +0200)]
git: Update to version 2.23.0
Refresh patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
d8d736711d02bb9a9fabc2fcbf8a8424e8e6936a)
Josef Schlehofer [Sat, 19 Oct 2019 20:33:53 +0000 (22:33 +0200)]
dnscrypt-proxy2: Update to version 2.0.28
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
4370331d799945feec02bbfe5abd319522460191)
Josef Schlehofer [Sat, 19 Oct 2019 17:09:48 +0000 (19:09 +0200)]
netdata: Update to version 1.18.1
Enable PKG_BUILD_PARALLEL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
603ead3ad80a0cf02db7ffdf62b0cf604134f3fc)
Josef Schlehofer [Sat, 19 Oct 2019 20:53:14 +0000 (22:53 +0200)]
golang: Update to version 1.13.3
Fixes CVE-2019-17596
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
10d55f6)
Dirk Brenken [Fri, 18 Oct 2019 10:37:37 +0000 (12:37 +0200)]
travelmate: update 1.5.0
* add WPA3 support
* fix service status message
* refine trigger handling
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
ab51b1ba34c1b82a10c8b392978746dd5e1e03ef)
Dirk Brenken [Sat, 19 Oct 2019 14:01:20 +0000 (16:01 +0200)]
adblock: minor update 3.8.6-2
* fix service status message
* refine readme regarding reload cron job (provided by @novoid)
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
a94610c88fb851072ea98b7fb41cd2ca10aa9f3d)
Josef Schlehofer [Thu, 19 Sep 2019 19:20:34 +0000 (21:20 +0200)]
bind: Update to version 9.14.6
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
61dcd6849f8314ee68e1600ba75e96da246f54c5)
Josef Schlehofer [Sun, 1 Sep 2019 16:59:55 +0000 (18:59 +0200)]
bind: Update to version 9.14.5
Add PKG_LICENSE_FILES
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
8ca1525a8d1e44766f51b420f7181ca0259c4382)
Rosen Penev [Wed, 28 Aug 2019 20:01:34 +0000 (13:01 -0700)]
libssh2: Remove old artifacts from autotools platform
Removed PKG_FIXUP. It has no meaning with CMake.
Replaced PKG_INSTALL with CMAKE_INSTALL. Consequentially, removed
InstallDev section.
Added ABI_VERSION to force package rebuilds when it increases.
Added PKG_BUILD_PARALLEL for faster compilation.
Fixed license tag.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from commit
6a1cd83265209ea882d9b2c71543257273d3d834)
Rosen Penev [Wed, 28 Aug 2019 00:14:22 +0000 (17:14 -0700)]
libssh2: Don't build tests
Speeds up build and fixes OpenSSL support.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from commit
a447e1c6b2dac374bbd8b84554d994628f897453)
Jan Pavlinec [Mon, 12 Aug 2019 12:44:10 +0000 (14:44 +0200)]
libssh2: update to version 1.9.0 (security fix)
Changes:
Fix CVE-2019-13115
Remove old patches
Switch to cmake
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from commit
9c1a23d9776cd52d5b23c1bcbff8c6ca90cd3b63)
Jan Pavlinec [Wed, 18 Sep 2019 11:30:11 +0000 (13:30 +0200)]
irssi: update to version 1.2.2 (security fix)
Fixes CVE-2019-15717
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from commit
b42159dea3ed38c3755c1b641d47209878247763)
Josef Schlehofer [Sat, 19 Oct 2019 14:23:52 +0000 (16:23 +0200)]
sudo: Update to version 1.8.28p1
- Refreshed patches
- Remove inactive maintainer
Fixes: CVE-2019-14287
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
35b215dfff62aac1184c5f3b9e203e4aa191b23f)
Rosen Penev [Mon, 9 Sep 2019 22:16:08 +0000 (15:16 -0700)]
rtorrent: Switch to using static libtorrent
rtorrent is the only user of libtorrent. Statically link to save space.
