feed/packages.git
4 years agodovecot: disable zstd
Jan Pavlinec [Thu, 10 Sep 2020 10:37:38 +0000 (12:37 +0200)]
dovecot: disable zstd

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit a5c9ef50dc810d3b116b8839ff9729d7f1094d38)

4 years agosyslog-ng: update to version 3.29.1
Josef Schlehofer [Sat, 12 Sep 2020 09:09:50 +0000 (11:09 +0200)]
syslog-ng: update to version 3.29.1

Changelog: https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.29.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 06f3ac21b4d7be5a31f6739ab57e140260cdcd95)

4 years agophp7: update to 7.2.33
Michael Heimpold [Thu, 10 Sep 2020 18:52:06 +0000 (20:52 +0200)]
php7: update to 7.2.33

This fixes:
  - CVE-2020-7068

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
4 years agoMerge pull request #13356 from rs/nextdns-1.8.3-openwrt-19.07
Hannu Nyman [Thu, 10 Sep 2020 17:35:21 +0000 (20:35 +0300)]
Merge pull request #13356 from rs/nextdns-1.8.3-openwrt-19.07

[19.07] nextdns: Update to version 1.8.3

4 years agonextdns: Update to version 1.8.3 13356/head
Olivier Poitrey [Thu, 10 Sep 2020 17:25:37 +0000 (17:25 +0000)]
nextdns: Update to version 1.8.3

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
4 years agognutls: update to version 3.6.15 (security fix)
Jan Pavlinec [Wed, 9 Sep 2020 13:20:21 +0000 (15:20 +0200)]
gnutls: update to version 3.6.15 (security fix)

Fixes:
CVE-2020-24659

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
4 years agoMerge pull request #13336 from rs/nextdns-1.8.2-openwrt-19.07
Rosen Penev [Wed, 9 Sep 2020 05:47:10 +0000 (22:47 -0700)]
Merge pull request #13336 from rs/nextdns-1.8.2-openwrt-19.07

[19.07] nextdns: Update to version 1.8.2

4 years agoMerge pull request #13334 from ja-pa/python-rsa-fix-19.07
Josef Schlehofer [Tue, 8 Sep 2020 14:03:20 +0000 (16:03 +0200)]
Merge pull request #13334 from ja-pa/python-rsa-fix-19.07

[OpenWrt 19.07] python-rsa: downgrade to version 4.5 for python2

4 years agodovecot: update to version 2.3.11.3 (security fix)
Jan Pavlinec [Tue, 8 Sep 2020 10:55:19 +0000 (12:55 +0200)]
dovecot: update to version 2.3.11.3 (security fix)

Fixes:
CVE-2020-12100
CVE-2020-12673
CVE-2020-12674

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 8ae394430adac199ed5ee71df037ad60942ef39e)

4 years agonextdns: Update to version 1.8.2 13336/head
Olivier Poitrey [Tue, 8 Sep 2020 10:33:53 +0000 (10:33 +0000)]
nextdns: Update to version 1.8.2

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
4 years agopython-rsa: downgrade to version 4.5 for python2 13334/head
Jan Pavlinec [Tue, 8 Sep 2020 10:09:39 +0000 (12:09 +0200)]
python-rsa: downgrade to version 4.5 for python2

Note:
This fixes error introduced in https://github.com/openwrt/packages/commit/7af8eaad11ad2e449ed47529f1b325d7643b7817
Version 4.6 doesn't support python2

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
4 years agoMerge pull request #13310 from EricLuehrsen/unbound_20200904_1907
Rosen Penev [Sat, 5 Sep 2020 20:26:47 +0000 (13:26 -0700)]
Merge pull request #13310 from EricLuehrsen/unbound_20200904_1907

[19.07] unbound: improve odhcpd rapid update robustness

4 years agounbound: improve odhcpd rapid update robustness 13310/head
Eric Luehrsen [Sat, 5 Sep 2020 14:00:32 +0000 (10:00 -0400)]
unbound: improve odhcpd rapid update robustness

cherry-pick: bce5f44f5af6510db484389b8cc0636f6de08877
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
4 years agohtop: update to 3.0.1-1
John Audia [Thu, 3 Sep 2020 10:15:53 +0000 (06:15 -0400)]
htop: update to 3.0.1-1

Build-tested: x86/64
Run-tested: ipq806x (R7800)

Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit 1d989fc64db697b7482999a02c2b46ff3ca4d113)

4 years agohtop: update to 3.0.0-1
John Audia [Fri, 28 Aug 2020 13:28:18 +0000 (09:28 -0400)]
htop: update to 3.0.0-1

new upstream, new release taken from ChangeLog[1]:
 New maintainers - after a prolonged period of inactivity from Hisham,
 the creator and original maintainer, a team of community maintainers
 have volunteered to take over a fork at https://htop.dev and
 https://github.com/htop-dev to keep the project going.

