Hirokazu MORIKAWA [Fri, 16 Feb 2024 07:06:52 +0000 (16:06 +0900)]
node: February 14 2024 Security Releases
Update to v18.19.1
This is a security release.
Notable changes
* CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
* CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
* CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
* CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
* undici version 5.28.3
* npm version 10.2.4
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Stan Grishin [Fri, 16 Feb 2024 23:12:44 +0000 (16:12 -0700)]
Merge pull request #23407 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: add force_dns_interface setting
Noah Meyerhans [Thu, 15 Feb 2024 17:36:41 +0000 (09:36 -0800)]
bind: bump to 9.18.24
Fixes CVEs:
- CVE-2023-50387: Validating DNS messages containing a lot of DNSSEC signatures
could cause excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof could cause
excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-4408: Parsing DNS messages with many different names could cause
excessive CPU load.
- CVE-2023-5517: Specific queries could cause named to crash with an assertion
failure when nxdomain-redirect was enabled.
- CVE-2023-5679: A bad interaction between DNS64 and serve-stale could cause
named to crash with an assertion failure, when both of these features were
enabled.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
d277e41e78972130f75dc816ebcbd7931f582519)
Noah Meyerhans [Wed, 27 Sep 2023 17:42:59 +0000 (10:42 -0700)]
bind: bump to 9.18.19
Fixes CVEs:
CVE-2023-3341 - Previously, sending a specially crafted message over the
control channel could cause the packet-parsing code to run out of available
stack memory, causing named to terminate unexpectedly.
CVE-2023-4236 - A flaw in the networking code handling DNS-over-TLS queries
could cause named to terminate unexpectedly due to an assertion failure under
significant DNS-over-TLS query load.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
835b1051511b592d69bc0b8a7d5d993337f890da)
Josef Schlehofer [Tue, 19 Sep 2023 23:01:48 +0000 (01:01 +0200)]
bind: update to version 9.18.18
Release notes:
https://downloads.isc.org/isc/bind9/9.18.18/doc/arm/html/notes.html#notes-for-bind-9-18-18
https://downloads.isc.org/isc/bind9/9.18.17/doc/arm/html/notes.html#notes-for-bind-9-18-17
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
6a8d3565f0a99fe22cac6db9a8bbf553b7dff5a5)
Noah Meyerhans [Mon, 26 Jun 2023 03:02:35 +0000 (20:02 -0700)]
bind: bump to 9.18.16
Fixes CVEs:
- CVE-2023-2828: The overmem cleaning process has been improved, to
prevent the cache from significantly exceeding the configured
max-cache-size limit.
- CVE-2023-2911: A query that prioritizes stale data over lookup
triggers a fetch to refresh the stale data in cache. If the fetch is
aborted for exceeding the recursion quota, it was possible for named
to enter an infinite callback loop and crash due to stack overflow.
The complete list of changes is available in the upstream release
notes at
https://ftp.isc.org/isc/bind9/cur/9.18/doc/arm/html/notes.html#notes-for-bind-9-18-16
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
9ac79ad46966908d2ceb64c0e0d8a0bff435767a)
Peter van Dijk [Tue, 13 Feb 2024 14:00:20 +0000 (15:00 +0100)]
pdns-recursor: update to 4.8.6 (fixes CVE-2023-50387, CVE-2023-50868)
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Tianling Shen [Fri, 16 Feb 2024 06:02:12 +0000 (14:02 +0800)]
Merge pull request #23415 from systemcrash/p910nd_picks
P910nd v23.05 picks
krant [Thu, 8 Feb 2024 13:01:10 +0000 (15:01 +0200)]
squid: update to 6.7
- Switch URL to HTTPS
- Remove default/obsolete configure options
- Fix and refresh the patch
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit
4007a08529a86b600b4ce6476cf6367de577a645)
Paul Donald [Wed, 14 Feb 2024 22:58:07 +0000 (23:58 +0100)]
p910nd: bump release
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
9dad4285d3c2de30cf27baa2b299246bda514577)
Paul Donald [Sun, 11 Feb 2024 17:41:23 +0000 (18:41 +0100)]
p910nd: hotplug shellcheck fixes
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
58e7bfc41f02118e5d8b6f5b08a021d9bc351e00)
Paul Donald [Sun, 11 Feb 2024 18:28:38 +0000 (19:28 +0100)]
p910nd: init: check device (/dev/usb/lpX) existence
this prevents the daemon exiting when a configured device
is not plugged in.
