feed/packages.git
4 years agoicu: fix CVE-2020-10531 11626/head
Hirokazu MORIKAWA [Fri, 20 Mar 2020 23:29:38 +0000 (08:29 +0900)]
icu: fix CVE-2020-10531

FIX CVE-2020-10531
 An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
4 years agoopenvswitch: fix PIE build against 4.14 kernel
Yousong Zhou [Mon, 16 Mar 2020 07:25:51 +0000 (15:25 +0800)]
openvswitch: fix PIE build against 4.14 kernel

Reported-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/pull/11567
(cherry picked from commit e9d6414437d27803a16b5d96c48b45140e989e5e)

4 years agophp7: update to 7.2.28
Michael Heimpold [Tue, 25 Feb 2020 21:35:15 +0000 (22:35 +0100)]
php7: update to 7.2.28

This fixes:
  - CVE-2020-7062
  - CVE-2020-7063

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 95c72d8abaa8a99471275ae0723e4d941f36d81a)

4 years agophp7: update to 7.2.27
Michael Heimpold [Fri, 7 Feb 2020 20:09:24 +0000 (21:09 +0100)]
php7: update to 7.2.27

This fixes:
  - CVE-2020-7059
  - CVE-2020-7060

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 3cf0c61f2ee1b94c8b09adb8c1cbc79281cfc32d)

4 years agoxl2tpd: fix building failure caused by pfc
Yousong Zhou [Fri, 18 Oct 2019 11:30:30 +0000 (11:30 +0000)]
xl2tpd: fix building failure caused by pfc

Fixes openwrt/packages#10270

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 0412c20f1b2d2e1f8b8c7e101aae6f66be50690a)

4 years agoxl2tpd: bump to version 1.3.15
Yousong Zhou [Mon, 14 Oct 2019 07:05:26 +0000 (07:05 +0000)]
xl2tpd: bump to version 1.3.15

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/issues/11418
(cherry picked from commit 620ba386b4ffd38911e7ddf0c864979c0f834a11)

4 years agoicu: bump proper variable.
Rosen Penev [Wed, 19 Feb 2020 02:50:21 +0000 (18:50 -0800)]
icu: bump proper variable.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agoicu: backport upstream ARC patch
Rosen Penev [Sun, 16 Feb 2020 07:01:20 +0000 (23:01 -0800)]
icu: backport upstream ARC patch

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agonano: update to 4.8
Hannu Nyman [Sat, 8 Feb 2020 09:24:35 +0000 (11:24 +0200)]
nano: update to 4.8

Update nano editor to version 4.8

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 7bc96280d31470b7dda75315154c8df72bde222a)

4 years agoMerge pull request #11252 from neheb/i22p
Rosen Penev [Fri, 7 Feb 2020 03:08:00 +0000 (19:08 -0800)]
Merge pull request #11252 from neheb/i22p

i2pd: fix various issues in 18.06

4 years agoi2pd: move chmod command 11252/head
Rosen Penev [Wed, 5 Feb 2020 02:50:35 +0000 (18:50 -0800)]
i2pd: move chmod command

Similar change to upstream.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agoi2pd: Move DATADIR to /var/lib/i2pd, fix #5693
David Yang [Sun, 4 Mar 2018 16:58:43 +0000 (00:58 +0800)]
i2pd: Move DATADIR to /var/lib/i2pd, fix #5693

Original author: dartraiden <wowemuh@gmail.com>

Signed-off-by: David Yang <mmyangfl@gmail.com>
4 years agoMerge pull request #11227 from micmac1/sqlite3-18.06-2
Hannu Nyman [Mon, 3 Feb 2020 20:41:35 +0000 (22:41 +0200)]
Merge pull request #11227 from micmac1/sqlite3-18.06-2

[18.06] sqlite3: bump to 3.31.1

4 years agosqlite3: bump to 3.31.1 11227/head
Sebastian Kemper [Mon, 3 Feb 2020 19:19:17 +0000 (20:19 +0100)]
sqlite3: bump to 3.31.1

Upstreamed patch removed.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #11186 from micmac1/18.06-maria-10.1.44
Rosen Penev [Fri, 31 Jan 2020 00:30:19 +0000 (16:30 -0800)]
Merge pull request #11186 from micmac1/18.06-maria-10.1.44

[18.06] mariadb: security bump to 10.1.44

4 years agomariadb: security bump to 10.1.44 11186/head
Sebastian Kemper [Thu, 30 Jan 2020 21:21:50 +0000 (22:21 +0100)]
mariadb: security bump to 10.1.44

Addresses CVE-2020-2574. Patches refreshed.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoddns-scripts: Change protocols of afraid.org urls to HTTPS.
Kwonjin Jeong [Sat, 30 Nov 2019 18:14:33 +0000 (03:14 +0900)]
ddns-scripts: Change protocols of afraid.org urls to HTTPS.

