feed/packages.git
5 years agoMerge pull request #10164 from stangri/18.06-simple-adblock
Hannu Nyman [Mon, 7 Oct 2019 15:08:58 +0000 (18:08 +0300)]
Merge pull request #10164 from stangri/18.06-simple-adblock

[18.06] simple-adblock: bugfix: proper dnsmasq reload on stop, rework start/stop logic

5 years agosimple-adblock: bugfix: proper dnsmasq reload on stop, rework start/stop logic 10164/head
Stan Grishin [Sun, 6 Oct 2019 16:33:48 +0000 (09:33 -0700)]
simple-adblock: bugfix: proper dnsmasq reload on stop, rework start/stop logic

Signed-off-by: Stan Grishin <stangri@melmac.net>
5 years agoMerge pull request #10156 from gladiac1337/haproxy-1.8.21-openwrt-18.06
Hannu Nyman [Sat, 5 Oct 2019 14:17:46 +0000 (17:17 +0300)]
Merge pull request #10156 from gladiac1337/haproxy-1.8.21-openwrt-18.06

[openwrt-18.06] haproxy: Update HAProxy to v1.8.21

5 years agohaproxy: Update HAProxy to v1.8.21 10156/head
Christian Lachner [Sat, 5 Oct 2019 11:26:02 +0000 (13:26 +0200)]
haproxy: Update HAProxy to v1.8.21

- Update haproxy download URL and hash
- Add new patches (see https://www.haproxy.org/bugs/bugs-1.8.21.html)

Signed-off-by: Christian Lachner <gladiac@gmail.com>
5 years agoMerge pull request #10155 from jefferyto/python-bpo-38243-34155-openwrt-18.06
Hannu Nyman [Sat, 5 Oct 2019 08:27:49 +0000 (11:27 +0300)]
Merge pull request #10155 from jefferyto/python-bpo-38243-34155-openwrt-18.06

[openwrt-18.06] python: Fix CVE-2019-16056, CVE-2019-16935

5 years agoMerge pull request #10143 from stangri/18.06-simple-adblock
Hannu Nyman [Sat, 5 Oct 2019 08:26:08 +0000 (11:26 +0300)]
Merge pull request #10143 from stangri/18.06-simple-adblock

[18.06] simple-adblock: bugfix and improvements (check description)

5 years agopython: Fix CVE-2019-16056, CVE-2019-16935 10155/head
Jeffery To [Fri, 4 Oct 2019 16:58:08 +0000 (00:58 +0800)]
python: Fix CVE-2019-16056, CVE-2019-16935

These patches address issues:
CVE-2019-16056: email.utils.parseaddr mistakenly parse an email
CVE-2019-16935: A reflected XSS in python/Lib/DocXMLRPCServer.py

Links to Python issues:
https://bugs.python.org/issue34155
https://bugs.python.org/issue38243

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
5 years agosimple-adblock: bugfix and improvements (check description) 10143/head
Stan Grishin [Fri, 4 Oct 2019 01:42:02 +0000 (18:42 -0700)]
simple-adblock: bugfix and improvements (check description)

Signed-off-by: Stan Grishin <stangri@melmac.net>
5 years agoMerge pull request #10120 from BKPepe/youtubedl-1806
Rosen Penev [Wed, 2 Oct 2019 19:05:53 +0000 (12:05 -0700)]
Merge pull request #10120 from BKPepe/youtubedl-1806

[OpenWrt 18.06] youtube-dl: Update to version 2019.9.28

5 years agohaveged: convert to procd
Hannu Nyman [Tue, 1 Oct 2019 20:18:46 +0000 (23:18 +0300)]
haveged: convert to procd

Convert haveged init script to use procd

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 4f717a6f65b5c495aec770b507913befa40b8997)

5 years agohaveged: update to 1.9.8
Hannu Nyman [Tue, 1 Oct 2019 18:38:11 +0000 (21:38 +0300)]
haveged: update to 1.9.8

Update haveged to 1.9.8

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit e5b308308b528b912ec1352b85bf2de13d94ce3f)

5 years agoyoutube-dl: Update to version 2019.9.28 10120/head
Josef Schlehofer [Mon, 30 Sep 2019 21:23:16 +0000 (23:23 +0200)]
youtube-dl: Update to version 2019.9.28

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agoMerge pull request #10118 from BKPepe/libgcrypt-1806
Rosen Penev [Mon, 30 Sep 2019 20:30:46 +0000 (13:30 -0700)]
Merge pull request #10118 from BKPepe/libgcrypt-1806