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
dabeaa76439260a6a41942365b2526c69dc728aa)
Paul Donald [Sat, 10 Feb 2024 21:02:58 +0000 (22:02 +0100)]
p910nd: init: partial fix for openwrt/packages#10496
Harmless to carry this fix until procd.sh adds the param
This parameter will mean umdns advertises not just "OpenWrt" but a more
appropriate string:
"Apple LaserWriter Pro 630"
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
ac501c908d1a6a607f89373d4667a6949b88ca55)
Paul Donald [Sun, 11 Feb 2024 03:13:53 +0000 (04:13 +0100)]
p910nd: hotplug+init: include extra ieee1284 properties
Apple and macOS GUI co-opts the mDNS note= param as "Location"
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
4591a79fa29f5c46b7061860ac1f51adc848697f)
Paul Donald [Sun, 11 Feb 2024 18:02:57 +0000 (19:02 +0100)]
p910nd: hotplug: minor bug fixes
Commit driver_home defaults before continuing
Fix missing path for serial number acquisition
Store current device if no previously configured device had one.
Also set CHAR_DEV so the printer can get its driver sent on first run.
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
5bc581e6986c84e81d4827b244bbf0deacad6e00)
Paul Donald [Sun, 11 Feb 2024 17:43:43 +0000 (18:43 +0100)]
p910nd: hotplug: small refactor
replace -a with &&
shorten uci commands via variables
add optional ieee1284_id parameters
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
6e886cd4340470a21d6f8cc7928d18d4a48214df)
Paul Donald [Sun, 11 Feb 2024 17:33:03 +0000 (18:33 +0100)]
p910nd: init: add txtvers=1 to mDNS properties
The spec https://developer.apple.com/bonjour/printing-specification/bonjourprinting-1.2.1.pdf
notes:
... if the meaning of any of the TXT record keys is changed, the txtvers value
will be incremented. The current value of this key is “1”, and if this key does not exist in
the TXT record, the default value of “1” is assumed. The txtvers SHOULD be the first
key/value pair in the TXT record.
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
069cc8dc810f10e04abc239727b582e34053d6f1)
Paul Donald [Sun, 11 Feb 2024 02:30:56 +0000 (03:30 +0100)]
p910nd: init: line-break and conditionalize mDNS properties
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
ffa1bbbe7844aca3ae465cc7f1ba018cc4590579)
Paul Donald [Sat, 10 Feb 2024 17:37:00 +0000 (18:37 +0100)]
p910nd: init: only run mDNS changes if mdns is set to on
i.e. don't do the extra work unless mdns setting is enabled
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
b8890c69e40dbd72f35e4ea9fc78aa13a425fd46)
Paul Donald [Sat, 10 Feb 2024 17:35:35 +0000 (18:35 +0100)]
p910nd: init script
Don't run procd with a name of p9100d or p9101d etc.
Use the original binary name: p910nd.
This way, all supplied parameters should be visible via e.g.:
ps
xargs -0 < /proc/{procid}/cmdline
Revise all p910nd strings to the variable DAEMON_NAME or CONFIG where
appropriate.
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
34a35c93cedb259ab67d826d05c700a0457ab136)
Paul Donald [Tue, 16 Jan 2024 01:47:32 +0000 (02:47 +0100)]
p910nd: hotplug script
Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit
825b22a4db952c891b07341e0176bc6d64f2d72a)
Stan Grishin [Wed, 14 Feb 2024 04:40:42 +0000 (04:40 +0000)]
adblock-fast: add force_dns_interface setting
* allow users to specify list of interfaces/networks to force the
DNS Hijacking on
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
eafdd63d675a84c3a80a86f7af8c1fd4fb823caa)
Daniel Golle [Tue, 13 Feb 2024 03:58:51 +0000 (03:58 +0000)]
stlink: add packages
stlink is an open source toolset to program and debug STM32 devices
and boards manufactured by STMicroelectronics.