- Use HTTPS protocol for updating urls for afraid.org to protect the password.
- Bump/align package version number.

Signed-off-by: Kwonjin Jeong <gram25gwh@gmail.com>
(cherry-picked from e25b55899927eb5638cc6a13a568ee4271eed2b2)

4 years agonode-hid: fix i386 build fail
Hirokazu MORIKAWA [Wed, 17 Apr 2019 05:55:05 +0000 (14:55 +0900)]
node-hid: fix i386 build fail

more stability for parallel build

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from 1aa55f86b56766074677bcda23f19cd7e5b5601f)

4 years agonode-serialport: fix i386 build fail
Hirokazu MORIKAWA [Fri, 19 Apr 2019 00:22:23 +0000 (09:22 +0900)]
node-serialport: fix i386 build fail

more stability for parallel build

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from 1ce1ca6e0622c6ad7fb61e44b7c96b028939186a)

4 years agoMerge pull request #11124 from stangri/18.06-https-dns-proxy
Hannu Nyman [Sun, 26 Jan 2020 20:39:51 +0000 (22:39 +0200)]
Merge pull request #11124 from stangri/18.06-https-dns-proxy

[18.06] https-dns-proxy: fix deleting server items, configurable dnsmasq settings change

4 years agoMerge pull request #11127 from micmac1/18.06-tiff
Jiri Slachta [Sun, 26 Jan 2020 17:27:28 +0000 (18:27 +0100)]
Merge pull request #11127 from micmac1/18.06-tiff

[18.06] tiff: update to 4.1.0

4 years agotiff: update version to 4.1.0 11127/head
Jiri Slachta [Mon, 11 Nov 2019 20:49:06 +0000 (21:49 +0100)]
tiff: update version to 4.1.0

Signed-off-by: Jiri Slachta <jiri@slachta.eu>
4 years agotiff: patch security issues
Jan Pavlinec [Tue, 9 Apr 2019 11:28:10 +0000 (13:28 +0200)]
tiff: patch security issues

Fixes
CVE-2019-7663
CVE-2019-6128

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
4 years agohttps-dns-proxy: fix deleting server items, configurable dnsmasq settings change 11124/head
Stan Grishin [Sun, 26 Jan 2020 04:15:13 +0000 (21:15 -0700)]
https-dns-proxy: fix deleting server items, configurable dnsmasq settings change

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoMerge pull request #9795 from LoEE/jpc/git-macos-cross
Rosen Penev [Sat, 25 Jan 2020 23:25:00 +0000 (15:25 -0800)]
Merge pull request #9795 from LoEE/jpc/git-macos-cross

[18.06]git: fix cross compilation on macOS

4 years agolibsoup: fix intltool host dependency. Cleaup some build args
Ted Hess [Tue, 13 Nov 2018 21:31:57 +0000 (16:31 -0500)]
libsoup: fix intltool host dependency. Cleaup some build args

Signed-off-by: Ted Hess <thess@kitschensync.net>
(cherry-picked from 0daec55ce50d4dffae040645227a718ce528b978)

4 years agoavrdude: Fix GPIO path building
Rosen Penev [Tue, 2 Jul 2019 17:07:53 +0000 (10:07 -0700)]
avrdude: Fix GPIO path building

%ud is a GNU extension. It's not really supported elsewhere.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 536c6b8be7cb620f6258cbcb7e85a50662976f2b)

4 years agozerotier: add /etc/config/zerotier as configuration file 11094/head
Josef Schlehofer [Wed, 22 Jan 2020 11:44:36 +0000 (12:44 +0100)]
zerotier: add /etc/config/zerotier as configuration file

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agolibseccomp: add seccomp-syscalls.h to InstallDev
Josef Schlehofer [Thu, 16 Jan 2020 11:45:15 +0000 (12:45 +0100)]
libseccomp: add seccomp-syscalls.h to InstallDev

