feed/packages.git
2 years agocpusage: add new package
Thomas Huehn [Sat, 8 Oct 2022 13:11:17 +0000 (15:11 +0200)]
cpusage: add new package

This PR adds the new package "cpusage" to OpenWrt packages.
Cpusage is a small utility that prints cpu usage per second as output.

Signed-off-by: Thomas Huehn <thomas.huehn@hs-nordhausen.de>
2 years agoMerge pull request #19529 from blocktrron/qcsuper
David Bauer [Sat, 8 Oct 2022 02:00:50 +0000 (04:00 +0200)]
Merge pull request #19529 from blocktrron/qcsuper

qcsuper: add Package w/ necessary dependencies

2 years agoMerge pull request #19543 from stangri/master-https-dns-proxy
Stan Grishin [Fri, 7 Oct 2022 21:27:38 +0000 (14:27 -0700)]
Merge pull request #19543 from stangri/master-https-dns-proxy

https-dns-proxy: update to 2022-08-12-1

2 years agosamba4: remove duplicate entry from libldb-fix-musl-libc-unkown-type-error.patch
Andrew Sim [Thu, 6 Oct 2022 21:17:28 +0000 (23:17 +0200)]
samba4: remove duplicate entry from libldb-fix-musl-libc-unkown-type-error.patch

Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
2 years agosamba4: update to 4.17.0
Andrew Sim [Thu, 6 Oct 2022 20:44:23 +0000 (22:44 +0200)]
samba4: update to 4.17.0

Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
2 years agoMerge pull request #19486 from TELUS-BBA/zabbix_ssl
Florian Eckert [Fri, 7 Oct 2022 07:40:01 +0000 (09:40 +0200)]
Merge pull request #19486 from TELUS-BBA/zabbix_ssl

zabbix: add variants for SSL support

2 years agoMerge pull request #19453 from commodo/stress-ng
Alexandru Ardelean [Fri, 7 Oct 2022 07:32:29 +0000 (10:32 +0300)]
Merge pull request #19453 from commodo/stress-ng

stress-ng: bump to version 0.14.05

2 years agostress-ng: bump to version 0.14.06 19453/head
Alexandru Ardelean [Sun, 25 Sep 2022 14:12:03 +0000 (17:12 +0300)]
stress-ng: bump to version 0.14.06

no longer needed: 010-dont_define_fortify.patch
upstreamed: 020-stress-sysinval-fix-fstat-fstat64-compat-check.patch

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2 years agohttps-dns-proxy: update to 2022-08-12-1 19543/head
Stan Grishin [Fri, 7 Oct 2022 06:26:21 +0000 (06:26 +0000)]
https-dns-proxy: update to 2022-08-12-1

* update to upstream version 2022-08-12
* add ca_certs_file option for CA certs file for curl
* add procd_add_interface_trigger for wan6 (hopefully fixes
  https://github.com/openwrt/packages/issues/19531)

Signed-off-by: Stan Grishin <stangri@melmac.ca>
2 years agosnowflake: update to version 2.3.1
Daniel Golle [Thu, 6 Oct 2022 15:48:23 +0000 (16:48 +0100)]
snowflake: update to version 2.3.1

 03b2b56f Fix broker race condition
 36f03dfd Record proxy type for proxy relay stats

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoperl-net-dns: update to version 1.35
Daniel Golle [Thu, 6 Oct 2022 15:34:05 +0000 (16:34 +0100)]
perl-net-dns: update to version 1.35

**** 1.35 Oct 4, 2022

    Improve SVCB error reporting.

Fix rt.cpan.org #144328
    accept_reply test fails with matched consecutive "random"
    generated packet->id

Fix rt.cpan.org #144299
    Spelling errors.

**** 1.34 May 30, 2022

    Improve robustness of EDNS option compose/decompose functions.
    Simplify code in Makefile.PL.

Fix rt.cpan.org #142426
    Avoid "Useless use of a constant in void context" warning.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agopcsc-lite: update to verion 1.9.9
Daniel Golle [Thu, 6 Oct 2022 15:32:29 +0000 (16:32 +0100)]
pcsc-lite: update to verion 1.9.9

 1.9.9: Ludovic Rousseau
 11 September 2022
  - SCardEstablishContext() may return SCARD_W_SECURITY_VIOLATION if refused by Polkit
  - Fix SCardReleaseContext() failure on orphan handles
  - Fix SCardDisconnect() on orphan handle
  - pcsc-spy: log the pioSendPci & pioRecvPci SCardTransmit() parameters
  - Improve the log from pcscd: log the return code in text instead of hex
  - Some other minor improvements

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agogawk: update to version 5.2.0
Daniel Golle [Thu, 6 Oct 2022 15:27:31 +0000 (16:27 +0100)]
gawk: update to version 5.2.0

For changes see ChangeLog file[1].