1. https://github.com/htop-dev/htop/blob/master/ChangeLog

Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit acbdaf863fd8e2d6896073181a788b4ba106b43d)

4 years agohtop: fix compilation with GCC10
Rosen Penev [Wed, 1 Jul 2020 23:39:55 +0000 (16:39 -0700)]
htop: fix compilation with GCC10

Patch taken from upstream.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit de6471014a6d7bcb1a4ffcb50a68215f5f77e276)

4 years agopython-rsa: update to version 4.6 (security fix)
Jan Pavlinec [Wed, 2 Sep 2020 11:13:26 +0000 (13:13 +0200)]
python-rsa: update to version 4.6 (security fix)

Fixes CVE-2020-13757

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 4e211927f33d50306559f85d89ad3bade4d627ec)

4 years agoknot: update to version 2.9.6
Jan Hak [Wed, 2 Sep 2020 09:16:03 +0000 (11:16 +0200)]
knot: update to version 2.9.6

Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit 60a35cd1c69b195386ba39b09256d5c7e01e97ae)

4 years agoMerge pull request #13269 from ja-pa/git-security-update-19.07
Rosen Penev [Tue, 1 Sep 2020 14:09:08 +0000 (07:09 -0700)]
Merge pull request #13269 from ja-pa/git-security-update-19.07

[OpenWrt 19.07] git: update to version 2.26.2 (security fix)

4 years agogit: update to version 2.26.2 (security fix) 13269/head
Jan Pavlinec [Tue, 1 Sep 2020 12:08:29 +0000 (14:08 +0200)]
git: update to version 2.26.2 (security fix)

Fixes CVE-2020-11008

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
4 years agoMerge pull request #13266 from jefferyto/pip-locked-openwrt-19.07
Rosen Penev [Mon, 31 Aug 2020 21:09:00 +0000 (14:09 -0700)]
Merge pull request #13266 from jefferyto/pip-locked-openwrt-19.07

[openwrt-19.07] python,python3: Use locked for host pip

4 years agopython,python3: Use locked for host pip 13266/head
Jeffery To [Mon, 31 Aug 2020 15:23:41 +0000 (23:23 +0800)]
python,python3: Use locked for host pip

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agonano: update to 5.2
Hannu Nyman [Tue, 25 Aug 2020 20:03:55 +0000 (23:03 +0300)]
nano: update to 5.2

Update nano editor to version 5.2.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 3ce75951360c675cec86548f2cb19cfca2ee1c89)

4 years agoclamav: update to version 0.102.4 (security fix)
Jan Pavlinec [Thu, 30 Jul 2020 13:24:15 +0000 (15:24 +0200)]
clamav: update to version 0.102.4 (security fix)

Fixes
CVE-2020-3481

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 5d7164aabad9335108676a023531a004a253d5d5)

4 years agoclamav: update to version 0.102.3 (security fix)
Jan Pavlinec [Mon, 25 May 2020 13:11:33 +0000 (15:11 +0200)]
clamav: update to version 0.102.3 (security fix)

Fixes:
CVE-2020-3341
CVE-2020-3327

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 168efe753df3611ffb168c2053b04f7f2d708183)

4 years agoclamav: update to 0.102.2
Lucian Cristian [Wed, 25 Mar 2020 19:00:34 +0000 (21:00 +0200)]
clamav: update to 0.102.2

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 24eeea366d92873320175726a367254304856944)

4 years agobind: New upstream version 9.16.6
Noah Meyerhans [Mon, 24 Aug 2020 02:33:32 +0000 (19:33 -0700)]
bind: New upstream version 9.16.6

Several security issures are addressed:

 - CVE-2020-8620 It was possible to trigger an assertion failure by sending
   a specially crafted large TCP DNS message.
 - CVE-2020-8621 named could crash after failing an assertion check in
   certain query resolution scenarios where QNAME minimization and
   forwarding were both enabled. To prevent such crashes, QNAME minimization is
   now always disabled for a given query resolution process, if forwarders are
   used at any point.
 - CVE-2020-8622 It was possible to trigger an assertion failure when
   verifying the response to a TSIG-signed request.
 - CVE-2020-8623 When BIND 9 was compiled with native PKCS#11 support, it
   was possible to trigger an assertion failure in code determining the
   number of bits in the PKCS#11 RSA public key with a specially crafted
   packet.
 - CVE-2020-8624 update-policy rules of type subdomain were incorrectly
   treated as zonesub rules, which allowed keys used in subdomain rules to
   update names outside of the specified subdomains. The problem was fixed by
   making sure subdomain rules are again processed as described in the ARM.

