feed/packages.git
3 months agobc: takeover the maintainership
Aleksey Vasilenko [Mon, 5 Aug 2024 19:39:20 +0000 (22:39 +0300)]
bc: takeover the maintainership

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agobc: update to 1.07.1
Aleksey Vasilenko [Fri, 26 Jul 2024 13:14:28 +0000 (16:14 +0300)]
bc: update to 1.07.1

- Switch to GNU package URLs
- Switch license to GNU-3.0
- Manually rebase one patch
- Add 3 more patches from Buildroot project

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agotcl: update to 8.6.14
Aleksey Vasilenko [Sat, 3 Aug 2024 07:33:26 +0000 (10:33 +0300)]
tcl: update to 8.6.14

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agov4l2rtspserver: update to v0.3.11 and enable sound
Michel Promonet [Sat, 3 Aug 2024 21:44:54 +0000 (23:44 +0200)]
v4l2rtspserver: update to v0.3.11 and enable sound

Signed-off-by: Michel Promonet <michel.promonet@free.fr>
3 months agoffmpeg: update to 6.1.2
Aleksey Vasilenko [Tue, 6 Aug 2024 19:16:15 +0000 (22:16 +0300)]
ffmpeg: update to 6.1.2

- Remove 020-ioctl patch - upstreamed
- Remove 030-h264-mips patch - implemented slightly different in the upstream
- Two remaining patches are unaffected
- Fixup CPU type detected as ' ' on x86_64

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agolibedit: replace version format with apk compatible version
Jan Hák [Thu, 15 Aug 2024 10:58:36 +0000 (12:58 +0200)]
libedit: replace version format with apk compatible version

Signed-off-by: Jan Hák <jan.hak@nic.cz>
3 months agolibedit: package download protocol has been changed to HTTPS
Jan Hák [Tue, 13 Aug 2024 10:27:38 +0000 (12:27 +0200)]
libedit: package download protocol has been changed to HTTPS

Signed-off-by: Jan Hák <jan.hak@nic.cz>
3 months agolibedit: update to version 20240808-3.1
Jan Hák [Mon, 12 Aug 2024 10:29:39 +0000 (12:29 +0200)]
libedit: update to version 20240808-3.1

Signed-off-by: Jan Hák <jan.hak@nic.cz>
3 months agodocker-compose: Update to version 2.29.2
Javier Marcet [Fri, 16 Aug 2024 12:06:35 +0000 (14:06 +0200)]
docker-compose: Update to version 2.29.2

Release notes:
https://github.com/docker/compose/releases/tag/v2.29.2

Signed-off-by: Javier Marcet <javier@marcet.info>
3 months agoliblz4: update to 1.10.0
Rosen Penev [Tue, 23 Jul 2024 02:21:37 +0000 (19:21 -0700)]
liblz4: update to 1.10.0

Switch to normal tarballs.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 months agolibvorbisidec: update to latest git
Rosen Penev [Sun, 11 Aug 2024 22:44:54 +0000 (15:44 -0700)]
libvorbisidec: update to latest git

Only differences are two crash fixes from Chromium fuzzing.

Also made compatible with APK by just using PKG_SOURCE_DATE instead of a
bogus PKG_VERSION.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 months agolibx264: update to latest master
Rosen Penev [Mon, 12 Aug 2024 02:22:50 +0000 (19:22 -0700)]
libx264: update to latest master

Use PKG_SORUCE_DATE for apk compatibility.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 months agonerdctl: update to 1.7.6
Fabian Lipken [Fri, 16 Aug 2024 13:39:06 +0000 (15:39 +0200)]
nerdctl: update to 1.7.6

Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
3 months agonatmap: allow binding to a port or port range
Ray Wang [Fri, 16 Aug 2024 14:40:45 +0000 (22:40 +0800)]
natmap: allow binding to a port or port range

Signed-off-by: Ray Wang <r@hev.cc>
3 months agoci: fix APK version detection
Paul Spooren [Fri, 16 Aug 2024 08:33:18 +0000 (10:33 +0200)]
ci: fix APK version detection

This action was mostly based on the autorelease CI job and somehow there
is an error that if multiple packages are affected, the path is
concatenated instead of adding a space.

Secondly the APK return code 0 wasn't good enough for the if condition
and caused it to trigger even on valid versions.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 months agoMerge pull request #24765 from dibdot/unbound-gawk
Dirk Brenken [Fri, 16 Aug 2024 07:33:56 +0000 (09:33 +0200)]
Merge pull request #24765 from dibdot/unbound-gawk

unbound: fix gawk incompatibility

3 months agounbound: fix local cnames
Tobias Waldvogel [Tue, 16 Jul 2024 17:38:11 +0000 (19:38 +0200)]
unbound: fix local cnames

For cnames with a local data target the A RR is not resolved and
missing in the response. As most applications don't send another
query and fail, these entries are placed in a rpz zone instead.

Signed-off-by: Tobias Waldvogel <tobias.waldvogel@gmail.com>
3 months agoci: check if packages use an APK compatible version
Paul Spooren [Thu, 15 Aug 2024 09:23:59 +0000 (11:23 +0200)]
ci: check if packages use an APK compatible version

APK uses a deterministic version schema, have the CI check that changed
packages actually follow that version schema.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 months agocrowdsec-firewall-bouncer: new upstream release version 0.0.29
S. Brusch [Mon, 22 Jul 2024 16:20:39 +0000 (16:20 +0000)]
crowdsec-firewall-bouncer: new upstream release version 0.0.29

Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Run tested: mediatek/filogic, BPI-R3, Openwrt 23.05.4

Description:
 - updated to new upstream release version 0.0.29
 - added retry_initial_commit option to init script (by Quba1)
 - aligned namings in script with crowdsec-firewall-bouncer

Co-authored-by: Quba1 <22771850+Quba1@users.noreply.github.com>
3 months agohev-socks5-server: update to 2.6.7
Ray Wang [Tue, 13 Aug 2024 15:21:49 +0000 (23:21 +0800)]
hev-socks5-server: update to 2.6.7

This commit follows the upstream project's change of license from GPLv3
to MIT.

