Liangbin Lian [Sat, 1 Aug 2020 16:17:53 +0000 (00:17 +0800)]
netatalk: fix compile error in mac os
fix compile error in mac os when dtrace installed.
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
Rosen Penev [Mon, 20 Jul 2020 10:24:50 +0000 (03:24 -0700)]
Merge pull request #12882 from jefferyto/python3-backport-patches-openwrt-18.06
[openwrt-18.06] python3: Backport security fixes
Jeffery To [Mon, 20 Jul 2020 09:43:45 +0000 (17:43 +0800)]
python3: Backport security fixes
This backports fixes for security issues, including:
* CVE-2020-14422: Hash collisions in IPv4Interface and IPv6Interface
* CVE-2019-20907: Infinite loop in the tarfile module
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Hannu Nyman [Sat, 18 Jul 2020 11:11:34 +0000 (14:11 +0300)]
haveged: update to 1.9.13
Update haveged to version 1.9.13.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
28cf20129081f9c6b8778b243cc3df1f610544c4)
Rosen Penev [Tue, 30 Jun 2020 21:33:05 +0000 (14:33 -0700)]
Merge pull request #12661 from jefferyto/python-3.6.11-openwrt-18.06
[openwrt-18.06] python3: Update to 3.6.11
Jeffery To [Tue, 30 Jun 2020 16:01:28 +0000 (00:01 +0800)]
python3: Update to 3.6.11
This contains a fix for CVE-2020-8492 (Denial of service in
urllib.request.AbstractBasicAuthHandler)[1].
[1]: https://docs.python.org/release/3.6.11/whatsnew/changelog.html#python-3-6-11-release-candidate-1
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Rosen Penev [Fri, 26 Jun 2020 05:18:08 +0000 (22:18 -0700)]
Merge pull request #12615 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: re-add conffiles and add description to Makefile
Stan Grishin [Fri, 26 Jun 2020 03:09:53 +0000 (03:09 +0000)]
https-dns-proxy: re-add conffiles and add description to Makefile
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Thu, 25 Jun 2020 21:22:22 +0000 (14:22 -0700)]
Merge pull request #12598 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: bugfix: remove eDNS support
Stan Grishin [Thu, 25 Jun 2020 19:41:07 +0000 (19:41 +0000)]
https-dns-proxy: bugfix: remove eDNS support
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Sun, 21 Jun 2020 20:22:52 +0000 (23:22 +0300)]
haveged: update to 1.9.12
Update haveged to version 1.9.12
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
6392d50c3180b5da7a4ba041decf7a229d0e1c53)
Hannu Nyman [Sun, 14 Jun 2020 18:12:12 +0000 (21:12 +0300)]
haveged: update to 1.9.11
Update haveged to version 1.9.11
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
ca30b0ff91846a407469f6a77d1cbaf6b150d06d)
Karel Kočí [Wed, 11 Mar 2020 10:17:33 +0000 (11:17 +0100)]
haveged: move init script from 13 to 01
This is intended as a match with standard urngd. They serve same purpose
and urngd starts as first with 00. Starting haveged later can create
issues if you replace urngd with it. The example problem is if
uci-defaults script decides to generate certificate. Haveged can supply
entropy but it is started later and to mitigate this urngd would still
have to be installed. This means that haveget can't serve as replacement
without moving it to match start order of urngd.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit
1ef38f45d982beb46b2df6d3582ad0bc2b0007ca)
Etienne Champetier [Sat, 13 Jun 2020 22:11:18 +0000 (18:11 -0400)]
Merge pull request #12508 from stangri/18.06-simple-adblock
[18.06] simple-adblock: racially-neutral names
Stan Grishin [Sat, 13 Jun 2020 20:39:21 +0000 (20:39 +0000)]
simple-adblock: racially-neutral names
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Mon, 8 Jun 2020 20:50:52 +0000 (13:50 -0700)]
Merge pull request #12455 from stangri/18.06-simple-adblock
[18.06] simple-adblock: remove obsolete dshield.org links from config
Stan Grishin [Mon, 8 Jun 2020 17:36:02 +0000 (17:36 +0000)]