Added usleep patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
358495f1184d005624f7e15fc9990bde1bb7552e)
Rosen Penev [Sun, 21 Jul 2019 18:35:46 +0000 (11:35 -0700)]
rtorrent: Update to 0.9.8
Switch to codeload. A lot simpler.
Remove upstreamed patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
84c92f215d973f18ecb8d832dc8a244a6a7e3f89)
Rosen Penev [Mon, 1 Jul 2019 23:57:31 +0000 (16:57 -0700)]
rtorrent: Enable IPv6 support
Other Makefile cleanups as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
343e2a07e4ea4cbfad4ff938a931fc2818c530f4)
Rosen Penev [Mon, 9 Sep 2019 22:00:42 +0000 (15:00 -0700)]
libtorrent: Switch to static library.
libtorrent is only used by rtorrent. Switch to a static library to save
space.
Removed libsigc++ dependency. It seems it's not needed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
e56fada5a860c12815af7235ed8500c7f446cac4)
Rosen Penev [Sun, 21 Jul 2019 17:15:09 +0000 (10:15 -0700)]
libtorrent: Update to 0.13.8
Removed upstreamed patches.
Small change to IPv6 configure flag.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
a328861269737bcbd7d72f5ce8d15e1e49f35ea2)
Rosen Penev [Mon, 1 Jul 2019 23:42:22 +0000 (16:42 -0700)]
libtorrent: Enable IPv6 and clean up Makefile
This was not touched since I took maintainership.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
655eed48dcfa1727952ab00f2d2e97e32fd487fe)
Rosen Penev [Mon, 9 Sep 2019 21:58:53 +0000 (14:58 -0700)]
libsigcxx: Remove
It's no longer needed with libtorrent. No other package depends on it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
ad758ba286dd19e2004afb065e905461e4868e4a)
Rosen Penev [Tue, 8 Oct 2019 03:12:21 +0000 (20:12 -0700)]
gptfdisk: Switch to using uClibc++
Added patches sent upstream to fix usage with uClibc++.
Cleaned up license information.
Added several size optimizations.
Several other Makefile cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Josef Schlehofer [Mon, 14 Oct 2019 06:49:41 +0000 (08:49 +0200)]
netdata: Update to version 1.18.0
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
bd5207a)
Rosen Penev [Mon, 14 Oct 2019 21:34:05 +0000 (14:34 -0700)]
knxd: Makefile cleanups
argp-standalone is only needed for non GLIBC targets.
Added PKG_BUILD_PARALLEL for faster compilation.
Removed unnecessary C/LDFLAGS.
Remove libstdcpp depends. It's included with libfmt.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
5a7ac1d83bd7753798f4f8eb6bff2dc3e27b908a)
Rosen Penev [Sun, 13 Oct 2019 04:11:56 +0000 (21:11 -0700)]
espeak: Compile with uClibc++
Several Makefile cleanups.
Added PKG_BUILD_PARALLEL for faster compilation.
Several size optimizations applied.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
21e195f65792caa2323ece7831f84318633de7c4)
Rosen Penev [Thu, 25 Jul 2019 18:31:22 +0000 (11:31 -0700)]
libzmq: Remove uClibc++ support
libzmq is used by fbzmq, which absolutely requires libstdcpp since it's a
C++14 project. There's no point in using two libc++.
Cleaned up Makefile for consistency between packages.
