Daniel Golle [Wed, 28 Apr 2021 18:06:38 +0000 (19:06 +0100)]
python-gnupg: update to version 0.4.7
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
7b32ab78c0bbef8a538bc61547df3a2de4234ebf)
Jan Hak [Tue, 27 Apr 2021 11:08:21 +0000 (13:08 +0200)]
libedit: update to version
20210419-3.1
Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit
b0870d792b3fd013137d2071c150248e85262d66)
Ansuel Smith [Thu, 22 Apr 2021 23:58:41 +0000 (01:58 +0200)]
atlas-sw-probe: improve key creation
- Exit start if a probe_key is not present
- Add create_key command to generate a private_key based on the provided username in the atlas config.
- Add registration instruction in /etc/atlas
- Rework script to save probe_key on sysupgrade (the key are now adviced to be placed in the /etc/atlas dir and a link is used to make them accessible in the atlas-sw-scripts etc dir)
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit
0afe371babf851d1ce239c75525e99bcef3626d0)
Daniel Golle [Wed, 28 Apr 2021 16:57:17 +0000 (17:57 +0100)]
debian-archive-keyring: update to 2021.1.1
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
640a6ba9bd9accf2e0d07e15b4694bc66cb30790)
Daniel Golle [Wed, 28 Apr 2021 17:38:31 +0000 (18:38 +0100)]
Jinja2: update to version 2.11.3
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
e70965b1aaaec266d6a9fdeb9c815567da3a508f)
Hirokazu MORIKAWA [Fri, 30 Apr 2021 03:48:52 +0000 (12:48 +0900)]
icu: add ABI_VERSION
To prevent inconsistencies in the coming version (69.1).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
1eb29ddc956a857c887190315afa164161ba483a)
Andy Walsh [Thu, 6 May 2021 09:03:26 +0000 (11:03 +0200)]
samba4: update to 4.13.8
* update to 4.13.8
* remove faulty io_uring kernel detection
* fixes CVE's: CVE-2020-27840, CVE-2021-20277, CVE-2020-27840, CVE-2021-20277, CVE-2020-27840, CVE-2021-20277, CVE-2021-20254
* resolves #15512
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
(cherry picked from commit
93b34d4ddad2768c27d03a78e723b5910964aaa0)
Jan Pavlinec [Tue, 13 Apr 2021 12:25:43 +0000 (14:25 +0200)]
unbound: add cache-max-negative-ttl config option
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit
9296409e886ebd937fd702057737add0d97e0dfa)
Noah Meyerhans [Thu, 29 Apr 2021 16:05:26 +0000 (09:05 -0700)]
bind: bump to 9.17.12
Fixes the following security issues:
* CVE-2021-25215 - named crashed when a DNAME record placed in the ANSWER
section during DNAME chasing turned out to be the final
answer to a client query.
* CVE-2021-25214 - Insufficient IXFR checks could result in named serving a
zone without an SOA record at the apex, leading to a
RUNTIME_CHECK assertion failure when the zone was
subsequently refreshed. This has been fixed by adding an
owner name check for all SOA records which are included
in a zone transfer.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
ccb1e8923e6e0269e2443c37362b2b27c121d956)
Aaron Goodman [Wed, 28 Apr 2021 23:42:38 +0000 (19:42 -0400)]
mwan3: allow interfaces with no tracking IPs
In the procd refactor, support for interfaces with no tracking IPs was
inadvertentiy removed. This commit restores the previous behavior
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
(cherry picked from commit
b7ea19bc96e444b6726218abc6db7cd558bbf343)
Florian Eckert [Mon, 3 May 2021 08:52:26 +0000 (10:52 +0200)]
mwan3: update ubus status for not tracked interfaces
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
f1da872cd47b1602dc3014d6b4ee40cd5f9fe855)
