William Fleurant [Tue, 20 Aug 2019 01:11:02 +0000 (21:11 -0400)]
yggdrasil: bump to 0.3.9
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry-picked from
7296ff1b5ce8661d6acd31fdbbc8f793a51a00e6)
Josef Schlehofer [Sat, 28 Sep 2019 22:44:41 +0000 (00:44 +0200)]
golang: Update to version 1.13.1
Fixes CVE-2019-16276
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
65b7bd6cc04ba92fb573e8b98c72729baa70c1a9)
Josef Schlehofer [Sat, 28 Sep 2019 21:07:14 +0000 (23:07 +0200)]
youtube-dl: Update to version 2019.9.28
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
9ed0d76b34f7584f13016a028b1208a8cef5fc71)
Josef Schlehofer [Fri, 27 Sep 2019 12:42:50 +0000 (14:42 +0200)]
dnscrypt-proxy2: Update to version 2.0.27
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
b9fbb90fd4a75b33c9f14a2590c06961d638566a)
Jan Pavlinec [Wed, 10 Jul 2019 14:17:52 +0000 (16:17 +0200)]
expat: update to version 2.2.7 (security fix)
Fixes:
CVE-2018-20843
Changes:
add PKG_CPE_ID
switch to xz
remove maintainer
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from commit
70c62ef2d77aef5d8a27ccca2b147bc2a69dc7f8)
Claudius Ellsel [Sat, 28 Sep 2019 14:50:13 +0000 (16:50 +0200)]
adblock: More cosmetic changes and more detailed installation instructions to README.md
Signed-off-by: Claudius Ellsel <claudius.ellsel@live.de>
(cherry picked from commit
6121af755da85affdd172765e93915ca5414cf35)
Claudius Ellsel [Mon, 23 Sep 2019 13:52:56 +0000 (15:52 +0200)]
adblock: Cosmetic changes to README.md
Add code blocks for easier reading and change "dns" to "DNS".
Signed-off-by: Claudius Ellsel <claudius.ellsel@live.de>
(cherry picked from commit
088a14e5cefdebd677c4f97aa49799f38cc82e88)
Johannes Rothe [Thu, 19 Sep 2019 21:17:42 +0000 (23:17 +0200)]
travelmate: add support for optional args in auto-login script
This can be helpful for example in hotels where you need to
enter a new user/password combination every week.
Signed-off-by: Johannes Rothe <mail@johannes-rothe.de>
(cherry picked from commit
a7f87f939dda6855d4b727c29eb10a6f2f6ac150)
Jeffery To [Fri, 13 Sep 2019 09:28:42 +0000 (17:28 +0800)]
golang: Use new -trimpath option when compiling Go packages
Go 1.13 added a new -trimpath option to the "go build" command[1] that
removes system paths from compiled executables. This replaces the
previous -trimpath flags.
There are still system paths in the compiled executable (for crti.o and
crtn.o, when cross-compiling); these appear to be stripped during the
packaging process.
[1]: https://golang.org/doc/go1.13#trimpath
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry-picked from commit
22ee6e86a08d1e59608c50495d25e49378174e5a)
Xingwang Liao [Fri, 6 Sep 2019 03:00:58 +0000 (11:00 +0800)]
golang: Update to 1.13
Signed-off-by: Xingwang Liao <kuoruan@gmail.com>
(cherry-picked from commit
0849e326590ab87e4368718d1b9a7554a93420c4)
Josef Schlehofer [Thu, 26 Sep 2019 16:41:37 +0000 (18:41 +0200)]
netdata: Update to version 1.17.1
Patch 002 - Force Python3 is no longer applying, let's try to throw it
away to see if it is still necessary
Patch 003 - Was backported from the master branch and it was included in
Netdata version 1.17.0
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit
5e89816)
Rosen Penev [Fri, 27 Sep 2019 23:07:32 +0000 (16:07 -0700)]
Merge pull request #10097 from neheb/boooo
[19.07]Update boost and other fixes
Richard Yu [Fri, 27 Sep 2019 10:40:10 +0000 (18:40 +0800)]
dump1090: update to 3.7.2
and use GitHub release tarball instead of git
Signed-off-by: Richard Yu <yurichard3839@gmail.com>
(cherry-picked from
a6a0f4edeef28ec6eca7cfad9b37f6fd996d0fa1)
Rosen Penev [Tue, 30 Jul 2019 21:52:45 +0000 (14:52 -0700)]
dump1090: Update to version 3.7.1
Repository was moved.