simple-adblock: remove obsolete dshield.org links from config
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Wed, 3 Jun 2020 15:21:58 +0000 (18:21 +0300)]
Merge pull request #12335 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfix: proper error reporting on failed downloads; lists update script
Stan Grishin [Wed, 27 May 2020 00:26:28 +0000 (00:26 +0000)]
simple-adblock: bugfix: proper error reporting on failed downloads; lists update script
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Sun, 24 May 2020 17:41:28 +0000 (20:41 +0300)]
nano: update to 4.9.3
Update nano version to 4.9.3
Minor bugfix release.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
38be46a7ae496cf9f01dd2fd6fee74bc9f1b2673)
Josef Schlehofer [Tue, 19 May 2020 10:20:26 +0000 (12:20 +0200)]
bind: update to version 9.11.19
Fixes:
CVE-2020-8616
CVE-2020-8617
Remove backported patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Wed, 20 May 2020 16:21:37 +0000 (09:21 -0700)]
Merge pull request #12235 from jefferyto/python-openssl-ca-certs-openwrt-18.06
[openwrt-18.06] python-openssl,python3-openssl: Add dependency on ca-bundle
Jeffery To [Wed, 20 May 2020 07:46:59 +0000 (15:46 +0800)]
python-openssl,python3-openssl: Add dependency on ca-bundle
The ssl module assumes OpenSSL can load the default trust anchors (root
CA certificates).
From https://github.com/openwrt/packages/issues/12209
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jan Kardell [Mon, 8 Oct 2018 09:57:14 +0000 (11:57 +0200)]
Python: Fix compile of host modules
Add -rpath linker option to host build, pointing to staging/hostpkh/lib.
It's needed to find the correct host libs during runtime, without it the
hosts libs may be used instaead, causing failures.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit
0311e58bb645b8f5a2b96528d78edc90c811ed94)
Jan Kardell [Mon, 1 Oct 2018 17:13:44 +0000 (19:13 +0200)]
Python3: Fix host build on OpenSUSE
The linker option -rpath is required to find libs in staging_dir. Now it
is included when building host modules. Without it the import test of
the _ctypes and _uuid modules would fail. The _ctypes module uses
libffi.so.6 from staging, but OpenSUSE LEAP 15 has libffi.so.7.
It will also fail on LEAP 42.x, Fedora28 and 29 and future or old
versions of Ubuntu.
Fix needed in master and 18.06 branches.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit
6ade5a1e3adb189d062b707e2b8f731c9faab844)
Josef Schlehofer [Tue, 19 May 2020 09:50:37 +0000 (11:50 +0200)]
unbound: update to version 1.10.1
Fixes:
CVE-2020-12662
CVE-2020-12663
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Hannu Nyman [Mon, 18 May 2020 05:49:19 +0000 (08:49 +0300)]
Merge pull request #12207 from micmac1/mar-1806-10413
[18.06] mariadb: minor version bump with CVE fixes
Sebastian Kemper [Sun, 17 May 2020 22:24:28 +0000 (00:24 +0200)]
mariadb: bump to 10.1.45
Fixes:
CVE-2020-2752
CVE-2020-2812
CVE-2020-2814
This commit also moves mysql_upgrade to the client package and installs
the configuration files readable for all, so that the clients can read
them.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Michael Heimpold [Sat, 16 May 2020 11:48:47 +0000 (13:48 +0200)]
php7: update to version 7.2.31
This fixes:
- CVE-2019-11048
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
2e6bd4cb86682b224803325127d3f777d40b3231)
Hannu Nyman [Mon, 11 May 2020 12:09:22 +0000 (15:09 +0300)]
Merge pull request #12142 from EricLuehrsen/unbound_1806_1100
[openwrt-18.06] unbound: update to 1.10.0
Eric Luehrsen [Mon, 11 May 2020 03:55:09 +0000 (23:55 -0400)]
unbound: update to 1.10.0
cherry-pick:
f779ef48cd21474acf72ee151588737273a509c2
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
Hannu Nyman [Sun, 3 May 2020 19:53:02 +0000 (22:53 +0300)]
Merge pull request #12058 from stangri/18.06-vpnbypass