Florian Eckert [Mon, 3 May 2021 08:51:44 +0000 (10:51 +0200)]
mwna3: fix whitespace
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
cbc5f0916c3fc6c29ef76a3e0c6c6adf0c2ccb8e)
Josef Schlehofer [Mon, 3 May 2021 18:00:46 +0000 (20:00 +0200)]
hwdata: update to version 0.347
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
22ae08919efc653cfb508be6e2dac90256557bed)
Dirk Brenken [Tue, 4 May 2021 14:32:35 +0000 (16:32 +0200)]
banip: update to 0.7.8
* fix pid file processing of the background monitor plus child
processes (bug reported in the forum)
* made the enabled/disabled switch of the background monitor functional
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
1402b3b56d3ccfcd36aa5331181d43dad59c31ff)
Hannu Nyman [Sat, 1 May 2021 20:50:21 +0000 (23:50 +0300)]
nano: update version to 5.7
Upgrade nano editor to version 5.7.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
765e9868579e1da270b3c831ecf34949013cdf01)
Hirokazu MORIKAWA [Sat, 1 May 2021 00:01:05 +0000 (09:01 +0900)]
icu: add ABI_VERSION
To prevent inconsistencies in the coming version (69.1).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Christian Lachner [Sat, 1 May 2021 09:06:22 +0000 (11:06 +0200)]
haproxy: Update HAProxy to v2.2.14
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Olivier Poitrey [Fri, 30 Apr 2021 15:51:06 +0000 (15:51 +0000)]
nextdns: Update to version 1.32.1
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Dirk Brenken [Fri, 30 Apr 2021 10:02:21 +0000 (12:02 +0200)]
adblock: update to 4.1.2
* preserve DNS cache after adblock processing (unbound & bind)
* fix redirect issue with oisd basic url
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
df8651255fc69a7adae4fa8e65a2d43cf97109d2)
Rosen Penev [Thu, 29 Apr 2021 00:25:53 +0000 (17:25 -0700)]
Merge pull request #15526 from
1715173329/xray-2102
[openwrt-21.02] xray-core: remove PROVIDES
Moritz Warning [Tue, 27 Apr 2021 15:13:27 +0000 (17:13 +0200)]
zerotier: update to 1.6.5
Minor ZeroTier update. Refreshed patches.
Signed-off-by: Moritz Warning <moritzwarning@web.de>
Hirokazu MORIKAWA [Tue, 27 Apr 2021 05:41:37 +0000 (14:41 +0900)]
libupm: Disable node.js support
Library for node.js will be disabled temporarily due to difficulty in supporting the latest node.js.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Josef Schlehofer [Wed, 28 Apr 2021 08:06:05 +0000 (10:06 +0200)]
Merge pull request #15508 from hswong3i/openwrt-21.02-SQUID_enable-ssl-crtd
[openwrt-21.02][cherry-pick] squid: Enable dynamic SSL certificate generation
Wong Hoi Sing Edison [Sun, 25 Apr 2021 02:38:14 +0000 (10:38 +0800)]
squid: Enable dynamic SSL certificate generation
Maintainer: @neheb / @BKPepe / @zhanhb
Compile tested: ipq806x, generic, netgear_r7800, master
Run tested: ipq806x, generic, netgear_r7800, openwrt-19.07
Description:
Squid now only support HTTPS proxy in TCP tunnel mode (e.g. `ssl_bump splice all`):
https_port 3128 ssl-bump tls-cert=/etc/squid/squid.pem generate-host-certificates=on
ssl_bump splice all
In order to operate in SSL Bump mode, we need to compile with `--enable-ssl-crtd` for following configuration:
https_port 3128 ssl-bump tls-cert=/etc/squid/squid.pem generate-host-certificates=on
sslcrtd_program /usr/lib/squid/security_file_certgen -s /car/cache/squid/ssl_db -M 4MB
ssl_bump stare all
ssl_bump bump all
This PR switch the `SQUID_enable-ssl-crtd` into `default y`, therefore default enable SSL Bump mode.
Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
(cherry picked from commit
dbda77686d5dccb3d3999ed2e7dec18aab11fff8)
Hirokazu MORIKAWA [Tue, 27 Apr 2021 05:39:02 +0000 (14:39 +0900)]
libmraa: Disable node.js support
Library for node.js will be disabled temporarily due to difficulty in supporting the latest node.js.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Josef Schlehofer [Tue, 27 Apr 2021 22:01:57 +0000 (00:01 +0200)]
Merge pull request #15518 from
1715173329/yq-2102
[openwrt-21.02] yq: Update to 4.7.1
Tianling Shen [Tue, 27 Apr 2021 11:51:57 +0000 (19:51 +0800)]
xray-core: use `$(INSTALL_DATA)` to install configuration files
Using `$(INSTALL_CONF)` will cause the program has no access to
configurations file when someone enabled the selinux support.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(backported from
bbc6c62c2a029fd716b2bcad68ed3f99478da246)
Tianling Shen [Tue, 27 Apr 2021 11:42:41 +0000 (19:42 +0800)]
xray-core: remove PROVIDES
Xray now is no longer planning to keep compatibility with original
v2ray. Remove PROVIDES before it is totally broken.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(backported from
92efcc295648e9c16f3fb2d183019be9e275c3ea)
Tianling Shen [Mon, 26 Apr 2021 11:18:02 +0000 (19:18 +0800)]
yq: Update to 4.7.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(backported from
633d1dcf583646abd582e85e596463ac21e59235)
Karl Palsson [Mon, 26 Apr 2021 09:36:49 +0000 (09:36 +0000)]
net/mosquitto: port is optional in root config
From mosquitto 2.x, port became optional and deprecated in the config,
and it was recommended that listeners be used instead. Drop the hard
requirement in our config conversion script.
Reported in: https://github.com/openwrt/packages/issues/15506
Signed-off-by: <karlp@etactica.com>
Karl Palsson [Mon, 26 Apr 2021 09:34:52 +0000 (09:34 +0000)]
net/mosquitto: fix log_type conversion in config
As reported in: https://github.com/openwrt/packages/issues/15506
Signed-off-by: Karl Palsson <karlp@etactica.com>
Rosen Penev [Sat, 24 Apr 2021 08:27:35 +0000 (01:27 -0700)]
ksmbd: update to 3.3.9
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
9c6fc23e01a2227770659d0060dbabb491fdff67)
Rosen Penev [Sat, 24 Apr 2021 09:18:40 +0000 (02:18 -0700)]
ksmbd-tools: update to 3.3.9
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
2e7c403fff0d3c07bdd6e5d8f925ce154a473491)
Glenn Strauss [Fri, 23 Apr 2021 23:06:27 +0000 (19:06 -0400)]
lighttpd: patches from upstream
- ignore Content-Length from backend if 101 Switching Protocols
- close HTTP/2 connection after bad password
- skip cert chain build for self-issued certs
- meson zstd fix
- ls-hpack upstream update
- discard some HTTP/2 DATA frames received after response
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
52f85a0e1fd885d5bf9cbb6de74a146aa0d6c843)
Dirk Brenken [Fri, 23 Apr 2021 13:03:53 +0000 (15:03 +0200)]
banip: fix housekeeping
* fix whitelist housekeeping if you switch between normal- and
'whitelist only' mode
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
7cfb0f4657dea6a7844df28268e7e8af6eb00db4)
Florian Eckert [Fri, 23 Apr 2021 09:36:22 +0000 (11:36 +0200)]
Merge pull request #15502 from TDT-AG/pr/
20210422-stunnel
stunnel: update version to 5.59
Josef Schlehofer [Thu, 22 Apr 2021 20:11:18 +0000 (22:11 +0200)]
Merge pull request #15501 from mkrkn/openwrt-21.02
[21.02] openvpn: update to 2.5.2
Magnus Kroken [Wed, 21 Apr 2021 20:45:03 +0000 (22:45 +0200)]
openvpn: update to 2.5.2
Fixes two related security vulnerabilities (CVE-2020-15078) which
under very specific circumstances allow tricking a server using delayed
authentication (plugin or management) into returning a PUSH_REPLY before
the AUTH_FAILED message, which can possibly be used to gather
information about a VPN setup. In combination with "--auth-gen-token" or
a user-specific token auth solution it can be possible to get access to
a VPN with an otherwise-invalid account.
OpenVPN 2.5.2 also includes other bug fixes and improvements.
