Lucian Cristian [Tue, 18 Jan 2022 03:20:34 +0000 (05:20 +0200)]
libreswan: update to 4.6
this update also fixes a CVE
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Sebastian Kemper [Mon, 17 Jan 2022 21:37:32 +0000 (22:37 +0100)]
expat: bump to version 2.4.3
CVE-2021-45960
CVE-2021-46143
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Vladimir Ermakov [Thu, 13 Jan 2022 01:20:15 +0000 (04:20 +0300)]
qemu: add seccomp feature
Patch add an option to enable seccomp support,
adds dependency on libseccomp.
Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
Vladimir Ermakov [Wed, 12 Jan 2022 21:41:31 +0000 (00:41 +0300)]
qemu: update to 6.2.0
Qemu version updated to 6.2.0, patch set refreshed for it.
Options --disable-jemalloc --disable-tcmalloc was replaced
by --enable-malloc=CHOICE, defaults to system.
Libudev search was moved from configure to meson.build, and now it's
not so easy to disable it. Even though --disable-mpath present.
Delete patches 0008-falloc and 0009-fs - they're already in 6.2.0.
Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
Othmar Truniger [Mon, 17 Jan 2022 17:49:24 +0000 (18:49 +0100)]
knxd: bump to new upstream version 0.14.53
Signed-off-by: Othmar Truniger <github@truniger.ch>
Nick Hainke [Mon, 17 Jan 2022 09:16:59 +0000 (10:16 +0100)]
dawn: update to 2022-01-17
877e2dc iwinfo: fix get_bandwidth_iwinfo
9ce01ec datastorage: fix multi-SSID
9187665 treewide: improve maintaince
6bf9b6d memory: Tighten up some memory handling to help spot errors
4df0c98 treewide: improve logging
Signed-off-by: Nick Hainke <vincent@systemli.org>
Michael Heimpold [Mon, 17 Jan 2022 07:16:37 +0000 (08:16 +0100)]
Merge pull request #17623 from mhei/mmc-utils
mmc-utils: update to latest git head
Michael Heimpold [Sun, 16 Jan 2022 14:39:17 +0000 (15:39 +0100)]
Merge pull request #17534 from neheb/4
knxd: fix compilation with newer glibc
Michael Heimpold [Sun, 16 Jan 2022 14:30:18 +0000 (15:30 +0100)]
mmc-utils: update to latest git head
While at, update project's reference URL.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Nick Hainke [Sun, 16 Jan 2022 09:21:53 +0000 (10:21 +0100)]
wg-installer: switch to ubus call for olsrd hotplug
Use ubus ipc calls to add and remove interfaces.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Nick Hainke [Sun, 16 Jan 2022 09:04:36 +0000 (10:04 +0100)]
wg-installer: rework iproute2 commands
- Use ip address add instead of ip a a
- Directly add broadcast address
Signed-off-by: Nick Hainke <vincent@systemli.org>
Florian Eckert [Sat, 15 Jan 2022 15:03:37 +0000 (16:03 +0100)]
Merge pull request #17617 from hgl/ddns-cloudflare
ddns-scripts-cloudflare: fix shell conditional
Glen Huang [Sat, 15 Jan 2022 14:33:07 +0000 (22:33 +0800)]
ddns-scripts-cloudflare: fix shell conditional
Signed-off-by: Glen Huang <heyhgl@gmail.com>
Florian Eckert [Sat, 15 Jan 2022 14:24:43 +0000 (15:24 +0100)]
Merge pull request #17600 from camarel/feature/ddns-scripts-wget-user-agent
ddns-scripts: pass user agent string
Claudio Marelli [Sat, 15 Jan 2022 09:07:30 +0000 (10:07 +0100)]
ddns-scripts: pass user agent string
This adds a user agent string to the wget request.