[18.06] vpnbypass: bugfix: remove non-ASCII from system log; update README
Stan Grishin [Sat, 2 May 2020 22:35:55 +0000 (22:35 +0000)]
vpnbypass: bugfix: remove non-ASCII from system log; update README
Signed-off-by: Stan Grishin <stangri@melmac.net>
Josef Schlehofer [Fri, 1 May 2020 09:47:42 +0000 (11:47 +0200)]
youtube-dl: update to version 2020.3.24
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Wed, 29 Apr 2020 08:57:13 +0000 (10:57 +0200)]
Merge pull request #11995 from jefferyto/python-2.7.18-openwrt-18.06
[openwrt-18.06] python: Update to 2.7.18, refresh patches
Jeffery To [Tue, 28 Apr 2020 22:06:21 +0000 (06:06 +0800)]
python: Update to 2.7.18, refresh patches
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
yurtesen [Tue, 12 Nov 2019 15:53:51 +0000 (17:53 +0200)]
mwan3: Fix json_load fails with some data
Sometimes the return value of `ubus -S call network.interface.wan status`
cause `json_load` to return `Failed to parse message data` error.
To avoid this, the JSON data always should be quoted with double quotes.
Signed-off-by: Evren Yurtesen <eyurtese@abo.fi>
Removed quoatation marks from commit heading
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
94e0c78826b15c95c40bfa82bbf8bba35dc56961)
Rosen Penev [Sat, 22 Feb 2020 02:55:13 +0000 (18:55 -0800)]
libarchive: update to 3.4.2
Switch to normal tarballs. Remove autoreconf as a result.
Several Makefile cleanups for consistency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
c22dd1bf74fa5836a88fa417b467767bcfe8a4ff)
(cherry picked from commit
2085b990ffc875a5157c02a9e2b5bd04c8eb35b3)
Jan Pavlinec [Thu, 16 Jan 2020 14:47:08 +0000 (15:47 +0100)]
libarchive: update to version 3.4.1 (security fix)
Fixes CVE-2019-19221
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from
df634dcc926650de22248b89620c649c0fef7602)
(cherry picked from commit
ba43556aed90705bc04fd074d39ee6ea012a71f2)
Josef Schlehofer [Wed, 22 Apr 2020 16:04:10 +0000 (18:04 +0200)]
php7: update to version 7.2.30
Fixes:
CVE-2020-7066
CVE-2020-7064
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
09738290a319cc2af74a0be9a52aa5a76b6ca98e)
Michael Heimpold [Sun, 26 Jan 2020 20:53:14 +0000 (21:53 +0100)]
php7: fix dependencies for mysqlnd (fixes #11113)
When during the build the openssl extension is also selected, then
the mysqlnd extension depends on it, too.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
50b1cd3757497a569538d751f4681a40df1b1202)
Hannu Nyman [Wed, 22 Apr 2020 17:57:48 +0000 (20:57 +0300)]
Merge pull request #11926 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfix: start downloads on cold boot/fresh install
Stan Grishin [Wed, 22 Apr 2020 17:46:23 +0000 (17:46 +0000)]
simple-adblock: bugfix: start downloads on cold boot
Signed-off-by: Stan Grishin <stangri@melmac.net>
tripolar [Tue, 21 Apr 2020 08:04:02 +0000 (10:04 +0200)]
Merge pull request #11907 from BKPepe/18.06-git
[18.06] git: update to version 2.20.4
Josef Schlehofer [Tue, 21 Apr 2020 06:11:24 +0000 (08:11 +0200)]
git: update to version 2.20.4
Fixes CVE-2020-11008
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Josef Schlehofer [Tue, 21 Apr 2020 05:22:14 +0000 (07:22 +0200)]
Merge pull request #11857 from BKPepe/18.06-git
[18.06] git: update to version 2.20.3
tripolar [Sat, 18 Apr 2020 17:55:52 +0000 (19:55 +0200)]
Merge pull request #11883 from yousong/wget1806
[18.06] acme: depends on wget-ssl
Yousong Zhou [Mon, 6 Apr 2020 02:31:49 +0000 (10:31 +0800)]
acme: depends on wget-ssl
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
d917d662aedd9c133217b5c6d8c5a4f4a6bd3dea)
Yousong Zhou [Mon, 6 Apr 2020 02:20:55 +0000 (10:20 +0800)]
wget: make the ssl variant provides wget-ssl
This is to address the need for specifying dependency on a wget
implementation with ssl support.