Add CI build test script.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry-picked from
6186fe732b058ef7f1ae43cce2184ba0c4d90184)
Florian Eckert [Mon, 19 Apr 2021 14:45:19 +0000 (16:45 +0200)]
stunnel: update to 5.59
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
2d56dbfc27f3a954fd34b8b261d576716dbfbed5)
Florian Eckert [Mon, 22 Feb 2021 08:52:52 +0000 (09:52 +0100)]
stunnel: update to 5.58
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
389c7f12cb197f3cef25db44d3787b7175c47776)
Dirk Brenken [Wed, 21 Apr 2021 19:00:52 +0000 (21:00 +0200)]
banip: update to 0.7.7
* add a "whitelist only" mode, this option allows to restrict Internet
access from/to a small number of secure websites/IPs, and block access
from/to the rest of the Internet.
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
515397b009155776e4fd15aaa723875373c75279)
Hirokazu MORIKAWA [Wed, 21 Apr 2021 02:27:24 +0000 (11:27 +0900)]
node: Resolve ICU conflict
Resolve conflicts between OpenWrt's ICU package and the ICU shipped with node.js.
https://github.com/openwrt/packages/issues/15437
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Gerard Ryan [Wed, 21 Apr 2021 11:04:48 +0000 (21:04 +1000)]
dockerd: Updated to 20.10.6
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Gerard Ryan [Wed, 21 Apr 2021 11:04:21 +0000 (21:04 +1000)]
docker: Updated to 20.10.6
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Gerard Ryan [Wed, 21 Apr 2021 11:01:36 +0000 (21:01 +1000)]
libnetwork: Updated to 2021-01-26 for docker 20.10.6
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Gerard Ryan [Wed, 21 Apr 2021 11:00:07 +0000 (21:00 +1000)]
containerd: Updated to 1.4.4 for docker 20.10.6
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Rosen Penev [Wed, 21 Apr 2021 00:29:49 +0000 (17:29 -0700)]
Merge pull request #15478 from rs/nextdns-1.32.0-openwrt-21.02
[21.02] nextdns: Update to version 1.32.0
Daniel Danzberger [Sat, 6 Feb 2021 06:58:38 +0000 (07:58 +0100)]
python-psycopg2: Add new package
Psycopg is the most popular PostgreSQL adapter for the Python programming language
It's used by the python-sqlalchemy for postgresql
This package was removed by this commit for lacking python3 support:
c37b15e1c49cf27de8f34f43e93a7a5c184be9e0
Version 2.8.6 used in this package now supports pyhton3
Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
(cherry picked from commit
7cfb9a04af856b3d09a9768bb104f77dbb1acb68)
Jan Pavlinec [Fri, 26 Mar 2021 11:59:34 +0000 (12:59 +0100)]
atlas-sw-probe: add new package
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit
c65a659e6d9e71a5d74927f40490ee40a16d84db)
Jan Pavlinec [Fri, 26 Mar 2021 11:58:59 +0000 (12:58 +0100)]
atlas-probe: add new package
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit
cb30c106c09f6e8b9a93e87c3de65f3b3a14db8e)
Olivier Poitrey [Tue, 20 Apr 2021 15:08:40 +0000 (15:08 +0000)]
nextdns: Update to version 1.32.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Rosen Penev [Tue, 20 Apr 2021 01:59:33 +0000 (18:59 -0700)]
Merge pull request #15470 from rs/nextdns-1.12.5-openwrt-21.02
[21.02] nextdns: Update to version 1.12.5
Olivier Poitrey [Tue, 20 Apr 2021 01:38:41 +0000 (01:38 +0000)]
nextdns: Update to version 1.12.5
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Rosen Penev [Tue, 20 Apr 2021 00:47:43 +0000 (17:47 -0700)]
Merge pull request #15462 from rs/nextdns-1.12.3-openwrt-21.02
[21.02] nextdns: Update to version 1.12.3
Olivier Poitrey [Mon, 19 Apr 2021 23:23:44 +0000 (23:23 +0000)]
nextdns: Update to version 1.12.3
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Rosen Penev [Mon, 19 Apr 2021 23:08:33 +0000 (16:08 -0700)]
Merge pull request #15458 from rs/nextdns-1.31.3-openwrt-21.02
[21.02] nextdns: Update to version 1.31.3
Olivier Poitrey [Mon, 19 Apr 2021 22:50:29 +0000 (22:50 +0000)]
nextdns: Update to version 1.31.3