Link: https://github.com/heiher/hev-socks5-server/commit/3175713e779a98f1d53fc4463b3e83944155ddbc
Signed-off-by: Ray Wang <r@hev.cc>
3 months agonatmap: update to 20240813
Ray Wang [Tue, 13 Aug 2024 15:15:01 +0000 (23:15 +0800)]
natmap: update to 20240813

Signed-off-by: Ray Wang <r@hev.cc>
3 months agounbound: fix gawk incompatibility 24765/head
Dirk Brenken [Fri, 9 Aug 2024 12:48:48 +0000 (14:48 +0200)]
unbound: fix gawk incompatibility

* fix gawk incompatibility in iptools.sh

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 months agoMerge pull request #24738 from stangri/master-pbr
Stan Grishin [Wed, 14 Aug 2024 07:25:34 +0000 (00:25 -0700)]
Merge pull request #24738 from stangri/master-pbr

pbr: update to 1.1.6-20

3 months agoMerge pull request #24715 from stangri/master-https-dns-proxy
Stan Grishin [Wed, 14 Aug 2024 07:24:19 +0000 (00:24 -0700)]
Merge pull request #24715 from stangri/master-https-dns-proxy

https-dns-proxy: update to 2023.12.26-1

3 months agoowut: update to 2024.08.09
Eric Fahlgren [Sun, 11 Aug 2024 14:07:04 +0000 (07:07 -0700)]
owut: update to 2024.08.09

Bug fixes:
  efahl/owut@9ecbea5 owut: ensure shell exit status is correct

Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
3 months agolibucontext: Update to latest upstream version 1.3.1
Volker Christian [Mon, 12 Aug 2024 11:38:53 +0000 (13:38 +0200)]
libucontext: Update to latest upstream version 1.3.1

Signed-off-by: Volker Christian <me@vchrist.at>
3 months agolua-eco: update to 3.6.0
Jianhui Zhao [Tue, 13 Aug 2024 06:14:44 +0000 (14:14 +0800)]
lua-eco: update to 3.6.0

A new package lua-eco-packet added since 3.6.0.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
3 months agorust: update to 1.80.1
Luca Barbato [Tue, 13 Aug 2024 07:21:47 +0000 (07:21 +0000)]
rust: update to 1.80.1

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
3 months agoinih: remove r from version
Rosen Penev [Sun, 11 Aug 2024 22:50:29 +0000 (15:50 -0700)]
inih: remove r from version

Adds compatibility with APK. Switches from codeload to local tarballs.
Smaller and simpler.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 months agogcc: add GCC 14.2
Rui Salvaterra [Tue, 7 May 2024 10:27:37 +0000 (11:27 +0100)]
gcc: add GCC 14.2

Deleted (upstreamed):

020-Include-safe-ctype.h-after-C-standard-headers-to-avo.patch [1]
021-libcc1-fix-vector-include.patch [2]

All other patches automatically rebased.

[1] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=9970b576b7e4ae337af1268395ff221348c4b34a
[2] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=5213047b1d50af63dfabb5e5649821a6cb157e33

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 months agoqemu: update version to 9.0.2
Vladimir Ermakov [Sun, 11 Aug 2024 10:29:23 +0000 (12:29 +0200)]
qemu: update version to 9.0.2

- Update version
- Refresh patchset

Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
3 months agoadblock: update to 4.2.1
Dirk Brenken [Sun, 11 Aug 2024 07:31:29 +0000 (09:31 +0200)]
adblock: update to 4.2.1

* added full 1Hosts feed support (4 categories)
* changed the OISD list sources to alternate wildcard domains syntax
* used only the adguard source in default config
* fixed a needless reload delay plus a few cosmetics

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 months agorealtek-poe: update package to v1.1
Martin Kennedy [Fri, 19 Jul 2024 20:03:20 +0000 (16:03 -0400)]
realtek-poe: update package to v1.1

v1.1 contains a minor fix to enable PoE devices with
up to 48 ports.

Signed-off-by: Martin Kennedy <hurricos@gmail.com>
3 months agonetatalk: Update to 3.2.5
Antonio Pastor [Thu, 8 Aug 2024 19:10:33 +0000 (15:10 -0400)]
netatalk: Update to 3.2.5
Compile tested/run: ipq806x

No changes to package other than using latest available codebase.

