Noah Meyerhans [Fri, 29 Oct 2021 16:54:23 +0000 (09:54 -0700)]
bind: Bump to version 9.11.36
The following security issues are addressed with this change:
CVE-2020-8619
CVE-2020-8622
CVE-2020-8623
CVE-2020-8624
CVE-2020-8625
CVE-2021-25214
CVE-2021-25215
CVE-2021-25216
CVE-2021-25219
A complete description of the changes with this BIND release is
available in the release notes at
https://ftp.isc.org/isc/bind9/9.11.36/RELEASE-NOTES-bind-9.11.36.html
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
Jeffery To [Wed, 8 Sep 2021 14:47:24 +0000 (22:47 +0800)]
python3: Update to 3.6.15
Includes fix for CVE-2013-0340 ("Billion Laughs" vulnerability).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Eneas U de Queiroz [Wed, 11 Aug 2021 13:57:23 +0000 (10:57 -0300)]
perl: perlmod.mk: use 'install' for host binaries
When installing a host perl module, the host perl binary in the staging
dir is replaced by using 'cp'. However, if the binary is running in a
parallel job, cp will fail with a text file busy error. Use
$(INSTALL_BIN), which unliks the file first to avoid the error.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
19c7496648cb25500ca7007a7c1578a426c23a09)
(cherry picked from commit
67f403b5e6afba14cbf6742833426faad796bfd9)
Josef Schlehofer [Sun, 11 Jul 2021 18:44:01 +0000 (20:44 +0200)]
Merge pull request #16086 from turris-cz/lxc-update-keyserver
lxc: add patch to switch GPG server
Josef Schlehofer [Sat, 10 Jul 2021 14:33:08 +0000 (16:33 +0200)]
lxc: add patch to switch GPG server
By default, there was used sks-keyservers.net pool, which has invalid
SSL certificate and they also announced that their service is deprecate
and no longer maintained.
Use the same GPG server as LXC is using by default in the newer
releases.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Wed, 7 Jul 2021 07:04:46 +0000 (09:04 +0200)]
Merge pull request #16056 from jefferyto/python3-3.6.14-openwrt-18.06
[openwrt-18.06] python3: Update to 3.6.14
Jeffery To [Tue, 6 Jul 2021 16:38:27 +0000 (00:38 +0800)]
python3: Update to 3.6.14
Includes fix for CVE-2021-3426 (Information disclosure via pydoc).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Luiz Angelo Daros de Luca [Tue, 13 Apr 2021 16:05:03 +0000 (13:05 -0300)]
Merge pull request #15415 from luizluca/18.06/ruby-2.5.9
[18.06] ruby: update to 2.5.9
Luiz Angelo Daros de Luca [Mon, 12 Apr 2021 17:52:28 +0000 (14:52 -0300)]
ruby: update to 2.5.9
Fixes two CVEs:
CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick
CVE-2021-28965: XML round-trip vulnerability in REXML
After this release, Ruby 2.5 reaches EOL.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Rosen Penev [Fri, 19 Mar 2021 22:51:47 +0000 (15:51 -0700)]
Merge pull request #15166 from gladiac1337/haproxy-1.8.29-18.06
[openwrt-18.06] haproxy: Update HAProxy to v1.8.29
Christian Lachner [Fri, 19 Mar 2021 18:01:37 +0000 (19:01 +0100)]
haproxy: Update HAProxy to v1.8.29
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Josef Schlehofer [Mon, 22 Feb 2021 17:46:55 +0000 (18:46 +0100)]
Merge pull request #14843 from jefferyto/python-3.6.13-openwrt-18.06
[openwrt-18.06] python3: Update to 3.6.13
Jeffery To [Mon, 22 Feb 2021 12:28:45 +0000 (20:28 +0800)]
python3: Update to 3.6.13
Includes fixes for:
* CVE-2021-3177 - ctypes: Buffer overflow in PyCArg_repr
* CVE-2021-23336 - urllib parse_qsl(): Web cache poisoning - semicolon
as a query args separator
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Rosen Penev [Sat, 23 Jan 2021 01:42:29 +0000 (17:42 -0800)]
Merge pull request #14502 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: bugfix: high CPU utilization
Stan Grishin [Mon, 18 Jan 2021 15:28:24 +0000 (15:28 +0000)]
https-dns-proxy: bugfix: high CPU utilization
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Thu, 7 Jan 2021 03:58:53 +0000 (19:58 -0800)]
Merge pull request #14428 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: update to 2020-11-25: add HTTP auth and DSCP support
Stan Grishin [Wed, 6 Jan 2021 17:53:33 +0000 (17:53 +0000)]
https-dns-proxy: update to 2020-11-25: add HTTP auth and DSCP codepoint support
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Sat, 19 Dec 2020 10:29:46 +0000 (02:29 -0800)]
Merge pull request #14272 from stangri/18.06-simple-adblock