Added nanosleep patch for platforms that are missing usleep.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
ad11587c40eccd3c3dd21a0c1a356c4daf0534ce)
Rosen Penev [Thu, 17 Oct 2019 20:20:09 +0000 (13:20 -0700)]
Merge pull request #10265 from ewsi/feature_dcwifi_openwrt-19.07
[19.07] dcwifi: Add Dual Channel Wi-Fi component packages
Rosen Penev [Thu, 17 Oct 2019 02:21:02 +0000 (19:21 -0700)]
crtmpserver: Switch to CMake and uClibc++
Smaller size.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Carey Sonsino [Tue, 15 Oct 2019 20:54:01 +0000 (20:54 +0000)]
dcwifi: Add Dual Channel Wi-Fi component packages
dcstad: Dual Channel Wi-Fi Station Daemon
dcwapd: Dual Channel Wi-Fi Access Point Daemon
libdcwproto: Dual Channel Wi-Fi Protocol Library
libdcwsocket: Dual Channel Wi-Fi Socket Library
macremapper: MAC Address Remapper Linux Kernel Module
mrmctl: Userland tool to get/set remap rules
Signed-off-by: Carey Sonsino <careys@edgewaterwireless.com>
Signed-off-by: Carey Sonsino <csonsino@gmail.com>
Josef Schlehofer [Tue, 15 Oct 2019 19:49:44 +0000 (21:49 +0200)]
Merge pull request #10253 from jefferyto/python-pyasn1-modules-0.2.7-openwrt-19.07
[openwrt-19.07] python-pyasn1-modules: Update to 0.2.7
Jeffery To [Tue, 15 Oct 2019 18:12:51 +0000 (02:12 +0800)]
python-pyasn1-modules: Update to 0.2.7
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
5848f67e41880d995219173bf0098ecb1e95b46a)
Rosen Penev [Tue, 15 Oct 2019 02:16:00 +0000 (19:16 -0700)]
Merge pull request #10236 from jefferyto/gammu-fix-lib-symlinks-openwrt-19.07
[openwrt-19.07] gammu: Fix lib symlinks
Jeffery To [Wed, 9 Oct 2019 10:08:10 +0000 (18:08 +0800)]
gammu: Remove python dependency, fix lib symlinks
This removes the python dependency from the package; according to the
maintainer[1][2] the software does not depend on python.
This also fixes the symlinks for libGammu.so and libgsmsd.so.
Previously, the symlinks were overwritten by $(INSTALL_BIN) with copies
of their sources.
[1]: https://github.com/openwrt/packages/issues/8893#issuecomment-
539136531
[2]: https://github.com/openwrt/packages/issues/8893#issuecomment-
539152794
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
027ed92f6ed4adb1a90d36c2d3429106b326a53b)
Rosen Penev [Fri, 4 Oct 2019 00:35:25 +0000 (17:35 -0700)]
gammu: Update to 1.41
Remove upstreamed patch.
Switched conditional dependency to python3 in preparation for deprecating
Python 2.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from
99bbb8af310f058162cbf132f347759fd2267dc3)
Rosen Penev [Mon, 14 Oct 2019 08:03:45 +0000 (01:03 -0700)]
Merge pull request #10203 from ynezz/upstream/19.07/cgi-io-backports
[openwrt-19.07] cgi-io backports
Jeffery To [Sat, 5 Oct 2019 21:48:25 +0000 (05:48 +0800)]
shinit: Add package
This package adds support for /etc/shinit and ~/.shinit files, which
contain commands to be run at the start of all interactive shells.
(/etc/profile and ~/.profile are read for login shells only.)
This is useful for those who regularly open non-login, interactive
shells, for example users of GNU Screen or tmux.
(This is based on a patch[1] I submitted for OpenWrt master, but there
does not appear to be much interest in merging the change.)
(This package uses the ENV shell variable, of which the POSIX standard
has a brief description[2]. The dash manpage[3] also describes how the
ENV variable is handled. (dash is the basis for busybox ash.))