Signed-off-by: Antonio Pastor <apccv@outlook.com>
3 months agov4l2camera: update to v0.2.1
Michel Promonet [Sun, 4 Aug 2024 19:48:05 +0000 (21:48 +0200)]
v4l2camera: update to v0.2.1

Signed-off-by: Michel Promonet <michel.promonet@free.fr>
3 months agofreeradius3: fixup
Esaaprilia Salsabila [Wed, 7 Aug 2024 08:10:58 +0000 (16:10 +0800)]
freeradius3: fixup

Signed-off-by: Esaaprilia Salsabila <esaapriliasalsabila@gmail.com>
3 months agoMerge pull request #24739 from stangri/master-adblock-fast
Stan Grishin [Sat, 10 Aug 2024 20:25:19 +0000 (13:25 -0700)]
Merge pull request #24739 from stangri/master-adblock-fast

adblock-fast: update to 1.1.2-3

3 months agodhtd: udpate to 1.0.2
Moritz Warning [Tue, 6 Aug 2024 21:28:40 +0000 (23:28 +0200)]
dhtd: udpate to 1.0.2

Signed-off-by: Moritz Warning <moritzwarning@web.de>
3 months agogolang: Update to 1.22.6
Milinda Brantini [Wed, 7 Aug 2024 02:59:41 +0000 (10:59 +0800)]
golang: Update to 1.22.6

go1.22.6 (released 2024-08-06) includes fixes to the go command,
the compiler, the linker, the trace command, the covdata command,
and the bytes, go/types, and os/exec packages.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
3 months agoadblock: update to 4.2.0
Dirk Brenken [Fri, 9 Aug 2024 14:59:49 +0000 (16:59 +0200)]
adblock: update to 4.2.0

* new gawk dependency
* full hagezi support (all 32 categories)
* refine Stevenblack support
* refine whitelist handling
* fixed tcpdump command line for ports other than 53 (see #24685)

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 months agoMerge pull request #23798 from gentoo-root/mwan3-fix-awk
Florian Eckert [Fri, 9 Aug 2024 05:53:45 +0000 (07:53 +0200)]
Merge pull request #23798 from gentoo-root/mwan3-fix-awk

mwan3: Fix awk expression in mwan3_delete_iface_rules

3 months agoMerge pull request #24732 from bluecmd/pr-modemmanager-rpcd
Florian Eckert [Fri, 9 Aug 2024 05:19:15 +0000 (07:19 +0200)]
Merge pull request #24732 from bluecmd/pr-modemmanager-rpcd

modemmanager: make rpcd integration optional

3 months agonode: bump to v20.16.0
Hirokazu MORIKAWA [Thu, 8 Aug 2024 05:48:20 +0000 (14:48 +0900)]
node: bump to v20.16.0

Notable Changes
process: add process.getBuiltinModule(id)
doc: doc-only deprecate OpenSSL engine-based APIs
inspector: fix disable async hooks on Debugger.setAsyncCallStackDepth

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
3 months agoMerge pull request #24753 from mhei/php8-update-to-8.3.10
Michael Heimpold [Thu, 8 Aug 2024 05:20:48 +0000 (07:20 +0200)]
Merge pull request #24753 from mhei/php8-update-to-8.3.10

php8: update to 8.3.10

3 months agomodemmanager: make rpcd integration optional 24732/head
Christian Svensson [Sat, 3 Aug 2024 13:30:39 +0000 (15:30 +0200)]
modemmanager: make rpcd integration optional

ModemManager does not depend on Lua by its own, so make it possible to
not have a requirement on Lua if the rpcd integration is not needed.

Signed-off-by: Christian Svensson <blue@cmd.nu>
3 months agocloudflared: Update to 2024.8.2
Milinda Brantini [Wed, 7 Aug 2024 03:17:13 +0000 (11:17 +0800)]
cloudflared: Update to 2024.8.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
3 months agodnsproxy: Update to 0.72.3
Milinda Brantini [Wed, 7 Aug 2024 03:19:52 +0000 (11:19 +0800)]
dnsproxy: Update to 0.72.3

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
3 months agophp8: update to 8.3.10 24753/head
Michael Heimpold [Sun, 4 Aug 2024 19:41:14 +0000 (21:41 +0200)]
php8: update to 8.3.10

Upstream changelog:
https://www.php.net/ChangeLog-8.php#8.3.10

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
3 months agopbr: update to 1.1.6-20 24738/head
Stan Grishin [Sat, 3 Aug 2024 23:17:13 +0000 (23:17 +0000)]
pbr: update to 1.1.6-20

This version is the final version supporting iptables and:

* it separates the old iptables/nft-capable init script from the new nft-only init script
* the new nft-script is a significant rewrite of the old recursive calls/policy parsing
  and tries to create inline nft sets which offers performance improvements

Signed-off-by: Stan Grishin <stangri@melmac.ca>
3 months agoclamav: add missing dependency
Tianling Shen [Sat, 3 Aug 2024 07:18:53 +0000 (15:18 +0800)]
clamav: add missing dependency

clamav needs rust toolchain to build, add $(RUST_ARCH_DEPENDS) to
dependencies to avoid building on unsupported architectures.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 months agobind: bump to 9.20.0
Philip Prindeville [Thu, 30 May 2024 16:29:04 +0000 (10:29 -0600)]
bind: bump to 9.20.0

We no longer use "epoll()", but a new library dependency "liburcu"
(user-space RCU) has been added.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 months agowgsd: add missing dependency
Tianling Shen [Sat, 3 Aug 2024 07:11:32 +0000 (15:11 +0800)]
wgsd: add missing dependency

wgsd is written in Go, add $(GO_ARCH_DEPENDS) to dependencies to avoid
building on unsupported architectures.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 months agogeoipupdate: take over the maintainership
Tianling Shen [Fri, 2 Aug 2024 16:40:52 +0000 (00:40 +0800)]
geoipupdate: take over the maintainership

Matthew Hagan has been absent for two years and this package lacks
proper maintenance. As I'm a user of this package, take over the
maintainership.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 months agogeoipupdate: Update to 7.0.1
Tianling Shen [Tue, 30 Jul 2024 15:02:32 +0000 (23:02 +0800)]
geoipupdate: Update to 7.0.1