Resulting binary packages:
* stlink - library and shared chip info data
* st-info - a programmer and chip information tool
* st-flash - a flash manipulation tool
* st-trace - a logging tool to record information on execution
* st-util - a GDB server
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
e609f6acdf3e4619d691d5325efb9cc8a9a1b9fa)
S. Brusch [Fri, 2 Feb 2024 12:28:37 +0000 (13:28 +0100)]
crowdsec: new upstream release version 1.6.0
Update crowdsec to latest upstream release version 1.6.0
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Package tested: not able to test run due to limited space (package is big)
Description: update to latest version of upstream
(cherry picked from commit
c08dac5ec52441d1aefc0bf8ef251fb1fae5ff8e)
Sibren Vasse [Wed, 20 Dec 2023 16:01:50 +0000 (17:01 +0100)]
openssh: fix build failure on powerpc_8548
https://github.com/openssh/openssh-portable/commit/
1036d77b34a5fa15e56f516b81b9928006848cbd
Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
(cherry picked from commit
a79c49578ca136556bd10d8990aa52ef4eb0664b)
Rucke Teg [Wed, 3 Jan 2024 22:11:05 +0000 (23:11 +0100)]
openssh: bump to 9.6p1
Release notes: https://www.openssh.com/txt/release-9.6
Signed-off-by: Rucke Teg <rucketeg@protonmail.com>
(cherry picked from commit
e8dfc6abbee88f35887c66ec785b081252d6d07d)
Thomas Kupper [Sat, 6 Jan 2024 10:49:36 +0000 (10:49 +0000)]
tailscale: create combined tailscale/tailscaled
Modify Makefile to combine tailscale and tailscaled according to
Tailscale documentatio (https://tailscale.com/kb/1207/small-tailscale)
This resulted for x86_64 in an exec of 31MB + the symlink. Before it
was 29MB (tailscaled) and 10MB (tailscale).
Signed-off-by: Thomas Kupper <thomas.kupper@gmail.com>
(cherry picked from commit
7bef195bbabcec88a2b9055846880fd93c2a8a7a)
Jan Hák [Mon, 29 Jan 2024 10:00:48 +0000 (11:00 +0100)]
knot: update to version 3.3.4
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
66c1065b453b46a709f5143459d8a4cee777f9a0)
Jan Hák [Wed, 13 Dec 2023 10:01:41 +0000 (11:01 +0100)]
knot: update to version 3.3.3
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
a693dd5821b11c442bff817cbc4a8193d0367839)
Carsten Schuette [Wed, 6 Sep 2023 12:42:12 +0000 (14:42 +0200)]
dawn: Add PKG_BUILD_FLAGS:=no-lto because lto causes strange SegFaults
Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
(cherry picked from commit
d9acb54dc49b63ea3b473d72543c76c02e93eb2d)
Carsten Schuette [Wed, 6 Sep 2023 07:09:02 +0000 (09:09 +0200)]
dawn: Update to 2023-05-14
Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
(cherry picked from commit
6c5c99d206e62b44de1bbe60b66deba459396508)
Nick Hainke [Tue, 2 Jan 2024 17:37:43 +0000 (18:37 +0100)]
snowflake: update to 2.8.1
Changelog:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/blob/v2.8.1/ChangeLog
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
4173327904acc61a0c2597dd881bc1fa51ad8894)
Rosen Penev [Sun, 4 Feb 2024 23:50:11 +0000 (15:50 -0800)]
mosquitto: reenable options wrongly turned off
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
69dc285ac9259241b65cc7d0c690236dbeaf743e)
Quintin Hill [Fri, 26 Jan 2024 21:52:23 +0000 (21:52 +0000)]
python-ble2mqtt: update to 0.2.2
b3b0cc8 version 0.2.2
85515cd roidmi: initial support for NEX2 Pro
62addc2 isort imports
8695649 README: update other govee to govee_ht
33f6ade ruuvitag: remove device class for counter
2099607 Rename key govee->govee_ht
12acacd codestyle updates
dbba43d ruuvitag: drop redundant import
84878e0 base: add and use HumidityTemperatureSensor
e9f0046 xiaomi_lywsd03_atc: make send_custom a class variable
2f4809a base: use lowercase for instance variable
5b1af17 govee: add manufacturer
7891691 ruuvitag: add manufacturer
cfd799b ruuvitag: remove inheritance from SubscribeAndSetDataMixin
7be28a1 codestyle updates
bffcf5e Add Govee H5074 temperature/humidity sensor support (#77)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
(cherry picked from commit
268ed6d3476f3f3170d71f7ceb91b8c6f2611ea2)
Quintin Hill [Fri, 26 Jan 2024 21:51:10 +0000 (21:51 +0000)]
python-dbus-fast: upgrade to 2.21.1
fix: avoid expensive runtime inspection of known callables (https://github.com/Bluetooth-Devices/dbus-fast/pull/277)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
(cherry picked from commit
8db974d8ebcc19882dd5af6d00248ee820bb5483)
Olivier Poitrey [Sun, 4 Feb 2024 23:50:58 +0000 (23:50 +0000)]
nextdns: Update to version 1.42.0
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
Erik Conijn [Wed, 17 Jan 2024 12:31:37 +0000 (13:31 +0100)]
Openvpn: add missing script-security
Maintainer: @neheb
Compile tested: armv7, cortexA15, OpenWRT 23.05
Run tested: Linksys EA8500
Compile tested: armv8, cortexA53, OpenWRT main
Run tested: Dynalink DL-WRX36
Description:
Script-security is always 2 and cannot be changed from the openvpn config file due to a missing rule in openvpn.init.