Fixes #17507
Signed-off-by: Claudio Marelli <camarelli@gmx.net>
Josef Schlehofer [Fri, 14 Jan 2022 15:27:24 +0000 (16:27 +0100)]
Merge pull request #17432 from r4sas/i2pd-2.40.0
i2pd: Update to 2.40.0, update init.rc script, UCI config and Makefile
Josef Schlehofer [Fri, 14 Jan 2022 15:26:54 +0000 (16:26 +0100)]
Merge pull request #17608 from miska/mariadb-owner-fix
Mariadb owner fix & sudo dependency
Michal Hrusecky [Thu, 13 Jan 2022 14:11:01 +0000 (15:11 +0100)]
mariadb: Add sudo dependency
During update we use sudo to start an instance. It probably could be
workarounded, but given the MariaDB size, dependency on sudo shouldn't
be an issue.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
Michal Hrusecky [Thu, 13 Jan 2022 14:04:57 +0000 (15:04 +0100)]
mariadb: Check and fix datadir owner issues during upgrade
If you are migrating to MariaDB package, you might have old datadir
stored somewhere using different setup with different users. If you
trust us enough to enable autoupgrade, you probably trust us enough to
chown your datadir as well. This can prevent some potential issues.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
Paul Spooren [Thu, 13 Jan 2022 23:55:36 +0000 (00:55 +0100)]
CI: fix runtime testing for non master branch
The runtime testing always ran on master branch aka snapshots since the
branch wasn't passed over to the container execution!
Signed-off-by: Paul Spooren <mail@aparcar.org>
R4SAS I2P [Sun, 26 Dec 2021 04:29:58 +0000 (04:29 +0000)]
i2pd: Update to 2.40.0 and update package sources
* Updating i2pd package to 2.40.0
* Rewrite Makefile
* Remove usage of PKG_INSTALL (package's make install)
* Rewrite init.rc configuration and script
* Remove '--service' option from init, which only sets datadir to /var/lib/i2pd
* Use '--datadir' option in init, otherwise datadir changing via uci is not works
* Update patch for i2pd.conf
Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
Jeffery To [Fri, 14 Jan 2022 07:18:47 +0000 (15:18 +0800)]
Merge pull request #16389 from paper42/apparmor-3.0.3
apparmor: cleanup
Aleksander Morgado [Wed, 12 Jan 2022 14:41:55 +0000 (15:41 +0100)]
modemmanager: remove 2s timeout before reporting cached events
When ModemManager is started on boot we may end up with hotplug events
reported directly to the daemon, plus some others already cached in
the cache file before the daemon was started.
If the cached events correspond to the same device that is still
notifying ports directly, we may end up with a modem object created
before the cached events have been emitted, so the modem may not
handle all control/data ports it should.
E.g.:
- modem detected
- hotplug event for wwan0 port, cached as MM not running
- hotplug event for cdc-wdm0 port, cached as MM not running
- hotplug event for ttyUSB0, cached as MM not running
- MM starts
- hotplug event for ttyUSB1, directly processed as MM is running
- hotplug event for ttyUSB2, directly processed as MM is running
- modem object created with ttyUSB1 and ttyUSB2
- 2s after MM starts, cached events for wwan0, cdc-wdm0 and ttyUSB0
happen, but are ignored because the modem object has already been
created
MM expects that ports of the same device are reported with less than
1500ms in between ports. In other words, if ports are reported more
than 1500ms after the last reported port, they may get ignored.
If we remove the 2s timeout, the report of the cached events will
happen as soon as MM starts, which makes it much more likely to happen
in the timeslot that MM expects for ports of the same device reported.
The logic is still not perfect, and we may also need to increase that
1500ms timeout inside MM, but removing the 2s timeout right away here
makes sense.
This 2s timeout was introduced along with the new wrapper launcher for
the daemon, it didn't exist before.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Michal Vasilek [Fri, 12 Nov 2021 16:02:51 +0000 (17:02 +0100)]
apparmor: cleanup
* replace 020-fix-ss-path.patch with an upstream patch 020-remove-which-dep.patch
* remove 030-remove-pynotify2-dep.patch and do not install aa-notify
* simplify 060-openwrt-dnsmasq-profile.patch
* add two upstream patches for Python 3.10 compatibility
* add an upstream patch to move from deprecated distutils which broke
the build with Python 3.10+
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Hauke Mehrtens [Sun, 9 Jan 2022 18:45:49 +0000 (18:45 +0000)]
gpgme: Fix compile with glibc 2.34
This backports a patch from upstream gpgme to fix compilation with glibc 2.34.