- do not touch default configuration
- put the binary into /usr/bin as it's not a "system" application
- update GO_PKG path
- remove useless init script[1]
- other minor clean up

1. The database directory will be automatically created by the program.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 months agoadguardhome: add option config
xiaobo tian [Sat, 3 Aug 2024 04:42:58 +0000 (12:42 +0800)]
adguardhome: add option config

Signed-off-by: xiaobo tian <peterwillcn@gmail.com>
3 months agortpmidi: fix compilation with GCC14 and fmt10.2
Rosen Penev [Fri, 2 Aug 2024 19:45:27 +0000 (12:45 -0700)]
rtpmidi: fix compilation with GCC14 and fmt10.2

Added two patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 months agominizip: update to 4.0.7
Aleksey Vasilenko [Sat, 3 Aug 2024 07:38:24 +0000 (10:38 +0300)]
minizip: update to 4.0.7

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agoadblock-fast: update to 1.1.2-3 24739/head
Stan Grishin [Sat, 3 Aug 2024 23:25:44 +0000 (23:25 +0000)]
adblock-fast: update to 1.1.2-3

This version brings two significant updates:
* support for text labels/names for the external lists
* better processing of the config update files, which cleans up
  entries with missing URLs

Also:
* new config file contains names for all lists
* it tries to match existing URLs with the names from the new config file
  and update user config as part of uci-defaults script
* contains minor updates to copyright/license/upstream URL/README
* updates the config update script to remove sysctl.org list as it's outdated
* adds two new remote lists: Hagezi and 1Hosts

Signed-off-by: Stan Grishin <stangri@melmac.ca>
3 months agokea: update to 2.6.0
Philip Prindeville [Tue, 30 Jul 2024 03:18:01 +0000 (21:18 -0600)]
kea: update to 2.6.0

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 months agogawk: set gawk as an alternative to awk
Christian Svensson [Sat, 3 Aug 2024 15:41:01 +0000 (17:41 +0200)]
gawk: set gawk as an alternative to awk

This makes it possible to build without busybox awk.

Signed-off-by: Christian Svensson <blue@cmd.nu>
3 months agoMerge pull request #24651 from Chris1189/pr/hostname
Stijn Tintel [Sat, 3 Aug 2024 13:02:41 +0000 (16:02 +0300)]
Merge pull request #24651 from Chris1189/pr/hostname

net-snmp: set hostname as sysname

3 months agoexfatprogs: update to 1.2.4
Aleksey Vasilenko [Sat, 3 Aug 2024 07:51:35 +0000 (10:51 +0300)]
exfatprogs: update to 1.2.4

- Use proper tarball instead of codeload
- Remove autoreconf - provided configure works all right

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agolibcurl-gnutls: update to 8.9.1
Aleksey Vasilenko [Sat, 3 Aug 2024 07:27:17 +0000 (10:27 +0300)]
libcurl-gnutls: update to 8.9.1

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agomjpg-streamer: fix option enabled check in init.d
Luiz Angelo Daros de Luca [Fri, 2 Aug 2024 19:46:38 +0000 (16:46 -0300)]
mjpg-streamer: fix option enabled check in init.d

[ "$enabled" ] returns true whatever non-empty value enabled has,
including 0.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
3 months agonetbird: update to 0.28.7
Wesley Gimenes [Sat, 3 Aug 2024 04:06:09 +0000 (01:06 -0300)]
netbird: update to 0.28.7

Signed-off-by: Wesley Gimenes <wehagy@proton.me>
3 months agomariadb: fix compilation with fmt 10.2
Rosen Penev [Fri, 2 Aug 2024 18:53:45 +0000 (11:53 -0700)]
mariadb: fix compilation with fmt 10.2

Upstream backport.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 months agoowut: update to 2024.07.31
Eric Fahlgren [Fri, 2 Aug 2024 21:21:25 +0000 (14:21 -0700)]
owut: update to 2024.07.31

Bug fixes:
  efahl/owut@e329cb9 owut: allow user to specify 'version_code' for build
  efahl/owut@fbafbf1 owut: improve image selection
  efahl/owut@6352b2c config: fix wrong directory in example

Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
3 months agofreeradius3: update version 3.2.5
Esaaprilia Salsabila [Fri, 19 Jul 2024 00:27:45 +0000 (08:27 +0800)]
freeradius3: update version 3.2.5

Signed-off-by: Esaaprilia Salsabila <esaapriliasalsabila@gmail.com>
3 months agocurl: update to 8.9.1
Aleksey Vasilenko [Fri, 2 Aug 2024 10:41:37 +0000 (13:41 +0300)]
curl: update to 8.9.1

- Remove upstreamed patch
- Remove stalled mirrors
- Fixes regression introduced in 8.9.0 update
    OpenWrt issue: https://github.com/openwrt/packages/issues/24693
    Upstream issue: https://github.com/curl/curl/issues/14280

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agolua-eco: update to 3.5.3
Jianhui Zhao [Fri, 2 Aug 2024 03:50:31 +0000 (11:50 +0800)]
lua-eco: update to 3.5.3

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
3 months agohttps-dns-proxy: update to 2023.12.26-1 24715/head
Stan Grishin [Thu, 1 Aug 2024 23:54:18 +0000 (23:54 +0000)]
https-dns-proxy: update to 2023.12.26-1

Makefile:
* update to latest upstream version
* remove PKG_SOURCE_DATE/PKG_SOURCE_RELEASE as they are no longer needed
* set TARGET_CFLAGS/TARGET_LDFLAGS
* update CMAKE_OPTIONS
* add CONFIGURE_ARGS to prepare for building with HTTP/3
* update package URL to upstream repo instead of documentation
* update package/description
* add README.md with link to documentation

init-script:
* do not run within image builder
* add a line which can be uncommented to remove outdated doh_server entries

020-src-options.c-add-version.patch:
* remove it, as it's no longer needed with version set in CMAKE_OPTIONS

Signed-off-by: Stan Grishin <stangri@melmac.ca>
3 months agocryptsetup: update to version 2.7.4 24718/head
Daniel Golle [Thu, 1 Aug 2024 20:04:48 +0000 (21:04 +0100)]
cryptsetup: update to version 2.7.4

Cryptsetup 2.7.4 Release Notes
==============================
Stable bug-fix release.