[1]: https://git.savannah.gnu.org/cgit/gawk.git/plain/ChangeLog?h=gawk-5.2.0
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agolibksba: update to version 1.6.1
Daniel Golle [Thu, 6 Oct 2022 14:24:28 +0000 (15:24 +0100)]
libksba: update to version 1.6.1

Update to stable release 1.6.1.
See commit log since version 1.6.0 for changes[1].

[1]: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=shortlog;h=d3c1e063d708a46ef39152256f8b1ea466b61be0
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agognunnet: halt build if any command fails
Eneas U de Queiroz [Thu, 6 Oct 2022 13:02:59 +0000 (10:02 -0300)]
gnunnet: halt build if any command fails

There are many places in the packages' install recipes whith multiple
commands being executed in the same shell invocation, separated with a
semicolon (;).  The return status will depend only on the last command
being run.  The same thing happens in loops, where only the last file
will determine the result of the command.

Change the ';' to '&&', and exit the loop if any operation fails.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2 years agognunnet: don't copy non-existing files
Eneas U de Queiroz [Thu, 6 Oct 2022 13:02:59 +0000 (10:02 -0300)]
gnunnet: don't copy non-existing files

There are six places pointing to files that do not exist any more:
 - gns-import.sh in package gnunet-gns (dropped in v0.11.0)
 - libgnunetdnsstub.so* in gnunet-vpn (integrated into util in v0.11.0)
 - libgnunettun.so* in gnunet-vpn (integrated into util in v0.11.0)
 - gnunet-service-ats-new in package gnunet (dropped in v0.12.0)
 - libgnunetreclaimattribute.so.* (integrated into reclaim in v0.13.0)
 - libgnunetabe.so.* in gnunet-reclaim (dropped in v0.17.2)

They were not noticed because their failing copy commands were part of
loops in which only the last operation had its exit status checked.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2 years agognunet: gnunet-rest: add libjose dependency
Eneas U de Queiroz [Thu, 6 Oct 2022 13:00:54 +0000 (10:00 -0300)]
gnunet: gnunet-rest: add libjose dependency

According to the package's configure.ac, reclaimID OpenID Connect plugin
depends on jose.  It is installed by the gnunet-rest plugin package:
libgnunnetrest_openid_connect.so.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2 years agoacme: remove help info of unused command
Glen Huang [Tue, 4 Oct 2022 12:59:42 +0000 (20:59 +0800)]
acme: remove help info of unused command

Signed-off-by: Glen Huang <i@glenhuang.com>
2 years agoacme: fix acmesh dnsapi dependencies
Glen Huang [Tue, 4 Oct 2022 12:59:22 +0000 (20:59 +0800)]
acme: fix acmesh dnsapi dependencies

Signed-off-by: Glen Huang <i@glenhuang.com>
2 years agozabbix: add variants for SSL support 19486/head
Scott Roberts [Thu, 6 Oct 2022 12:44:03 +0000 (06:44 -0600)]
zabbix: add variants for SSL support
opkg does not offer ssl varients:
zabbix-agentd
zabbix-sender
zabbix-get
zabbix-proxy
zabbix-server

resolve this by adding ssl varients.

Signed-off-by: Scott Roberts <ttocsr@gmail.com>
2 years agoMerge pull request #19476 from TDT-AG/pr/20220928-lcd4linux
Florian Eckert [Thu, 6 Oct 2022 11:03:01 +0000 (13:03 +0200)]
Merge pull request #19476 from TDT-AG/pr/20220928-lcd4linux

lcd4linux: minor init improvments

2 years agoqcsuper: add package 19529/head
David Bauer [Mon, 12 Sep 2022 00:41:27 +0000 (02:41 +0200)]
qcsuper: add package

Signed-off-by: David Bauer <mail@david-bauer.net>
2 years agopython-pycrate: add package
David Bauer [Mon, 12 Sep 2022 00:41:14 +0000 (02:41 +0200)]
python-pycrate: add package