[OpenWrt 18.06] libgcrypt: backport fix for CVE-2019-13627

5 years agopython3: fix CVE-2019-16056 and delete two patches
Josef Schlehofer [Mon, 30 Sep 2019 15:22:00 +0000 (17:22 +0200)]
python3: fix CVE-2019-16056 and delete two patches

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agopython3: backport three security patches
Josef Schlehofer [Sat, 28 Sep 2019 23:11:44 +0000 (01:11 +0200)]
python3: backport three security patches

Fixes: CVE-2019-16935
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit 80def9e)

5 years agoMerge pull request #9893 from BKPepe/bind-18.06
Josef Schlehofer [Sat, 28 Sep 2019 09:52:27 +0000 (11:52 +0200)]
Merge pull request #9893 from BKPepe/bind-18.06

[OpenWrt 18.06] bind: update to version 9.11.10

5 years agoMerge pull request #9798 from ja-pa/zmq-security-fix-18.06
Rosen Penev [Fri, 27 Sep 2019 19:24:47 +0000 (12:24 -0700)]
Merge pull request #9798 from ja-pa/zmq-security-fix-18.06

[OpenWrt 18.06] zeromq: update to version 4.1.7 (security fix)

5 years agonet/mosquitto: bump to 1.5.9 for CVE
Karl Palsson [Fri, 27 Sep 2019 13:31:27 +0000 (13:31 +0000)]
net/mosquitto: bump to 1.5.9 for CVE

Fixes CVE-2019-11779
Release notes at https://mosquitto.org/blog/2019/09/version-1-6-6-released/

Signed-off-by: Karl Palsson <karlp@etactica.com>
5 years agopython-crypto: Fix two CVEs
Rosen Penev [Mon, 27 Aug 2018 04:12:54 +0000 (21:12 -0700)]
python-crypto: Fix two CVEs

CVE-2013-7459 and CVE-2018-6594. Both patches taken from Fedora.

Also took the liberty to update the PKG_SOURCE_URL to a standard one.

Updated the home URL as well.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 32b23e28ad892395a5575c09606cd07db175f7cc)

5 years agolibgcrypt: backport fix for CVE-2019-13627 10118/head
Josef Schlehofer [Thu, 26 Sep 2019 18:27:41 +0000 (20:27 +0200)]
libgcrypt: backport fix for CVE-2019-13627

Refresh patches due to offsets

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agoMerge pull request #10063 from stangri/18.06-simple-adblock
Hannu Nyman [Wed, 25 Sep 2019 16:13:10 +0000 (19:13 +0300)]
Merge pull request #10063 from stangri/18.06-simple-adblock

[18.06] simple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README

5 years agosimple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README 10063/head
Stan Grishin [Tue, 24 Sep 2019 16:11:57 +0000 (09:11 -0700)]
simple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README

Signed-off-by: Stan Grishin <stangri@melmac.net>
5 years agozmq: fix CVE-2019-13132 9798/head
Josef Schlehofer [Fri, 20 Sep 2019 12:38:22 +0000 (14:38 +0200)]
zmq: fix CVE-2019-13132

- Use HTTPS in their website
- Remove unnecessary space between PKG_SOURCE_URL

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
5 years agoMerge pull request #10041 from neheb/djj
Rosen Penev [Fri, 20 Sep 2019 20:07:47 +0000 (13:07 -0700)]
Merge pull request #10041 from neheb/djj

[18.06]django: Update to 1.8.19

5 years agodjango: Update to 1.8.19 10041/head
Rosen Penev [Fri, 20 Sep 2019 18:45:06 +0000 (11:45 -0700)]
django: Update to 1.8.19

Fixes:

CVE-2018-7536
CVE-2018-7537

Switches to pypi, as in upstream. Updated maintainer as well.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years agolighttpd: mark module configuration files 9965/head
W. Michael Petullo [Wed, 24 Apr 2019 19:57:34 +0000 (15:57 -0400)]
lighttpd: mark module configuration files

Signed-off-by: W. Michael Petullo <mike@flyn.org>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from 9cf412c0cba38f1251e9d8c1fd9afbb86caee88a)

5 years agodovecot: Update to version 2.2.36.4 9944/head
Josef Schlehofer [Sun, 8 Sep 2019 21:38:08 +0000 (23:38 +0200)]
dovecot: Update to version 2.2.36.4