All users of cryptsetup 2.7 should upgrade to this version.

Changes since version 2.7.3
~~~~~~~~~~~~~~~~~~~~~~~~~~~

* Detect device busy failure for device-mapper table-referenced devices.

  Some device-mapper ioctl failures can disappear in libdevmapper,
  causing the libcryptsetup wrapper to return an invalid error (EINVAL)
  instead of EEXIST or EBUSY. One such case is when there is a device
  creation race, and the device-mapper device name is created, but
  the following mapping table load fails. This can happen because some
  block devices used in table mapping have already been claimed by
  another process (the kernel needs exclusive access).

  The kernel ioctl properly returns EBUSY; this errno is lost in
  libdevmapper (dm_task_get_errno returns 0). It should be fixed by
  libdevmapper in the future.

  Such behavior was seen in the systemd way of handling dm-verity
  devices. With these changes, the code should react for EEXIST and
  EBUSY, as another process has already activated the device.

  Code calling libcryptsetup also must not check the underlying device
  with an exclusive open flag (O_EXCL). Otherwise, it could cause a race
  in the kernel device-mapper, resulting in no process succeeding device
  activation (see also CRYPT_ACTIVATE_SHARED flag below).

* Fix shared activation for dm-verity devices.

  The CRYPT_ACTIVATE_SHARED flag was silently ignored when activating
  dm-verity devices. Dm-verity shared activation is generally safe
  since all verity devices are read-only.

  The shared flag is a way to skip the exclusive access check for the
  device, allowing it to create multiple mappings with the same device or
  properly handle a racy concurrent activation of devices with the same
  name from different processes.

* Add --shared option for veritysetup open action.

  The option allows the data device to be used in multiple device-mapper
  table mappings (skip exclusive access check) or to allow concurrent
  dm-verity device activation of the same device (only one process
  succeeds in this case; the other will return EEXIST or EBUSY).

* Do not use exclusive flag for the allocated backing loop files.

  Using this flag is an undefined operation for opening an existing file.
  The flag should be used only for allocated loop (block) devices.

* Fixes for problems found by static analyzers and Valgrind.

  These include fixes for non-default libgcrypt, NSS, and Nettle
  cryptographic backends, buffer operations to avoid partial read/write,
  and several other workarounds for mostly false positive warnings.

* Fixes to tests and CI scripts.

Cryptsetup 2.7.3 Release Notes
==============================
Stable bug-fix release with security fixes.

All users of cryptsetup 2.7 must upgrade to this version.

Changes since version 2.7.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~

* Do not allow formatting LUKS2 with Opal SED (hardware encryption)
  if the reported logical sector size for the block device and Opal
  encryption logical block differs.

  Such a configuration can lead to a partially encrypted Opal locking
  range or data destruction following the expected locking range.

  Some NVMe drives support multiple LBAF profiles (typically supporting
  512-byte and 4096-byte sector size). Some broken Opal NVMe firmware can
  report bogus encryption size that disagrees with real used sector size.
  This usually happens after low-level NVMe reformatting (LBAF profile
  change with nvme utility) to different sector size.
  Moreover, some firmware versions do not properly reset this even after
  explicit PSID revert.

  Cryptsetup calculates the Opal locking range using the reported block
  size in Opal geometry ioctl.  Unfortunately, the broken firmware drive
  internally uses the logical block size of the block device, which can
  differ. This can lead to two possible situations:

  - Opal reports a smaller block size (512-byte) while the drive uses
  a 4096-byte sector. The configured locking range is then much larger,
  destroying data following the expected locking range setting.

  - Opal reports a larger block size (4096-byte) while the drive uses
  a 512-byte sector. The configured locking range is then much smaller,
  leaving the remaining space in the locking range unencrypted (violating
  the confidentiality of data).

  Cryptsetup now detects this discrepancy and disallows LUKS2 format with
  Opal hardware encryption in such a case.

  For already formatted devices, you will see this warning:
    "Bogus OPAL logical block size differs from device block size."

  If you also used software encryption (dm-crypt over Opal), data will
  still be fully encrypted with software dm-crypt.
  With hw-only encryption,  your configuration is probably already broken
  (insecure or accessing data beyond the assigned area).

  Note that this is caused by bad firmware (seen with multiple vendors),
  and the problem was reported, at least for drives we have access to.

* Fixes to wiping LUKS2 headers after Opal locking area erase.

  As the hardware locking range is destroyed (cryptsetup erase command),
  the LUKS2 header is no longer usable and was partially wiped.
  Now the code fully wipes also the secondary header, as the previous
  code wiped only the primary LUKS area.

  Note that this is an exception, as the normal erase command wipes only