[1]: https://patchwork.ozlabs.org/patch/
1094493/
[2]: https://pubs.opengroup.org/onlinepubs/
9699919799//utilities/V3_chap02.html#tag_18_05_03
[3]: https://manpages.debian.org/buster/dash/dash.1.en.html#Invocation
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from
c04dff7965ed84bc57ea957ecad81fb902b7f146)
Petr Å tetiar [Fri, 11 Oct 2019 13:07:17 +0000 (15:07 +0200)]
cgi-io: iron out extra compiler warnings
Fixes following errors:
main.c:458:37: error: comparison of integer expressions of different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’} [-Werror=sign-compare]
main.c:463:17: error: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Werror=sign-compare]
main.c:518:35: error: comparison of integer expressions of different signedness: ‘ssize_t’ {aka ‘long int’} and ‘size_t’ {aka ‘long unsigned int’} [-Werror=sign-compare]
main.c:157:3: error: ignoring return value of ‘read’, declared with attribute warn_unused_result [-Werror=unused-result]
main.c:763:3: error: ignoring return value of ‘chdir’, declared with attribute warn_unused_result [-Werror=unused-result]
Signed-off-by: Petr Å tetiar <ynezz@true.cz>
(cherry picked from commit
bb6cdb804cc4db12cca776f559baa6d989a992ec)
Petr Å tetiar [Fri, 11 Oct 2019 13:03:04 +0000 (15:03 +0200)]
cgi-io: cmake: enable extra compiler warnings
Spotting issues during compilation is cheaper.
Signed-off-by: Petr Å tetiar <ynezz@true.cz>
(cherry picked from commit
4e7411a8d0a46363f9946bff762eda70d5d5de6c)
Petr Å tetiar [Fri, 11 Oct 2019 13:01:42 +0000 (15:01 +0200)]
cgi-io: cmake: fix libraries lookup
In order to make it compile properly in more environments.
Signed-off-by: Petr Å tetiar <ynezz@true.cz>
(cherry picked from commit
fd47e99be4fcd9b1261a4f359279d63199fff6c3)
Ansuel Smith [Tue, 8 Oct 2019 20:34:11 +0000 (22:34 +0200)]
cgi-io: fix read after end errors
Currently cgi-io try to read data after the data ended.
- Adds "-" to whitelist char
- In main_upload is tried to consume the buffer while it's already readed by the while loop before
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit
535b2b6bd8a7f7a0a7a6914c8091619ea6f8961f)
Jo-Philipp Wich [Fri, 13 Sep 2019 07:17:58 +0000 (09:17 +0200)]
cgi-io: use splice() to stream backup archive
This improves the I/O performance when outputting large backups.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
a8b4a28372645c93621008b2563c00ce6cdd739f)
Jo-Philipp Wich [Fri, 13 Sep 2019 06:32:58 +0000 (08:32 +0200)]
cgi-io: pass appropriate HTTP error codes to failure()
Instead of always replying with a generic 500 internal server error code,
use more appropriate codes such as 403 to indicate denied permissions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
8c22db653158e8c4edf4fdd0e0554a603b96a655)
Jo-Philipp Wich [Fri, 13 Sep 2019 05:23:25 +0000 (07:23 +0200)]
cgi-io: add download operation
Add a new `cgi-download` applet which allows to retrieve the contents
of regular files or block devices.
In order to initiate a transfer, a POST request in x-www-form-urlencoded
format must be sent to the applet, with one field "sessionid" holding
the login session and another field "path" containing the file path to
download.
Further optional fields are "filename" which - if present - will cause
the download applet to set a Content-Dispostition header and "mimetype"
which allows to let the applet respond with a specific type instead of
the default "application/octet-stream".
Below is an example for the required acl rules to grant download access
to files or block devices:
ubus call session grant '{
"ubus_rpc_session": "...",
"scope": "cgi-io",
"objects": [
[ "download", "read" ]
]
}'
ubus call session grant '{
"ubus_rpc_session": "...",
"scope": "file",
"objects": [
[ "/etc/config/*", "read" ],
[ "/dev/mtdblock*", "read" ]
]
}'
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
ab2a2b080d4143bfbbd8584a39999ef998905dd2)
Jo-Philipp Wich [Fri, 13 Sep 2019 04:52:21 +0000 (06:52 +0200)]
cgi-io: use different acl scopes for path and command permissions
Use the `cgi-io` scope to check for permission to execute the requested
command (`upload`, `backup`) and the `file` scope to check path
permissions.