- Fix CVE-2019-11500
- Download tarball from HTTPS instead of HTTP

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agowget: fix CVE-2018-20483
Josef Schlehofer [Sun, 1 Sep 2019 17:42:48 +0000 (19:42 +0200)]
wget: fix CVE-2018-20483

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agofastd: fix init script for multiple VPN instances
Matthias Schiffer [Wed, 4 Sep 2019 20:49:12 +0000 (22:49 +0200)]
fastd: fix init script for multiple VPN instances

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit b7ff8b8087c6e948aba45b74c261cd7337433523)

5 years agohaveged: update to 1.9.6
Hannu Nyman [Mon, 2 Sep 2019 18:02:17 +0000 (21:02 +0300)]
haveged: update to 1.9.6

Update haveged to 1.9.6

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit c933ac5dcb85361baeb9ff9ec424533b67bb2578)

5 years agoMerge pull request #9894 from BKPepe/keepalived-18.06
Florian Eckert [Mon, 2 Sep 2019 07:27:24 +0000 (09:27 +0200)]
Merge pull request #9894 from BKPepe/keepalived-18.06

[OpenWrt 18.06] keepalived: Update to version 1.4.5

5 years agoMerge pull request #9904 from RussellSenior/my-18.06
Rosen Penev [Mon, 2 Sep 2019 07:13:59 +0000 (00:13 -0700)]
Merge pull request #9904 from RussellSenior/my-18.06

patch: cherry pick CVE fixes to 18.06 branch

5 years agopatch: rename CVE-2019-13638 patch to mollify uscan 9904/head
Russell Senior [Sun, 1 Sep 2019 22:50:25 +0000 (15:50 -0700)]
patch: rename CVE-2019-13638 patch to mollify uscan

Signed-off-by: Russell Senior <russell@personaltelco.net>
5 years agopatch: apply upstream patch for CVE-2019-13638
Russell Senior [Sun, 11 Aug 2019 19:43:41 +0000 (12:43 -0700)]
patch: apply upstream patch for CVE-2019-13638

GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style
diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638

Signed-off-by: Russell Senior <russell@personaltelco.net>
5 years agotools/patch: apply upstream patch for CVE-2019-13636
Russell Senior [Mon, 29 Jul 2019 20:14:19 +0000 (13:14 -0700)]
tools/patch: apply upstream patch for CVE-2019-13636

In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

https://nvd.nist.gov/vuln/detail/CVE-2019-13636

Signed-off-by: Russell Senior <russell@personaltelco.net>
5 years agoexfat-nofuse: drop BUILD_PATENTED
DENG Qingfang [Sat, 31 Aug 2019 14:29:29 +0000 (22:29 +0800)]
exfat-nofuse: drop BUILD_PATENTED

Microsoft has published technical specification for exFAT [1]
and the driver has been added to Linux staging tree [2].

It's now safe to drop BUILD_PATENTED label.

[1] https://docs.microsoft.com/windows/win32/fileio/exfat-specification
[2] http://lkml.iu.edu/hypermail/linux/kernel/1908.3/04254.html

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry-picked from commit 4c9d0c7b56365761fd1986ff954edf963feb2931)

5 years agokeepalived: add patch for CVE-2018-19115 9894/head
Josef Schlehofer [Sun, 1 Sep 2019 15:40:55 +0000 (17:40 +0200)]
keepalived: add patch for CVE-2018-19115

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agokeepalived: Update to version 1.4.5
Josef Schlehofer [Sun, 1 Sep 2019 15:39:15 +0000 (17:39 +0200)]
keepalived: Update to version 1.4.5

- Use HTTPS for PKG_SOURCE_URL and as well for URL in description

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agobind: Update to version 9.11.10 9893/head
Josef Schlehofer [Sun, 1 Sep 2019 15:01:22 +0000 (17:01 +0200)]
bind: Update to version 9.11.10

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agolighttpd: fix CVE-2018-19052 9889/head
Josef Schlehofer [Sun, 1 Sep 2019 11:15:34 +0000 (13:15 +0200)]
lighttpd: fix CVE-2018-19052

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agoMerge pull request #9841 from cshoredaniel/pr-18.06-nut-targetted
Rosen Penev [Fri, 30 Aug 2019 17:13:47 +0000 (10:13 -0700)]
Merge pull request #9841 from cshoredaniel/pr-18.06-nut-targetted