It fixes the following build problem:
posix-io.c: In function '_gpgme_io_spawn':
posix-io.c:577:23: error: void value not ignored as it ought to be
577 | while ((i = closefrom (fd)) && errno == EINTR)
| ^
make[5]: *** [Makefile:947: posix-io.lo] Error 1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
James White [Fri, 31 Dec 2021 16:45:25 +0000 (16:45 +0000)]
netdata: Update init script to use -D rather than -nd
The current init script is using the deprecated -nd flag. This updates netdata to be started with -D.
Signed-off-by: James White <james@jmwhite.co.uk>
Florian Eckert [Thu, 13 Jan 2022 09:32:58 +0000 (10:32 +0100)]
Merge pull request #17563 from TDT-AG/pr/
20220110-stunnel
stunnel: update to 5.61
Josef Schlehofer [Thu, 13 Jan 2022 09:17:14 +0000 (10:17 +0100)]
Merge pull request #17494 from BKPepe/update-atlas
Atlas SW probe to version 5040 and its busybox version
Othmar Truniger [Wed, 12 Jan 2022 16:54:47 +0000 (17:54 +0100)]
libfmt: bump to new upstream version 8.1.1
Signed-off-by: Othmar Truniger <github@truniger.ch>
Sergey V. Lobanov [Wed, 12 Jan 2022 13:25:40 +0000 (16:25 +0300)]
serdisplib: fix build on macos
./configure script detects if serdisplib is built on non-linux build
host and disables framebuffer driver. It blocks touchscreen_tool
compilation. This detection is not required on cross-compile build
so it is disabled via ac_cv_build=$(GNU_TARGET_NAME) in Makefile
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Nick Hainke [Wed, 12 Jan 2022 17:25:13 +0000 (18:25 +0100)]
wg-installer: fix shell typo
Signed-off-by: Nick Hainke <vincent@systemli.org>
Philip Prindeville [Wed, 12 Jan 2022 17:53:16 +0000 (10:53 -0700)]
Merge pull request #17592 from svlobanov/lcdproc-fix-build-on-macos
lcdproc: fix build on macos
Nick Hainke [Tue, 11 Jan 2022 11:18:49 +0000 (12:18 +0100)]
wg-installer: allow defining link costs for hotplugs
Add options to set link costs in mesh routing daemons.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Sergey V. Lobanov [Wed, 12 Jan 2022 15:12:46 +0000 (18:12 +0300)]
lcdproc: fix build on macos
./configure script detects mtab file and fails build if mtab is not
found on build host. It is not required for OpenWrt build due to
mtab is always /etc/mtab on OpenWrt
MacOS doesn't have mtab file so disable it via ac_cv_mtab_file var
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Michal Vasilek [Wed, 12 Jan 2022 11:12:10 +0000 (12:12 +0100)]
miniflux: update to 2.0.34
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Tiago Gaspar [Mon, 10 Jan 2022 13:42:12 +0000 (13:42 +0000)]
jool: update to 4.1.6, add init files and default configuration
This commit adds support for starting and running jool through init
scripts, with default config files as examples.
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
Rui Salvaterra [Tue, 11 Jan 2022 11:46:27 +0000 (11:46 +0000)]
tor: bump to 0.4.6.9 stable
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Sergey V. Lobanov [Tue, 11 Jan 2022 09:39:57 +0000 (12:39 +0300)]
iodine: fix build on macos
redefine TARGETOS=Linux due to OpenWrt is always Linux
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Nick Hainke [Tue, 11 Jan 2022 23:19:44 +0000 (00:19 +0100)]
wg-installer: private key as parameter
Signed-off-by: Nick Hainke <vincent@systemli.org>
Pascal Coudurier [Tue, 4 Jan 2022 13:12:31 +0000 (14:12 +0100)]
nut: refactor upssched uci-defaults script
Add checks not to overwrite defaultnotify options in the nut-sendmail-notify fashion.
Use lists for defaultnotify instead of option.