[18.06] simple-adblock: config update
Stan Grishin [Sat, 19 Dec 2020 04:05:25 +0000 (22:05 -0600)]
simple-adblock: config update
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Mon, 14 Dec 2020 21:38:00 +0000 (13:38 -0800)]
Merge pull request #14214 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfix - config update
Stan Grishin [Sat, 12 Dec 2020 21:58:52 +0000 (15:58 -0600)]
simple-adblock: bugfix - config update
Signed-off-by: Stan Grishin <stangri@melmac.net>
Stan Grishin [Mon, 28 Sep 2020 20:10:58 +0000 (20:10 +0000)]
https-dns-proxy: update binary to 2020-08-21
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Sat, 1 Aug 2020 20:59:57 +0000 (13:59 -0700)]
python3: fix host compilation with clang
Matched rpath parameter with Makefile.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from commit
b40c40151c2ac3dd11d908a0548ac97e6b5c8455)
Rosen Penev [Fri, 20 Nov 2020 01:07:43 +0000 (17:07 -0800)]
Merge pull request #13918 from cartender/pr_stm32flash
stm32flash: Added patch to lock serial device
Giovanni Giacobbi [Sat, 14 Nov 2020 16:29:02 +0000 (16:29 +0000)]
stm32flash: Added patch to lock serial device
Patch backported from upstream master
Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
Christian Lachner [Sun, 8 Nov 2020 12:36:36 +0000 (13:36 +0100)]
haproxy: Update HAProxy to v1.8.27
- Update haproxy download URL and hash
- Fix ssl compat patch offsets
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Michael Heimpold [Sat, 7 Nov 2020 20:44:02 +0000 (21:44 +0100)]
php7: update to 7.2.34
This fixes:
- CVE-2020-7069
- CVE-2020-7070
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
5b3870890d9b55c51ed034bfbe7620654021c452)
Matthias Schiffer [Mon, 19 Oct 2020 20:09:34 +0000 (22:09 +0200)]
fastd: fix buffer leak when receiving invalid packets
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Rosen Penev [Fri, 16 Oct 2020 21:24:08 +0000 (14:24 -0700)]
Merge pull request #13685 from jefferyto/python-3.6.12-openwrt-18.06
[openwrt-18.06] python3: Update to 3.6.12, remove backported patches
Jeffery To [Fri, 16 Oct 2020 16:39:17 +0000 (00:39 +0800)]
python3: Update to 3.6.12, remove backported patches
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Stan Grishin [Thu, 8 Oct 2020 02:39:15 +0000 (02:39 +0000)]
simple-adblock: config update file fix
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Wed, 7 Oct 2020 15:22:50 +0000 (18:22 +0300)]
nano: update to 5.3
Update nano editor to version 5.3.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
4690a1f1c98c12f74a882eb2fc256c1f98957e55)
Rosen Penev [Fri, 2 Oct 2020 20:58:28 +0000 (13:58 -0700)]
Merge pull request #13550 from gladiac1337/haproxy-1.8.26-openwrt-18.06
[openwrt-18.06] haproxy: Update HAProxy to v1.8.26
Christian Lachner [Fri, 2 Oct 2020 07:31:10 +0000 (09:31 +0200)]
haproxy: Update HAProxy to v1.8.26
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Stan Grishin [Mon, 21 Sep 2020 18:16:02 +0000 (18:16 +0000)]
vpnbypass: README update, code cleanup
Signed-off-by: Stan Grishin <stangri@melmac.net>
update
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Sun, 20 Sep 2020 11:14:31 +0000 (04:14 -0700)]
Merge pull request #13435 from stangri/18.06-simple-adblock
[18.06] simple-adblock: add config auto-update feature
Stan Grishin [Sun, 20 Sep 2020 00:17:04 +0000 (00:17 +0000)]
simple-adblock: add config auto-update feature
Signed-off-by: Stan Grishin <stangri@melmac.net>
Michael Heimpold [Thu, 10 Sep 2020 18:52:06 +0000 (20:52 +0200)]
php7: update to 7.2.33
This fixes:
- CVE-2020-7068
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
473ca554f5cdd6f3bbed44d563b041ac7edf4557)
Hannu Nyman [Tue, 25 Aug 2020 20:03:55 +0000 (23:03 +0300)]
nano: update to 5.2
Update nano editor to version 5.2.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
3ce75951360c675cec86548f2cb19cfca2ee1c89)
Rosen Penev [Sat, 22 Aug 2020 00:48:40 +0000 (17:48 -0700)]
Merge pull request #13188 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfix: update config; use command -v
Stan Grishin [Fri, 21 Aug 2020 23:29:33 +0000 (23:29 +0000)]
simple-adblock: bugfix: update config; use command -v
Signed-off-by: Stan Grishin <stangri@melmac.net>
Robby K [Fri, 7 Feb 2020 16:00:02 +0000 (17:00 +0100)]
freeradius3: Fix proxy.conf file conflict.