The reasoning of this change is that `cgi-io` is usually used in
conjunction with `rpcd-mod-file` to transfer large file data out
of band and `rpcd-mod-file` already uses the `file` scope to manage
file path access permissions. After this change, both `rpc-mod-file`
and `cgi-io` can share the same path acl rules.
Write access to a path can be granted by using an ubus call in the
following form:
ubus call session grant '{
"ubus_rpc_session": "...",
"scope": "file",
"objects": [
[ "/var/lib/uploads/*", "write" ]
]
}'
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
c8a86c8c8e1925eb7d84c52e702c4be5fc8ac76b)
Jo-Philipp Wich [Fri, 30 Aug 2019 05:50:43 +0000 (07:50 +0200)]
cgi-io: require whitelisting upload locations
Introduce further ACL checks to verify that the request-supplied
upload location may be written to. This prevents overwriting things
like /bin/busybox and allows to confine uploads to specific directories.
To setup the required ACLs, the following ubus command may be used
on the command line:
ubus call session grant '{
"ubus_rpc_session": "
d41d8cd98f00b204e9800998ecf8427e",
"scope": "cgi-io",
"objects": [
[ "/etc/certificates/*", "write" ],
[ "/var/uploads/*", "write" ]
]
}'
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
22be9a1c0173a232d651059d84145bb6f51d3f67)
Rosen Penev [Wed, 9 Oct 2019 19:50:28 +0000 (12:50 -0700)]
Merge pull request #10183 from jefferyto/python-attrs-19.2.0-openwrt-19.07
[openwrt-19.07] python-attrs: Update to 19.2.0
Dirk Brenken [Wed, 9 Oct 2019 12:07:05 +0000 (14:07 +0200)]
banip: update 0.3.1
* the WAN auto detection now supports multiple interfaces, too
* no longer filter out possible LAN devices
* add a new DoH (DNS over HTTPS) blocklist source with public
DoH DNS server addresses, to effectively block client side DoH
communication, e.g. via Firefox or Chrome
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
70ab67649b6a96e7581048ec9c1a7a4debce005d)
Dirk Brenken [Fri, 4 Oct 2019 07:12:11 +0000 (09:12 +0200)]
banip: update 0.3.0
* new 'ca-bundle' dependency as all https connections
are now validated by default
* automatically select the download utility: 'aria2', 'curl',
'uclient-fetch' with libustream-* or wget are supported
* track & ban failed LuCI login attempts as well
* add a small log/banIP background monitor to block
SSH/LuCI brute force attacks in realtime (disabled by default)
* add a config version check (please update your default config!)
* made the automatic wan detection more stable
* fix the IPv6 logfile parser
* fix the service status message
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
ff8b853a6dc91434a5bae1b58934a6d35472dafc)
Karl Palsson [Wed, 9 Oct 2019 13:50:14 +0000 (13:50 +0000)]
net/mosquitto: drop obsolete libuuid dependency
libuuid was dropped as a dependency in mosquitto 1.6.0
Signed-off-by: Karl Palsson <karlp@etactica.com>
Alexander Ryzhov [Fri, 27 Sep 2019 12:02:29 +0000 (15:02 +0300)]
perl-www-curl: curl 7.66.0 compatibility
Signed-off-by: Alexander Ryzhov <github@ryzhov-al.ru>
(cherry-picked from
7910715d863c29a93343db838c9b4b2aafdb2a3f)
Hirokazu MORIKAWA [Mon, 7 Oct 2019 00:46:53 +0000 (09:46 +0900)]
icu: update to 65.1
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from
23adefbb7b5fca8ff473b11350330cb146e632df)
Rosen Penev [Mon, 7 Oct 2019 17:58:14 +0000 (10:58 -0700)]
fbzmq: Update to 2019.10.07.00
Added patch that adds libfolly boost dependencies.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
7a5326dd29fabf2d405603e24159323b4f792759)
Rosen Penev [Mon, 7 Oct 2019 17:54:24 +0000 (10:54 -0700)]
fbthrift: Update to 2019.10.07.00
Added patch to remove boost-thread dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
dbfea329d31ca699b3a5cbde311c59bde2473832)
Rosen Penev [Mon, 7 Oct 2019 17:50:41 +0000 (10:50 -0700)]
librsocket-cpp: Update to 2019-10-07
Added patch to remove boost-thread dependency.