Signed-off-by: David Bauer <mail@david-bauer.net>
2 years agopython-crcmod: add package
David Bauer [Mon, 12 Sep 2022 00:40:46 +0000 (02:40 +0200)]
python-crcmod: add package

Signed-off-by: David Bauer <mail@david-bauer.net>
2 years agoMerge pull request #19372 from cotequeiroz/libgd
Josef Schlehofer [Thu, 6 Oct 2022 09:45:23 +0000 (11:45 +0200)]
Merge pull request #19372 from cotequeiroz/libgd

libgd: avoid recursive and redundant dependencies

2 years agodjango: bump to version 4.1.1
Alexandru Ardelean [Fri, 23 Sep 2022 11:59:42 +0000 (14:59 +0300)]
django: bump to version 4.1.1

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2 years agoMerge pull request #19534 from mhei/php8-pecl-http-update-4.2.3
Michael Heimpold [Thu, 6 Oct 2022 05:40:56 +0000 (07:40 +0200)]
Merge pull request #19534 from mhei/php8-pecl-http-update-4.2.3

php8-pecl-http: update to 4.2.3

2 years agoMerge pull request #19532 from pprindeville/isc-dhcp-drop-gratuitous-named-reload
Philip Prindeville [Wed, 5 Oct 2022 22:01:33 +0000 (16:01 -0600)]
Merge pull request #19532 from pprindeville/isc-dhcp-drop-gratuitous-named-reload

isc-dhcp: avoid gratuitous reload of named

2 years agonode: bump to v16.17.1
Hirokazu MORIKAWA [Wed, 5 Oct 2022 02:27:26 +0000 (11:27 +0900)]
node: bump to v16.17.1

The following CVEs are fixed in this release:
* CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
    * Insufficient fix for macOS devices on v18.5.0
* CVE-2022-32222: Node 18 reads openssl.cnf from /home/iojs/build/ upon startup on MacOS (Medium)
* CVE-2022-32213: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)
    * Insufficient fix on v18.5.0
* CVE-2022-32215: HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)
    * Insufficient fix on v18.5.0
* CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)
* CVE-2022-35255: Weak randomness in WebCrypto keygen
More detailed information on each of the vulnerabilities can be found in September 22nd 2022 Security Releases blog post.

llhttp updated to 6.0.10
llhttp is updated to 6.0.10 which includes fixes for the following vulnerabilities.
* HTTP Request Smuggling - CVE-2022-32213 bypass via obs-fold mechanic (Medium)(CVE-2022-32213 ): The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
* HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215): The llhttp parser in the http module does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
* HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)(CVE-35256): The llhttp parser in the http does not correctly handle header fields that are not terminated with CLRF. This can lead to HTTP Request Smuggling (HRS).

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
2 years agolighttpd: remove deprecated modules
Glenn Strauss [Sat, 1 Oct 2022 07:58:16 +0000 (03:58 -0400)]
lighttpd: remove deprecated modules

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2 years agophp8-pecl-http: update to 4.2.3 19534/head
Michael Heimpold [Wed, 5 Oct 2022 18:52:38 +0000 (20:52 +0200)]
php8-pecl-http: update to 4.2.3

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agoisc-dhcp: avoid gratuitous reload of named 19532/head
Philip Prindeville [Wed, 5 Oct 2022 17:18:33 +0000 (11:18 -0600)]
isc-dhcp: avoid gratuitous reload of named

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2 years agoMerge pull request #19520 from dyarkovoy/master
Florian Eckert [Wed, 5 Oct 2022 14:27:46 +0000 (16:27 +0200)]
Merge pull request #19520 from dyarkovoy/master

mwan3: support offload routing modifier

2 years agomwan3: support offload routing modifier 19520/head
Denys Yarkovyi [Tue, 4 Oct 2022 07:27:16 +0000 (00:27 -0700)]
mwan3: support offload routing modifier

Signed-off-by: Denys Yarkovyi <dyarkovoy@gmail.com>
2 years agoMerge pull request #19527 from stangri/master-https-dns-proxy
Stan Grishin [Wed, 5 Oct 2022 06:41:06 +0000 (23:41 -0700)]
Merge pull request #19527 from stangri/master-https-dns-proxy

https-dns-proxy: add settings for canary domains

2 years agohttps-dns-proxy: add settings for canary domains 19527/head
Stan Grishin [Tue, 4 Oct 2022 22:07:52 +0000 (22:07 +0000)]
https-dns-proxy: add settings for canary domains