Add check not to overwrite notifycmd if already defined.
upssched-cmd script must not be called directly, it is called by the upssched binary with needed arguments.
Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
Pascal Coudurier [Tue, 4 Jan 2022 13:11:14 +0000 (14:11 +0100)]
nut: refactor nut-monitor uci config file
Convert notifyflags options to lists as supported by the init script, so multiple options can be chosen.
Add SYSLOG default option to individuals notifyflags instead of deprecated flag 1|0.
Add comment for defaultnotify and individuals notifyflags about possible values.
Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
Pascal Coudurier [Tue, 4 Jan 2022 13:07:59 +0000 (14:07 +0100)]
nut: fix typo in nut-monitor init script
This fixes a typo in the nut-monitor init script when building config file from uci config.
Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
Sergey V. Lobanov [Fri, 7 Jan 2022 21:28:57 +0000 (00:28 +0300)]
luasql: fix build on macos
luasql ./config scripts checks `uname -s` output and changes
LIB_OPTION from '-static' to macos specific if detected OS is
Darwin. These flags are not compatible with GCC
OpenWrt is always Linux, this patch removes Darwin
specific stuff from compilation flags
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Jeffery To [Tue, 11 Jan 2022 09:52:47 +0000 (17:52 +0800)]
micropython-lib: Update to latest master
The last tagged release (v1.9.3) was in 2017. This updates the package
to the most recent commit of the master branch.
This also sets myself at the maintainer.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Tue, 11 Jan 2022 09:33:40 +0000 (17:33 +0800)]
micropython: Update to 1.17, reorganize package
Previous versions used a bundled version of the axTLS library. The
MicroPython project maintains their own fork[1], as development of the
library appears to have stopped (the last release was version 2.1.5 in
2019[2]).
This replaces the use of axTLS with two variants, one using mbedTLS and
one with no TLS support (and no upip, as it uses the ussl module). The
external mbedTLS patch (040-extmod-use-external-mbedtls.patch) comes
from Debian[3].
This also sets myself as the maintainer.
[1]: https://github.com/micropython/axtls
[2]: https://sourceforge.net/projects/axtls/files/
[3]: https://salsa.debian.org/yangfl-guest/micropython/-/blob/master/debian/patches/0006-extmod-Use-system-mbedtls.patch
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Sergey V. Lobanov [Tue, 11 Jan 2022 23:46:40 +0000 (02:46 +0300)]
lynx: fix build on macos
lynx uses host C-compiler to build internal utility that is used to
generate files required for target build. On MacOS it uses internal
clang with MacOS system headers so host build fails due to MacOS is
not Linux
Forced to use OpenWrt host C compiler using --with-build-*
./configure flags
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Hauke Mehrtens [Sun, 9 Jan 2022 18:49:05 +0000 (18:49 +0000)]
ntpd: Fix compile with glibc 2.34
This adds a patch from Open embedded to fix compilation with glibc 2.34.
This patch was taken from here:
https://github.com/openembedded/meta-openembedded/blob/master/meta-networking/recipes-support/ntp/ntp/0001-libntp-Do-not-use-PTHREAD_STACK_MIN-on-glibc.patch
It fixes the following build problem:
work_thread.c:45:57: error: missing binary operator before token "("
45 | #if defined(PTHREAD_STACK_MIN) && THREAD_MINSTACKSIZE < PTHREAD_STACK_MIN
| ^~~~~~~~~~~~~~~~~
make[7]: *** [Makefile:892: work_thread.o] Error 1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jeffery To [Tue, 11 Jan 2022 13:13:00 +0000 (21:13 +0800)]
golang: Update to 1.17.6
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Hauke Mehrtens [Sun, 9 Jan 2022 18:47:40 +0000 (18:47 +0000)]
radsecproxy: Fix compile with glibc 2.34
This backports a patch from upstream radsecproxy to fix compilation with glibc 2.34.