This is discussed in issue #23014
This patch adds the missing rule in openvpn.init to parse script-security from the openvpn config file.
Signed-off-by: Erik Conijn <egc112@msn.com>
(cherry picked from commit
7b40d179bcd04a1f3b5b794fd952ef431c833cad)
Sergey Ponomarev [Sat, 3 Feb 2024 20:13:22 +0000 (22:13 +0200)]
cloudflared: refine config.yml
The config.yml is an example of a tunnel local configuration.
But the cloudlfared treat it as a real config and fails to start.
So to avoid problems let's comment all the statements.
The `url: http://localhost:8000` is not a valid config option.
Additionally add a smale of configuring ingres rules.
The cloudflared.config has missing option token.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
(cherry picked from commit
b3580a76d8a4bc0bfa075ba3da945bfe92526871)
Tianling Shen [Thu, 1 Feb 2024 15:21:07 +0000 (23:21 +0800)]
dnsproxy: Update to 0.64.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
f6714eb01e60d56113b67831bfcd9fc83ea07ef7)
Tianling Shen [Tue, 30 Jan 2024 15:41:36 +0000 (23:41 +0800)]
inih: Update to r58
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
2c6453adb68a63aaa7a79d079038b08c288a0da6)
Tianling Shen [Tue, 30 Jan 2024 15:41:30 +0000 (23:41 +0800)]
rclone: Update to 1.65.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
4437234dc43095212299417ee25aa43266374f50)
Tianling Shen [Tue, 30 Jan 2024 15:41:25 +0000 (23:41 +0800)]
cloudflared: Update to 2024.1.5
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
17dfbd861360cae1a787c4618a0fe859d10e92da)
Tianling Shen [Tue, 30 Jan 2024 15:41:21 +0000 (23:41 +0800)]
dos2unix: Update to 7.5.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
38fc2d2e9f7dfa8ea50ddb89fd9ea76d0609d439)
Stan Grishin [Sat, 3 Feb 2024 23:15:44 +0000 (16:15 -0700)]
Merge pull request #23253 from stangri/openwrt-23.05-curl
[23.05] curl: update to 8.6.0
Rafał Miłecki [Sat, 3 Feb 2024 16:12:51 +0000 (17:12 +0100)]
Merge remote-tracking branch 'yggdrasil-openwrt/yggdrasil-for-23.05' into openwrt-23.05
[23.05] yggdrasil: overhaul package with netifd support
Compile tested: none, see below
Run tested: all package compiling and qa testing done in snapshots
Description: we must backport v0.5 into 23.05 because the breaking protocol situation with v.0.4. the counterpart package, luci-proto-yggdrasil is already in 23.05 feeds.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Konstantin Demin [Thu, 1 Feb 2024 00:28:09 +0000 (03:28 +0300)]
curl: update to 8.6.0
* https://curl.se/changes.html#8_6_0
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit
0f2c98d53f1aec96c21a707fc0e1a01b5a53a840)
Stan Grishin [Fri, 2 Feb 2024 12:57:47 +0000 (05:57 -0700)]
Merge pull request #23227 from stangri/openwrt-23.05-nebula
[23.05] nebula: update to 1.8.2-2
Stan Grishin [Thu, 25 Jan 2024 23:15:49 +0000 (23:15 +0000)]
nebula: update to 1.8.2-2
The following fixes have been applied to Makefile:
* fix the nebula license type
* add PKG_CPE_ID
* remove unneeded call to Build/Compile
* add leading spaces to descriptions
* add Package/nebula/conffiles definition
* remove unneeded /lib/upgrade/keep.d files
* no longer install actual license file
* add the README file
Kudos to @BKPepe and @
1715173329 for feedback which lead to these fixes
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
ae22bea8ddda7dd4409ea436e34c39073c954d8d)
Michael Heimpold [Wed, 31 Jan 2024 22:21:37 +0000 (23:21 +0100)]
Merge pull request #23201 from mhei/23.05-php8-update-to-8.2.15
[23.05] php8: update to 8.2.15
Hannu Nyman [Tue, 30 Jan 2024 18:47:51 +0000 (20:47 +0200)]
xz: Update to 5.4.6
Update xz to the version 5.4.6
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
a297c70c16e2828406628da1e0d485d16d006476)
Michael Heimpold [Tue, 30 Jan 2024 19:23:48 +0000 (20:23 +0100)]
php8: update to 8.2.15
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Andy Syam [Thu, 21 Dec 2023 09:14:06 +0000 (17:14 +0800)]
python-dbus-fast: update version 2.21.0
Signed-off-by: Andy Syam <privasisource@gmail.com>
(cherry picked from commit
81a5b89c96bab4e312c5e54debede14aaee22ba1)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
Quintin Hill [Mon, 18 Dec 2023 21:12:30 +0000 (21:12 +0000)]
python3-bleak: add missing python3-typing-extensions dependency
Dependency introduced by https://github.com/hbldh/bleak/commit/
21094e67cf5d238b911352ba8c45a33d72f47d80
and
https://github.com/hbldh/bleak/commit/
3c1fac9773e13acf52cebfe4e9df5c60bffaf76b
(And only for python versions below 3.12.)