  the keyslots, keeping the LUKS2 header in place.  With Opal encryption,
  the data segment is no longer valid, so the whole LUKS2 header is no
  longer usable.

* Mention the need for possible PSID revert before Opal format for some
  drives (man page).

* Fix Bitlocker-compatible code to ignore newly seen metadata entries.

  Recent Windows OS versions started to include new (undocumented)
  metadata entries in Bitlocker. These entries are now quietly ignored,
  allowing Bitlocker images to open with cryptsetup again.

* Fix interactive query retry if LUKS2 unbound keyslot is present.

  If an unbound keyslot is present, the password query retry count is
  now properly applied.

* Detect unsupported zoned devices for LUKS header devices.

  Zoned devices cannot be written with direct-io and used for LUKS header
  logic in general. Code now rejects placing the LUKS header on a zoned
  device, while you can still create a detached header and use a zoned
  device for encrypted data.

* Allow "capi" cipher format for benchmark command and fix parsing
  of plain IV in "capi" format.

  Some ciphers can be specified only in Linux kernel crypto notation
  (in short, "capi"). Code now allows this format also for benchmark,
  for example, "benchmark -c capi:xts\(aes\)-plain64"
  (that is equivalent to -c aes-xts-plain64).

* Add support for HCTR2 encryption mode.

  The HCTR2 encryption mode was added to the Linux kernel for fscrypt,
  but as it is a length-preserving mode (with sector tweak), it can be
  easily used for disk encryption, too.
  The mode has the same property as wide modes (any change is propagated
  to the whole sector instead of only one block as in XTS mode).

  As it needs a larger initialization vector (32 bytes), we need to add
  an exception in the userspace format code.
  You can now use --cipher aes-hctr2-plain64 for the format operation.

* Source code now uses SPDX license identifiers instead of full
  license preambles.

* Fix missing includes for cryptographic backend that could cause
  compilation errors for some systems.

* Fix tests to work correctly in FIPS mode with recent OpenSSL 3.2.

* Fix various (mostly false positive) issues detected by Coverity.

Cryptsetup 2.7.2 Release Notes
==============================
Stable bug-fix release.

All users of cryptsetup 2.7 should upgrade to this version.

Changes since version 2.7.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Fix activation of OPAL-only encrypted LUKS device with tokens.
  The issue was caused by an invalid volume key check (assert)
  that is impossible without software encryption.

* Fix formatting of OPAL devices with 4096-byte sector size.

* Fix incorrect OPAL locking range alignment calculation if used
  over an unaligned device partition.

* Add --hw-opal-factory-reset option description to the manual page.

* Do not check the passphrase quality for OPAL Admin PIN,
  as this passphrase already exists.

* Update license for FAQ document to CC BY-SA 4.0.

NOTE: Please note that with OPAL-only (--hw-opal-only) encryption,
the configured OPAL administrator PIN (passphrase) allows unlocking
all configured locking ranges without LUKS keyslot decryption
(without knowledge of LUKS passphrase).
Because of many observed problems with compatibility, cryptsetup
currently DOES NOT use OPAL single-user mode, which would allow such
decoupling of OPAL admin PIN access.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 months agolvm2: update to version 2.03.35 and libdm 1.02.199
Daniel Golle [Thu, 1 Aug 2024 20:00:00 +0000 (21:00 +0100)]
lvm2: update to version 2.03.35 and libdm 1.02.199

Version 2.03.25 - 12nd July 2024
================================
  Utilize more radix_tree instead of dm_hash and btree.
  Refactor DM uuid caching from device_mapper directory.
  Enhance checking for DM uuid device.
  Fix lvm shell command completion on tab key (2.03.24).
  Avoid lockd_vg call to lvmlockd for local VGs.
  Allow forced change of locktype from none.
  Handle OPTIONS defined in /etc/sysconfig/lvmlockd.

Version 2.03.24 - 16th May 2024
===============================
  Lvconvert supports VDO options for thin-pool with vdo conversion.
  Improve placement to .data.rel.ro and .rodata sections.
  Fix support for -y and -W when creating thinpool with vdo.
  Bettter support for runtime valgrind detection.
  Allow command interruption when communicating with dmeventd.
  Fix resize of VDO volume used for thin pool data volume.
  Use -Wl,-z,now and -Wl,--as-needed for compilation by default.
  Require 3.7 as minimal version for sanlock.
  Share code for closing opened desriptors on program startup.
  Fix memleak in lvmcache.
  Add configure --with-default-event-activation=ON setting.
  Fix return value from reporter function when hitting internal error.
  Skip checking of pools for lvremove and vgremove commands.
  VDO modprobes dm-vdo for 6.9 kernel and kvdo for older kernel version.
  Fix lvs reporting for VDO volumes with new upstream kernel driver.
  Don't import DM_UDEV_DISABLE_OTHER_RULES_FLAG in LVM rules, DM rules cover it.
  Fix table line generation for cache snapshots using cachevol.
  Enhance lvconvert support for external origins stacking.
  When swapping LV names also swap properties like hostname, time and data.
  Fix removal of stacked external origins.
  Lock filesystem when converting volume to read-only external origin.