Also cleaned up Makefile slightly.
Ran init script through shellcheck.
Added PKG_BUILD_PARALLEL for faster compilation.
Added several CFLAGS and LDFLAGS for smaller size.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
f3245e6c7dcd8e169fe67d7f3cd125a74b056627)
Rosen Penev [Fri, 5 Jul 2019 06:30:48 +0000 (23:30 -0700)]
cmdpad: Fix compilation with musl
When passing -Wimplicit-function-declaration
Also got rid of std=gnu89. It's easy to patch out.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
1b5e4883a4704835b67c7a16a158ed7bad981c4a)
Rosen Penev [Sat, 22 Jun 2019 19:13:47 +0000 (12:13 -0700)]
gammu: Update to 1.40.0
Cleaned up Makefile for consistency between packages.
Switched to CMAKE_INSTALL to get rid of the InstallDev section.
Refreshed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
2e2929366bf719531c6e4b1591cccfde58172d55)
Rosen Penev [Mon, 15 Jul 2019 19:51:43 +0000 (12:51 -0700)]
ykpers: Update to 1.20.0
Cleaned up Makefile for consistency between packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
db6e6ac24a60377dd963be1aef1c1f48dea316d7)
Rosen Penev [Sat, 20 Jul 2019 04:08:19 +0000 (21:08 -0700)]
zstd: Update to 1.4.3
Bugfix release.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
133a02a1153b2fbe9e00e0ec42109d021a533127)
Rosen Penev [Wed, 31 Jul 2019 21:54:31 +0000 (14:54 -0700)]
mpd: Add SoundCloud support for full variant
The libyajl cleanup commit revealed that it was not being installed
correctly. Now that it is, mpd picks it up properly.
Enabled SoundCloud support for the full variant. Disabled for the mini.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
835bc1df0378d647e8393d910d7ee80541778d8a)
Michal Čihař [Thu, 30 May 2019 17:40:06 +0000 (19:40 +0200)]
mpd: enable pulseaudio in full package
Signed-off-by: Michal Čihař <michal@cihar.com>
(cherry-picked from
2ed62adc5914aa62e5f2e7389cf278dc68bb273c)
Rosen Penev [Thu, 25 Jul 2019 20:34:19 +0000 (13:34 -0700)]
yajl: Update to modern standards
Replaced git:// link with https:// which gets through firewalls easier.
Replaced archive with .xz. The one currently in the mirrors has the wrong
hash. .xz is also smaller than .gz.
Eliminated already default CMake option.
Eliminated Build/InstallDev with CMAKE_INSTALL.
Added PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
2abbc83c9de765a058c3734deb849347452858e6)
Hirokazu MORIKAWA [Fri, 16 Aug 2019 02:23:47 +0000 (11:23 +0900)]
node: fix http/2 DoS
This is a security release.
Node.js, as well as many other implementations of HTTP/2,
have been found
vulnerable to Denial of Service attacks.
See https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
for more information.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from
81bccf9068edc734ea904ecd63166630fcc69826)
Hirokazu MORIKAWA [Thu, 1 Aug 2019 07:43:13 +0000 (16:43 +0900)]
node: fix host build error on macOS
fix host build error on macOS
reference: https://github.com/openwrt/packages/issues/9616
Related: https://github.com/openwrt/packages/issues/7171
(This correspondence is necessary to build with macOS.)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from
c69d5a02413a35a3a25e6b42a3b467393705f97a)
Rosen Penev [Fri, 26 Jul 2019 17:43:54 +0000 (10:43 -0700)]
opencv: Update to 4.1.1
Update Makefile to modern standards.
Switched to local tarballs..xz archives are smaller. The .gz archive that
codeload comes with is 85MB.
Replaced PKG_INSTALL with CMAKE_INSTALL to get rid of Build/InstallDev.
Added PKG_BUILD_PARALLEL for faster compilation.
Removed inactive maintainer.