In the version 2.4.2, there was introduced a new header file.
Ship it to InstallDev

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #11023 from jefferyto/golang-goarm-fix-openwrt-18.06
Rosen Penev [Tue, 14 Jan 2020 20:09:20 +0000 (12:09 -0800)]
Merge pull request #11023 from jefferyto/golang-goarm-fix-openwrt-18.06

[openwrt-18.06] golang: Fix selection of GOARM value

4 years agogolang: Fix selection of GOARM value 11023/head
Jeffery To [Tue, 14 Jan 2020 16:59:28 +0000 (00:59 +0800)]
golang: Fix selection of GOARM value

This fixes how GOARM is selected for arm platforms, based on support for
VFP/VFPv3 rather than CPU version.

Fixes #10967.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agoMerge pull request #10995 from BKPepe/libseccomp-18.06
Nikos Mavrogiannopoulos [Mon, 13 Jan 2020 21:57:13 +0000 (22:57 +0100)]
Merge pull request #10995 from BKPepe/libseccomp-18.06

[18.06] libseccomp: update to version 2.4.2

4 years agolibseccomp: update to version 2.4.2 10995/head
Josef Schlehofer [Sun, 12 Jan 2020 11:42:42 +0000 (12:42 +0100)]
libseccomp: update to version 2.4.2

Fixes CVE-2019-9893

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agotransmission: sync with master
Rosen Penev [Sat, 11 Jan 2020 02:11:03 +0000 (18:11 -0800)]
transmission: sync with master

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agoMerge pull request #10832 from BKPepe/git-18.06
Josef Schlehofer [Wed, 1 Jan 2020 12:04:17 +0000 (13:04 +0100)]
Merge pull request #10832 from BKPepe/git-18.06

[OpenWrt 18.06] git: Update to version 2.16.6 (security fix)

4 years agogit: Update to version 2.16.6 (security fix)
Josef Schlehofer [Wed, 18 Dec 2019 22:18:11 +0000 (23:18 +0100)]
git: Update to version 2.16.6 (security fix)

Fixes CVEs:
CVE-2018-17456
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #10858 from BKPepe/wget-18.06
tripolar [Mon, 30 Dec 2019 13:03:47 +0000 (14:03 +0100)]
Merge pull request #10858 from BKPepe/wget-18.06

[OpenWrt 18.06] wget: fix CVE-2019-5953

4 years agolcdgrilo: Fix compilation with newer Vala
Rosen Penev [Mon, 16 Sep 2019 03:06:09 +0000 (20:06 -0700)]
lcdgrilo: Fix compilation with newer Vala

It seems semantics changed slightly.

Cleaned up Makefile for consistency between packages.

Added PKG_BUILD_PARALLEL for faster compilation.

Fixed license information.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 16fb706641222ac44f61aaee6161b2cb4596336d)

4 years agolcdgrilo: Depend on vala/host instead
Rosen Penev [Fri, 6 Sep 2019 17:18:05 +0000 (10:18 -0700)]
lcdgrilo: Depend on vala/host instead

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 5935670ba14ed575799e4df4e4227826e3fef682)

4 years agolcdgrilo: remove check dependency
Eneas U de Queiroz [Sat, 8 Dec 2018 02:28:36 +0000 (00:28 -0200)]
lcdgrilo: remove check dependency

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from 2e8b7358c4c336a5a5845351db642e8f45aa61d2)

4 years agonano: update to 4.7
Hannu Nyman [Sun, 29 Dec 2019 13:18:27 +0000 (15:18 +0200)]
nano: update to 4.7

Update nano to version 4.7

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit c62f8962ba3cf4e044941e372a155a97e5438ebd)

4 years agoMerge pull request #10889 from EricLuehrsen/unbound_196_1806
Hannu Nyman [Sat, 28 Dec 2019 20:33:00 +0000 (22:33 +0200)]
Merge pull request #10889 from EricLuehrsen/unbound_196_1806

[18.06] unbound: update to 1.9.6

4 years agounbound: update to 1.9.6 10889/head
Eric Luehrsen [Wed, 18 Dec 2019 05:06:26 +0000 (00:06 -0500)]
unbound: update to 1.9.6

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
4 years agogrilo: copy vapi files to versioned vala dir
Eneas U de Queiroz [Thu, 13 Dec 2018 17:31:12 +0000 (15:31 -0200)]
grilo: copy vapi files to versioned vala dir