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Florian Eckert [Tue, 23 Mar 2021 09:22:12 +0000 (10:22 +0100)]
collectd: update PKG_RELEASE
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
1e2ba94064c3b99bd8543df9283933d84fdc4707)
Florian Eckert [Thu, 11 Mar 2021 15:49:50 +0000 (16:49 +0100)]
collectd: add percent calculation of bad block to ubi plugin
This patche adds the percent evaluation for the bad blocks.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
b4e24c12a6c187565e63b9365df6f88d954bf8c6)
Florian Eckert [Thu, 11 Mar 2021 15:49:18 +0000 (16:49 +0100)]
collectd: prepare ubi plugin for percent calculation
This patche change prepares the ubi plugin to add the bad block evaluation in
percent.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
4927b53333652825a73bf0ecd53914636af6b6d3)
Florian Eckert [Fri, 12 Mar 2021 15:30:31 +0000 (16:30 +0100)]
collectd: upate PKG_RELEASE number
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
6e41bf73ba3e80e206066cbcb8373a82efcbbf95)
Florian Eckert [Mon, 8 Mar 2021 13:40:34 +0000 (14:40 +0100)]
collectd: make compile time debug option configurable
Enables the compiler option that collectd is compiled with
debugging support. This is used at development stages to get
more messages from the collectd during development.
This option is default disabled.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
a4f74eb11c1bfa6d708934b3885be589e39e8851)
Florian Eckert [Mon, 8 Mar 2021 12:00:32 +0000 (13:00 +0100)]
collectd: fix COLLECTD_PLUGINS_SELECTED end of line
This removes the trailing back slash. This is not needed.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
416ba35d50e3381a23caf0ee0d0758a26e29a4f5)
Florian Eckert [Mon, 8 Mar 2021 15:30:53 +0000 (16:30 +0100)]
collectd: fix smart disk detection
On my system the attribute DEVTYPE was not set. The plugin could not
read any data and the function call blocked forever on this function and did
not returned. By removing it, all block devices under `/sys/class/block`
were checked.
Block devices that do not support SMART were not evaluated. The
collected displays the following message.
smart plugin: checking SMART status of /dev/loop4.
smart plugin: unable to open /dev/loop4.
If you do not like this message, you could only enable device in the uci that
does support SMART.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
543a2a970c062c30ac33f49f67ea952eb0adbed3)
Florian Eckert [Mon, 8 Mar 2021 08:56:45 +0000 (09:56 +0100)]
collectd: enable collectd-mod-smart
Switching on compilation for collectd smart plugin.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
092902a87ee14e3b4b0b37a4ddb81719ae27fcc8)
Florian Eckert [Fri, 5 Mar 2021 16:26:45 +0000 (17:26 +0100)]
libatasmart: initial checkin
This library is required by the smart plugin of the collectd.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
87e52cf180921d1fb778298c1ee699e652639b79)
Dirk Brenken [Sat, 17 Apr 2021 07:41:17 +0000 (09:41 +0200)]
adblock: update to 4.1.1
* support the RPZ trigger 'RPZ-CLIENT-IP' to always allow/block certain
clients based on their IP (currently only supported by bind!)
* avoid promiscuous mode in tcpdump setup for adblock reporting
* speed up dns report preparation
* support dns report mailing (/etc/init.d/adblock report mail)
* fix bind autodetection
* update LuCI-frontend (separate PR)
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
c531b6daea6962c32813b5815105343a76746147)
Rosen Penev [Mon, 12 Apr 2021 05:48:55 +0000 (22:48 -0700)]
squid: update to 4.14
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
682aebbaea976bee8aa5cc6e2d5818364256b33f)
Josef Schlehofer [Sun, 18 Apr 2021 11:59:30 +0000 (13:59 +0200)]
psmisc: move killall to /usr/libexec and add ALTERNATIVES
Currently, this package can not be installed while using standard path
of busybox, because binary killall wants to be installed on the same
location as busybox.