Added uClibc-ng patches to fix compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
f8cd4f094a6ab185034d95a77201f87064c55d62)
Rosen Penev [Fri, 27 Sep 2019 19:09:37 +0000 (12:09 -0700)]
Merge pull request #10084 from BKPepe/sentrysdk-1907
[OpenWrt 19.07] python-sentry-sdk: Update to version 0.12.2
Rosen Penev [Thu, 26 Sep 2019 05:39:28 +0000 (22:39 -0700)]
boost: Switch to blacklist of targets for context
Works around a buildbot bug.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
dc3220736d974bf12a00ece96b008e54579515bd)
Rosen Penev [Mon, 23 Sep 2019 18:11:06 +0000 (11:11 -0700)]
boost: Update host libraries
It seems newer versions of fbthrift require more libraries.
Also added AR7, RB532, and Lantiq ASE to fiber exclusion.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
1f77459acef49003529ce5bf26ed4c476648e097)
Carlos Miguel Ferreira [Mon, 26 Aug 2019 22:39:24 +0000 (23:39 +0100)]
boost: Package Version Update (1.71.0) + bugfixes
This commit updates Boost to version 1.71.0 and disables Boost.Context
for arc and mips64 architectures, since either jump_fcontext or
getcontext are undefined for those architectures.
It also fixes a bug were Boost.Fiber was not properly disabled for
mips32 and mips64 architectures.
Boost.Coroutine2 option was removed since it was redundant. By selecting
the Coroutine package, Coroutine2 is also installed.
Boost.Fiber has been disabled for target brcm47xx_generic and brcm47xx_legacy
due to misssing opcode support from instruction set.
Boost 1.71.0 brings a new header-only library
- Boost.Variant2 [1]
-> A never-valueless, strong guarantee implementation of
std::variant, from Peter Dimov.
More info about Boost 1.71.0 can be found at the usual place [2].
[1]: https://www.boost.org/doc/libs/1_71_0/libs/variant2/doc/html/variant2.html
[2]: https://www.boost.org/users/history/version_1_71_0.html
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
(cherry-picked from
0cd9824623375b11d9f005a0f2c3c8f44b480ef2)
Rosen Penev [Fri, 27 Sep 2019 17:09:44 +0000 (10:09 -0700)]
jamvm: Don't compile on ARM64
Not supported.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
ccd2b767d)
Rosen Penev [Mon, 23 Sep 2019 01:03:30 +0000 (18:03 -0700)]
fbzmq: Size optimizations
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
76b57b0e6cec6dc45a828aef2464ae4173efab11)
Rosen Penev [Mon, 12 Aug 2019 04:46:29 +0000 (21:46 -0700)]
fbthrift: Update to 2019-09-22
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
7139cddccf73a6e67a80e808c8f760dd3da9e1f8)
Rosen Penev [Mon, 12 Aug 2019 04:44:07 +0000 (21:44 -0700)]
libwangle: Update to 2019.09.22.00
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
43a8e02bb8f97cc88f5a4df9de7eaf7486bfef9b)
Rosen Penev [Fri, 13 Sep 2019 21:42:39 +0000 (14:42 -0700)]
librsocket-cpp: Update to 2019-09-22
Added URLs.
Added needed Boost patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
164e706f9da9a14a9b283f2e07e117142a0968a9)
Rosen Penev [Mon, 12 Aug 2019 02:53:10 +0000 (19:53 -0700)]
libfizz: Update to 2019.09.22.00
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
0f209e988c011f0df5da533a10576fb2384ab797)
Rosen Penev [Mon, 12 Aug 2019 02:30:43 +0000 (19:30 -0700)]
libfolly: Update to 2019.09.22.00
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
d28d9aa4dcf8d52bee0efb5593a31f094354a08a)
Jan Pavlinec [Thu, 19 Sep 2019 14:07:09 +0000 (16:07 +0200)]
treewide: add PKG_CPE_ID for cvescanner
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from
ceadbcbb64de727c3a974e552d9a723d532e4e40)
Jan Pavlinec [Thu, 12 Sep 2019 12:13:21 +0000 (14:13 +0200)]
treewide: add PKG_CPE_ID for better cvescanner coverage
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from
bf2f1a02636a9b74e1d824cab384b8f3f9e7d819)
Rosen Penev [Sat, 10 Aug 2019 20:44:07 +0000 (13:44 -0700)]
libgd: Properly disable iconv support
HAVE_ICONV and HAVE_ICONV_H are two different headers that both need to
evaluate to false. Added the extra CONFIGURE_VARS.