Now we have a game of names for opkg
1. uclient-fetch: minimal version by openwrt project
2. wget-nossl: gnu wget w/o ssl support
3. wget-ssl: for the moment since this commit, gnu wget w/ ssl support
4. wget: uclient-fetch, wget-nossl, or wget-ssl
5. gnu-wget: wget-nossl or wget-ssl
By the time we provide some dummy package like uclient-fetch-ssl and
make it also provide wget-ssl, I guess by then we will also need
gnu-wget-ssl...
Ref: https://github.com/openwrt/packages/issues/11534
Ref: https://github.com/openwrt/packages/pull/9941
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
585e4a38feca24c9650d4e762b44146ecd75d4d0 &
resolved conflict)
Karel Kočí [Tue, 26 Nov 2019 12:56:22 +0000 (13:56 +0100)]
wget: do not provide itself
The package wget should not say that it provides itself.
This also make gnu-wget provide general so it is not written in Makefile
twice.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
75f2be7d509e802f2d946d732e7a7539c2b27d2e &
resolved conflict)
Luiz Angelo Daros de Luca [Thu, 9 Apr 2020 18:36:35 +0000 (15:36 -0300)]
ruby: update to 2.5.8
This release includes security fixes, specially:
* CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix)
* CVE-2020-10933: Heap exposure vulnerability in the socket library
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Josef Schlehofer [Wed, 15 Apr 2020 15:17:42 +0000 (17:17 +0200)]
git: update to version 2.20.3
Fixes CVE-2020-5260
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Jo-Philipp Wich [Sat, 11 Apr 2020 21:22:41 +0000 (23:22 +0200)]
nlbwmon: update to latest Git HEAD
34a1887 nfnetlink: disable sequence number checking
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
53c48fae1502e7f87fd93ff299db98cd119fa304)
Hannu Nyman [Sat, 11 Apr 2020 07:48:29 +0000 (10:48 +0300)]
Merge pull request #11821 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: bugfix: memory leak
Stan Grishin [Sat, 11 Apr 2020 00:25:39 +0000 (00:25 +0000)]
https-dns-proxy: bugfix: memory leak
Signed-off-by: Stan Grishin <stangri@melmac.net>
Jo-Philipp Wich [Fri, 10 Apr 2020 22:23:12 +0000 (00:23 +0200)]
nlbwmon: update to latest Git HEAD
e757e06 nfnetlink: allow specifying the socket buffer size
33c77cb nfnetlink: properly handle nl_recvmsgs() failures
95cced5 protocol: Include whitespace when reading names
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
d81d777a0f009fe74d233de307a03f9951d6b960)
DENG Qingfang [Sat, 15 Feb 2020 17:52:15 +0000 (01:52 +0800)]
nlbwmon: bump to latest git
e921ca0a Add further commonly used protocols to the protocol file.