* add setting to enable/disable blocking access to iCloud Private Relay resolvers
* add setting to enable/disable blocking access to Mozilla resolvers
* rename variables loaded from config in the init script

Signed-off-by: Stan Grishin <stangri@melmac.ca>
2 years agoMerge pull request #19525 from stangri/master-https-dns-proxy
Stan Grishin [Tue, 4 Oct 2022 22:06:09 +0000 (15:06 -0700)]
Merge pull request #19525 from stangri/master-https-dns-proxy

https-dns-proxy: bugfix: prevent canary domains duplicates

2 years agohttps-dns-proxy: bugfix: prevent canary domains duplicates 19525/head
Stan Grishin [Tue, 4 Oct 2022 21:25:42 +0000 (21:25 +0000)]
https-dns-proxy: bugfix: prevent canary domains duplicates

Signed-off-by: Stan Grishin <stangri@melmac.ca>
2 years agotreewide: fix security issues by bumping all packages using libwolfssl
Petr Štetiar [Mon, 3 Oct 2022 17:03:15 +0000 (19:03 +0200)]
treewide: fix security issues by bumping all packages using libwolfssl

As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.

Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2 years agolcd4linux: add debug option 19476/head
Florian Eckert [Thu, 29 Sep 2022 14:19:53 +0000 (16:19 +0200)]
lcd4linux: add debug option

Setting the DEBUG variable in the init script to '1' enables the
lcd4linux verbose mode, by setting the arg '-vv'. The option also
redirects the error and stdout to the syslog.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agoMerge pull request #19512 from mhei/php8-update-8.1.11 19492/head
Michael Heimpold [Tue, 4 Oct 2022 05:25:06 +0000 (07:25 +0200)]
Merge pull request #19512 from mhei/php8-update-8.1.11

php8: update to 8.1.11

2 years agoMerge pull request #19501 from stangri/master-simple-adblock
Stan Grishin [Tue, 4 Oct 2022 03:59:51 +0000 (20:59 -0700)]
Merge pull request #19501 from stangri/master-simple-adblock

simple-adblock: allow domains bugfix & canary domains support

2 years agoexpat: update to 2.4.9
Nick Hainke [Fri, 30 Sep 2022 10:03:05 +0000 (12:03 +0200)]
expat: update to 2.4.9

Fixes CVE-2022-40674.

Release Notes:
- https://github.com/libexpat/libexpat/blob/R_2_4_8/expat/Changes
- https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agosamba4: update waf-cross-answers
Andrew Sim [Sat, 1 Oct 2022 10:12:34 +0000 (12:12 +0200)]
samba4: update waf-cross-answers
* update waf-cross-answers for 4.14.x

Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
2 years agosamba4: update to 4.14.14
Andrew Sim [Sat, 1 Oct 2022 10:09:32 +0000 (12:09 +0200)]
samba4: update to 4.14.14
* update to 4.14.14
* fixes: CVE-2022-2031, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746, CVE-2022-32742

Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
2 years agopython-stem: update to v1.8.1
Javier Marcet [Sun, 2 Oct 2022 16:58:15 +0000 (18:58 +0200)]
python-stem: update to v1.8.1

Signed-off-by: Javier Marcet <javier@marcet.info>
2 years agophp8: update to 8.1.11 19512/head
Michael Heimpold [Mon, 3 Oct 2022 09:08:08 +0000 (11:08 +0200)]
php8: update to 8.1.11

This fixes:
    - CVE-2022-31628
    - CVE-2022-31629

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agoMerge pull request #19478 from mhei/libmodbus-update-3.1.8
Michael Heimpold [Mon, 3 Oct 2022 08:01:29 +0000 (10:01 +0200)]
Merge pull request #19478 from mhei/libmodbus-update-3.1.8

libmodbus: update to 3.1.8

2 years agoMerge pull request #19497 from mhei/php8-ext-sodium
Michael Heimpold [Mon, 3 Oct 2022 08:01:15 +0000 (10:01 +0200)]
Merge pull request #19497 from mhei/php8-ext-sodium

php8: php8-pecl-sodium with php8-mod-sodium (refs #18997)