This can be verified by passing -Werror=implicit-function-declaration
Added PKG_LICENSE_FILES
Updated homepage URL.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
bf2f1a02636a9b74e1d824cab384b8f3f9e7d819)
Jan Pavlinec [Wed, 4 Sep 2019 10:58:06 +0000 (12:58 +0200)]
samba4: update to version 4.9.13 (security fix)
Fixes CVE-2019-10197
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from
ad16f2a851aeab46856bbf812e7794cbcecf1a69)
Oever González [Sun, 1 Sep 2019 05:02:04 +0000 (23:02 -0600)]
samba4: remove double quotes for renice
The double quote thells the shell that the list returned from `pidof` is a
single argument, therefore, `renice` will cry about a malformed input.
With this commit, `renice` will be applied correctly to all the returned PIDs
from `pidof`.
The output of `renice` for the quoted list is as follows:
`renice: invalid number '6592 6587 6586 6574'`
`renice` does not show and does apply the nice value if the list is unquoted.
Signed-off-by: Oever González <notengobattery@gmail.com>
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from
c45974d0a32498810f305cb26746f45045b38008)
Andy Walsh [Tue, 30 Jul 2019 09:09:17 +0000 (11:09 +0200)]
samba4: add python2 host dependency
* add python2/host dependency
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(cherry-picked from
c02ef3ae7f0f0087e0ad5e0080d8e94d72c02de2)
Rosen Penev [Mon, 29 Jul 2019 00:51:00 +0000 (17:51 -0700)]
samba4: Run init script through shellcheck
Some performance improvements by batching file writes.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
d03b88b5b0edcdf72a3f6ea0d58b5b39e5ad81e0)
Andy Walsh [Wed, 10 Jul 2019 12:40:01 +0000 (14:40 +0200)]
samba4: revert to 4.9.11
* revert to 4.9.x series (4.10 needs too many unofficial patches and has weird waf bugs)
* cleanup patches
* enable AD_DC build option again
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(cherry-picked from
2f2a4bccd9fa1fdad7b001fad276ce485e76acbe)
Eneas U de Queiroz [Wed, 10 Jul 2019 20:23:15 +0000 (17:23 -0300)]
logrotate: move config option to menu
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry-picked from
f6c9e2bacd98741cdb0b231a40e8dc189084f2cb)
Rosen Penev [Tue, 2 Jul 2019 19:10:56 +0000 (12:10 -0700)]
logrotate: Add ACL support
Various Makefile cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
788318625de9fecd924d4d413c9a9c8558ba3d66)
Sven Eckelmann [Mon, 2 Sep 2019 13:15:08 +0000 (15:15 +0200)]
treewide: Change .*GPL.*+ licenses to SPDX compatible identifier
The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL
licenses. But a lot of packages did use a different, non-SPDX style with a
"+" at the end instead of "-or-later".
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry-picked from
bbb1ea7345f367ed675dcfe40e36ac32ddf8a2e1)
Florian Eckert [Mon, 8 Jul 2019 06:17:13 +0000 (08:17 +0200)]
keepalived: update version to 2.0.18
Update version to 2.0.18
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked from
333324f973cac180ac34fee6867928bc64fba18f)
Florian Eckert [Mon, 29 Jul 2019 08:42:17 +0000 (10:42 +0200)]
keepalived: fix shellcheck warnings
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked from
7a207f87afacb706021b8535b7cb85557bef8ed9)
Nikos Mavrogiannopoulos [Wed, 3 Jul 2019 19:32:35 +0000 (21:32 +0200)]
ocserv: updated to 0.12.4
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
(cherry-picked from
cefb2f03e256760087a9794f7a8d7ba129833891)
Florian Eckert [Mon, 29 Jul 2019 13:20:43 +0000 (15:20 +0200)]
stunnel: fix some shellcheck warnings
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked from
6713d1d771dbf29f640cc08271e01dfc97a6389f)
Florian Eckert [Mon, 8 Jul 2019 06:18:01 +0000 (08:18 +0200)]
stunnel: update version to 5.55
Update version to 5.55
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry-picked from
a17e90591ccafde29e13acf0b8b5fd2c200b6824)
Sven Eckelmann [Sun, 1 Sep 2019 12:16:12 +0000 (14:16 +0200)]
ap51-flash: upgrade package to latest release 2019.0
* improved Zyxel firmware detection
* introduced optional MAC address filtering
* added support for:
- Plasma Cloud PA300
- Plasma Cloud PA1200
- Plasma Cloud PA2200
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry-picked from
22062b10c66b287597df5507173743683a85f9db)
Luiz Angelo Daros de Luca [Mon, 19 Aug 2019 04:06:09 +0000 (01:06 -0300)]
hplip: bump to 3.19.6
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry-picked from
fdeb5f81718198c2602f59723ba3852c7176fa93)
Rosen Penev [Tue, 30 Jul 2019 22:28:32 +0000 (15:28 -0700)]
geth: Update to 1.9.1
Remove Upstreamed patch.