[18.06] Targeted fixes based on 19.07/master

5 years agoMerge pull request #9703 from BKPepe/squid-18.06
Josef Schlehofer [Thu, 29 Aug 2019 21:40:33 +0000 (23:40 +0200)]
Merge pull request #9703 from BKPepe/squid-18.06

[OpenWrt 18.06] squid: update to version 3.5.28

5 years agoMerge pull request #9814 from guidosarducci/speedtest-18.06
Hannu Nyman [Thu, 29 Aug 2019 17:41:04 +0000 (20:41 +0300)]
Merge pull request #9814 from guidosarducci/speedtest-18.06

[18.06] speedtest-netperf: backport stable package from 19.07 and master

5 years agoMerge pull request #9777 from BKPepe/tar_1806
Rosen Penev [Wed, 28 Aug 2019 01:55:27 +0000 (18:55 -0700)]
Merge pull request #9777 from BKPepe/tar_1806

[OpenWrt 18.06] tar: update to version 1.3.2

5 years agoMerge pull request #9821 from cotequeiroz/vim_host
Rosen Penev [Tue, 27 Aug 2019 18:31:22 +0000 (11:31 -0700)]
Merge pull request #9821 from cotequeiroz/vim_host

[18.06] vim: Add host build to install xxd

5 years agonut: Bump PKG_RELEASE 9841/head
Daniel F. Dickinson [Tue, 27 Aug 2019 05:22:41 +0000 (01:22 -0400)]
nut: Bump PKG_RELEASE

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Handle FSD properly
Daniel F. Dickinson [Tue, 27 Aug 2019 04:56:42 +0000 (00:56 -0400)]
nut: Handle FSD properly

Make sure we force shutdown of UPS only when we should, and when
we should that shutdown happens.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Fix init actions (server/driver)
Daniel F. Dickinson [Tue, 27 Aug 2019 04:53:42 +0000 (00:53 -0400)]
nut: Fix init actions (server/driver)

The server and driver were not starting/restarting reliably. In
addition on interface changes NUT got very confused.  So we fix
handling of restarts and add a reload trigger for interface
changes.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Fix extra diver params config
Daniel F. Dickinson [Tue, 27 Aug 2019 04:49:46 +0000 (00:49 -0400)]
nut: Fix extra diver params config

Extra parameters for the UPS driver were not being handled correctly.
Fix that (was wrong variable name).

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Fix permissions with runas
Daniel F. Dickinson [Tue, 27 Aug 2019 04:43:25 +0000 (00:43 -0400)]
nut: Fix permissions with runas

Fix directory and conf file creation and owner/mode setting
for when running as non-root.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Fix statepath handling
Daniel F. Dickinson [Tue, 27 Aug 2019 04:19:03 +0000 (00:19 -0400)]
nut: Fix statepath handling

The statepath was getting the wrong permission and/or not created
at the right time.  This commit includes fixes for handling the
statepath (typically /var/run/nut).

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Fix unset of runas user (ups server)
Daniel F. Dickinson [Tue, 27 Aug 2019 04:15:12 +0000 (00:15 -0400)]
nut: Fix unset of runas user (ups server)

Running as non-root was failing due to misplace local keyword
causing runas to be unset from calling value.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Fix bad check for conf exists
Daniel F. Dickinson [Tue, 27 Aug 2019 03:48:49 +0000 (23:48 -0400)]
nut: Fix bad check for conf exists

We were `cat`ing the file instead of just checking for non-empty
existance.  Fix that.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Fix upsmon init actions
Daniel F. Dickinson [Tue, 27 Aug 2019 03:43:16 +0000 (23:43 -0400)]
nut: Fix upsmon init actions

1) For upsmon start and stop were at wrong position in rc.d
2) Stop needs more than just killing the procd instead but rather
needs a  stop command to be issued.
3) Interface up/down was causing not to enter a crashloop (we fix this
with procd trigger on interface changes).