The version is obtained via `valac --api-version`

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from 8d0c849e561bd5a984ccd2e99c67a7f9c4ed68f1)

4 years agogrilo: update vapi files, copy to unversioned dir
Eneas U de Queiroz [Mon, 10 Dec 2018 02:25:21 +0000 (00:25 -0200)]
grilo: update vapi files, copy to unversioned dir

Updates vapigen-generated vapi files to vala-0.34.
Files are now copied to $(STAGING_DIR_HOSTPKG)/share/vala/vapi, without
the vala version being hardcoded.
Removed copyright line, and redundant PKG_BUILD_DEPENDS and
TARGET_LDFLAGS.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from 1b794e93e356c35b7c4d09019a0364e237efdbc6)

4 years agolcdproc: Fix non x86 platforms on musl
Rosen Penev [Wed, 7 Aug 2019 22:24:55 +0000 (15:24 -0700)]
lcdproc: Fix non x86 platforms on musl

Musl only specifies in/outb for x86/x86. Use the fallback path in case
musl is used.

This should fail compilation during the linking stage but for some reason
does not. Will do if -Werror=implicit-function-declaration is specified.

Fixed up license information.

Other small cleanups.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from fa40b85f20f697e4c0b7b96b77b3a40902c72605)

4 years agoMerge pull request #10763 from leonghui/wiki-link-update-18.06
Rosen Penev [Mon, 23 Dec 2019 05:44:56 +0000 (21:44 -0800)]
Merge pull request #10763 from leonghui/wiki-link-update-18.06

[18.06] treewide: replace old wiki links

4 years agophp7: update to 7.2.26
Michael Heimpold [Wed, 18 Dec 2019 19:57:14 +0000 (20:57 +0100)]
php7: update to 7.2.26

This fixes:
  - CVE-2019-11046
  - CVE-2019-11044
  - CVE-2019-11045
  - CVE-2019-11050
  - CVE-2019-11047

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit d5c18b1d5e7171a23e17ec9fd3604f794a336f1e)

4 years agobind: Update to version 9.11.14
Josef Schlehofer [Sat, 21 Dec 2019 19:48:21 +0000 (20:48 +0100)]
bind: Update to version 9.11.14

Add patch to fix compile issue:
stats.c: In function 'setcounter':
stats.c:300:29: error: 'val' undeclared (first use in this function); did you mean 'value'?
  stats->counters[counter] = val;
                             ^~~
                             value

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agowget: fix CVE-2019-5953 10858/head
Josef Schlehofer [Sat, 21 Dec 2019 18:57:15 +0000 (19:57 +0100)]
wget: fix CVE-2019-5953

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #10855 from BKPepe/python3-18.06
Hannu Nyman [Sat, 21 Dec 2019 18:07:27 +0000 (20:07 +0200)]
Merge pull request #10855 from BKPepe/python3-18.06

[OpenWrt 18.06] python3: Updated to version 3.6.10

4 years agopython3: Updated to version 3.6.10 10855/head
Josef Schlehofer [Sat, 21 Dec 2019 12:50:01 +0000 (13:50 +0100)]
python3: Updated to version 3.6.10

Remove backported patches:
025-bpo-34155-Dont-parse-domains-containing-GH-13079-GH-.patch
026-bpo-38243-xmlrpc.server-Escape-the-server_title-GH-1.patch

Fixes CVE-2019-16056

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #10846 from cshoredaniel/pr-18.06-fix-nut-cgi-initscript
Rosen Penev [Sat, 21 Dec 2019 15:02:17 +0000 (07:02 -0800)]
Merge pull request #10846 from cshoredaniel/pr-18.06-fix-nut-cgi-initscript

nut: Fix NUT CGI startup script

4 years agonut: Fix NUT CGI startup script 10846/head
Daniel F. Dickinson [Tue, 17 Dec 2019 11:17:53 +0000 (06:17 -0500)]
nut: Fix NUT CGI startup script

Commit c1aa1f784c737283b281da7a541921a88a81e684 which backported
a number of fixes from master, missed one fix for nut-cgi.  If
nut-cgi is installed standalone or nut-cgi starts before nut-server
(the default in 18.04.5) then the configuration file directory does
not get create and therefore there is no CGI configuration file.
This commit fixes that.