Minor cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
03b1d7c4d46414345c7a7cc97a53966930046961)
Rosen Penev [Sun, 11 Aug 2019 20:58:21 +0000 (13:58 -0700)]
jamvm: Add host build
Needed for classpath. GCJ is also needed but that can be dealt with
separately.
Fix compilation with musl by defining _GNU_SOURCE. What's funny here is
that if __USE_GNU gets replaced, the host build fails. The man page says
_GNU_SOURCE for pthread_getattr_np but glibc violates that statement.
Removed classpath dependency. classpaths must select jamvm, not the other
way around.
Removed target whitelist. Switched to blacklist.
Fixed License information.
Various other cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
2972cc98ebfb512d394ffe406410961545821936)
Rosen Penev [Sun, 11 Aug 2019 21:08:50 +0000 (14:08 -0700)]
classpath: Add jamvm/host build dependency
This is needed for compilation. A Java compiler is also needed but that
must be handled elsewhere.
Fixed up license information.
URLs to HTTPS.
Other Makefile cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
1862f908ebdd68ce734f6ed29b83d5320cde06af)
Rosen Penev [Thu, 27 Jun 2019 23:52:47 +0000 (16:52 -0700)]
libshout: Update to 2.4.3
Removed inactive maintainer.
Rearranged Makefile for consistency between packages.
Added --without-pic to avoid both -fPIC and -fpic.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
9bacdfa9a2680d1a0e4da241a4b4ce399db77099)
Rosen Penev [Tue, 30 Jul 2019 22:34:16 +0000 (15:34 -0700)]
libtasn1: Update to 4.14
Fixes CVE-2018-
1000654
Minor cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
8482407d7c946c385f1325ca4a71775cc66a5cec)
Russell Senior [Sun, 1 Sep 2019 22:50:25 +0000 (15:50 -0700)]
patch: rename CVE-2019-13638 patch to mollify uscan
Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry-picked from
604102a865d2f64de787f3b5967b4f38d15f76f1)
Russell Senior [Sun, 11 Aug 2019 19:43:41 +0000 (12:43 -0700)]
patch: apply upstream patch for CVE-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style
diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-
1000156.
https://nvd.nist.gov/vuln/detail/CVE-2019-13638
Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry-picked from
b82198ff479c4f425da96534f5049bc7d3808065)
Russell Senior [Mon, 29 Jul 2019 20:14:19 +0000 (13:14 -0700)]
tools/patch: apply upstream patch for CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.
https://nvd.nist.gov/vuln/detail/CVE-2019-13636
Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry-picked from
c8142f1ac11f0c529992ca8766d38e225ac14418)
Rosen Penev [Thu, 26 Sep 2019 20:32:03 +0000 (13:32 -0700)]
Merge pull request #10086 from adde88/openwrt-19.07
Openwrt 19.07
Andreas Nilsen [Thu, 26 Sep 2019 17:47:29 +0000 (19:47 +0200)]
hcxtools: Update to v5.2.2
Signed-off-by: Andreas Nilsen <adde88@gmail.com>
Andreas Nilsen [Thu, 26 Sep 2019 17:47:08 +0000 (19:47 +0200)]
hcxdumptool: Update to v5.2.2
Signed-off-by: Andreas Nilsen <adde88@gmail.com>
Josef Schlehofer [Thu, 26 Sep 2019 16:24:21 +0000 (18:24 +0200)]
python-sentry-sdk: Update to version 0.12.2
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Karl Palsson [Mon, 23 Sep 2019 10:41:49 +0000 (10:41 +0000)]
net/mosquitto: bump to 1.6.7
Fixes compatibility with newer libwebsockets versions.