2 years agozoneinfo: updated to the latest release
Vladimir Ulrich [Sun, 2 Oct 2022 02:26:50 +0000 (05:26 +0300)]
zoneinfo: updated to the latest release

Signed-off-by: Vladimir Ulrich <admin@evl.su>
2 years agogg: Update to 0.2.13
Tianling Shen [Sun, 2 Oct 2022 04:58:23 +0000 (12:58 +0800)]
gg: Update to 0.2.13

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agodnsproxy: Update to 0.45.2
Tianling Shen [Sun, 2 Oct 2022 04:55:46 +0000 (12:55 +0800)]
dnsproxy: Update to 0.45.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agocloudflared: Update to 2022.9.1
Tianling Shen [Sun, 2 Oct 2022 04:57:25 +0000 (12:57 +0800)]
cloudflared: Update to 2022.9.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agosimple-adblock: allow domains bugfix & canary domains support 19501/head
Stan Grishin [Sat, 1 Oct 2022 23:11:28 +0000 (23:11 +0000)]
simple-adblock: allow domains bugfix & canary domains support

* fix bug in download_lists and adb_allow to prevent unintended exclisions from
  the block-lists of domains containing allowed domain. Fixes issue:
  https://github.com/stangri/source.openwrt.melmac.net/issues/160
* add support for returning NXDOMAIN/blocking iCloud & Mozilla canary domains,
  disabled by default

Signed-off-by: Stan Grishin <stangri@melmac.ca>
2 years agoMerge pull request #19489 from stangri/master-https-dns-proxy
Stan Grishin [Sat, 1 Oct 2022 23:01:33 +0000 (16:01 -0700)]
Merge pull request #19489 from stangri/master-https-dns-proxy

https-dns-proxy: uci wrappers & iCloud canary domains

2 years agophp8-pecl-sodium: drop package, replaced by php8-mod-sodium (refs #18997) 19497/head
Michael Heimpold [Tue, 23 Aug 2022 16:19:56 +0000 (18:19 +0200)]
php8-pecl-sodium: drop package, replaced by php8-mod-sodium (refs #18997)

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agophp8: add sodium extensions (refs #18997)
Michael Heimpold [Tue, 9 Aug 2022 21:30:41 +0000 (23:30 +0200)]
php8: add sodium extensions (refs #18997)

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agohttps-dns-proxy: uci wrappers & iCloud canary domains 19489/head
Stan Grishin [Thu, 29 Sep 2022 23:58:53 +0000 (23:58 +0000)]
https-dns-proxy: uci wrappers & iCloud canary domains

* switch to using uci wrappers instead of direct uci calls
* add support for iCloud canary domains
  https://developer.apple.com/support/prepare-your-network-for-icloud-private-relay

Signed-off-by: Stan Grishin <stangri@melmac.ca>
2 years agobandwidthd: fix format warnings
Rosen Penev [Sun, 18 Sep 2022 00:26:50 +0000 (17:26 -0700)]
bandwidthd: fix format warnings

Should fix crashing errors under musl 1.2

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agodocker-compose: Update to version 2.11.2
Javier Marcet [Tue, 27 Sep 2022 18:10:56 +0000 (20:10 +0200)]
docker-compose: Update to version 2.11.2

Signed-off-by: Javier Marcet <javier@marcet.info>
2 years agoMerge pull request #19447 from turris-cz/unbound
Josef Schlehofer [Thu, 29 Sep 2022 05:11:41 +0000 (07:11 +0200)]
Merge pull request #19447 from turris-cz/unbound

unbound: update to version 1.16.3

2 years agolibmodbus: update to 3.1.8 19478/head
Michael Heimpold [Wed, 28 Sep 2022 19:23:58 +0000 (21:23 +0200)]
libmodbus: update to 3.1.8

- drop obsolete configure argument
- update download url

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agolcd4linux: Possibility added that the config can also be loaded from /tmp
Florian Eckert [Thu, 10 Jun 2021 08:11:25 +0000 (10:11 +0200)]
lcd4linux: Possibility added that the config can also be loaded from /tmp

Until now, the configuration must be stored under '/etc/lcd4linux.conf'.
So that the configuration can also be changed dynamically, it makes
sense to store this under /tmp and load them from this directory.
The init script first checks whether there is a configuration under
'/etc/lcd4linux.conf' and only then does it try to find it under
'/tmp/lcd4linux.conf'. If there is no configuration, an error message
is shown.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2 years agopython3: use tools/expat for host build
Rosen Penev [Sun, 25 Sep 2022 05:07:46 +0000 (22:07 -0700)]
python3: use tools/expat for host build