Closes: #10687
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
4 years agoMerge pull request #10752 from stangri/18.06-https-dns-proxy
Rosen Penev [Thu, 19 Dec 2019 00:14:35 +0000 (16:14 -0800)]
Merge pull request #10752 from stangri/18.06-https-dns-proxy

[18.06] https-dns-proxy: switch to https-dns-proxy package name

4 years agogit: Update to version 2.16.6 (security fix) 10832/head
Josef Schlehofer [Wed, 18 Dec 2019 22:18:11 +0000 (23:18 +0100)]
git: Update to version 2.16.6 (security fix)

Fixes CVEs:
CVE-2018-17456
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agohttps-dns-proxy: switch to https-dns-proxy package name 10752/head
Stan Grishin [Tue, 10 Dec 2019 22:42:15 +0000 (15:42 -0700)]
https-dns-proxy: switch to https-dns-proxy package name

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agotreewide: update wiki links 10763/head
Leong Hui Wong [Sat, 14 Dec 2019 07:31:54 +0000 (15:31 +0800)]
treewide: update wiki links

Signed-off-by: Leong Hui Wong <wong.leonghui@gmail.com>
4 years agoMerge pull request #10744 from luizluca/libvpx-fixcve
Rosen Penev [Wed, 11 Dec 2019 06:58:11 +0000 (22:58 -0800)]
Merge pull request #10744 from luizluca/libvpx-fixcve

[18.06] libvpx: backport security fixes

4 years agolibvpx: backport security fixes 10744/head
Luiz Angelo Daros de Luca [Mon, 9 Dec 2019 23:34:30 +0000 (20:34 -0300)]
libvpx: backport security fixes

Fixes CVE-2019-9232 CVE-2019-9325 CVE-2019-9371 CVE-2019-9433.

From: openwrt/telephony#492

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
4 years agoluajit: install libluajit-5.1.so.2 10710/head
W. Michael Petullo [Thu, 9 Aug 2018 11:29:13 +0000 (07:29 -0400)]
luajit: install libluajit-5.1.so.2

Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry-picked from commit 30d5958)

4 years agoluajit: add .hpp to InstallDev
W. Michael Petullo [Mon, 6 Aug 2018 00:21:52 +0000 (20:21 -0400)]
luajit: add .hpp to InstallDev

Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry-picked from commit efb7d0be6dd7882748d337391c5568d829bf17f5)

4 years agonano: update to 4.6
Hannu Nyman [Sun, 1 Dec 2019 12:25:17 +0000 (14:25 +0200)]
nano: update to 4.6

Update nano editor to version 4.6

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 421dae85a3525f9772bbada523758490a926be3c)

4 years agoMerge pull request #10678 from gladiac1337/haproxy-1.8.23-openwrt-18.06
Hannu Nyman [Fri, 29 Nov 2019 15:30:09 +0000 (17:30 +0200)]
Merge pull request #10678 from gladiac1337/haproxy-1.8.23-openwrt-18.06

[openwrt-18.06] haproxy: Update HAProxy to v1.8.23

4 years agohaproxy: Update HAProxy to v1.8.23 10678/head
Christian Lachner [Fri, 29 Nov 2019 13:01:50 +0000 (14:01 +0100)]
haproxy: Update HAProxy to v1.8.23

- Update haproxy download URL and hash
- This fixes CVE-2019-19330 (See: https://nvd.nist.gov/vuln/detail/CVE-2019-19330)

Signed-off-by: Christian Lachner <gladiac@gmail.com>
4 years agotransmission: sync with master branch
Daniel Golle [Thu, 28 Nov 2019 17:38:11 +0000 (18:38 +0100)]
transmission: sync with master branch

Fixes to init-script were not cherry-picked properly, sync it with
version found in master branch.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry-picked from a79d6df674db68637d10b9d353d028c206c50e18)

4 years agotor: update to version 4.1.6
Jan Pavlinec [Thu, 14 Nov 2019 14:12:58 +0000 (15:12 +0100)]
tor: update to version 4.1.6

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
4 years agoMerge pull request #9836 from cotequeiroz/grilo-plugins_xml
Rosen Penev [Wed, 27 Nov 2019 21:37:07 +0000 (13:37 -0800)]
Merge pull request #9836 from cotequeiroz/grilo-plugins_xml