  Support external origin between different thin-pool.
  Improve validation of acceptable volumes for external origins.
  Reduce amount of preloaded devices for complex device trees.
  Avoid logging problems from monitoring snapshots with inactive origins.
  Check for cache policy module presence in kernel's builtin modules file.
  Add configure --with-modulesdir to select kernel modules directory.
  Support creation of thin-pool with VDO use for its data volume.

libdm:

Version 1.02.199 - 12nd July 2024
=================================

Version 1.02.198 - 16th May 2024
================================
  Fix static only compilation of libdevmapper.a and dmsetup tool.
  Use better code for closing opened descriptors when starting dmeventd.
  Correct dmeventd -R for systemd environment.
  Restart of dmeventd -R checks pid file to detect running dmeventd first.
  Query with dmeventd -i quickly ends when there is no running dmeventd.
  Enhance dm_get_status_raid to handle mismatching status or reported legs.
  Create /dev/disk/by-label symlinks for DM devs that have crypto as next layer.
  Persist udev db for DM devs on cleanup used in initrd to rootfs transition.
  Process synthetic udev events other than 'add/change' as 'change' events.
  Increase DM_UDEV_RULES_VSN to 3 to indicate changed udev rules.
  Rename DM_NOSCAN to .DM_NOSCAN so it's not stored in udev db.
  Rename DM_SUSPENDED to .DM_SUSPENDED so it's not stored in udev db.
  Do not import DM_UDEV_DISABLE_OTHER_RULES_FLAG from db in 10-dm-disk.rules.
  Test DISK_RO after importing properties from db in 10-dm.rules.
  Also import ID_FS_TYPE in 13-dm-disk.rules from db if needed.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 months agoopentracker: update to git HEAD
Daniel Golle [Thu, 1 Aug 2024 18:57:13 +0000 (19:57 +0100)]
opentracker: update to git HEAD

Most notably opentracker now supported simultanous listening on IPv4 and
IPv6. Hence we no longer need two build variants.

See project git history for details about changes:
https://erdgeist.org/gitweb/opentracker/log/?id=c854b3db9bf620e86481acfcc9fc31eba64bc8e6

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 months agoxz: add patch from upstream to fix mips64/octeon build
Aleksey Vasilenko [Thu, 1 Aug 2024 07:18:49 +0000 (10:18 +0300)]
xz: add patch from upstream to fix mips64/octeon build

Fixes https://github.com/openwrt/packages/issues/24699

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agobottom: update to 0.9.7
Aleksey Vasilenko [Fri, 26 Jul 2024 10:49:26 +0000 (13:49 +0300)]
bottom: update to 0.9.7

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agodnsproxy: Update to 0.72.2
Milinda Brantini [Thu, 1 Aug 2024 03:55:57 +0000 (11:55 +0800)]
dnsproxy: Update to 0.72.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
3 months agomwan3: Fix awk expression in mwan3_delete_iface_rules 23798/head
Maxim Mikityanskiy [Mon, 1 Apr 2024 22:01:48 +0000 (01:01 +0300)]
mwan3: Fix awk expression in mwan3_delete_iface_rules

The awk expression in mwan3_delete_iface_rules splits the `ip rule list`
output by spaces, therefore $1 contains the trailing colon (e.g., "1:",
"1000:"). The < and > operators compare such values as strings instead
of numbers, producing unexpected results (for example, "1:" > "1000").

Change the field separator to ":" for correct number comparison, so that
the right rules are removed.

An example error message that may appear before the fix:

Error: argument "1:" is wrong: preference value is invalid

It happens because `substr($1,0,4)` selects short numbers along with
the colon. In other cases wrong rules may be removed, for example, if
there is rule 10051, then rule 1005 will be removed.

Signed-off-by: Maxim Mikityanskiy <maxtram95@gmail.com>
3 months agocroc: update to 10.0.11
Jonas Jelonek [Wed, 31 Jul 2024 08:43:08 +0000 (08:43 +0000)]
croc: update to 10.0.11

Release notes:
10.0.10: https://github.com/schollz/croc/releases/tag/v10.0.10
10.0.11: https://github.com/schollz/croc/releases/tag/v10.0.11

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
3 months agoeza: update to 0.18.23
Jonas Jelonek [Wed, 31 Jul 2024 08:31:43 +0000 (08:31 +0000)]
eza: update to 0.18.23

Release notes:
0.18.22: https://github.com/eza-community/eza/releases/tag/v0.18.22
0.18.23: https://github.com/eza-community/eza/releases/tag/v0.18.23

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
3 months agogping: update to 1.17.3
Jonas Jelonek [Wed, 31 Jul 2024 08:26:05 +0000 (08:26 +0000)]
gping: update to 1.17.3

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
3 months agolibv4l: update to 1.28.0
Rosen Penev [Mon, 10 Jun 2024 04:39:43 +0000 (21:39 -0700)]
libv4l: update to 1.28.0

Remove backported patch. Also remove seemingly unneeded patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 months agominiupnpd: Enable regex filter
David Yang [Mon, 1 Jul 2024 16:58:07 +0000 (00:58 +0800)]
miniupnpd: Enable regex filter

UPnP rules now may have an optional regex filter on requester's
descriptions. This is a countermeasure against some UPnP exploiters
without shutting down UPnP service completely, albeit they can bypass it
by reporting innocent's descriptions maliciously.

Since the filter specifier is optional, existing valid config files will
still work.

This increases the executable's size by 1.3 kB from original 147.7 kB on
i386.