Oversight from when the expat host build was removed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoMerge pull request #19470 from rmilecki/ddns-scripts-code-cleanup
Rafał Miłecki [Wed, 28 Sep 2022 07:50:51 +0000 (09:50 +0200)]
Merge pull request #19470 from rmilecki/ddns-scripts-code-cleanup

ddns-scripts: clean up code a bit to make it easier to understand

2 years agoddns-scripts: add explicit "-d" switch for Dry Run 19470/head
Rafał Miłecki [Tue, 27 Sep 2022 15:42:58 +0000 (17:42 +0200)]
ddns-scripts: add explicit "-d" switch for Dry Run

It was a bit confusing to use *verbosity* level for Dry Run mode. Add
explicity switch for it and designed DRY_RUN variable to make code
easier to understand.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agoddns-scripts: rename variable: s/ERR_UPDATE/RETRY_COUNT/
Rafał Miłecki [Tue, 27 Sep 2022 15:42:58 +0000 (17:42 +0200)]
ddns-scripts: rename variable: s/ERR_UPDATE/RETRY_COUNT/

Rename variable to make code easier to understand. This variable
specifies how many times in row ddns script tried to update IP without a
success.

Previous name ("ERR_UPDATE") didn't suggest it was for counting
anything. It also didn't specify was error was it related to.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agoddns-scripts: replace IP type (name) "local" with "current"
Rafał Miłecki [Tue, 27 Sep 2022 15:42:58 +0000 (17:42 +0200)]
ddns-scripts: replace IP type (name) "local" with "current"

Local suggests something related to the local network or available
locally only. All that code related to the "local" IP was actually
dealing with *current* device external IP address. Using name "current"
should make code a bit easier to understand.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agoddns-scripts: rename variable: s/retry_count/retry_max_count/
Rafał Miłecki [Tue, 27 Sep 2022 15:42:58 +0000 (17:42 +0200)]
ddns-scripts: rename variable: s/retry_count/retry_max_count/

Rename variable to make code easier to understand. This variable
specifies how many times ddns script should try to send a request.

Previous name ("retry_count") suggested it was for *counting* attempts.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agoMerge pull request #19448 from stangri/master-simple-adblock
Stan Grishin [Tue, 27 Sep 2022 10:37:57 +0000 (03:37 -0700)]
Merge pull request #19448 from stangri/master-simple-adblock

simple-adblock: update to 1.9.1-1

2 years agoMerge pull request #19465 from TELUS-BBA/zabbix6.2
Etienne Champetier [Mon, 26 Sep 2022 19:31:12 +0000 (15:31 -0400)]
Merge pull request #19465 from TELUS-BBA/zabbix6.2

zabbix: update to 6.2.3

2 years agoMerge pull request #19460 from stangri/master-curl
Stan Grishin [Mon, 26 Sep 2022 19:07:38 +0000 (12:07 -0700)]
Merge pull request #19460 from stangri/master-curl

curl: bugfix: github source url

2 years agozabbix: update to 6.2.3 19465/head
Scott Roberts [Mon, 26 Sep 2022 15:41:21 +0000 (09:41 -0600)]
zabbix: update to 6.2.3

Refreshed patches.

Signed-off-by: Scott Roberts <ttocsr@gmail.com>
2 years agolua-eco: adapt SSL choice to libwolfsslcpu-crypto
Eneas U de Queiroz [Mon, 8 Aug 2022 13:30:56 +0000 (10:30 -0300)]
lua-eco: adapt SSL choice to libwolfsslcpu-crypto

libwolfsslcpu-crypto has to be taken into consideration when selecting
the default SSL backend.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2 years agoMerge pull request #19446 from jamesmacwhite/mwan3-config-replace-google-dns
Florian Eckert [Mon, 26 Sep 2022 09:41:43 +0000 (11:41 +0200)]
Merge pull request #19446 from jamesmacwhite/mwan3-config-replace-google-dns

mwan3: Switch default track_ip targets from Google DNS to Cloudflare DNS

2 years agolibs/libwebsockets: Update to 4.3.x
Karl Palsson [Fri, 23 Sep 2022 12:15:56 +0000 (12:15 +0000)]
libs/libwebsockets: Update to 4.3.x

Changes since 4.2 are extensive, as always.
https://libwebsockets.org/git/libwebsockets/tree/changelog?h=v4.3-stable#n4

Eg, Adds CBOR, support for reduced memory CA verification, cookie jars,
mqtt client gains qos2, mbedtls v3, fault injection apis, better support
for event loops.