[18.06] grilo plugins: fix build errors

4 years agogrilo-plugins: adjust CONFIGURE_ARGS 9836/head
Eneas U de Queiroz [Mon, 26 Aug 2019 17:17:36 +0000 (14:17 -0300)]
grilo-plugins: adjust CONFIGURE_ARGS

Removed unused flags, and added --enable-compile-warnings=minimum to
avoid a build failure with fortify-headers:
In file included from [staging_dir/target]/usr/include/libxml2/libxml/tree.h:15:0,
                 from [staging_dir/target]/usr/include/libxml2/libxml/parser.h:16,
                 from grl-jamendo.c:32:
[staging_dir/toolchain]/include/fortify/stdio.h: In function 'snprintf':
[staging_dir/toolchain]/include/fortify/stdio.h:99:2: error: format not
a string literal, argument types not checked [-Werror=format-nonliteral]
  return __orig_snprintf(__s, __n, __f, __builtin_va_arg_pack());
  ^~~~~~

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
4 years agogrilo-plugins: remove XML::Parser build dependency
Eneas U de Queiroz [Wed, 12 Dec 2018 00:29:16 +0000 (22:29 -0200)]
grilo-plugins: remove XML::Parser build dependency

gnome-common.m4 and gnome-compiler-flags.m4 were taken from version
3.18.0, and match current master branch.

Disable building help and test directories.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry picked from commit a87108fe408bc9ddcc2b2e9426b40ef431923875)

4 years agogrilo-plugins: use hostpkg glib-compile-resources
Eneas U de Queiroz [Sat, 8 Dec 2018 01:03:02 +0000 (23:03 -0200)]
grilo-plugins: use hostpkg glib-compile-resources

Add GLIB_COMPILE_RESOURCES to MAKE_FLAGS

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry picked from commit 8e0b7978ec232345e7ba69c79cf447676295dd4e)

5 years agotransmission: Disable webseeding
Rosen Penev [Mon, 25 Nov 2019 03:01:58 +0000 (19:01 -0800)]
transmission: Disable webseeding

It causes 100% CPU usage in certain situations. Just disable it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 6d9ee2ec86a461bbc976eaf7f97490657dc97e5c)

5 years agotransmission: Fix tracker issue with some firewalls
Rosen Penev [Mon, 9 Sep 2019 01:39:33 +0000 (18:39 -0700)]
transmission: Fix tracker issue with some firewalls

Some firewalls mandate a minimum size of 4k for SYN packets, which
transmission does not do by default. Upstream issue here:

https://github.com/transmission/transmission/issues/964

Cleanup:

Fixed license info.

Removed two unnecessary patches.

Ran shell script through shellcheck.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 730a1697fed07269a3cca7c90878b50d3ef26465)

5 years agophp7: Update to version 7.2.25
Josef Schlehofer [Sat, 23 Nov 2019 19:11:57 +0000 (20:11 +0100)]
php7: Update to version 7.2.25

- Fixes CVE-2019-11043

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 9bc48abd2ae6e23907d2ccb07bdaed1b6345da64)

5 years agophp7: mark /etc/config/php7-fastcgi as conffile
W. Michael Petullo [Sat, 19 Oct 2019 22:13:41 +0000 (18:13 -0400)]
php7: mark /etc/config/php7-fastcgi as conffile

Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit 5bc9bb04c5d19ea679a687f6731457e7492d4744)

5 years agophp7-mod-xmlreader: add conditional dependency to php7-mod-dom (fixes #10201)
Michael Heimpold [Tue, 15 Oct 2019 22:01:51 +0000 (00:01 +0200)]
php7-mod-xmlreader: add conditional dependency to php7-mod-dom (fixes #10201)

PHP7 fails to load xmlreader.so (php7-mod-xmlreader) module without
dom.so (php7-mod-dom) module loaded:

-snip-
PHP Warning:  PHP Startup: Unable to load dynamic library 'xmlreader.so'
 (tried: /usr/lib/php/xmlreader.so (Error relocating /usr/lib/php/xmlreader.so:
 dom_node_class_entry: symbol not found), /usr/lib/php/xmlreader.so.so (Error
 loading shared library /usr/lib/php/xmlreader.so.so: No such file or
 directory)) in Unknown on line 0
^C
-snap-

However, this dependency only exists when during build also php7-mod-dom
is selected.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit b8c22fc1ec392272235ce78ddc0ddfc40de5037d)

5 years agophp7: bump to 7.2.23
Stefaan Ghysels [Thu, 3 Oct 2019 11:44:23 +0000 (13:44 +0200)]
php7: bump to 7.2.23

Signed-off-by: Stefaan Ghysels <stefaang@gmail.com>
(cherry picked from commit dacda44755b391b7bd09a15ea762ee551f7d2ce6)

5 years agophp7: update to 7.2.22
Michael Heimpold [Sun, 8 Sep 2019 19:27:18 +0000 (21:27 +0200)]
php7: update to 7.2.22

While at, update the SPDX license id to most recent format.