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Fix unset of runas user (upsmon)
Daniel F. Dickinson [Tue, 27 Aug 2019 03:38:10 +0000 (23:38 -0400)]
nut: Fix unset of runas user (upsmon)

Running as non-root was failing due to misplace local keyword
causing runas to be unset from calling value.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonut: Remove unecessary libwrap dependency
Daniel F. Dickinson [Tue, 27 Aug 2019 03:18:05 +0000 (23:18 -0400)]
nut: Remove unecessary libwrap dependency

CONFIG_ARGS has --without-wrap so libwrap as a dependency is
extraneous as it is not actually used.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
5 years agonano: update to 4.4
Hannu Nyman [Sun, 25 Aug 2019 17:38:01 +0000 (20:38 +0300)]
nano: update to 4.4

Update nano editor to 4.4

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit d9347059a80fc8977a1e148153693a2851b4e253)

5 years agottyd: Add dependency for vim 9821/head
Rosen Penev [Wed, 10 Apr 2019 21:55:37 +0000 (14:55 -0700)]
ttyd: Add dependency for vim

Needed to avoid error in case xxd is not installed:

[ 16%] Generating html.h from index.html
/bin/sh: 1: CMAKE_XXD-NOTFOUND: not found
CMakeFiles/ttyd.dir/build.make:61: recipe for target 'html.h' failed
make[6]: *** [html.h] Error 127

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 773c19afad0723bc2ba49b36e8172776e2eaf207)

5 years agovim: Add host build to install xxd
Rosen Penev [Mon, 8 Apr 2019 00:20:01 +0000 (17:20 -0700)]
vim: Add host build to install xxd

Packages such as ttyd and device-observatory need this.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8e93386b804f8029a1180755ce240fbc0f06b009)

5 years agospeedtest-netperf: new package to measure network performance 9814/head
Tony Ambardar [Fri, 26 Oct 2018 01:51:11 +0000 (18:51 -0700)]
speedtest-netperf: new package to measure network performance

The speedtest-netperf.sh script measures the network throughput while
monitoring latency under load and capturing key CPU usage and frequency
statistics. The script can emulate a web-based speed test by downloading
and then uploading from an internet server, or perform simultaneous
download and upload to mimic the stress of the FLENT test program.

It simplifies tasks such as validating ISP provisioned speeds or setting
up and fine-tuning SQM, directly on the router. The CPU usage details
can also help determine if the demands of SQM, routing and other tasks
such as the test itself are exhausting the device's CPUs.

This script leverages earlier scripts from the CeroWrt project used for
bufferbloat mitigation, betterspeedtest.sh and netperfrunner.sh. They are
used with the permission of the author, Rich Brown.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry-picked from 463590e2bcf94e09890f7ba98e910ff58090e29b)

5 years agoMerge pull request #9789 from ja-pa/libarchive-security-fix-18.06
Rosen Penev [Fri, 23 Aug 2019 01:18:46 +0000 (18:18 -0700)]
Merge pull request #9789 from ja-pa/libarchive-security-fix-18.06

[OpenWrt 18.06] libarchive: update to version 3.4.0 (security fix)

5 years agoapinger: Update to latest git revision
Rosen Penev [Fri, 28 Jun 2019 17:53:53 +0000 (10:53 -0700)]
apinger: Update to latest git revision

This project seems abandoned. Updated to latest version.

Also cleaned up the Makefile quite a bit.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from dff6d2639eabb93e2d3782bfc1262bb6f7dccc33)

5 years agonode-serialport: fix i386 build fail
Hirokazu MORIKAWA [Fri, 19 Apr 2019 00:22:23 +0000 (09:22 +0900)]
node-serialport: fix i386 build fail

more stability for parallel build

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from 1ce1ca6e0622c6ad7fb61e44b7c96b028939186a)

5 years agonode-hid: fix i386 build fail
Hirokazu MORIKAWA [Wed, 17 Apr 2019 05:55:05 +0000 (14:55 +0900)]
node-hid: fix i386 build fail

more stability for parallel build

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from 1aa55f86b56766074677bcda23f19cd7e5b5601f)

5 years agolibarchive: update to version 3.4.0 (security fix) 9789/head
Jan Pavlinec [Tue, 23 Jul 2019 13:13:49 +0000 (15:13 +0200)]
libarchive: update to version 3.4.0 (security fix)

Fixes:
CVE-2019-1000019
CVE-2019-1000020
CVE-2018-1000880
CVE-2018-1000879
CVE-2018-1000878
CVE-2018-1000877

Changes:
add bsdtar libopenssl variant
switch to github codeload
polish tab/spaces

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
5 years agoMerge branch 'pr/9778' into openwrt-18.06
Noah Meyerhans [Wed, 21 Aug 2019 14:44:05 +0000 (07:44 -0700)]
Merge branch 'pr/9778' into openwrt-18.06

PR #9778

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
5 years agofastd: update URL and PKG_SOURCE_URL
Matthias Schiffer [Wed, 21 Aug 2019 14:03:57 +0000 (16:03 +0200)]
fastd: update URL and PKG_SOURCE_URL