Fixes performance issues with websockets
Fixes potential crash on config reload
Fixes CVEs: CVE-2019-11778 and CVE-2019-11779
Various MQTTv5 fixes.
Skips releases with critical regressions
Changelog for 1.6.7:
https://mosquitto.org/blog/2019/09/version-1-6-7-released/
Changelog for 1.6.5:
https://mosquitto.org/blog/2019/09/version-1-6-5-released/
Changelog for 1.6.6:
https://mosquitto.org/blog/2019/09/version-1-6-6-released/
Signed-off-by: Karl Palsson <karlp@etactica.com>
Hannu Nyman [Wed, 25 Sep 2019 16:13:00 +0000 (19:13 +0300)]
Merge pull request #10064 from stangri/19.07-simple-adblock
[19.07] simple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README
Hannu Nyman [Wed, 25 Sep 2019 16:11:40 +0000 (19:11 +0300)]
Merge pull request #10072 from gladiac1337/haproxy-2.0.6-openwrt-19.07
[openwrt-19.07] haproxy: Update HAProxy to v2.0.6
Christian Lachner [Wed, 25 Sep 2019 09:36:07 +0000 (11:36 +0200)]
haproxy: Update HAProxy to v2.0.6
- Update haproxy download URL and hash
- Add new patches
Signed-off-by: Christian Lachner <gladiac@gmail.com>
W. Michael Petullo [Sun, 22 Sep 2019 23:10:32 +0000 (19:10 -0400)]
pigeonhole: update to 0.5.7.2
Fixes CVE-2019-11500.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry-picked from
707c683fbab21e609500b2f058f061e6c17887ff)
Josef Schlehofer [Sun, 8 Sep 2019 21:57:37 +0000 (23:57 +0200)]
dovecot: Update to version 2.3.7.2
Fix CVE-2019-11500
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from
5275c4156b34693c16748137d1601fcb243eca5f)
Jan Pavlinec [Tue, 27 Aug 2019 11:21:33 +0000 (13:21 +0200)]
usbip: disable ASLR PIE
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from commit
ff216608a0fca3abec2999ed9f5aea92df17ae6b)
Stan Grishin [Tue, 24 Sep 2019 16:12:08 +0000 (09:12 -0700)]
simple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Tue, 27 Aug 2019 21:46:21 +0000 (14:46 -0700)]
libredblack: Pass CFLAGS
CFLAGS were not being passed. This was breaking builds with ASLR.
Pass proper PIC command to gcc with $(fPIC).
Don't install static libraries. Keep those for InstallDev only.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
fbcf61d9d3716dc2e0c2f458e38405ee674afbab)
Rosen Penev [Fri, 2 Aug 2019 22:14:57 +0000 (15:14 -0700)]
libredblack: Update to 1.3
Technically the same version, but this uses the normal tarball instead of
a random GitHub repository.
Cleaned up Makefile as a result.
Removed Python dependency. rbgen is not used for the package.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
6e8cb556e4640d1c3556cb204de3aa7ac57dc056)
Rosen Penev [Tue, 27 Aug 2019 22:21:19 +0000 (15:21 -0700)]
keyutils: Pass OpenWrt CFLAGS directly.
Needed for compilation with PKG_ASLR_PIE.
Replaced Build/Compile with PKG_INSTALL.
Adjusted install paths for consistency.
Added license information.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
ccc3b6d44a3e8c21dae3e011fa18195625ac27b3)
Rosen Penev [Tue, 27 Aug 2019 22:08:07 +0000 (15:08 -0700)]
libpbc: Pass CFLAGS properly
This was breaking ASLR builds.
Fixed license tag.
Added PKG_BUILD_PARALLEL for faster compilation.