Fixes: 64fa106 (python3-bleak: bump version to 0.21.1)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
(cherry picked from commit
fcb02c264b935cfb620d37c2f7eb98a042dd2e6a)
Ray Wang [Fri, 26 Jan 2024 15:04:21 +0000 (23:04 +0800)]
natmap: update to
20240126
Signed-off-by: Ray Wang <r@hev.cc>
(cherry picked from commit
42c6e10ada066e54071026930460e91ba14dfb4b)
Van Waholtz [Sat, 27 Jan 2024 07:39:48 +0000 (15:39 +0800)]
sing-box: update to 1.8.4
Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
(cherry picked from commit
49ab3e0018948ebcbad676f5640c3ca7e3984db5)
Dirk Brenken [Fri, 26 Jan 2024 18:51:05 +0000 (19:51 +0100)]
banip: update 0.9.3-5
* fix the nft Set survey function
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
79ae76806bbf118612b4036ee984e832aceba5f5)
Tianling Shen [Fri, 26 Jan 2024 04:20:05 +0000 (12:20 +0800)]
v2ray-geodata: Update to latest version
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
1aaa5c045dd835331d6c5bb70636e9d34d6bb530)
Tianling Shen [Wed, 24 Jan 2024 16:38:09 +0000 (00:38 +0800)]
v2raya: do not allow changing config/log directory
We need stable path to persist configurations and read log from LuCI.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
272cff0d1c6265fe374aeed582423858beedf6bc)
Tianling Shen [Wed, 24 Jan 2024 16:16:35 +0000 (00:16 +0800)]
dnsproxy: Update to 0.63.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
3711f7f6d2b44e85bd149f54038a3361726fce72)
Tianling Shen [Sun, 14 Jan 2024 06:07:45 +0000 (14:07 +0800)]
rclone: Update to 1.65.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
05b61b3b6d8c3e2ab8f20e8b08932adfd25fbc3a)
Tianling Shen [Sun, 14 Jan 2024 06:07:39 +0000 (14:07 +0800)]
xray-core: Update to 1.8.7
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
ea4bbc46e19de971e72b44126bb429ecf158c2de)
Tianling Shen [Sat, 20 Jan 2024 04:54:09 +0000 (12:54 +0800)]
cloudflared: Update to 2024.1.4
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
48b55bde67715de3b7f01cb099e552abbf86a12e)
Tianling Shen [Sun, 14 Jan 2024 06:08:15 +0000 (14:08 +0800)]
cloudflared: Update to 2024.1.2
Finally fixed build with Go 1.21.
Fixes: #22383
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
d16377d23fd08e8c5583bba6d93afd89ad3144eb)
Nikos Mavrogiannopoulos [Wed, 24 Jan 2024 10:37:37 +0000 (11:37 +0100)]
Merge pull request #23137 from nmav/tmp-new-ocserv-23.05
23.05: update ocserv to 1.2.4
Nikos Mavrogiannopoulos [Wed, 24 Jan 2024 09:53:49 +0000 (10:53 +0100)]
gnutls: updated to 3.8.3
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Nikos Mavrogiannopoulos [Wed, 24 Jan 2024 09:37:49 +0000 (10:37 +0100)]
ocserv: updated to 1.2.4
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Erik Conijn [Sun, 24 Dec 2023 10:26:26 +0000 (11:26 +0100)]
Openvpn: add missing script event options
Maintainer: @mkrkn @neheb
Compile tested: aarch64, cortex-a53, OpenWRT Master
Run tested: Dynalink DL-WRX36
Description:
[A previous commit](https://github.com/openwrt/packages/commit/
f8a8b71e26b9bdbf86fbb7d4d1482637af7f3ba4) has added more script event options.