Collision:
• /usr/bin/killall: busybox (new-file), psmisc (existing-file)
Many of these binaries, which provides alternatives were moved to
folder /usr/libexec like wget, sed, findutils, less.
So I moved killall to /usr/libexec and others leave in touch and added
ALTERNATIVES for it, because preinstall script is no longer necessary.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
d8969e0fd1db2b2cb544cea19179a05aec5a9c28)
Hannu Nyman [Sun, 18 Apr 2021 15:26:43 +0000 (18:26 +0300)]
irqbalance: upgrade to version 1.8.0
Upgrade irqbalance to version 1.8.0
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
6631cfaa61ff75d97ef1a41c6ec031198103c7df)
Rosen Penev [Sat, 17 Apr 2021 22:40:38 +0000 (15:40 -0700)]
Merge pull request #15441 from
1715173329/yq-2102
[openwrt-21.02] yq: Update to 4.7.0
Tianling Shen [Sat, 17 Apr 2021 19:17:10 +0000 (03:17 +0800)]
yq: Update to 4.7.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(backported from
c4d27271adbbed1c779e212bc79ed351ddde6553)
Eneas U de Queiroz [Thu, 15 Apr 2021 20:03:35 +0000 (17:03 -0300)]
atheepmgr: avoid libpciaccess dependency
HAVE_LIBPCIACCESS that is currently passed through MAKE_VARS to disable
building with libpciaccess can't be set through the environment.
Instead, use CONFIG_CON_PCI, which can be passed through the environment
and will disable libpciaccess.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
52837117541f9a35d60a0e4befac1960ea8675fe)
Josef Schlehofer [Wed, 14 Apr 2021 23:02:34 +0000 (01:02 +0200)]
clamav: add libiconv dependencies when build with NLS
NLS means Native Language Support and when you have it enabled (it is
not default), clamav can not be compiled as it shows following error:
Package clamav is missing dependencies for the following libraries:
libiconv.so.2
Also, it is required that package libiconv-full is compiled first/before
than clamav and then try to compile clamav.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
87be6ffe6076778336f7db752fee0ef5f3f923e8)
Luiz Angelo Daros de Luca [Mon, 12 Apr 2021 21:09:52 +0000 (18:09 -0300)]
openvpn-easy-rsa: add missing configfile
/etc/profile.d/50-openvpn-easy-rsa.sh was not listed as configfile
and changes were lost during upgrades.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit
b0663e2959ff9dc37d0273aa3240a2ef0ed3c611)
Tomas Lara [Tue, 13 Apr 2021 05:37:18 +0000 (01:37 -0400)]
collectd: enable cpufreq for rockchip target
Enable collectd-mod-cpufreq for rockchip
Signed-off-by: Tomas Lara <tl849670@gmail.com>
(cherry picked from commit
6bd8d29b70bf3081d9fe0efe38a36b8f4fed77de)
Luiz Angelo Daros de Luca [Tue, 13 Apr 2021 16:04:54 +0000 (13:04 -0300)]
Merge pull request #15414 from luizluca/21.02/ruby-3.0.1
[21.02] ruby: update to 3.0.1
Jo-Philipp Wich [Fri, 9 Apr 2021 16:52:15 +0000 (18:52 +0200)]
bonding: accept list of slaves in uci list notation
Rework the bonding.sh protocol handler to accept slave interface names
encoded in uci list notation. Also replace ifconfig up/down with ip
link calls while we're at it.