Added size optimizations.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
8ceee72c77f22b8cdfe3a372ebbe86094addb70f)
Rosen Penev [Mon, 7 Oct 2019 17:41:19 +0000 (10:41 -0700)]
libwangle: Update to 2019.10.07.00
Added patch to remove boost-thread dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
caf1a153d379dffb023d2b6bb0a314cf028a8c15)
Rosen Penev [Mon, 7 Oct 2019 17:38:28 +0000 (10:38 -0700)]
libfizz: Update to 2019.10.07.00
Add patch removing boost-thread dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
cc1b52c44a89635cad2a864136275f1fe2567add)
Rosen Penev [Mon, 7 Oct 2019 17:32:50 +0000 (10:32 -0700)]
libfolly: Update to 2019.10.07.00
Added patch to remove boost-thread.
Removed uClibc-ng patch. libfolly no longer builds there.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
b9000043bfb859cacc4fe8aefc3c0cbf1ca8cbb6)
Jeffery To [Tue, 8 Oct 2019 21:18:44 +0000 (05:18 +0800)]
python-attrs: Update to 19.2.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Hannu Nyman [Mon, 7 Oct 2019 15:17:03 +0000 (18:17 +0300)]
nano: update to 4.5
Update nano editor to version 4.5.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
bfd66f2d23483513f80e109df2e0e02de782e5b4)
Hannu Nyman [Mon, 7 Oct 2019 15:09:35 +0000 (18:09 +0300)]
Merge pull request #10165 from stangri/19.07-simple-adblock
[19.07] simple-adblock: bugfix: proper dnsmasq reload on stop, rework start/stop logic
Josef Schlehofer [Fri, 4 Oct 2019 09:57:24 +0000 (11:57 +0200)]
unbound: Update to version 1.9.4
Fixes CVE-2019-16866
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
1caf170daffcb199e34d7584bcf5dc2a7ed138b4)
Stan Grishin [Sun, 6 Oct 2019 16:34:03 +0000 (09:34 -0700)]
simple-adblock: bugfix: proper dnsmasq reload on stop, rework start/stop logic
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Sat, 5 Oct 2019 14:17:33 +0000 (17:17 +0300)]
Merge pull request #10158 from gladiac1337/haproxy-2.0.7-openwrt-19.07
[openwrt-19.07] haproxy: Update HAProxy to v2.0.7
Christian Lachner [Sat, 5 Oct 2019 11:59:57 +0000 (13:59 +0200)]
haproxy: Update HAProxy to v2.0.7
- Update haproxy download URL and hash
- Add new patches (see https://www.haproxy.org/bugs/bugs-2.0.7.html)
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Hannu Nyman [Sat, 5 Oct 2019 08:27:32 +0000 (11:27 +0300)]
Merge pull request #10152 from jefferyto/python-bpo-38243-34155-openwrt-19.07
[openwrt-19.07] python,python3: Fix CVE-2019-16056, CVE-2019-16935
Hannu Nyman [Sat, 5 Oct 2019 08:25:57 +0000 (11:25 +0300)]
Merge pull request #10144 from stangri/19.07-simple-adblock
[19.07] simple-adblock: bugfix and improvements (check description)
Jeffery To [Fri, 4 Oct 2019 15:54:46 +0000 (23:54 +0800)]
python,python3: Fix CVE-2019-16056, CVE-2019-16935
These patches address issues:
CVE-2019-16056: email.utils.parseaddr mistakenly parse an email
CVE-2019-16935: A reflected XSS in python/Lib/DocXMLRPCServer.py (for
Python 2.7)
CVE-2019-16935 was fixed for python3 in #10109
Links to Python issues:
https://bugs.python.org/issue34155
https://bugs.python.org/issue38243
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Fri, 4 Oct 2019 14:40:25 +0000 (22:40 +0800)]
python-simplejson: Fix python[3]-decimal dependency
simplejson depends on the decimal module[1][2]. This adds
python[3]-decimal to the package's DEPENDS.