Full release notes are available at
https://ftp.isc.org/isc/bind9/9.16.6/doc/arm/html/notes.html#notes-for-bind-9-16-6

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit cf61f7f8ef17bbf518b2ccc7536bb0f3c8828f52)

4 years agobind: update to 9.16.4
Tiago Gaspar [Sat, 4 Jul 2020 11:12:17 +0000 (12:12 +0100)]
bind: update to 9.16.4

This update fixes the following CVE's:
- CVE-2020-8618
- CVE-2020-8619

More info on bug fixes and feature changes in:
https://downloads.isc.org/isc/bind9/9.16.4/doc/arm/html/notes.html

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
(cherry picked from commit b8f8af8a30375670a66eca67921efff8e606c5ae)

4 years agoMerge pull request #13187 from stangri/19.07-simple-adblock
Rosen Penev [Sat, 22 Aug 2020 00:48:25 +0000 (17:48 -0700)]
Merge pull request #13187 from stangri/19.07-simple-adblock

[19.07] simple-adblock: bugfix: update config; use command -v

4 years agosimple-adblock: bugfix: update config; use command -v 13187/head
Stan Grishin [Fri, 21 Aug 2020 23:29:18 +0000 (23:29 +0000)]
simple-adblock: bugfix: update config; use command -v

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agonspr: update to version 4.27
Jan Pavlinec [Wed, 12 Aug 2020 14:49:32 +0000 (16:49 +0200)]
nspr: update to version 4.27

Note:
new version required by nss 3.55

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit eed2fad8a2576279a4e94bcfcd8c2e1535ed6b5f)

4 years agonspr: nspr add -flto to compile
Lucian Cristian [Thu, 14 May 2020 13:22:56 +0000 (16:22 +0300)]
nspr: nspr add -flto to compile

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit df7392149c2e26cd7b19feea8bb11fc3413e840d)

4 years agonspr: fix compilation with newer musl
Rosen Penev [Sun, 29 Mar 2020 00:32:10 +0000 (17:32 -0700)]
nspr: fix compilation with newer musl

Include proper sgidefs define.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 93f8cbebe024a2d0cf9c1d1864affa96c118a649)

4 years agonspr: update to 4.25
Lucian Cristian [Mon, 10 Feb 2020 22:42:48 +0000 (00:42 +0200)]
nspr: update to 4.25

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 6acb26cd66d5335b6ef530aeae870bd53b168927)

4 years agonss: update to version 3.55 (security fix)
Jan Pavlinec [Wed, 12 Aug 2020 14:12:30 +0000 (16:12 +0200)]
nss: update to version 3.55 (security fix)

Fixes
CVE-2020-12403
CVE-2020-12401
CVE-2020-6829
CVE-2020-12400

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 46a0c332a474a3ce3c8e7d4c119429b759fbbbf3)

4 years agonss: update to 3.53
Lucian Cristian [Sun, 31 May 2020 21:15:24 +0000 (00:15 +0300)]
nss: update to 3.53

also enable parallel build as now is safe

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit c15568584387525759100ae289d1454d14ab889a)

4 years agonss: fix build for mips64
Lucian Cristian [Sat, 23 May 2020 02:43:01 +0000 (05:43 +0300)]
nss: fix build for mips64
disable arm32_neon on unsupported target

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit d254f0527deb23e75f5100fd2159cf27b92dc966)

4 years agonss: revert -flto change
Lucian Cristian [Sat, 16 May 2020 18:06:53 +0000 (21:06 +0300)]
nss: revert -flto change
it seems that it can lead to segfault in libfreebl3.so

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 630c19f648ef1fe961c4c198dfbb3c878d15678e)

4 years agonss: add -flto and makefile cleanup
Lucian Cristian [Thu, 14 May 2020 13:26:08 +0000 (16:26 +0300)]
nss: add -flto and makefile cleanup

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 47570b4cf5a050c08b647f902b5ff6859a937d59)