It fixes the following build problem:
radsecproxy.h:35:5: error: missing binary operator before token "("
35 | #if PTHREAD_STACK_MIN > PTHREAD_STACK_SIZE
| ^~~~~~~~~~~~~~~~~
make[5]: *** [Makefile:623: dtls.o] Error 1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Michael Heimpold [Tue, 11 Jan 2022 06:56:27 +0000 (07:56 +0100)]
libmodbus: update to 3.1.7
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Nick Hainke [Tue, 11 Jan 2022 22:06:22 +0000 (23:06 +0100)]
wg-installer: generate new keys for every connection
Generate new keys on every new connection.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Sergey V. Lobanov [Tue, 11 Jan 2022 10:44:46 +0000 (13:44 +0300)]
mblaze: fix build on macos
redefine OS=Linux due to OpenWrt is always Linux
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Rui Salvaterra [Mon, 3 Jan 2022 23:13:09 +0000 (23:13 +0000)]
stubby: explicitly disable static linking
Although undocumented, there's a way to explicitly disable static linking in
Stubby, setting the CMake build option ENABLE_GETDNS_STATIC_LINK to OFF (ON by
default). Make it so.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Georgi Valkov [Tue, 11 Jan 2022 18:40:18 +0000 (20:40 +0200)]
rpcsvc-proto: bump to 1.4.3
Fixes: rpcgen build (host-compile) on macOS
https://github.com/openwrt/packages/pull/17430
https://github.com/openwrt/openwrt/pull/4638
Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
Florian Eckert [Tue, 11 Jan 2022 15:13:04 +0000 (16:13 +0100)]
Merge pull request #17535 from hgl/ddns-cloudflare
ddns-scripts-cloudflare: allow explicit zone_id
Sergey V. Lobanov [Mon, 10 Jan 2022 19:27:23 +0000 (22:27 +0300)]
gerbera: fix build on macos
cmake LINK_WHAT_YOU_USE is not supported on macos, disable it if
macos is used to build gerbera package
compiled binary (sha256sum) exactly the same on macos and ubuntu
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Huangbin Zhan [Sat, 20 Nov 2021 13:56:30 +0000 (21:56 +0800)]
bash: update to 5.1.16
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
Huangbin Zhan [Thu, 11 Nov 2021 08:21:08 +0000 (16:21 +0800)]
bash: add /etc/profile.d/sys_bashrc.sh as conffile
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
Nick Hainke [Mon, 10 Jan 2022 22:56:36 +0000 (23:56 +0100)]
wg-installer: fix using symlinks for conf files
It is useful to symlink babeld and olsrd to /tmp/ if we frequently
write to those config files.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Noah Meyerhans [Sat, 1 Jan 2022 20:35:10 +0000 (12:35 -0800)]
iputils: bump to
20211215
Drop the tftpd binary, which is no longer provided upstream. Users
should switch to the atftp server as a replacement.
Avoid executing runtime tests, which are not supported in cross-build
environments.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
Florian Eckert [Mon, 10 Jan 2022 13:52:41 +0000 (14:52 +0100)]
stunnel: add new protocol option capwin and capwinctrl
The new protocol capwin and capwinctrl was added in version 5.61
https://www.stunnel.org/NEWS.html
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Mon, 10 Jan 2022 13:37:09 +0000 (14:37 +0100)]
stunnel: update to 5.61
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Mon, 10 Jan 2022 13:28:30 +0000 (14:28 +0100)]
stunnel: add missing sessionResume option
The option sessionResume was added in version 5.60
https://www.stunnel.org/NEWS.html
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Jeffery To [Mon, 10 Jan 2022 12:48:03 +0000 (20:48 +0800)]
Merge pull request #17341 from erdoukki/fail2ban-2to3
fail2ban: fix 2to3 error
Glen Huang [Sun, 9 Jan 2022 05:02:58 +0000 (13:02 +0800)]
ddns-scripts-cloudflare: allow explicit zone_id
When zone id is explicitly provided, there is no need for the API token to have read permission. Inspired by acme.sh's cloudflare logic.
Signed-off-by: Glen Huang <heyhgl@gmail.com>
Nick Hainke [Mon, 10 Jan 2022 09:49:01 +0000 (10:49 +0100)]
wg-installer: fix cleanup script
The wrong function was called.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Hauke Mehrtens [Sun, 9 Jan 2022 19:18:41 +0000 (19:18 +0000)]
postfix: Fix compile with glibc 2.34
This adds a patch from Open embedded to fix compilation with glibc 2.34.