Small Makefile cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
43f811ad5b3869ec5fa50259e498feae8abfb9f0)
Rosen Penev [Tue, 27 Aug 2019 22:03:52 +0000 (15:03 -0700)]
crconf: Pass CFLAGS properly
CFLAGS were not being passed, breaking ASLR builds.
Switched to using PKG_SOURCE_DATE for the version.
Added PKG_BUILD_PARALLEL for faster compilation.
Added license information.
Small Makefile cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
35a258a55cc51822d5db30e54619ee65242daf10)
Rosen Penev [Tue, 27 Aug 2019 21:55:36 +0000 (14:55 -0700)]
madplay: Pass CFLAGS properly
CFLAGS were not being passed which was breaking ASLR builds.
Fixed license header.
Added PKG_BUILD_PARALLEL for faster compilation.
Added PKG_INSTALL for consistency.
Passed proper $(FPIC) value.
Several other Makefile cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
76c0bea36be93e5d1a134dde0ec104c709114f0b)
Rosen Penev [Tue, 27 Aug 2019 21:38:24 +0000 (14:38 -0700)]
atftp: Update to 0.7.2
Fixes issue where CFLAGS were not being passed. This was breaking ASLR
builds.
Added PKG_BUILD_PARALLEL for faster compilation.
Added PKG_INSTALL. Changed install paths based on PKG_INSTALL paths.
Added --disable-debug to make sure debug code is disabled.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
946dfed856bb049e0ee229593830b355c75350b2)
Rosen Penev [Thu, 29 Aug 2019 18:59:20 +0000 (11:59 -0700)]
v4l2rtspserver: Update to 0.1.8
Updated live555 to 2019.08.28
Add TARGET_CFLAGS to LIVE555 CFLAGS to fix compilation with ASLR.
Several other Makefile cleanups and optimizations.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from
523eeaed54699420c00605d98dc2e4c70807925c)
Rosen Penev [Tue, 17 Sep 2019 20:31:25 +0000 (13:31 -0700)]
Merge pull request #10019 from dibdot/adblock-19.07
[19.07] adblock: update 3.8.6
Dirk Brenken [Tue, 17 Sep 2019 11:59:08 +0000 (13:59 +0200)]
adblock: update 3.8.6
* refine stop logic to prevent needless dns backend restarts
and other oddities
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
Karel Kočí [Sat, 29 Jun 2019 09:46:25 +0000 (11:46 +0200)]
python-intelhex: add new package
This is Python library to parse, generate and in general handle files
in Intel HEX format.
Signed-off-by: Karel Kočí <cynerd@email.cz>
(cherry-picked from commit
306e276a3b829612786ce47625acdd12f4d59118)
Karel Kočí [Mon, 16 Sep 2019 11:14:48 +0000 (13:14 +0200)]
bigclown-firmware-tool: update to version 1.4.1
This release updates: bcf create --from
There are no dependencies changes introduced by upstream and changes are
of limited character.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry-picked from commit
7741e5db4b2666d6861796804fe19265c785012e)
Karel Kočí [Sat, 29 Jun 2019 09:39:40 +0000 (11:39 +0200)]
bigclown-firmware-tool: add new package
This is tool to flash/manage firmware in Bigclown modules.
Signed-off-by: Karel Kočí <cynerd@email.cz>
(cherry-picked from commit
7950442dffe48139cf9f6e670fd71744004b063a)
Karel Kočí [Mon, 16 Sep 2019 11:31:36 +0000 (13:31 +0200)]
bigclown-mqtt2influxdb: update to version 1.2.0
This version introduces new option -d that makes service not to exit on
error. This is brutal solution but is required to protect against
service failure when remote resource is down.