Fixes: #11455
Fixes: https://github.com/openwrt/luci/issues/4473
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
57a77386de7dda12f60bf3021efcde7f059833c8)
Luiz Angelo Daros de Luca [Mon, 12 Apr 2021 21:19:00 +0000 (18:19 -0300)]
ruby: update to 3.0.1
Fixes two CVEs:
CVE-2021-28965: XML round-trip vulnerability in REXML
CVE-2021-28966: Path traversal in Tempfile on Windows
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Hirokazu MORIKAWA [Mon, 12 Apr 2021 01:53:35 +0000 (10:53 +0900)]
node: bump to v14.16.1
April 2021 Security Releases
- OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) (CVE-2021-3450)
- OpenSSL - NULL pointer deref in signature_algorithms processing (High) (CVE-2021-3449)
- npm upgrade - Update y18n to fix Prototype-Pollution (High) (CVE-2020-7774)
OpenSSL-related vulnerabilities do not affect the OpenWrt package. Because OpenWrt's OpenSSL shared library has been updated.
NODEJS_ICU_SMALL is default
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Gregory L. Dietsche [Fri, 9 Apr 2021 01:14:45 +0000 (20:14 -0500)]
safe-search: prevent duplicate cron job installation
This patch prevents multiple cron jobs from being created to run the
safe-search-maintenance script.
To reproduce this bug, perform the following:
- Install safe-search
- Perform an OpenWRT firmware upgrade (choose to preserve user settings)
- Install safe-search again
Signed-off-by: Gregory L. Dietsche <gregory.dietsche@cuw.edu>
(cherry picked from commit
49535edffdd44e1db109f687a5f6e87b7fe0ea3c)
Tiago Gaspar [Sat, 10 Apr 2021 23:21:58 +0000 (00:21 +0100)]
netdata: disable shared memory totals by default
Fix log spam:
daemon.err netdata[2090]: PROCFILE: Cannot open file '/proc/sysvipc/shm'
This is caused by a non existant /proc/sysvipc/shm because of the
CONFIG_PROC_STRIPPED option that is enabled by default in the kernel
generic target config
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit
5f65d87bb7727be85e7d3e02045302d6eb76ff7e)
Stan Grishin [Sun, 11 Apr 2021 01:30:23 +0000 (01:30 +0000)]
https-dns-proxy: bugfix: race condition with dnsmasq
Signed-off-by: Stan Grishin <stangri@melmac.net>
Stan Grishin [Sat, 10 Apr 2021 18:54:49 +0000 (18:54 +0000)]
simple-adblock: update to 1.8.7-3
Signed-off-by: Stan Grishin <stangri@melmac.net>
Dirk Brenken [Fri, 9 Apr 2021 16:42:30 +0000 (18:42 +0200)]
adblock: fix games_tracking source url
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
ec20e9df96f74c29699aa2df8de63cb9a8c32a2a)
Josef Schlehofer [Thu, 8 Apr 2021 21:30:28 +0000 (23:30 +0200)]
Merge pull request #15372 from farmergreg/21.02-safe-search
[21.02] safe-search: check for changed IP addresses weekly
Josef Schlehofer [Thu, 8 Apr 2021 21:28:05 +0000 (23:28 +0200)]
Merge pull request #15371 from farmergreg/21.02-family-dns
[21.02] net/family-dns: Correct Reference to IPKG_INSTROOT
Greg Dietsche [Sun, 28 Feb 2021 19:40:22 +0000 (13:40 -0600)]
family-dns: Correct Reference to IPKG_INSTROOT
IPKG_INSTROOT was misspelled.
Signed-off-by: Gregory L. Dietsche <gregory.dietsche@cuw.edu>
(cherry picked from commit
1569131f952915eb12b91268bdf11df3a005fe75)
Gregory L. Dietsche [Wed, 10 Mar 2021 03:34:24 +0000 (21:34 -0600)]
safe-search: check for changed IP addresses weekly
The current default of hourly is too fast. Some services such as
DuckDuckGo return IPs from a pool based on the user's location instead
of a fixed IP address. This change prevents unnecessary writes to the
flash memory by only updating once per week.
Signed-off-by: Gregory L. Dietsche <gregory.dietsche@cuw.edu>
(cherry picked from commit
7164ccf1553a990d8823bc545d970334fa0cd32e)
Rosen Penev [Mon, 5 Apr 2021 02:31:56 +0000 (19:31 -0700)]
minisatip: add libdvbcsa support
Unconditionally enable with BUILD_PATENTED.
Simplify configure args.