Compile and run tested on mxs platform.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 5805da860e0e9afbb0a8d71923dc1db296b07e5e)

5 years agophp7: update to 7.2.21
Michael Heimpold [Sat, 3 Aug 2019 22:27:08 +0000 (00:27 +0200)]
php7: update to 7.2.21

This fixes CVE-2019-11042 and CVE-2019-11041.

Compile and run tested on mxs platform

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 8e419c6d4ca53054a5aedd0299fd0aadbfe75b62)

5 years agoMerge pull request #10609 from ja-pa/bind-update
Rosen Penev [Thu, 21 Nov 2019 17:34:44 +0000 (09:34 -0800)]
Merge pull request #10609 from ja-pa/bind-update

[OpenWrt 18.06] bind: update to version 9.11.13 (security fix)

5 years agobind: update to version 9.11.13 (security fix) 10609/head
Jan Pavlinec [Thu, 21 Nov 2019 15:13:05 +0000 (16:13 +0100)]
bind: update to version 9.11.13 (security fix)

Fixes CVE-2019-6477

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
5 years agounbound: Update to version 1.9.5 10592/head
Josef Schlehofer [Tue, 19 Nov 2019 22:56:03 +0000 (23:56 +0100)]
unbound: Update to version 1.9.5

Fixes CVE-2019-18934

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agoMerge pull request #10520 from Kulipator/libmraa_ramips_fix
Rosen Penev [Wed, 13 Nov 2019 20:32:14 +0000 (12:32 -0800)]
Merge pull request #10520 from Kulipator/libmraa_ramips_fix

[18.06] Libmraa compilation fix

5 years agoCompilation fix & upgrade to version 0.8.1 10520/head
Archil Pirmisashvili [Wed, 13 Nov 2019 20:28:37 +0000 (22:28 +0200)]
Compilation fix & upgrade to version 0.8.1

Signed-off-by: Archil Pirmisashvili <kulipator@gmail.com>
5 years agoLibmraa compilation fix
RF-Networks [Sun, 10 Nov 2019 19:35:06 +0000 (21:35 +0200)]
Libmraa compilation fix

Signed-off-by: Archil Pirmisashvili <kulipator@gmail.com>
5 years agoLibmraa compilation fix
RF-Networks [Sun, 10 Nov 2019 19:02:14 +0000 (21:02 +0200)]
Libmraa compilation fix

Signed-off-by: Archil Pirmisashvili <kulipator@gmail.com>
Signed-off-by: RF-Networks <archil@rf-networks.com>
5 years agoperl: fixed host compilation of static perl on MacOS 9791/head
Jakub Piotr Cłapa [Thu, 22 Aug 2019 08:55:03 +0000 (10:55 +0200)]
perl: fixed host compilation of static perl on MacOS

All symbols on MacOS are prefixed with an underscore which
interfered with the filtering mechanism (added in perl 5.28)
for extension libraries to be linked into static perl.

Signed-off-by: Jakub Piotr Cłapa <jpc@loee.pl>
5 years agoMerge pull request #9671 from BKPepe/clamav1806
Rosen Penev [Sun, 10 Nov 2019 02:52:17 +0000 (18:52 -0800)]
Merge pull request #9671 from BKPepe/clamav1806

[OpenWrt 18.06] clamav: update to version 0.100.3

5 years agoprotobuf-c: Fix typo on build dependency.
Rosen Penev [Sat, 2 Nov 2019 03:27:06 +0000 (20:27 -0700)]
protobuf-c: Fix typo on build dependency.