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
5 years agolibuecc: update URL and PKG_SOURCE_URL
Matthias Schiffer [Wed, 21 Aug 2019 14:03:28 +0000 (16:03 +0200)]
libuecc: update URL and PKG_SOURCE_URL

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
5 years agoMerge pull request #9754 from champtar/openwrt-18.06
Etienne Champetier [Tue, 20 Aug 2019 23:07:32 +0000 (16:07 -0700)]
Merge pull request #9754 from champtar/openwrt-18.06

[18.06] prometheus-node-exporter-lua: update to 2019.08.14

5 years agobind: update to 9.11.9 9778/head
DENG Qingfang [Sat, 20 Jul 2019 17:21:24 +0000 (01:21 +0800)]
bind: update to 9.11.9

Fixes CVEs:
CVE-2018-5738
CVE-2018-5740
CVE-2018-5743
CVE-2018-5744
CVE-2018-5745
CVE-2019-6465
CVE-2019-6471

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[mention fixed CVEs;patches: refreshed and removed those which are in
upstream now]

5 years agotar: update to version 1.32 9777/head
Daniel Golle [Sun, 10 Mar 2019 20:37:01 +0000 (21:37 +0100)]
tar: update to version 1.32

Fixes CVE-2019-9923

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[mention CVE in commit message]

5 years agotar: Update to 1.31
Rosen Penev [Tue, 29 Jan 2019 00:45:58 +0000 (16:45 -0800)]
tar: Update to 1.31

Fixes CVE-2018-20482

Added PKG_BUILD_PARALLEL for faster compilation.

Added PKG_CPE_ID for proper CVE tracking.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agolcdringer: Remove libcheck dependency to fix compilation
Rosen Penev [Sat, 30 Mar 2019 08:48:17 +0000 (01:48 -0700)]
lcdringer: Remove libcheck dependency to fix compilation

libcheck is some kind of testing framework. it is not only unnecessary, it
is not even used in the code.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years agoMerge pull request #9765 from stangri/18.06-simple-adblock
Hannu Nyman [Sun, 18 Aug 2019 18:08:10 +0000 (21:08 +0300)]
Merge pull request #9765 from stangri/18.06-simple-adblock

[18.06] simple-adblock: support for varios DNS resolvers/options

5 years agodovecot: update to version 2.2.36.3 9768/head
Josef Schlehofer [Sat, 17 Aug 2019 21:16:30 +0000 (23:16 +0200)]
dovecot: update to version 2.2.36.3

- Fixes CVE-2019-7524
- Refresh patch

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years ago[18.06] simple-adblock: support for varios DNS resolvers/options 9765/head
Stan Grishin [Sat, 17 Aug 2019 13:09:43 +0000 (06:09 -0700)]
[18.06] simple-adblock: support for varios DNS resolvers/options

Signed-off-by: Stan Grishin <stangri@melmac.net>
5 years agolinknx: Fix compilation with libiconv
Rosen Penev [Fri, 16 Aug 2019 20:02:54 +0000 (13:02 -0700)]
linknx: Fix compilation with libiconv

Based on ee94a1e9120e369666909de97ddf68966d61f8e2

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years agorp-pppoe: redo glibc patch
Eneas U de Queiroz [Thu, 14 Jun 2018 15:00:55 +0000 (12:00 -0300)]
rp-pppoe: redo glibc patch

Previous fix broke compilation with kernel < 4.8

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from e40d67a48f6dc82c5e52f07859251460d6064a09)

5 years agorp-pppoe: Fixed compilation with glibc
Eneas U de Queiroz [Wed, 23 May 2018 17:24:35 +0000 (14:24 -0300)]
rp-pppoe: Fixed compilation with glibc

Do not inlcude <netinet/in.h> when using glibc to avoid various
redefinitions.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from 0c995cabe7d1e8d6e695772848d1d54f0e978bf9)

5 years agoldbus: Add zip/host build dependency
Rosen Penev [Fri, 16 Aug 2019 19:51:27 +0000 (12:51 -0700)]
ldbus: Add zip/host build dependency

Needed when zip is missing on the host (very rare).