It was provided by both the freeradius3 and freeradius3-mod-realm packages.
Now provided by the freeradius3 package only.
Signed-off-by: Robby K <robbyke@gmail.com>
Fixes: #13149
(cherry picked from commit
c81d176e805122469216c8eac42081e91ca7304c)
Rosen Penev [Sat, 15 Aug 2020 08:45:13 +0000 (01:45 -0700)]
Merge pull request #13123 from jjm2473/lvm2-fix-mac-sh-for-1806
lvm2: fix CE in mac (backport)
Liangbin Lian [Fri, 14 Aug 2020 06:19:12 +0000 (14:19 +0800)]
lvm2: fix CE in mac
command-count.h generated by makefile was wrong
when using default shell in mac,
set shell to bash to fix it.
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
(cherry picked from commit
9bb0962d6e3a2d5faf28a9624da82a936d961f19)
Hannu Nyman [Wed, 12 Aug 2020 19:53:37 +0000 (22:53 +0300)]
nano: update to 5.1
Update nano to version 5.1.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
02f9ec4adc22a80e2adf57f868b080a2934af8bc)
Hannu Nyman [Thu, 30 Jul 2020 15:34:02 +0000 (18:34 +0300)]
nano: update to 5.0
Update nano editor to version 5.0.
http://git.savannah.gnu.org/cgit/nano.git/tree/NEWS
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
409633f0ddd4baefc85e89077a6e74fd2135884f)
Rosen Penev [Sun, 9 Aug 2020 02:47:48 +0000 (19:47 -0700)]
Merge pull request #13057 from odmdas/odmdas-freeradius3-Makefile-18.06
[18.06] freeradius3: add missing conffiles to Makefile
Alexey Dobrovolsky [Sat, 8 Aug 2020 21:22:15 +0000 (00:22 +0300)]
freeradius3: add missing conffiles to Makefile
Config files
/etc/freeradius3/policy.d/accounting
/etc/freeradius3/policy.d/filter
/etc/freeradius3/proxy.conf
/etc/freeradius3/sites-available/default
and link
/etc/freeradius3/sites-enabled/default
are in the freeradius3 package and are mentioned in the main config file
/etc/freeradius3/radiusd.conf
Thus, they must be explicitly specified in the Makefile.
File
/etc/freeradius3/sites/default
is not included in the package, is not created during installation,
is not mentioned in the main config file and should therefore be excluded
from the Makefile.