Add missing PKG_CONFIG_DEPENDS
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
3d65773650e42c32a2c30d336f266f4fd8723d40)
Jo-Philipp Wich [Sat, 27 Mar 2021 19:33:44 +0000 (20:33 +0100)]
openvpn: fix invoking user up & down commands from hotplug wrapper
This commit adds a number of fixes to the OpenVPN up/down hotplug command
wrapper which currently fails to actually invoke user defined up and down
commands for uci configurations not using external native configurations.
- Use the `--setenv` to pass the user configured `up` and `down` commands
as `user_up` and `user_down` environment variables respectively
- Instead of attempting to scrape the `up` and `down` settings from the
(possibly generated) native OpenVPN configuration in
`/etc/hotplug.d/openvpn/01-user`, read them from the respective
environment variables instead
- Fix parsing of native configuration values in `get_openvpn_option()`;
first try to parse a given setting as single quoted value, then as
double quoted and finally as non-quoted, potentially white-space
escaped one. This ensures that `up '/bin/foo'` is interpreted as
`/bin/foo` and not `'/bin/foo'`
Ref: https://forum.openwrt.org/t/openvpn-up-down-configuration-ignored/91126
Supersedes: #15121, #15284
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry-picked from commit
7f065a94bb2663d32da7424c777a580d470728a0)
Alexander Egorenkov [Sun, 21 Mar 2021 09:57:31 +0000 (10:57 +0100)]
openvpn: add OpenVPN option server-poll-timeout
See https://www.mankier.com/8/openvpn#--server-poll-timeout
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
(cherry-picked from commit
5789faab67db9b2bde999d24a3dbc26c4a82981d)
Magnus Kroken [Wed, 24 Feb 2021 18:00:23 +0000 (19:00 +0100)]
openvpn: update to 2.5.1
Set myself as maintainer.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry-picked from commit
204c0901b83b20e34ed12e4ea41236e2261d4099)
Jan Pavlinec [Thu, 1 Apr 2021 08:58:11 +0000 (10:58 +0200)]
curl: update to version 7.76.0
Fixes CVE-2021-22876 and CVE-2021-22890
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit
b971310549ac145f88d0251f03ffaa294f51c1e2)
Rafał Dzięgiel [Sun, 2 Aug 2020 09:52:07 +0000 (11:52 +0200)]
libdvbcsa: add new package
Libdvbcsa is a free implementation of the DVB Common Scrambling Algorithm DVB/CSA - with encryption and decryption capabilities.
OpenWrt packages like `tvheadend` and `minisatip` can benefit from it.
Signed-off-by: Rafał Dzięgiel <rafostar.github@gmail.com>
(cherry picked from commit
51c5a8b4bcb5ba4d7447bd6ce77ddc41a46570aa)
Jan Pavlinec [Tue, 6 Apr 2021 10:00:28 +0000 (12:00 +0200)]
python-pytest: update to version 6.2.3
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit
4e979ceb6b5b78c136a5981e85e53f27d31510e3)
Jan Pavlinec [Tue, 6 Apr 2021 10:41:02 +0000 (12:41 +0200)]
knot-resolver: update to version 5.3.1
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit
3e3025b1910b158ce35921b4b6fc22579cf4824b)
Josef Schlehofer [Tue, 6 Apr 2021 20:45:06 +0000 (22:45 +0200)]
youtube-dl: update to version 2021.4.7
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
701ded952a2505d3c39184767d2d55d1e299ec0f)
Josef Schlehofer [Tue, 6 Apr 2021 20:48:19 +0000 (22:48 +0200)]
zeroconf: update to version 0.29.0
Update copyright in Makefile
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
757b0ea64710c692579ca59b4afbd49d4c025728)
Rosen Penev [Wed, 7 Apr 2021 04:48:16 +0000 (21:48 -0700)]
ksmbd: update to 3.3.8
Major changes are:
clean-up codes using checkpatch --strict option.
fix several warning and build failure from linux-next.
change the minimum supported kernel version to v5.4.
use xarray for tree connect list.
fix reviews from lkml.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
fa6f182a21c597cd792bfe83fc68c9c5d0b196b3)