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years agogcc: Do not build on ARC
Rosen Penev [Fri, 16 Aug 2019 19:46:22 +0000 (12:46 -0700)]
gcc: Do not build on ARC

Not supported until GCC8.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years agoprometheus-node-exporter-lua: add target & system to OpenWrt collector 9754/head
Etienne Champetier [Thu, 15 Aug 2019 03:48:48 +0000 (20:48 -0700)]
prometheus-node-exporter-lua: add target & system to OpenWrt collector

Before:
node_openwrt_info{revision="r10756+1-7546be6007",model="GL.iNet GL-AR150",id="OpenWrt",board_name="glinet,gl-ar150",release="SNAPSHOT"} 1

After:
node_openwrt_info{revision="r10756+1-7546be6007",target="ath79/generic",board_name="glinet,gl-ar150",id="OpenWrt",model="GL.iNet GL-AR150",release="SNAPSHOT",system="Atheros AR9330 rev 1"} 1

Fixes #9730, replace #9735

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
(cherry picked from commit a14bed1bc959116617b0eb75d2d9a46551a480e6)

5 years agoprometheus-node-exporter-lua: Add more wifi_station metrics and fix naming according...
Kirill Lukonin [Thu, 11 Apr 2019 18:52:16 +0000 (23:52 +0500)]
prometheus-node-exporter-lua: Add more wifi_station metrics and fix naming according to original wifi_linux.go node exporter

Signed-off-by: Kirill Lukonin <klukonin@gmail.com>
(cherry picked from commit 5eb8e47df282473aede488cad9ae40cad626c0bc)

5 years agoprometheus-node-exporter-lua: Bump PKG_RELEASE
Alex Tomlins [Mon, 8 Apr 2019 18:52:32 +0000 (19:52 +0100)]
prometheus-node-exporter-lua: Bump PKG_RELEASE

Signed-off-by: Alex Tomlins <alex@tomlins.org.uk>
(cherry picked from commit 4b6f76bfac7bd1969c8ca8829a7fe8f9fed43cd0)

5 years agoprometheus-node-exporter-lua: Add wifi_station_count
Alex Tomlins [Sun, 7 Apr 2019 13:01:12 +0000 (14:01 +0100)]
prometheus-node-exporter-lua: Add wifi_station_count

To return the number of connected clients.

At present this can be partially inferred by using a count() over one of
the existing metrics, however this doesn't handle the case when there
are no connected clients. When that happens, the count() will return no
data instead of 0.

Signed-off-by: Alex Tomlins <alex@tomlins.org.uk>
(cherry picked from commit 1237e196b47dbbd7cac7cf7cabe4b8c86e09e0da)

5 years agoprometheus-node-exporter-lua: wifi packets should be a counter
Alex Tomlins [Sun, 7 Apr 2019 13:08:31 +0000 (14:08 +0100)]
prometheus-node-exporter-lua: wifi packets should be a counter

These output a count of the number of packets transmitted/received, so
should be tracked as a counter. As it stands, promtool is warning that
these shouldn't be named ending _total if they're a gauge.

Signed-off-by: Alex Tomlins <alex@tomlins.org.uk>
(cherry picked from commit a45c702baa1c5e913ac6561ef0e0465b8bd780ce)

5 years agoprometheus-node-exporter-lua: Bump PKG_RELEASE
Alex Tomlins [Thu, 4 Apr 2019 21:28:40 +0000 (22:28 +0100)]
prometheus-node-exporter-lua: Bump PKG_RELEASE

Signed-off-by: Alex Tomlins <alex@tomlins.org.uk>
(cherry picked from commit deab22044be7ea52fd0e3863516a07c5bee72d68)

5 years agoprometheus-node-exporter-lua: fix missing conntrack values
Alex Tomlins [Wed, 3 Apr 2019 20:08:11 +0000 (21:08 +0100)]
prometheus-node-exporter-lua: fix missing conntrack values

If the /proc/sys/net/netfilter/nc_conntrack_* files are not present,
this exporter was outputting a blank value, which is invalid. These
files will not be present when using an image that doesn't include the
iptables and firewall packages (eg a minimal access-point type image).

This updates the collector to only output the metrics if the
corresponding /proc files are present.

Signed-off-by: Alex Tomlins <alex@tomlins.org.uk>
(cherry picked from commit 0100a2cb26c30ee091a259625b9496dd7805aaaa)

5 years agoprometheus-node-exporter-lua: change network metric type to counter
Piotr Machała [Sun, 30 Dec 2018 21:03:11 +0000 (22:03 +0100)]
prometheus-node-exporter-lua: change network metric type to counter

Signed-off-by: Piotr Machała <pm7gt@933x.net>
(cherry picked from commit 626b197cc1b7f8cbb6937d7b6c1ed9982296feac)

5 years agoprometheus-node-exporter-lua: add lantiq dsl modem collector
Rene Treffer [Sat, 28 Jul 2018 10:43:57 +0000 (12:43 +0200)]
prometheus-node-exporter-lua: add lantiq dsl modem collector

a.heider: Address PR comments and clean up.