This was fixed in 3bcaa7a4fe4d2231788c20367aed2993a86490c2

Backported the fix here.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years agolibgd: Properly disable iconv support
Rosen Penev [Sat, 10 Aug 2019 20:44:07 +0000 (13:44 -0700)]
libgd: Properly disable iconv support

HAVE_ICONV and HAVE_ICONV_H are two different headers that both need to
evaluate to false. Added the extra CONFIGURE_VARS.

This can be verified by passing -Werror=implicit-function-declaration

Added PKG_LICENSE_FILES

Updated homepage URL.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from bf2f1a02636a9b74e1d824cab384b8f3f9e7d819)

5 years agowget: provides gnu-wget
Yousong Zhou [Mon, 9 Sep 2019 02:59:50 +0000 (02:59 +0000)]
wget: provides gnu-wget

So that packages like acme requiring features from it can depend on it
explicitly, not the more basic "wget" which is also provided by
"uclient-fetch"

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
[port to 18.06 to fix acme package backport]
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
5 years agoacme: Bring up-to-date with master
Toke Høiland-Jørgensen [Tue, 29 Oct 2019 08:44:47 +0000 (09:44 +0100)]
acme: Bring up-to-date with master

There are quite a few bugfixes in the version of the ACME package in
master, and the old version in 18.06 have some issues as seen in #10328.
This commit ports over all changes from the master branch in one go.

Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
5 years agoruby: bump to 2.5.7
Luiz Angelo Daros de Luca [Sun, 27 Oct 2019 14:40:26 +0000 (11:40 -0300)]
ruby: bump to 2.5.7

2.5.7 fixes:
* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick’s Digest access authentication

2.5.6 fixes:
* Multiple jQuery vulnerabilities in RDoc
* About 40 bugs

Changelog: https://github.com/ruby/ruby/compare/v2_5_5...v2_5_7

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
5 years agopython-cryptography: fix CVE-2018-10903 10339/head
Josef Schlehofer [Tue, 22 Oct 2019 12:36:23 +0000 (14:36 +0200)]
python-cryptography: fix CVE-2018-10903

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agopython-cryptography: Add support for LibreSSL 2.7.x
Josef Schlehofer [Tue, 22 Oct 2019 11:29:26 +0000 (13:29 +0200)]
python-cryptography: Add support for LibreSSL 2.7.x

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
5 years agoMerge pull request #10324 from jefferyto/python-2.7.17-openwrt-18.06
Hannu Nyman [Mon, 21 Oct 2019 18:54:57 +0000 (21:54 +0300)]
Merge pull request #10324 from jefferyto/python-2.7.17-openwrt-18.06

[openwrt-18.06] python: Update to 2.7.17, refresh patches

5 years agopython: Update to 2.7.17, refresh patches 10324/head
Jeffery To [Mon, 21 Oct 2019 15:30:53 +0000 (23:30 +0800)]
python: Update to 2.7.17, refresh patches

Patches already merged and so removed:
* 019-bpo-36216-Add-check-for-characters-in-netloc-that-normalize-to-separators-GH-12216.patch
* 020-bpo-36216-Only-print-test-messages-when-verbose-GH-12291.patch
* 021-2.7-bpo-35121-prefix-dot-in-domain-for-proper-subdom.patch
* 027-bpo-38243-Escape-the-server-title-of-DocXMLRPCServer.patch
* 028-bpo-34155-Dont-parse-domains-containing-GH-13079.patch

Patches no longer necessary and so removed:
* 017_lib2to3_fix_pyc_search.patch

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 83b300aa83f3cf663747998f4500a8592acf9959)

5 years agoMerge pull request #10312 from stangri/18.06-vpnbypass
Rosen Penev [Mon, 21 Oct 2019 16:14:14 +0000 (09:14 -0700)]
Merge pull request #10312 from stangri/18.06-vpnbypass

[18.06] vpnbypass: bugfix: PROCD command not found on stop

5 years agovpnbypass: bugfix: PROCD command not found on stop 10312/head
Stan Grishin [Mon, 21 Oct 2019 04:21:30 +0000 (21:21 -0700)]
vpnbypass: bugfix: PROCD command not found on stop

Signed-off-by: Stan Grishin <stangri@melmac.net>
5 years agoMerge pull request #10279 from BKPepe/sudo-18.06
Rosen Penev [Sun, 20 Oct 2019 17:16:28 +0000 (10:16 -0700)]
Merge pull request #10279 from BKPepe/sudo-18.06

[OpenWrt 18.06] sudo: Update to version 1.8.28p1