4 years agonss: update to 3.52
Lucian Cristian [Sun, 10 May 2020 19:19:27 +0000 (22:19 +0300)]
nss: update to 3.52

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 867fa4c68c89f3e0e850b4ee3c50da14eb1c940b)

4 years agonss: update to 3.51.1
Lucian Cristian [Sun, 19 Apr 2020 13:59:00 +0000 (16:59 +0300)]
nss: update to 3.51.1

also refresh patches

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 5fadec5c0e1288ad7a20c3fd547b60d4d113e47e)

4 years agonss: update to 3.51
Lucian Cristian [Wed, 25 Mar 2020 17:35:41 +0000 (19:35 +0200)]
nss: update to 3.51

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit edd26908159ef18bc21f60fe09553e646e44a987)

4 years agonss: update to 3.50
Lucian Cristian [Mon, 10 Feb 2020 22:43:46 +0000 (00:43 +0200)]
nss: update to 3.50

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 8633c2bc54521d2fe15ac4bd48fc94fe9f1f0a6b)

4 years agonss: update to 3.49.2
Lucian Cristian [Mon, 27 Jan 2020 20:14:53 +0000 (22:14 +0200)]
nss: update to 3.49.2

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit 8f2023aa9ccecb2a1fa952344cd5ae5a92194ade)

4 years agolibffi: fix build failure on powerpc platforms
Rosen Penev [Fri, 24 Apr 2020 20:57:16 +0000 (13:57 -0700)]
libffi: fix build failure on powerpc platforms

This is an upstream backport.

Currently on the buildbots, having libffi unavailable leads to long
range build failures.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 0dcde0115e0a93535bae98ef4f5926e1551396bf)

4 years agolibffi: update to 3.3
Rosen Penev [Sat, 28 Mar 2020 22:42:32 +0000 (15:42 -0700)]
libffi: update to 3.3

Remove autoreconf. autotools files are no longer patched.

Add PKG_BUILD_PARALLEL for faster compilation.

Removed upstreamed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f63305980f8d70ad6fcdfe25040ae42b706fe7a5)

4 years agolibffi: do not build in a special directory
Rosen Penev [Sat, 8 Feb 2020 00:05:49 +0000 (16:05 -0800)]
libffi: do not build in a special directory

There's no need. It also breaks host builds.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 001e9f5081df31a0e9b65dfe8f13cc8519f84437)

4 years agonet/mosquitto: Update to 1.6.12
Karl Palsson [Wed, 19 Aug 2020 14:17:36 +0000 (14:17 +0000)]
net/mosquitto: Update to 1.6.12

Security release.  From the changelog:

- In some circumstances, Mosquitto could leak memory when handling PUBLISH
  messages. This is limited to incoming QoS 2 messages, and is related
  to the combination of the broker having persistence enabled, a clean
  session=false client, which was connected prior to the broker restarting,
  then has reconnected and has now sent messages at a sufficiently high rate
  that the incoming queue at the broker has filled up and hence messages are
  being dropped. This is more likely to have an effect where
  max_queued_messages is a small value. This has now been fixed. Closes
  https://github.com/eclipse/mosquitto/issues/1793

Changelog: https://mosquitto.org/blog/2020/08/version-1-6-12-released/

Signed-off-by: Karl Palsson <karlp@etactica.com>
4 years agopython3: fix rebasing error
Rosen Penev [Sun, 16 Aug 2020 05:45:40 +0000 (22:45 -0700)]
python3: fix rebasing error

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agopython: fix host compilation with clang
Rosen Penev [Sat, 15 Aug 2020 22:23:21 +0000 (15:23 -0700)]
python: fix host compilation with clang

Matched rpath parameter with Makefile.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agopython3: fix host compilation with clang
Rosen Penev [Sat, 1 Aug 2020 20:59:57 +0000 (13:59 -0700)]
python3: fix host compilation with clang

Matched rpath parameter with Makefile.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit b40c40151c2ac3dd11d908a0548ac97e6b5c8455)

4 years agoMerge pull request #13132 from jjm2473/lvm2-fix-mac-sh-for-1907
Rosen Penev [Sat, 15 Aug 2020 08:44:52 +0000 (01:44 -0700)]
Merge pull request #13132 from jjm2473/lvm2-fix-mac-sh-for-1907

lvm2: fix CE in mac (backport)

4 years agolvm2: fix CE in mac 13132/head
Liangbin Lian [Fri, 14 Aug 2020 06:19:12 +0000 (14:19 +0800)]
lvm2: fix CE in mac

command-count.h generated by makefile was wrong
when using default shell in mac,
set shell to bash to fix it.

Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
(cherry picked from commit 9bb0962d6e3a2d5faf28a9624da82a936d961f19)

4 years agoopenvswitch: backport patch to fix build against kernel 4.14.193
Matthias Schiffer [Fri, 14 Aug 2020 19:49:42 +0000 (21:49 +0200)]
openvswitch: backport patch to fix build against kernel 4.14.193

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
4 years agoadblock: refresh blocklist sources
Dirk Brenken [Fri, 14 Aug 2020 12:27:50 +0000 (14:27 +0200)]
adblock: refresh blocklist sources

* remove 'dshield' and 'sysctl' (discontinued)
* switch 'malwaredomains', 'shallalist' and 'winhelp' to https
* add a second regional list for poland (provided by matx1002)
* update readme

Signed-off-by: Dirk Brenken <dev@brenken.org>
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 5ba498f7c84018e5228dc4ab582c789e369a288f)

4 years agortl_433: update to 20.02
Rosen Penev [Wed, 12 Feb 2020 02:50:37 +0000 (18:50 -0800)]
rtl_433: update to 20.02

Added PKG_BUILD_PARALLEL for faster compilation.

Fixed license information.

Removed upstreamed patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 1b88b5f7c2f0e68adfbe79016a8d2ae06e58f589)

4 years agonano: update to 5.1
Hannu Nyman [Wed, 12 Aug 2020 19:53:37 +0000 (22:53 +0300)]
nano: update to 5.1

Update nano to version 5.1.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 02f9ec4adc22a80e2adf57f868b080a2934af8bc)

4 years agonano: update to 5.0
Hannu Nyman [Thu, 30 Jul 2020 15:34:02 +0000 (18:34 +0300)]
nano: update to 5.0

Update nano editor to version 5.0.
http://git.savannah.gnu.org/cgit/nano.git/tree/NEWS

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 409633f0ddd4baefc85e89077a6e74fd2135884f)

4 years agoirqbalance: update to 1.7.0
Hannu Nyman [Tue, 11 Aug 2020 20:41:36 +0000 (23:41 +0300)]
irqbalance: update to 1.7.0

Update irqbalance to version 1.7.0
Refresh patches.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit a32b41d3f0a7279f850edf2d7890697b2163e85c)

4 years agomosquitto: update to 1.6.11
Karl Palsson [Tue, 11 Aug 2020 16:29:54 +0000 (16:29 +0000)]
mosquitto: update to 1.6.11

Full release notes: https://mosquitto.org/blog/2020/08/version-1-6-11-released/

Variety of generally minor bugfixes, mostly in the broker.

Signed-off-by: Karl Palsson <karlp@etactica.com>
4 years agoMerge pull request #13092 from jefferyto/golang-1.13.15-openwrt-19.07
Rosen Penev [Tue, 11 Aug 2020 23:21:20 +0000 (16:21 -0700)]
Merge pull request #13092 from jefferyto/golang-1.13.15-openwrt-19.07

[openwrt-19.07] golang: Update to 1.13.15

4 years agogolang: Update to 1.13.15 13092/head
Jeffery To [Tue, 11 Aug 2020 20:42:02 +0000 (04:42 +0800)]
golang: Update to 1.13.15

This includes a fix for CVE-2020-16845 (encoding/binary: ReadUvarint and
ReadVarint can read an unlimited number of bytes from invalid inputs).

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agonlbwmon: add hotplug script to reload after interface ifup
Hannu Nyman [Sun, 9 Aug 2020 16:43:59 +0000 (19:43 +0300)]
nlbwmon: add hotplug script to reload after interface ifup

Add a hotplug script to reload nlbwmon's config after interface
ifup actions.

That should improve the detection of the IPv6 LAN address
that can get enabled a bit later in the boot process.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 25dfa20780085ec3851470fea76833e0c023e70c)

4 years agonlbwmon: add conffiles
Hannu Nyman [Sun, 9 Aug 2020 16:42:37 +0000 (19:42 +0300)]
nlbwmon: add conffiles

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
Adapted from treewide commit 0ec746ccb6 for just nlbwmon.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
4 years agoMerge pull request #13054 from micmac1/apa2446-19.07
Rosen Penev [Sat, 8 Aug 2020 19:42:02 +0000 (12:42 -0700)]
Merge pull request #13054 from micmac1/apa2446-19.07