(backported from commit
f6974b8)
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
Rosen Penev [Wed, 5 Aug 2020 20:16:56 +0000 (13:16 -0700)]
Merge pull request #13023 from stangri/18.06-simple-adblock
[18.06] simple-adblock: README and config update
Stan Grishin [Tue, 4 Aug 2020 22:51:00 +0000 (22:51 +0000)]
simple-adblock: README and config update
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Tue, 4 Aug 2020 03:03:12 +0000 (20:03 -0700)]
Merge pull request #12999 from jjm2473/libtasn1-support-host-compile
libtasn1: add host build
Andy Walsh [Fri, 13 Dec 2019 16:15:42 +0000 (17:15 +0100)]
libtasn1: add host-build
* samba4 complains that it cant find the libasn1 host bins
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(cherry picked from commit
42e9057d41f9d59916daa9d716734f25a666b55a)
Rosen Penev [Mon, 3 Aug 2020 20:38:18 +0000 (13:38 -0700)]
Merge pull request #12989 from jjm2473/netatalk-fix-CE-dtrace
netatalk: fix compile error in mac os
Liangbin Lian [Sat, 1 Aug 2020 16:17:53 +0000 (00:17 +0800)]
netatalk: fix compile error in mac os
fix compile error in mac os when dtrace installed.
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
Rosen Penev [Sat, 1 Aug 2020 23:00:32 +0000 (16:00 -0700)]
Merge pull request #12991 from jjm2473/libgpg-error-fix-gawk50-3
libgpg-error: Fix compilation with GAWK 5.0
Liangbin Lian [Sat, 1 Aug 2020 16:10:50 +0000 (00:10 +0800)]
libgpg-error: Fix compilation with GAWK 5.0
Patch from Upstream.
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
Rosen Penev [Mon, 20 Jul 2020 10:24:50 +0000 (03:24 -0700)]
Merge pull request #12882 from jefferyto/python3-backport-patches-openwrt-18.06
[openwrt-18.06] python3: Backport security fixes
Jeffery To [Mon, 20 Jul 2020 09:43:45 +0000 (17:43 +0800)]
python3: Backport security fixes
This backports fixes for security issues, including:
* CVE-2020-14422: Hash collisions in IPv4Interface and IPv6Interface
* CVE-2019-20907: Infinite loop in the tarfile module
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Hannu Nyman [Sat, 18 Jul 2020 11:11:34 +0000 (14:11 +0300)]
haveged: update to 1.9.13
Update haveged to version 1.9.13.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
28cf20129081f9c6b8778b243cc3df1f610544c4)
Rosen Penev [Tue, 30 Jun 2020 21:33:05 +0000 (14:33 -0700)]
Merge pull request #12661 from jefferyto/python-3.6.11-openwrt-18.06
[openwrt-18.06] python3: Update to 3.6.11
Jeffery To [Tue, 30 Jun 2020 16:01:28 +0000 (00:01 +0800)]
python3: Update to 3.6.11
This contains a fix for CVE-2020-8492 (Denial of service in
urllib.request.AbstractBasicAuthHandler)[1].
[1]: https://docs.python.org/release/3.6.11/whatsnew/changelog.html#python-3-6-11-release-candidate-1
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Rosen Penev [Fri, 26 Jun 2020 05:18:08 +0000 (22:18 -0700)]
Merge pull request #12615 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: re-add conffiles and add description to Makefile
Stan Grishin [Fri, 26 Jun 2020 03:09:53 +0000 (03:09 +0000)]
https-dns-proxy: re-add conffiles and add description to Makefile
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Thu, 25 Jun 2020 21:22:22 +0000 (14:22 -0700)]
Merge pull request #12598 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: bugfix: remove eDNS support
Stan Grishin [Thu, 25 Jun 2020 19:41:07 +0000 (19:41 +0000)]
https-dns-proxy: bugfix: remove eDNS support
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Sun, 21 Jun 2020 20:22:52 +0000 (23:22 +0300)]
haveged: update to 1.9.12
Update haveged to version 1.9.12
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
6392d50c3180b5da7a4ba041decf7a229d0e1c53)
Hannu Nyman [Sun, 14 Jun 2020 18:12:12 +0000 (21:12 +0300)]