[1]: https://github.com/simplejson/simplejson/blob/v3.16.0/simplejson/__init__.py#L110
[2]: https://github.com/simplejson/simplejson/blob/v3.16.0/simplejson/encoder.py#L7
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Stan Grishin [Fri, 4 Oct 2019 01:42:14 +0000 (18:42 -0700)]
simple-adblock: bugfix and improvements (check description)
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Tue, 1 Oct 2019 20:03:15 +0000 (23:03 +0300)]
haveged: convert to procd
Convert haveged init script to use procd
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
4f717a6f65b5c495aec770b507913befa40b8997)
Hannu Nyman [Tue, 1 Oct 2019 18:38:11 +0000 (21:38 +0300)]
haveged: update to 1.9.8
Update haveged to 1.9.8
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
e5b308308b528b912ec1352b85bf2de13d94ce3f)
Nuno Goncalves [Wed, 10 Oct 2018 06:15:23 +0000 (08:15 +0200)]
watchcat: make compatible with updated busybox ash array handling (closes #10127)
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
Eneas U de Queiroz [Thu, 19 Sep 2019 17:29:17 +0000 (14:29 -0300)]
python-certifi: bump to 2019.9.11
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
acf7c540ca6b924fd980acb0cdf0fb72d9979836)
Eneas U de Queiroz [Wed, 14 Aug 2019 14:07:13 +0000 (11:07 -0300)]
oniguruma: update to release 6.9.3
This release incorporates fixes for CVE-2019-13224 and CVE-2019-13225,
and "fixed many problems (found by libfuzzer programs)."
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
b7d0a82a7fe0829b9f2655627f383d13988d92e9)
Josef Schlehofer [Sat, 28 Sep 2019 23:11:44 +0000 (01:11 +0200)]
python3: backport three security patches
Fixes: CVE-2019-16935
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
80def9e)
Rosen Penev [Mon, 30 Sep 2019 07:48:10 +0000 (00:48 -0700)]
Merge pull request #10112 from commodo/django-sec-19.07
django: Update to 1.11.24
Rosen Penev [Wed, 18 Sep 2019 21:40:47 +0000 (14:40 -0700)]
django: Update to 1.11.24
Fixes a whole bunchs of CVEs:
CVE-2019-3498
CVE-2019-6975
CVE-2019-12308
CVE-2019-12781
CVE-2019-14232
CVE-2019-14233
CVE-2019-14234
CVE-2019-14235
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
64a02079da18f24cea0234c8e9ff6e14ad1ee683)
William Fleurant [Tue, 20 Aug 2019 01:11:02 +0000 (21:11 -0400)]
yggdrasil: bump to 0.3.9
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry-picked from
7296ff1b5ce8661d6acd31fdbbc8f793a51a00e6)
Josef Schlehofer [Sat, 28 Sep 2019 22:44:41 +0000 (00:44 +0200)]
golang: Update to version 1.13.1
Fixes CVE-2019-16276
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
65b7bd6cc04ba92fb573e8b98c72729baa70c1a9)
projects / feed / packages.git / log