Signed-off-by: Rene Treffer <treffer+github@measite.de>
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit c751af86160f4467a2856ecceb2c8b599f517676)

5 years agoopenssh: fix pthread functions redefine with pam module
Guo Li [Sat, 8 Sep 2018 11:04:04 +0000 (19:04 +0800)]
openssh: fix pthread functions redefine with pam module

we should pass -DUNSUPPORTED_POSIX_THREADS_HACK to CFLAGS to openssh
to prevent function redefine, I don't know why pam module use
micro UNSUPPORTED_POSIX_THREADS_HACK to detect whether define
pthread functions, but not detect whether define
UNSUPPORTED_POSIX_THREADS_HACK.

Signed-off-by: Guo Li <uxgood.org@gmail.com>
5 years agoMerge pull request #9403 from BKPepe/yt-18.06
Josef Schlehofer [Wed, 14 Aug 2019 19:20:07 +0000 (21:20 +0200)]
Merge pull request #9403 from BKPepe/yt-18.06

[18.06] youtube-dl: update to version 2019.8.2

5 years agoMerge pull request #9513 from BKPepe/openwrt-18.06_python_shebang
Josef Schlehofer [Wed, 14 Aug 2019 19:19:50 +0000 (21:19 +0200)]
Merge pull request #9513 from BKPepe/openwrt-18.06_python_shebang

[OpenWrt 18.06] python,python3: move shebang handle in install script

5 years agolibinput: Add missing header to fix compilation
Rosen Penev [Tue, 12 Feb 2019 20:36:07 +0000 (12:36 -0800)]
libinput: Add missing header to fix compilation

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 671f0363a438518e676517b4fb5ed9fd8d4d5f49)

5 years agolibglog: fix removing libunwind dependency
Eneas U de Queiroz [Fri, 7 Dec 2018 19:02:05 +0000 (17:02 -0200)]
libglog: fix removing libunwind dependency

ac_cv_header_libunwind_h needs to be set to 0, as ac_cv_have_libunwind_h
overwritten based on the former's value.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from ec317934b2317e0e0f1831c703a643028d1acaa6)

5 years agolibseccomp: workaround a recursive dependency
Eneas U de Queiroz [Wed, 15 May 2019 12:42:47 +0000 (09:42 -0300)]
libseccomp: workaround a recursive dependency

DEPENDS:=@!arc is causing a recursive dependency because of the optional
selection of libseccomp by util/lxc.  The workaround hides the package
in Package/libseccomp/config instead.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from e29483d7e202b06c49b3ede7fbb63c2ba1879321)

5 years agolxc: Backport uClibc patch
Rosen Penev [Thu, 16 May 2019 00:23:04 +0000 (17:23 -0700)]
lxc: Backport uClibc patch

Fixes compilation

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 189a1700383a9d6cb964f764344194e4a904ce12)

5 years agolxc: hide seccomp support for arc
Eneas U de Queiroz [Wed, 15 May 2019 12:40:45 +0000 (09:40 -0300)]
lxc: hide seccomp support for arc

libseccomp does not compile for arc, so we can't show that option for
arc.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from 57b4d94d98a572c02b9b78e4bb1d3e9810a95db7)

5 years agolxc: Disable use of unwanted libraries explicity
Daniel F. Dickinson [Mon, 21 Jan 2019 05:12:18 +0000 (00:12 -0500)]
lxc: Disable use of unwanted libraries explicity

Otherwise one gets a failure if the libraries (e.g. Python
header file) exist in the build system.  Worse in some cases
is host headers being found if one doesn't specifically
disable a library search in autotools.  It is especially
important that Python is disabled by default.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
(cherry-picked from cc039d801e28cf2fdf6a1d1466865d142a4ef278)

5 years agoboost: Fix compilation with uClibc-ng
Rosen Penev [Wed, 1 May 2019 20:58:07 +0000 (13:58 -0700)]
boost: Fix compilation with uClibc-ng

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 053faa31e53122eb7efdc78f954e9563ed06116e)