Signed-off-by: Karl Palsson <karlp@etactica.com>
2 years agolang: lua-penlight: update to 1.13.1
Karl Palsson [Fri, 23 Sep 2022 12:48:32 +0000 (12:48 +0000)]
lang: lua-penlight: update to 1.13.1

These are bugfix and feature releases.

Changes from 1.11->1.12:
https://github.com/lunarmodules/Penlight/blob/master/CHANGELOG.md#1120-2022-jan-10
Changes from 1.12->1.13:
https://github.com/lunarmodules/Penlight/blob/master/CHANGELOG.md#1130-2022-jul-22

Signed-off-by: Karl Palsson <karlp@etactica.com>
2 years agolibs/cjson: bump to 1.7.15
Karl Palsson [Fri, 23 Sep 2022 12:01:25 +0000 (12:01 +0000)]
libs/cjson: bump to 1.7.15

This is a bugfix release.
Full release notes available at: https://github.com/DaveGamble/cJSON/releases/tag/v1.7.15

Signed-off-by: Karl Palsson <karlp@etactica.com>
2 years agopagekite: add patchs for 64bit time
Karl Palsson [Mon, 19 Sep 2022 14:15:27 +0000 (14:15 +0000)]
pagekite: add patchs for 64bit time

Source: https://github.com/pagekite/libpagekite/pull/78

Signed-off-by: Karl Palsson <karlp@etactica.com>
2 years agomosquitto: bump to 2.0.15
Karl Palsson [Mon, 19 Sep 2022 11:45:13 +0000 (11:45 +0000)]
mosquitto: bump to 2.0.15

Changelog: https://mosquitto.org/blog/2022/08/version-2-0-15-released/
Changelog: https://mosquitto.org/blog/2021/11/version-2-0-14-released/

2.0.15 is bigger security and bugfix release.  2.0.14 had a couple of
  minor changes and was skipped for OpenWrt.

Signed-off-by: Karl Palsson <karlp@etactica.com>
2 years agomosquitto: add missing 'persistence' section in config
Ptilopsis Leucotis [Sun, 15 May 2022 04:02:40 +0000 (07:02 +0300)]
mosquitto: add missing 'persistence' section in config

Section 'Persistence' in 'luci-app-mosquitto' is unusable without 'persistence'
section in config file.

Signed-off-by: Ptilopsis Leucotis <PtilopsisLeucotis@yandex.com>
2 years agotor: update to 0.4.7.9
Nick Hainke [Sat, 24 Sep 2022 15:59:40 +0000 (17:59 +0200)]
tor: update to 0.4.7.9

Release Notes:
https://forum.torproject.net/t/urgent-stable-release-0-4-5-14-0-4-6-12-and-0-4-7-10

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agocurl: bugfix: github source url 19460/head
Stan Grishin [Mon, 26 Sep 2022 08:31:56 +0000 (08:31 +0000)]
curl: bugfix: github source url

* fixes https://github.com/openwrt/packages/issues/19456

Signed-off-by: Stan Grishin <stangri@melmac.ca>
2 years agodocker-compose: Update to version 2.11.1
Javier Marcet [Sat, 24 Sep 2022 15:49:53 +0000 (17:49 +0200)]
docker-compose: Update to version 2.11.1

Signed-off-by: Javier Marcet <javier@marcet.info>
2 years agohaproxy: Update HAProxy to v2.6.6
Christian Lachner [Sat, 24 Sep 2022 08:14:54 +0000 (10:14 +0200)]
haproxy: Update HAProxy to v2.6.6

- Update haproxy download URL and hash

Signed-off-by: Christian Lachner <gladiac@gmail.com>
2 years agoMerge pull request #19455 from mhei/mmc-utils-update
Michael Heimpold [Mon, 26 Sep 2022 05:43:35 +0000 (07:43 +0200)]
Merge pull request #19455 from mhei/mmc-utils-update

mmc-utils: update to latest upstream revision

2 years agommc-utils: update to latest upstream revision 19455/head
Michael Heimpold [Sun, 25 Sep 2022 20:13:16 +0000 (22:13 +0200)]
mmc-utils: update to latest upstream revision