haveged: update to 1.9.11
Update haveged to version 1.9.11
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
ca30b0ff91846a407469f6a77d1cbaf6b150d06d)
Karel Kočí [Wed, 11 Mar 2020 10:17:33 +0000 (11:17 +0100)]
haveged: move init script from 13 to 01
This is intended as a match with standard urngd. They serve same purpose
and urngd starts as first with 00. Starting haveged later can create
issues if you replace urngd with it. The example problem is if
uci-defaults script decides to generate certificate. Haveged can supply
entropy but it is started later and to mitigate this urngd would still
have to be installed. This means that haveget can't serve as replacement
without moving it to match start order of urngd.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit
1ef38f45d982beb46b2df6d3582ad0bc2b0007ca)
Etienne Champetier [Sat, 13 Jun 2020 22:11:18 +0000 (18:11 -0400)]
Merge pull request #12508 from stangri/18.06-simple-adblock
[18.06] simple-adblock: racially-neutral names
Stan Grishin [Sat, 13 Jun 2020 20:39:21 +0000 (20:39 +0000)]
simple-adblock: racially-neutral names
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Mon, 8 Jun 2020 20:50:52 +0000 (13:50 -0700)]
Merge pull request #12455 from stangri/18.06-simple-adblock
[18.06] simple-adblock: remove obsolete dshield.org links from config
Stan Grishin [Mon, 8 Jun 2020 17:36:02 +0000 (17:36 +0000)]
simple-adblock: remove obsolete dshield.org links from config
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Wed, 3 Jun 2020 15:21:58 +0000 (18:21 +0300)]
Merge pull request #12335 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfix: proper error reporting on failed downloads; lists update script
Stan Grishin [Wed, 27 May 2020 00:26:28 +0000 (00:26 +0000)]
simple-adblock: bugfix: proper error reporting on failed downloads; lists update script
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Sun, 24 May 2020 17:41:28 +0000 (20:41 +0300)]
nano: update to 4.9.3
Update nano version to 4.9.3
Minor bugfix release.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
38be46a7ae496cf9f01dd2fd6fee74bc9f1b2673)
Josef Schlehofer [Tue, 19 May 2020 10:20:26 +0000 (12:20 +0200)]
bind: update to version 9.11.19
Fixes:
CVE-2020-8616
CVE-2020-8617
Remove backported patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Wed, 20 May 2020 16:21:37 +0000 (09:21 -0700)]
Merge pull request #12235 from jefferyto/python-openssl-ca-certs-openwrt-18.06
[openwrt-18.06] python-openssl,python3-openssl: Add dependency on ca-bundle
Jeffery To [Wed, 20 May 2020 07:46:59 +0000 (15:46 +0800)]
python-openssl,python3-openssl: Add dependency on ca-bundle
The ssl module assumes OpenSSL can load the default trust anchors (root
CA certificates).
From https://github.com/openwrt/packages/issues/12209
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jan Kardell [Mon, 8 Oct 2018 09:57:14 +0000 (11:57 +0200)]
Python: Fix compile of host modules
Add -rpath linker option to host build, pointing to staging/hostpkh/lib.
It's needed to find the correct host libs during runtime, without it the
hosts libs may be used instaead, causing failures.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit
0311e58bb645b8f5a2b96528d78edc90c811ed94)
Jan Kardell [Mon, 1 Oct 2018 17:13:44 +0000 (19:13 +0200)]
Python3: Fix host build on OpenSUSE
The linker option -rpath is required to find libs in staging_dir. Now it
is included when building host modules. Without it the import test of
the _ctypes and _uuid modules would fail. The _ctypes module uses
libffi.so.6 from staging, but OpenSUSE LEAP 15 has libffi.so.7.
It will also fail on LEAP 42.x, Fedora28 and 29 and future or old
versions of Ubuntu.