[19.07] apache: security bump to 2.4.46

4 years agoMerge pull request #13056 from odmdas/odmdas-freeradius3-Makefile-19.07
Rosen Penev [Sat, 8 Aug 2020 19:40:46 +0000 (12:40 -0700)]
Merge pull request #13056 from odmdas/odmdas-freeradius3-Makefile-19.07

[19.07] freeradius3: add missing conffiles to Makefile

4 years agofreeradius3: add missing conffiles to Makefile 13056/head
Alexey Dobrovolsky [Sat, 1 Aug 2020 20:31:59 +0000 (23:31 +0300)]
freeradius3: add missing conffiles to Makefile

Config files
/etc/freeradius3/policy.d/accounting
/etc/freeradius3/policy.d/filter
/etc/freeradius3/proxy.conf
/etc/freeradius3/sites-available/default
and link
/etc/freeradius3/sites-enabled/default
are in the freeradius3 package and are mentioned in the main config file
/etc/freeradius3/radiusd.conf
Thus, they must be explicitly specified in the Makefile.

File
/etc/freeradius3/sites/default
is not included in the package, is not created during installation,
is not mentioned in the main config file and should therefore be excluded
from the Makefile.

Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
(cherry picked from commit f6974b8f3c547ff3afc8a50f835cc6d200b6d14d)

4 years agoapache: security bump to 2.4.46 13054/head
Sebastian Kemper [Sat, 8 Aug 2020 14:15:43 +0000 (16:15 +0200)]
apache: security bump to 2.4.46

From CHANGES_2.4:

SECURITY: CVE-2020-11984 (cve.mitre.org)
  mod_proxy_uwsgi: Malicious request may result in information disclosure
  or RCE of existing file on the server running under a malicious process
  environment. [Yann Ylavic]

SECURITY: CVE-2020-11993 (cve.mitre.org)
  mod_http2: when throttling connection requests, log statements
  where possibly made that result in concurrent, unsafe use of
  a memory pool. [Stefan Eissing]

SECURITY:
  mod_http2: a specially crafted value for the 'Cache-Digest' header
  request would result in a crash when the server actually tries
  to HTTP/2 PUSH a resource afterwards.
  [Stefan Eissing, Eric Covener, Christophe Jaillet]

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoapache/apr/apr-util: remove maintainer
Sebastian Kemper [Wed, 8 Jul 2020 16:28:32 +0000 (18:28 +0200)]
apache/apr/apr-util: remove maintainer

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoapache: revisit suEXEC setup
Sebastian Kemper [Sat, 16 May 2020 12:30:39 +0000 (14:30 +0200)]
apache: revisit suEXEC setup

When adding suEXEC to the apache package, Alpine's package [1] served as
a template. Not enough attention was paid to the details.

Alpine uses a different layout. So for OpenWrt to use /var/www as
DocumentRoot does not make sense. /var is also volatile on OpenWrt. This
commit removes the configure argument. The default is htdocsdir.

This also does away with uidmin/gidmin 99. The default is 100, which is
fine.

Finally, the suexec binary is moved from /usr/sbin to
/usr/lib/apache2/suexec_dir. Upstream recommends installing suexec with
"4750" (see [2]) and the group set to the user's group. While that would
be possible, it would cause a few headaches on OpenWrt. The group would
need to be changed first in a post-install script and a call to chmod
would need to be made afterward, to make the binary SUID again.

It's easier to hide the SUID binary away from others in a directory.
This way we don't need to use chmod in the post-install script.

[1] https://github.com/alpinelinux/aports/tree/master/main/apache2
[2] https://httpd.apache.org/docs/2.4/suexec.html

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoapache: create log directory o=
Sebastian Kemper [Sat, 16 May 2020 12:24:03 +0000 (14:24 +0200)]
apache: create log directory o=

Hides away the contents of the log directory from others.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #13046 from EricLuehrsen/unbound_20200806_1907
Rosen Penev [Sat, 8 Aug 2020 07:15:36 +0000 (00:15 -0700)]
Merge pull request #13046 from EricLuehrsen/unbound_20200806_1907

[19.07] unbound: retrofit master for scripts robustness

4 years agounbound: update to 1.11.0 13046/head
Eric Luehrsen [Thu, 30 Jul 2020 02:55:21 +0000 (22:55 -0400)]
unbound: update to 1.11.0

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
4 years agounbound: improve startup and dhcp script robustness
Eric Luehrsen [Sat, 4 Jul 2020 17:55:40 +0000 (13:55 -0400)]
unbound: improve startup and dhcp script robustness