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agoadblock: update 4.1.4-5
Dirk Brenken [Sun, 25 Sep 2022 19:00:00 +0000 (21:00 +0200)]
adblock: update 4.1.4-5

* auto-whitelist ext. dns lookup domain
* add public doh server blocklist source
* whitespace fixes in adblock.sources

Signed-off-by: Dirk Brenken <dev@brenken.org>
2 years agoffmpeg: update to 5.1.2
John Audia [Sun, 25 Sep 2022 12:04:14 +0000 (08:04 -0400)]
ffmpeg: update to 5.1.2

Bump to latest upstream version

Signed-off-by: John Audia <therealgraysky@proton.me>
2 years agoopenblas: bump to version 0.3.21
Alexandru Ardelean [Sun, 25 Sep 2022 14:44:00 +0000 (17:44 +0300)]
openblas: bump to version 0.3.21

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2 years agosimple-adblock: update to 1.9.1-1 19448/head
Stan Grishin [Fri, 23 Sep 2022 20:44:12 +0000 (20:44 +0000)]
simple-adblock: update to 1.9.1-1

* remove obsolete block-lists from config
* add removal of obsolete lists to config-update
* add AdGuard team's block-list to config
* improve allow command
* improve nftset support
* move config load to uci_load_validate, which required some code refactoring which
  looks dramatic, but isn't
* always use dnsmasq_restart instead of dnsmasq_hup for all dns resolution options
  for dnsmasq

Signed-off-by: Stan Grishin <stangri@melmac.ca>
2 years agounbound: update to version 1.16.3 19447/head
Josef Schlehofer [Sun, 25 Sep 2022 10:00:55 +0000 (12:00 +0200)]
unbound: update to version 1.16.3

Changelog: https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-16-3
- Fixes: CVE-2022-3204

Refreshed one patch

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agotang: update directory
Rosen Penev [Thu, 22 Sep 2022 23:04:25 +0000 (16:04 -0700)]
tang: update directory

There's no more cache.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoRevert "jose: remove libjose"
Rosen Penev [Thu, 22 Sep 2022 23:02:24 +0000 (16:02 -0700)]
Revert "jose: remove libjose"

This reverts commit 02d6c8346cfae7c2de456800a862a7dd90782858.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoRevert "jose: fix static library usage"
Rosen Penev [Thu, 22 Sep 2022 23:02:05 +0000 (16:02 -0700)]
Revert "jose: fix static library usage"

This reverts commit c61b70918b6c10f6fd726b098474736a7e0ae9cd.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agoMerge pull request #19439 from mhei/php8-more-extensions-19424
Michael Heimpold [Sun, 25 Sep 2022 08:21:56 +0000 (10:21 +0200)]
Merge pull request #19439 from mhei/php8-more-extensions-19424

php8-pecl-xdebug: add package (refs #19424)

2 years agomwan3: Switch default track_ip targets from Google DNS to Cloudflare DNS 19446/head
James White [Sun, 25 Sep 2022 08:05:27 +0000 (09:05 +0100)]
mwan3: Switch default track_ip targets from Google DNS to Cloudflare DNS

Signed-off-by: James White <james@jmwhite.co.uk>
2 years agoMerge pull request #19419 from james-mcguire/master
Dirk Brenken [Sun, 25 Sep 2022 06:55:45 +0000 (08:55 +0200)]
Merge pull request #19419 from james-mcguire/master

adblock: add lightswitch05 source

2 years agosnowflake: run snowflake-proxy with procd-ujail
Daniel Golle [Sun, 25 Sep 2022 00:28:43 +0000 (01:28 +0100)]
snowflake: run snowflake-proxy with procd-ujail

snowflake-proxy doesn't write any files
 => run in read-only rootfs environment

the process needs to read SSL certs but no other files
 => only exposed path is /etc/ssl/certificates (read-only)

running as unpriviledged user with no additional capabilities
 => set no-new-privs bit

By default procd-ujail also isolates the process by executing it in
a separate new IPC and PID namespace.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoadblock: add lightswitch05 blocklist source 19419/head
James McGuire [Sat, 24 Sep 2022 21:49:21 +0000 (14:49 -0700)]
adblock: add lightswitch05 blocklist source

Signed-off-by: James McGuire <jamesm51@gmail.com>