This patch was taken from here:
https://github.com/openembedded/meta-openembedded/blob/master/meta-networking/recipes-daemons/postfix/files/0007-correct-signature-of-closefrom-API.patch
It fixes the following build problem:
/builder/shared-workdir/build/sdk/staging_dir/toolchain-arc_arc700_gcc-11.2.0_glibc/include/unistd.h:366:13: error: conflicting types for 'closefrom'; have 'void(int)'
366 | extern void closefrom (int __lowfd) __THROW;
| ^~~~~~~~~
In file included from attr_clnt.c:87:
./sys_defs.h:1511:12: note: previous declaration of 'closefrom' with type 'int(int)'
1511 | extern int closefrom(int);
| ^~~~~~~~~
make: *** [Makefile:192: attr_clnt.o] Error 1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Christian Lachner [Sun, 2 Jan 2022 10:33:34 +0000 (11:33 +0100)]
haproxy: Update HAProxy to v2.4.10
- Update haproxy download URL and hash
- Updated upstream patches
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Josef Schlehofer [Thu, 30 Dec 2021 22:58:39 +0000 (23:58 +0100)]
nnn: update to version 4.4
Refreshed patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Javier Marcet [Sun, 9 Jan 2022 19:58:54 +0000 (20:58 +0100)]
python3-paramiko: update to version 2.9.2
- [Bug]: Enhanced log output when connecting to servers that do not
support server-sig-algs extensions, making the new-as-of-2.9
defaulting to SHA2 pubkey algorithms more obvious when it kicks in.
- [Bug]: Connecting to servers which support server-sig-algs but
which have no overlap between that list and what a Paramiko client
supports, now raise an exception instead of defaulting to
rsa-sha2-512 (since the use of server-sig-algs allows us to know
what the server supports).
Signed-off-by: Javier Marcet <javier@marcet.info>
Javier Marcet [Sun, 9 Jan 2022 19:56:56 +0000 (20:56 +0100)]
python-pynacl: update to v1.5.0
Signed-off-by: Javier Marcet <javier@marcet.info>
Javier Marcet [Sun, 9 Jan 2022 18:44:03 +0000 (19:44 +0100)]
docker-compose: Update to version 2.2.3
What's Changed
- compose images should list images of created containers by @kiniou
- Ignore missing (swarm) overlay networks by @ndeloof
- Remove intermediate containers when build succeeded in classic
build by @notok
- compose ps: fix typo "unknow" -> "unknown" by @webignition
- Add 2 modes test mechanism by @ulyssessouza
- Handle "stop" event by @ndeloof
- Only kill running containers by @ulyssessouza
- compose cp doesn't need a full project and can copy from stopped
containers by @ndeloof
- Add dependabot by @ulyssessouza
- Do not try to guess when to allocate a TTY and keep it as default
by @ulyssessouza
- Bump github.com/golang/mock from 1.5.0 to 1.6.0 by @dependabot
- Bump github.com/spf13/cobra from 1.2.1 to 1.3.0 by @dependabot
- Bump github.com/hashicorp/go-multierror from 1.1.0 to 1.1.1 by
@dependabot
- Bump github.com/buger/goterm from 1.0.0 to 1.0.3 by @dependabot
- Propagate GroupAdd from ServiceConfig to HostConfig by
@lancechentw
- Bump github.com/containerd/console from 1.0.2 to 1.0.3 by
@dependabot
- Bump github.com/AlecAivazis/survey/v2 from 2.2.3 to 2.3.2 by
@dependabot
- Added volume bind option SELinux label :z :Z by @tymonx
- Downgrade goterm to 1.0.1 by @ulyssessouza
Signed-off-by: Javier Marcet <javier@marcet.info>
Jonathan Pagel [Sun, 9 Jan 2022 18:21:37 +0000 (19:21 +0100)]
telegraf: Update package to version 1.21.2
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Sergey V. Lobanov [Sun, 9 Jan 2022 17:54:43 +0000 (20:54 +0300)]
erlang: update to version 24.2
1. updated to 24.2 (RN: https://github.com/erlang/otp/releases/tag/OTP-24.2)
2. added libstdcpp dependency
3. erlang-hipe was removed in upstream