bigclown-mqtt2influxdb is service moving data from MQTT to InfluxDB and
both of those services can and potentially are remote. The original
implementation where it failed when service goes down is not ideal
because network outage or target server outage can later require this
service restart.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry-picked from commti
508e2b865a71be46a6a59032d949c421aae9a8e3)
Karel Kočí [Mon, 16 Sep 2019 11:56:49 +0000 (13:56 +0200)]
python-schema: update to version 0.7.1
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry-picked from commit
7bb6d72a47bd8df69c154e72d2f777da032fa6aa)
Hannu Nyman [Sun, 15 Sep 2019 16:43:34 +0000 (19:43 +0300)]
Merge pull request #9999 from flyn-org/openldap-19.07
openldap: update to 2.4.48
Rosen Penev [Sun, 15 Sep 2019 14:23:20 +0000 (07:23 -0700)]
Merge pull request #9998 from flyn-org/libgcrypt-19.07
libgcrypt: Update to 1.8.5
Rosen Penev [Sun, 15 Sep 2019 14:16:27 +0000 (07:16 -0700)]
Merge pull request #10000 from cshoredaniel/pr-19.07-p910nd-non-root-backport
[19.07] p910nd: Run as non-root by default
Rosen Penev [Sun, 15 Sep 2019 14:16:19 +0000 (07:16 -0700)]
Merge pull request #10002 from cshoredaniel/pr-19.07-uwsgi-cgi-backport
[19.07] uwsgi-cgi: use python3 hostpkg not system python3
Rosen Penev [Sun, 15 Sep 2019 14:15:58 +0000 (07:15 -0700)]
Merge pull request #10001 from cshoredaniel/pr-19.07-msmtp-scripts-backport
[19.07] msmtp-scripts: Backport fix for run-time failure
Daniel F. Dickinson [Tue, 27 Aug 2019 07:37:06 +0000 (03:37 -0400)]
uwsgi-cgi: use python3 hostpkg not system python3
On a Debian system without python3-distutils install, uwsgi-cgi was
failing to build because it couldn't import sysconfig from distutils.
OpenWrt packages should be using the OpenWrt python not the system
python. In addition we need to use python3 not python2, even when
both are available.
(cherry-pick
c387d0923c8ced06f685b487f84ae0836d7f3e9b from master)
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Sat, 27 Jul 2019 03:47:01 +0000 (23:47 -0400)]
p910nd: Run as non-root by default
We add the necessary Makefile, hotplug, config, and init bits
so that p910nd daemon runs as user:group p910nd:lp by default.
This eliminates an unnecessary root daemon.
The hotplug script sets the permissions of the USB lp
device(s) to read-write owner and group and no access to
anyone else, and sets owner root, group lp.
This is allows sufficient privileges to p910nd
to do it's job.
(cherry-pick
932c76fa740acb0d68a46b78e2bc0eafd5fe13d6)
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Thu, 8 Aug 2019 21:50:33 +0000 (17:50 -0400)]
msmtp-scripts: Backport to fix runtime failure
This commit syncs msmtp-scripts with master as current
openwrt-19.07 is broken.
Cherry-picks and squashes the following commits from
master.
6d8cff9a msmtp-scripts: Fix LICENSE information
d163eaea msmtp-scripts: Overhaul and update like upstream
3c15d410 msmtp-scripts: Make conn_test default nc
b9cc3cf2 msmtp-scripts: Fix spool/lock dir permissions
f76408af msmtp-scripts: Add msmtprc permission docs
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Daniel F. Dickinson [Wed, 16 Jan 2019 07:56:33 +0000 (02:56 -0500)]
msmtp: msmtp-scripts: Backport "Enable PROVIDES and ALTERNATIVES"
Backports needed change from master for the next commit (a
combined cherry-pick and squash of required fixes to msmtp-scripts,
due to msmtp-scripts being broken on openwrt-19.07).
Use the PROVIDES mechanism so that msmtp and msmtp-nossl can be be
+depended-on and avoid generating a file level conflict. Also use
alternatives for msmtp-mta and msmtpq-ng-mta with msmtp-mta since
we can only have one sendmail at a time.
(cherry-pick
f76408af486fa7bdfd4cd8ddef2fcc76ab0fd9c4)
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
W. Michael Petullo [Sat, 14 Sep 2019 16:08:53 +0000 (12:08 -0400)]
openldap: update to 2.4.48
Fixes CVE-2019-13565.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Rosen Penev [Mon, 9 Sep 2019 07:26:45 +0000 (00:26 -0700)]
libgcrypt: Update to 1.8.5
Fixed up license information. Only the library is packaged.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Rosen Penev [Thu, 12 Sep 2019 21:14:18 +0000 (14:14 -0700)]
Merge pull request #9966 from dibdot/openwrt-19.07
[19.07] banip: update 0.2.1