However it looked like that commit was not complete as it stops the use of the script events route-up, route-pre-down, and ipchange when those are placed in the openvpn config file.
This PR fixes a regression that makes it problematic to specify certain event options in the OpenVPN configuration file.
Discussion in [this thread](https://forum.openwrt.org/t/openvpn-custom-route-up-script-in-23-05-rc2/167105/13) and [here](https://forum.openwrt.org/t/openvpn-route-up-and-route-pre-down-broken-in-23-05/176568)
Please have a look and consider implementing or make it possible to use all script event options in the openvpn config file in another way.
Pull request has been discussed and improved with the help of @AuthorReflex, see: https://github.com/openwrt/packages/pull/21732
Signed-off-by: Erik Conijn <egc112@msn.com>
(cherry picked from commit
7735cdfe6046a4f8690c8cf7e4a05a8cff5622dd)
John Audia [Fri, 19 Jan 2024 18:23:42 +0000 (20:23 +0200)]
htop: update to 3.3.0
Changelog: https://github.com/htop-dev/htop/compare/3.2.2...3.3.0
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
3ee7b46610e9dbd8fd2bba87bd06024cd0d9c08f)
Stan Grishin [Fri, 19 Jan 2024 06:22:51 +0000 (23:22 -0700)]
Merge pull request #23127 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: update to 1.1.1-3
Stan Grishin [Fri, 19 Jan 2024 00:02:55 +0000 (00:02 +0000)]
adblock-fast: update to 1.1.1-3
* allow top-level domains in the blocked-domains options fixes
https://github.com/openwrt/packages/issues/23125
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
0f059b6523f3720441cf608cbd9769265d859de6)
Stan Grishin [Wed, 17 Jan 2024 17:45:21 +0000 (10:45 -0700)]
Merge pull request #23117 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: sync with main branch
Stan Grishin [Wed, 17 Jan 2024 17:38:05 +0000 (17:38 +0000)]
adblock-fast: sync with main branch
* somehow parts of the code of the init script got different between the
main branch and release branch, this PR fixes that.
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Stan Grishin [Wed, 17 Jan 2024 17:14:23 +0000 (10:14 -0700)]
Merge pull request #23101 from stangri/openwrt-23.05-nebula
[23.05] nebula: update to 1.8.2
Stan Grishin [Sun, 14 Jan 2024 19:13:54 +0000 (19:13 +0000)]
nebula: update to 1.8.2
* update to 1.8.2: https://github.com/slackhq/nebula/releases/tag/v1.8.2
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
91afa9f641382c459a19321127bac04cf296efaa)
Tianling Shen [Sat, 13 Jan 2024 06:22:26 +0000 (14:22 +0800)]
Merge pull request #23085 from muink/openwrt-23.05
[23.05] sing-box: Update to 1.8.0
Anya Lin [Sat, 6 Jan 2024 08:46:27 +0000 (16:46 +0800)]
sing-box: update to 1.8.0
New features for v1.8.0:
1. Migrate cache file from Clash API to independent options
2. Introducing Rule Set
3. Add `sing-box geoip`, `sing-box geosite` and `sing-box rule-set` commands
4. Allow nested logical rules
5. Independent `source_ip_is_private` and `ip_is_private` rules
6. Add context to JSON decode error message
7. Reject internal fake-ip queries
8. Add GSO support for TUN and WireGuard system interface
9. The legacy LWIP stack has been deprecated and removed
10. Add `idle_timeout` for URLTest outbound
11. Added some new uTLS fingerprints
...
Release notes: https://github.com/SagerNet/sing-box/releases/tag/v1.8.0
The new version has some breaking changes and may stop working after upgrading if use the original config.