- prevent rapid overlap in DHCP script updates
- check and allow localhost forwards with specific applications
- add option for rate limiting inbound queries
- change UCI list to table format with Unbound conf references

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
4 years agounbound: add dns assistants on local host
Eric Luehrsen [Wed, 24 Jun 2020 04:48:21 +0000 (00:48 -0400)]
unbound: add dns assistants on local host

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
4 years agotor-hs: add new package
Jan Pavlinec [Tue, 24 Mar 2020 14:35:08 +0000 (15:35 +0100)]
tor-hs: add new package

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry picked from commit 5906bfecd5ee265715debab3ef84143f3cb07a94)

4 years agolibzdb: fix headers path
Alexander Ryzhov [Wed, 18 Mar 2020 16:21:51 +0000 (19:21 +0300)]
libzdb: fix headers path

Signed-off-by: Alexander Ryzhov <github@ryzhov-al.ru>
(cherry picked from commit 6fa5a63675cead99e4998c54911eb9e006426188)

4 years agolibs: libzdb: bump to version 3.2.1
Alexandru Ardelean [Mon, 9 Mar 2020 08:37:03 +0000 (10:37 +0200)]
libs: libzdb: bump to version 3.2.1

Patches require a bit of rework:
- dropped 010-missing-header.patch
- add 010-do-not-run-test-progs.patch
- re-updated 020-filterh-use-host-built-version.patch
  - Makefile.in gets regenerated from PKG_FIXUP:=autoreconf
- added PKG_FIXUP:=autoreconf ; it's easier to patch automake stuff that
  big configure scripts

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit dcdceb526e72a7cc249b0d7133751ef67947b1ad)

4 years agolibzdb: update to 3.2
Rosen Penev [Sun, 26 Jan 2020 02:32:50 +0000 (18:32 -0800)]
libzdb: update to 3.2

Removed most patches. The last was upstreamed and the others can be worked
around using Makefile.

Removed inactive maintainer.

Added PKG_BUILD_PARALLEL for faster compilation.

Fixed license information.

Massive reorganization of Makefile for consistency between packages.

Removed --with-sql options. These are totally broken when cross compiling.
Leaving them out works just as well.

Added cpp patch as the test needs a header.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 496ee7f91bcd00a64254a707f90fdd6252c2e690)

4 years agov4l-utils: bring back getsubopt patch
Rosen Penev [Sun, 26 Jul 2020 23:14:20 +0000 (16:14 -0700)]
v4l-utils: bring back getsubopt patch

During the update to 1.20.0, this patch was mistakenly removed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8df4e29cff5e35b00c10c87a9cdfa4044e74edb3)

4 years agolibv4l: update to 1.20.0
Rosen Penev [Thu, 4 Jun 2020 04:31:37 +0000 (21:31 -0700)]
libv4l: update to 1.20.0

Removed upstreamed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit dd74a7cb87ec63baf45d002eecbe0d46d8b71c71)

4 years agolibv4l: update to 1.16.8
Rosen Penev [Thu, 9 Apr 2020 22:48:02 +0000 (15:48 -0700)]
libv4l: update to 1.16.8

Fixed license information.

Update argp dependency to be for non glibc.

Added PKG_BUILD_PARALLEL for faster compilation.

Added --as-needed linker flag for slightly smaller size.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 0cd1a9b537cf6c774d8d348bc8d5baa97a65c8b4)

4 years agolibv4l: fix compilation under kernel 4.14
Rosen Penev [Mon, 6 Apr 2020 02:53:24 +0000 (19:53 -0700)]
libv4l: fix compilation under kernel 4.14

The last patch used a macro unavailable with older kernel headers.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 13278007f9bfe4078862a5ee8b6b479c823aefb9)

4 years agolibv4l: fix compilation with newer musl
Rosen Penev [Sun, 29 Mar 2020 00:33:15 +0000 (17:33 -0700)]
libv4l: fix compilation with newer musl

This is using the input_event struct directly, instead of using the proper
defines.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit ffb7da67a3e5858733031dc1b7012fafeb06515c)

4 years agolibv4l: Update to 1.16.6. Fix missing includes patch
Ted Hess [Tue, 20 Aug 2019 19:03:30 +0000 (15:03 -0400)]
libv4l: Update to 1.16.6. Fix missing includes patch

Signed-off-by: Ted Hess <thess@kitschensync.net>
(cherry picked from commit 67b8da50c16e2ed01e9ae9a311e88b0fb172adc0)