Signed-off-by: David Yang <mmyangfl@gmail.com>
3 months agominiupnpd: Update to 2.3.7
David Yang [Mon, 1 Jul 2024 16:54:00 +0000 (00:54 +0800)]
miniupnpd: Update to 2.3.7

Update to 2.3.7, and remove patches which are already in upstream.

Signed-off-by: David Yang <mmyangfl@gmail.com>
3 months agoswig: update to 4.2.1
Aleksey Vasilenko [Fri, 26 Jul 2024 11:34:22 +0000 (14:34 +0300)]
swig: update to 4.2.1

- Switch package URL to HTTPS

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agoRevert "curl: update to 8.9.0"
Josef Schlehofer [Wed, 31 Jul 2024 06:27:22 +0000 (08:27 +0200)]
Revert "curl: update to 8.9.0"

With the recent update, it was discovered that curl causes high CPU usage,
until the solution is found, let's revert the commit.

Fixes: https://github.com/openwrt/packages/issues/24693
This reverts commit e29aaab6061a53cfd7880d4bdcbbc61551945a75.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 months agoboinc: update to 8.0.4
Aleksey Vasilenko [Wed, 24 Jul 2024 22:53:20 +0000 (01:53 +0300)]
boinc: update to 8.0.4

- Refresh a patch

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agoxray-core: update to 1.8.23
Milinda Brantini [Tue, 30 Jul 2024 07:54:05 +0000 (15:54 +0800)]
xray-core: update to 1.8.23

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
3 months agoimagemagick: update to 7.1.1.36
Aleksey Vasilenko [Sun, 28 Jul 2024 18:41:41 +0000 (21:41 +0300)]
imagemagick: update to 7.1.1.36

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
3 months agoowut: update to 2024.07.24
Eric Fahlgren [Sun, 28 Jul 2024 13:43:24 +0000 (06:43 -0700)]
owut: update to 2024.07.24

The internal package list order fix depends on openwrt/asu@b7c8a426

Bug fixes:
  efahl/owut@d8af324 maintain internal package list in installation order
  efahl/owut@5bc21c6 armsr platform not detected properly
  efahl/owut@b0570d4 documentation link fixes for ASU server changes

Enhancements:
  efahl/owut@3a213f3 better download rate calculation

Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
3 months agostrongswan: comma separated list for {left,right}subnet
Stephen Baker [Mon, 24 Jun 2024 20:07:03 +0000 (15:07 -0500)]
strongswan: comma separated list for {left,right}subnet

Translate local_subnet and remote_subnet in /etc/config/ipsec into a comma separated list for leftsubnet and rightsubnet in /var/ipsec/ipsec.conf

3 months agoperl: Run make depend to fix build race condition
Andreas Gnau [Tue, 5 Mar 2024 18:30:09 +0000 (19:30 +0100)]
perl: Run make depend to fix build race condition

Run make depend before building perl. This fixes parallel build failures
on machines with a high number of cores.

Example error 1:

    /bin/ln -s /build/staging_dir/hostpkg/usr/bin/generate_uudmap generate_uidmap
    make[5]: ./generate_uudmap: Command not found
    make[5]: *** [Makefile:321: bitcount.h] Error 127

Example error 2:

    /bin/ln -s /build/staging_dir/hostpkg/usr/bin/generate_uudmap generate_udmap
    ./generate_uudmap uudmap.h bitcount.h mg_data.h
    /bin/ln: failed to create symbolic link 'generate_uudmap': File exists
    make[5]: *** [Makefile:325: generate_uudmap] Error 1

Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996953
Link: https://salsa.debian.org/perl-team/interpreter/perl/-/commit/366bc98c916a3455f15c532aa33a5636d2fe2803
Closes: https://github.com/openwrt/packages/issues/8238
Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
4 months agolmdb: update to 0.9.33
Aleksey Vasilenko [Fri, 26 Jul 2024 11:10:16 +0000 (14:10 +0300)]
lmdb: update to 0.9.33

- Don't set PKG_SOURCE_DATE since PKG_SOURCE_VERSION is enough

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
4 months agorsyslog: update to 8.2406.0
Aleksey Vasilenko [Fri, 26 Jul 2024 07:11:39 +0000 (10:11 +0300)]
rsyslog: update to 8.2406.0

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
4 months agolibmaxminddb: update to 1.10.0
Aleksey Vasilenko [Fri, 26 Jul 2024 07:23:40 +0000 (10:23 +0300)]
libmaxminddb: update to 1.10.0

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
4 months agoxz: update to 5.6.2
Aleksey Vasilenko [Fri, 26 Jul 2024 07:29:32 +0000 (10:29 +0300)]
xz: update to 5.6.2

- Refresh a patch

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
4 months agoruby: update to 3.3.4
Luiz Angelo Daros de Luca [Thu, 25 Jul 2024 13:41:37 +0000 (10:41 -0300)]
ruby: update to 3.3.4

Ruby 3.3.4 fixes a regression in Ruby 3.3.3 that dependencies are
missing in the gemspec of some bundled gems: net-pop, net-ftp, net-imap,
and prime. The fix allows Bundler to successfully install those gems on
platforms like Heroku. If your bundle install runs correctly now, you
may not have this issue. Other changes are mostly minor bug fixes.

See: https://www.ruby-lang.org/en/news/2024/07/09/ruby-3-3-4-released/

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
4 months agognunet-fuse: update to 0.21.0
Aleksey Vasilenko [Fri, 26 Jul 2024 07:04:01 +0000 (10:04 +0300)]
gnunet-fuse: update to 0.21.0

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
4 months agoopenfortivpn: update to 1.22.1
Marius Durbaca [Sun, 21 Jul 2024 05:08:40 +0000 (08:08 +0300)]
openfortivpn: update to 1.22.1

Signed-off-by: Marius Durbaca <mariusd84@gmail.com>
4 months agodockerd: Update to 27.1.1
Milinda Brantini [Wed, 24 Jul 2024 04:10:17 +0000 (12:10 +0800)]
dockerd: Update to 27.1.1

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>