Please see the migration manual to migrate the config: https://sing-box.sagernet.org/migration/
Signed-off-by: Anya Lin <hukk1996@gmail.com>
(cherry picked from commit
8fe2f6848511c3edd2feb46c04c1f8b6ffd1b99e)
Tianling Shen [Sun, 31 Dec 2023 05:24:03 +0000 (13:24 +0800)]
rust: Update to 1.75.0
Changelog: https://blog.rust-lang.org/2023/12/28/Rust-1.75.0.html
Refreshed patches.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
546e6eba4fd14607e8068787cea8e3d7f9f49e42)
Tianling Shen [Sun, 31 Dec 2023 05:36:26 +0000 (13:36 +0800)]
rust: unexport host sccache env variable
Users might configure their own env variables on the host, and sometimes
it can lead build failure or unexpected behavior.
Fixes: #22889
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
9f01010958b9f57ef51903f69c7223eaefabf139)
Tianling Shen [Wed, 3 Jan 2024 07:15:20 +0000 (15:15 +0800)]
dnsproxy: Update to 0.61.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
37a77ffaf5105c31ee35b009691fa0b8a1c6a64a)
Tianling Shen [Wed, 3 Jan 2024 07:15:54 +0000 (15:15 +0800)]
v2ray-geodata: Update to latest versin
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
6316772b3d317a3420cfd5fc586da9f2b7e7af80)
Tianling Shen [Wed, 3 Jan 2024 07:15:11 +0000 (15:15 +0800)]
v2raya: Update to 2.2.4.6
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
ce684797e67d79fcef93ca0ecec58a757e51e94a)
Tianling Shen [Mon, 8 Jan 2024 03:49:36 +0000 (11:49 +0800)]
btop: Update to 1.3.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
37ce0e6803f1d3f116bbd59ff7f14e160c99aa47)
Javier Marcet [Sun, 9 Jul 2023 13:26:52 +0000 (15:26 +0200)]
btop: opt out of lto usage
Signed-off-by: Javier Marcet <javier@marcet.info>
(cherry picked from commit
107312a73f29a6a99df5b0dca3aec99986358512)
Thibaut VARÈNE [Tue, 9 Jan 2024 16:47:28 +0000 (17:47 +0100)]
uspot: update to Git HEAD (2024-01-09)
0cffba9458d3 treewide: add support for RADIUS Reply-Message
c9fb744fdee8 treewide: add support for 'lang=' & ChilliSpot-Lang
584a162cb19a handler-uam: ensure that 'seconds_remaining' is always set
bd1f7c5de1ae Makefile: align with packages feed one
0ea6ad3c4e54 Makefile: mark uspot-www and uspotfilter "PKGARCH:=all"
e6a286ccfdbf uspot/uspotfilter: use 'logger -t'
427ed16cfde5 uspot: expose ratelimits in client data
4ba1dd9c5135 uspot: don't send NAS-Port-Type
78a37ef49b85 templates: add id="replymsg" to reply msg header
e3f4e179fd17 templates: show remaining time in "connected"
398762dff711 radius-client: correctly use str_to_hex()
730ef800d9da templates: simplify HTML
6bb39282fd8f Documentation update
b6c802adac19 portal: handle_request() logic refactoring
1aa1a5eb28d7 uspotfilter: implement peer_lookup()
ba5547ec61f1 portal: speedup peer lookup by leveraging spotfilter
d551376c29bb templates: added html5 time tag to timeleft output
154c98e0b77b uspotfilter: mark client as active when set()
8dcb03a37a77 uspotfilter: rework neigh management
cfb2ce7909da uspotfilter: use client_remove() where applicable
8411314dbf90 Documentation update
8dacf3df9935 uspot: use a single operation for client removal
297b7857c1e0 uspotfilter: fix DELNEIGH processing
76003917c205 uspotfilter: client_set() only clear idle when allowing
f46a855c5085 uspotfilter: remove botched IPv6 "support"
4ff31cbf0e2b uspot: client_remove(): stay in sync with spotfilter
edc9ad7e60a3 uspot/uspotfilter: use ucode-mod-log for logging
52e24aecf2db uspotfilter: use ucode '??=' syntax
c4b6f2f0bb1e Update README
Update the package Makefile to reflect the changes from the following
above-listed commits:
0ea6ad3c4e54 Makefile: mark uspot-www and uspotfilter "PKGARCH:=all"
edc9ad7e60a3 uspot/uspotfilter: use ucode-mod-log for logging
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit
ab20c1bd90df66c8351a063a7a3318100f5c22af)
Dirk Brenken [Tue, 9 Jan 2024 21:22:57 +0000 (22:22 +0100)]