4 years agolibv4l: Add missing INTL dependency
Rosen Penev [Thu, 4 Jul 2019 03:47:27 +0000 (20:47 -0700)]
libv4l: Add missing INTL dependency

Needed for FULL NLS. Not bumping PKG_RELEASE as this is no-op.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit dcba53b40beb46560b5c8b0886359069991be295)

4 years agonet/pagekitec: Update to v0.91.200718
Karl Palsson [Tue, 4 Aug 2020 10:15:39 +0000 (10:15 +0000)]
net/pagekitec: Update to v0.91.200718

This fixes misleading errors in the status file, and increases buffer
sizes to match the python implementation.

Signed-off-by: Karl Palsson <karlp@etactica.com>
4 years agoMerge pull request #13022 from stangri/19.07-simple-adblock
Rosen Penev [Wed, 5 Aug 2020 01:42:36 +0000 (18:42 -0700)]
Merge pull request #13022 from stangri/19.07-simple-adblock

[19.07] simple-adblock: README and config update

4 years agosimple-adblock: README and config update 13022/head
Stan Grishin [Tue, 4 Aug 2020 22:50:49 +0000 (22:50 +0000)]
simple-adblock: README and config update

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoMerge pull request #13006 from ja-pa/tor-backport-conf
Rosen Penev [Mon, 3 Aug 2020 22:59:08 +0000 (15:59 -0700)]
Merge pull request #13006 from ja-pa/tor-backport-conf

[OpenWrt 19.07] tor: backport uci config

4 years agoMerge pull request #13005 from commodo/netatalk-fix-clang-19.07
Hannu Nyman [Mon, 3 Aug 2020 09:51:27 +0000 (12:51 +0300)]
Merge pull request #13005 from commodo/netatalk-fix-clang-19.07

[19.07] netatalk: fix compile error in mac os

4 years agotor: fix init scripts 13006/head
Rosen Penev [Sat, 15 Feb 2020 11:55:02 +0000 (03:55 -0800)]
tor: fix init scripts

pidfile should not be set. tor handles it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agotor: update init script
Jan Pavlinec [Tue, 31 Dec 2019 08:16:21 +0000 (09:16 +0100)]
tor: update init script

Changes:
-add uci config
-create pid file by procd
-add reload function

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
4 years agonetatalk: fix compile error in mac os 13005/head
Liangbin Lian [Sat, 1 Aug 2020 16:17:53 +0000 (00:17 +0800)]
netatalk: fix compile error in mac os

fix compile error in mac os when dtrace installed.

Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
4 years agogerbera: fix conffiles
Josef Schlehofer [Thu, 30 Jul 2020 06:43:48 +0000 (08:43 +0200)]
gerbera: fix conffiles

In OpenWrt master branch, there is just /etc/config/gerbera.
It was reported to me that if there is an update of gerbera in OpenWrt
19.07, it overwrites /etc/gerbera/config. So, I removed file extension.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoyoutube-dl: update to version 2020.7.28
Josef Schlehofer [Tue, 28 Jul 2020 16:16:53 +0000 (18:16 +0200)]
youtube-dl: update to version 2020.7.28

Become the only maintainer of this package

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 7046a31ab945967f090ac135f33f2cf5e71dfb61)

4 years agoyoutube-dl: update to version 2020.6.16.1
Josef Schlehofer [Wed, 17 Jun 2020 11:35:48 +0000 (13:35 +0200)]
youtube-dl: update to version 2020.6.16.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit c8187f7f16e6fbbe396bfb25061f93a55a9bfa5b)

4 years agoyoutube-dl: update to version 2020.6.6
Josef Schlehofer [Fri, 5 Jun 2020 20:09:11 +0000 (22:09 +0200)]
youtube-dl: update to version 2020.6.6

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit ec0b891b628c4afa3b4673d0c5c7918fd72a35f8)

4 years agoyoutube-dl: update to version 2020.5.29
Josef Schlehofer [Thu, 28 May 2020 22:59:16 +0000 (00:59 +0200)]
youtube-dl: update to version 2020.5.29

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 32333c5d92623222c2e3627964613f196de3f40a)

4 years agoyoutube-dl: update to version 2020.5.8
Josef Schlehofer [Fri, 8 May 2020 11:26:30 +0000 (13:26 +0200)]
youtube-dl: update to version 2020.5.8

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit b8d7ff754a51d293218d9263a8aa64a9d42614ce)