Fix needed in master and 18.06 branches.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit
6ade5a1e3adb189d062b707e2b8f731c9faab844)
Josef Schlehofer [Tue, 19 May 2020 09:50:37 +0000 (11:50 +0200)]
unbound: update to version 1.10.1
Fixes:
CVE-2020-12662
CVE-2020-12663
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Hannu Nyman [Mon, 18 May 2020 05:49:19 +0000 (08:49 +0300)]
Merge pull request #12207 from micmac1/mar-1806-10413
[18.06] mariadb: minor version bump with CVE fixes
Sebastian Kemper [Sun, 17 May 2020 22:24:28 +0000 (00:24 +0200)]
mariadb: bump to 10.1.45
Fixes:
CVE-2020-2752
CVE-2020-2812
CVE-2020-2814
This commit also moves mysql_upgrade to the client package and installs
the configuration files readable for all, so that the clients can read
them.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Michael Heimpold [Sat, 16 May 2020 11:48:47 +0000 (13:48 +0200)]
php7: update to version 7.2.31
This fixes:
- CVE-2019-11048
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
2e6bd4cb86682b224803325127d3f777d40b3231)
Hannu Nyman [Mon, 11 May 2020 12:09:22 +0000 (15:09 +0300)]
Merge pull request #12142 from EricLuehrsen/unbound_1806_1100
[openwrt-18.06] unbound: update to 1.10.0
Eric Luehrsen [Mon, 11 May 2020 03:55:09 +0000 (23:55 -0400)]
unbound: update to 1.10.0
cherry-pick:
f779ef48cd21474acf72ee151588737273a509c2
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
Hannu Nyman [Sun, 3 May 2020 19:53:02 +0000 (22:53 +0300)]
Merge pull request #12058 from stangri/18.06-vpnbypass
[18.06] vpnbypass: bugfix: remove non-ASCII from system log; update README
Stan Grishin [Sat, 2 May 2020 22:35:55 +0000 (22:35 +0000)]
vpnbypass: bugfix: remove non-ASCII from system log; update README
Signed-off-by: Stan Grishin <stangri@melmac.net>
Josef Schlehofer [Fri, 1 May 2020 09:47:42 +0000 (11:47 +0200)]
youtube-dl: update to version 2020.3.24
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Wed, 29 Apr 2020 08:57:13 +0000 (10:57 +0200)]
Merge pull request #11995 from jefferyto/python-2.7.18-openwrt-18.06
[openwrt-18.06] python: Update to 2.7.18, refresh patches
Jeffery To [Tue, 28 Apr 2020 22:06:21 +0000 (06:06 +0800)]
python: Update to 2.7.18, refresh patches
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
yurtesen [Tue, 12 Nov 2019 15:53:51 +0000 (17:53 +0200)]
mwan3: Fix json_load fails with some data
Sometimes the return value of `ubus -S call network.interface.wan status`
cause `json_load` to return `Failed to parse message data` error.
To avoid this, the JSON data always should be quoted with double quotes.
Signed-off-by: Evren Yurtesen <eyurtese@abo.fi>
Removed quoatation marks from commit heading
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
94e0c78826b15c95c40bfa82bbf8bba35dc56961)
Rosen Penev [Sat, 22 Feb 2020 02:55:13 +0000 (18:55 -0800)]
libarchive: update to 3.4.2
Switch to normal tarballs. Remove autoreconf as a result.
Several Makefile cleanups for consistency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
c22dd1bf74fa5836a88fa417b467767bcfe8a4ff)
(cherry picked from commit
2085b990ffc875a5157c02a9e2b5bd04c8eb35b3)
Jan Pavlinec [Thu, 16 Jan 2020 14:47:08 +0000 (15:47 +0100)]
libarchive: update to version 3.4.1 (security fix)
Fixes CVE-2019-19221
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from
df634dcc926650de22248b89620c649c0fef7602)
(cherry picked from commit
ba43556aed90705bc04fd074d39ee6ea012a71f2)
Josef Schlehofer [Wed, 22 Apr 2020 16:04:10 +0000 (18:04 +0200)]
php7: update to version 7.2.30
Fixes:
CVE-2020-7066
CVE-2020-7064
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
09738290a319cc2af74a0be9a52aa5a76b6ca98e)
Michael Heimpold [Sun, 26 Jan 2020 20:53:14 +0000 (21:53 +0100)]
php7: fix dependencies for mysqlnd (fixes #11113)
When during the build the openssl extension is also selected, then
the mysqlnd extension depends on it, too.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
50b1cd3757497a569538d751f4681a40df1b1202)
Hannu Nyman [Wed, 22 Apr 2020 17:57:48 +0000 (20:57 +0300)]
Merge pull request #11926 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfix: start downloads on cold boot/fresh install
Stan Grishin [Wed, 22 Apr 2020 17:46:23 +0000 (17:46 +0000)]
simple-adblock: bugfix: start downloads on cold boot
Signed-off-by: Stan Grishin <stangri@melmac.net>
tripolar [Tue, 21 Apr 2020 08:04:02 +0000 (10:04 +0200)]
Merge pull request #11907 from BKPepe/18.06-git
[18.06] git: update to version 2.20.4
Josef Schlehofer [Tue, 21 Apr 2020 06:11:24 +0000 (08:11 +0200)]
git: update to version 2.20.4
Fixes CVE-2020-11008
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
projects / feed / packages.git / log