(ref https://github.com/erlang/otp/commit/
fccb8482efc47bf2e48911564df502f087cce5ed)
everything related to erlang-hipe was removed from Makefile
4. updated and refreshed patches
5. host-compile ssl library forced to OpenWrt LibreSSL to avoid using system library
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Kerma Gérald [Fri, 7 Jan 2022 13:41:00 +0000 (14:41 +0100)]
crowdsec-firewall-bouncer: update to 0.0.21
Update crowdsec-firewall-bouncer to latest upstream release version 0.0.21
Makefile rework
- use tagged version for download
Fixes
- set API_KEY in firewall bouncer config file
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Sergey V. Lobanov [Thu, 6 Jan 2022 15:07:01 +0000 (18:07 +0300)]
krb5: fix build on macos
backport of upstream commit
https://github.com/krb5/krb5/commit/
3c66c1fec7ce4edeff284a5e4abe32d0b4398539
Original author: Nikhil Benesch <nikhil.benesch@gmail.com>
Remove unnecessary flag in macOS build
The configuration logic for adding the `-search_paths_first` linker
flag on Darwin does not correctly handle cross compilation. It should
check the value of $krb5_cv_host rather than `uname -s` to detect when
the compilation target is Darwin, rather than the build machine.
It turns out `-search_paths_first` has been the default behavior of ld
on macOS since XCode 4. So just remove that bit of logic entirely.
(The flag was added in commit
acd27af0e845f8b93de2e226cc2ec9ac8af52077
in 2004; XCode 4 was released in 2010.)
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Matthew Hagan [Thu, 30 Dec 2021 20:55:03 +0000 (20:55 +0000)]
transmission: add ca_bundle support with procd-ujail
With procd-ujail enabled, it is not possible to use HTTPS URLs, for
example when either for downloading torrent files or blocklists. The
followig example occurs when downloading a URL from the "Upload Torrent
Files" dialogue box:
Error adding
"https://releases.ubuntu.com/21.10/ubuntu-21.10-desktop-amd64.iso.torrent":
gotMetadataFromURL: http error 0: No Response
syslog will also hint that no CA_BUNDLE is being used:
transmission-daemon[6683]: [2021-12-30 20:01:30.990] web will verify
tracker certs using envvar CURL_CA_BUNDLE: none (web.c:455)
This patch rectifies this issue by adding a ca_bundle configurable,
enabled by default. This explicitly fixes the ca_bundle file location
to /etc/ssl/certs/ca-certificates.crt and adds this file to the procd
jail. On subsequent testing, HTTPS URL download functionality is
restored.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
Stan Grishin [Sun, 9 Jan 2022 20:05:20 +0000 (12:05 -0800)]
Merge pull request #17551 from stangri/master-curl
curl: update to 7.81.0
Stan Grishin [Sun, 9 Jan 2022 19:51:41 +0000 (19:51 +0000)]
curl: update to 7.81.0
* changes: https://curl.se/changes.html#7_81_0
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Alexandru Ardelean [Sun, 9 Jan 2022 17:13:27 +0000 (19:13 +0200)]
Merge pull request #17441 from commodo/django4
django: bump to version 4.0.1
Alexandru Ardelean [Mon, 27 Dec 2021 11:12:46 +0000 (13:12 +0200)]
django: bump to version 4.0.1
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Hannu Nyman [Sun, 9 Jan 2022 17:00:24 +0000 (19:00 +0200)]
haveged: update to 1.9.17
Update havged to version 1.9.17.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Sergey V. Lobanov [Sat, 8 Jan 2022 11:46:15 +0000 (14:46 +0300)]
bossa: fix build on macos
override OS=Linux Makefile variable to support building on macos
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Nick Hainke [Sun, 9 Jan 2022 12:13:47 +0000 (13:13 +0100)]
wg-installer: fix typo in cleanup function
The delete variable was misspelled leading to devices always being