travelmate: update 2.1.2-2
* fix a possible re-connection issue/cornercase seen on single radio units
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
4518ecf60bb271fb510192661df7ea85b67a51d8)
Stan Grishin [Tue, 9 Jan 2024 02:47:34 +0000 (19:47 -0700)]
Merge pull request #23077 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: bugfix: pause command
Stan Grishin [Sun, 7 Jan 2024 23:07:34 +0000 (23:07 +0000)]
adblock-fast: bugfix: pause command
* the pause command used to incorrectly cause block-lists reload, this
has been fixed in this version
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
dfeeabbebf7fa337f02fa24d40a488e2acfccbbb)
Dirk Brenken [Sun, 7 Jan 2024 17:10:49 +0000 (18:10 +0100)]
banip: update 0.9.3-4
* made the default mail template "responsive" to get a better view esp. on mobile devices
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
6c9cd775962a3165b70ab7722ba1c6a98b3b5f15)
Dirk Brenken [Sat, 6 Jan 2024 18:53:30 +0000 (19:53 +0100)]
travelmate: release 2.1.2-1
* fix a station scanning issue on single radio units (mainly a LuCI/JS issue) reported in the forum by multiple users
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
ce20f8d88be4fefaae15b06d18eef1639e992cd8)
Marc Ole Bulling [Mon, 27 Nov 2023 16:15:17 +0000 (17:15 +0100)]
travelmate: Added H-Rewards hotel login
Signed-off-by: Marc Ole Bulling <Marc-Ole@gmx.de>
(cherry picked from commit
f12c63b9b988b2046fb2059fd9ce7b2fd2efd4b4)
William Fleurant [Tue, 28 Nov 2023 11:25:43 +0000 (12:25 +0100)]
yggdrasil: bump to 0.5.4
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit
6820b2b318aaa42225b4a1dc5bb01a1f58fcfdd8)
William Fleurant [Sun, 26 Nov 2023 19:41:51 +0000 (20:41 +0100)]
yggdrasil: bump to 0.5.3
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit
1b4455cbe1dd114592ab6cda386f9d699e6ae55b)
William Fleurant [Sat, 18 Nov 2023 08:41:50 +0000 (09:41 +0100)]
yggdrasil: support public key in config generation
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit
f0c4517d2e048fb5568dfa88d703d1a7310c52bc)
William Fleurant [Sat, 11 Nov 2023 16:01:21 +0000 (17:01 +0100)]
yggdrasil: overhaul package with netifd support
- package is bumped to 0.5.2
- new protocol changes prevent peering with 0.4.x peers
- @turretkeeper revamps package with netifd support
- do not use with luci-app-yggdrasil please install luci-proto-yggdrasil
Signed-off-by: William Fleurant <meshnet@protonmail.com>
(cherry picked from commit
99c7c36ce16de656ed730b7a04fd55afceabb6dd)
Stan Grishin [Thu, 4 Jan 2024 23:09:47 +0000 (16:09 -0700)]
Merge pull request #22986 from stangri/openwrt-23.05-nebula
[23.05] nebula: update to 1.8.1
Joel Low [Thu, 14 Dec 2023 12:00:32 +0000 (20:00 +0800)]
strongswan: trigger reload when interfaces are specified
Fixes #20848
Add interface triggers if interfaces to listen to are specified in
`/etc/config/ipsec`. This fixes the "running with no instances" scenario
after rebooting a router.
Signed-off-by: Joel Low <joel@joelsplace.sg>
(cherry picked from commit
f2d209e4fff3048883ee5953c3a312d9f5aaab1b)
Anya Lin [Sat, 30 Dec 2023 14:44:52 +0000 (22:44 +0800)]
sing-box: Update to 1.7.7
Signed-off-by: Anya Lin <hukk1996@gmail.com>
(cherry picked from commit
2cf219c8379e178622b5e302754b4b87b581bc56)
Michael Heimpold [Fri, 29 Dec 2023 09:03:43 +0000 (10:03 +0100)]
Merge pull request #23000 from mhei/23.05-php8-update-to-8.2.14
[23.05] php8: update to 8.2.14
Alexandru Ardelean [Thu, 28 Dec 2023 17:57:52 +0000 (19:57 +0200)]
django: bump to version 4.2.8
To address
https://nvd.nist.gov/vuln/detail/CVE-2023-43665
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Dirk Brenken [Thu, 28 Dec 2023 20:13:16 +0000 (21:13 +0100)]
banip: update 0.9.3-3
* more init fixes
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
8c8a335eaf240802334c58fc5a076c33e8215056)
projects / feed / packages.git / log