removed although they had connected neighbors.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Nick Hainke [Sun, 9 Jan 2022 09:04:48 +0000 (10:04 +0100)]
wg-installer: add cleanup script
Add script to cleanup unused wireguard interfaces.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Alexandru Ardelean [Sun, 9 Jan 2022 08:21:34 +0000 (10:21 +0200)]
Merge pull request #17531 from neheb/1
fuse: fix compilation with recent glibc
Alexandru Ardelean [Sun, 9 Jan 2022 08:21:21 +0000 (10:21 +0200)]
Merge pull request #17532 from neheb/2
bluez: fix compilation with glibc
Rosen Penev [Sun, 9 Jan 2022 04:34:27 +0000 (20:34 -0800)]
knxd: fix compilation with newer glibc
the link variable conflicts with the link() function.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sun, 9 Jan 2022 04:22:28 +0000 (20:22 -0800)]
bluez: fix compilation with glibc
sync() is implemented now.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sun, 9 Jan 2022 03:59:49 +0000 (19:59 -0800)]
fuse: fix compilation with recent glibc
closefrom is implemented now.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sun, 9 Jan 2022 03:06:07 +0000 (19:06 -0800)]
Revert "pdns-recursor: temp"
This reverts commit
96e355836db7b83c4b1d46217a745be93ca019cb.
Rosen Penev [Fri, 7 Jan 2022 02:22:34 +0000 (18:22 -0800)]
pdns-recursor: temp
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Fri, 7 Jan 2022 02:20:12 +0000 (18:20 -0800)]
boost: fix libboost_context for mips64
There was an upstream patch that changes mips1 to mips.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Kerma Gérald [Fri, 7 Jan 2022 13:29:58 +0000 (14:29 +0100)]
crowdsec: update to 1.2.2
Update crowdsec to latest upstream release version 1.2.2
Makefile rework
- use tagged version for download
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Nick Hainke [Sat, 8 Jan 2022 21:08:33 +0000 (22:08 +0100)]
wg-installer: fix ipv4 meshing via olsr
The ipv4 address space was not allowed.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Kerma Gérald [Sun, 12 Dec 2021 10:59:39 +0000 (11:59 +0100)]
fail2ban: fix 2to3 error
Issue: 2to3 support has been removed in setuptools since version 58.0.0.
Fix: openwrt/packages#17311
Requirements: 2to3/host openwrt/packages#17429
Add upstream patch: https://github.com/fail2ban/fail2ban/commit/
196c55e93103d1e56d1336f27a5f2591b4e54fef
To install/build for python3 from source, it is necessary to convert to py3
codebase before setup (invoke 2to3 or ./fail2ban-2to3 firstly).
> ./fail2ban-2to3
> python3 setup.py build
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Sergey V. Lobanov [Fri, 7 Jan 2022 23:10:02 +0000 (02:10 +0300)]
lua-curl-v3: fix build on macos
lua-curl-v3 detects OS and changes compilation flags depends on OS.
If Darwin is detected then it adds GCC non-compatible flags.
OpenWrt is always Linux, OS detection is disabled via UNAME=Linux
as a part of MAKE_FLAGS
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Sergey V. Lobanov [Fri, 7 Jan 2022 22:48:08 +0000 (01:48 +0300)]
luajit: fix build on macos (ldconfig issue)
fix ldconfig build issue. This patch is a backport from upstream:
https://github.com/LuaJIT/LuaJIT/commit/
18c9cf7d3788a8f7408df45df92fc4ae3bcc0d80
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Josef Schlehofer [Fri, 7 Jan 2022 20:40:56 +0000 (21:40 +0100)]
Merge pull request #17491 from jefferyto/obfs4proxy-0.0.12
obfs4proxy: Update to 0.0.12
Josef Schlehofer [Fri, 7 Jan 2022 20:40:50 +0000 (21:40 +0100)]
Merge pull request #17492 from jefferyto/python-attrs-21.4.0
python-attrs: Update to 21.4.0
projects / feed / packages.git / log