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit
5e140462e42af3e5cb7680863794339f11ddda7d)
Richard Yu [Mon, 9 Dec 2019 12:23:29 +0000 (20:23 +0800)]
nlbwmon: add procd reload trigger for nlbwmon config
Signed-off-by: Richard Yu <yurichard3839@gmail.com>
(cherry picked from commit
d5517583104c8521d978a911bff921588ba0e988)
Kevin Darbyshire-Bryant [Mon, 5 Nov 2018 18:01:50 +0000 (18:01 +0000)]
nlbwmon: receive dhcp interface triggers
Not all interfaces may have been allocated address at nlbwmon startup so
it may not collect statistics as expected/configured.
Add interface triggers to catch dhcp events and restart as required.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
662d3f16d2702fe55116c852f5d456e90891ee89)
Marc Benoit [Thu, 5 Apr 2018 22:03:34 +0000 (18:03 -0400)]
net/nlbwmon: run with lower priority
Even on a powerful platform a nlbwmon process'
activities are sometimes affecting throoughput and
latency. This is a backgroud process, that should not
be running with default priority.
Even if it is a little deplayed, that is not a worry in
this case. The routing should be the main priority,
bandwidth stats collection can wait a bit.
Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
(cherry picked from commit
9b3ecbd64a6328e13981165660d8930e8bb2446a)
Rosen Penev [Wed, 8 Apr 2020 01:39:35 +0000 (18:39 -0700)]
Merge pull request #11803 from stangri/18.06-simple-adblock
[18.06] simple-adblock: bugfixes: remove escape chars from log, restore from cache on boot
Stan Grishin [Tue, 7 Apr 2020 21:55:51 +0000 (21:55 +0000)]
simple-adblock: bugfixes: remove escape chars from log, restore from cache on boot
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Tue, 7 Apr 2020 15:05:11 +0000 (18:05 +0300)]
nano: update to 4.9.2
Update nano editor to version 4.9.2
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
f11833d46cf71be65439397e2a7e03643fc78af2)
Josef Schlehofer [Mon, 6 Apr 2020 07:45:41 +0000 (09:45 +0200)]
Merge pull request #11773 from BKPepe/msmtp
[18.06] msmtp: update to version 1.8.7
Josef Schlehofer [Sun, 5 Apr 2020 20:50:23 +0000 (22:50 +0200)]
msmtp: update to version 1.8.7
- It brings oauthbearer support
- It switches from OpenSSL to GnuTLS, which is fully compatible and
brings more parameters
Makefile changes:
- Fix SPDX License Identifier
- Add PKG_CPE_ID
- The Project does not use sourceforce anymore.
- Uses GnuTLS instead of OpenSSL, which was discouraged
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Hannu Nyman [Sun, 5 Apr 2020 16:20:19 +0000 (19:20 +0300)]
nano: update to 4.9.1
Update nano editor to version 4.9.1
2020.03.31 - GNU nano 4.9.1 "Sapperdeflap"
Two bugs introduced in version 4.9 are fixed: the cursor
getting misplaced when undoing line cuts, and filtering
of the whole buffer to a new buffer not working.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
f5c47a2606cea00ef70ae696224cd201ca1aceb8)
Hannu Nyman [Fri, 3 Apr 2020 13:47:09 +0000 (16:47 +0300)]
Merge pull request #11756 from gladiac1337/haproxy-1.8.25-openwrt-18.06
[openwrt-18.06] haproxy: Update HAProxy to v1.8.25
Christian Lachner [Fri, 3 Apr 2020 07:24:53 +0000 (09:24 +0200)]
haproxy: Update HAProxy to v1.8.25
- Update haproxy download URL and hash
- This fixes CVE-2020-11100 (http://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=
525fbbe388ba033d638ff2a4efb83ae6526db5ab)
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Hannu Nyman [Sun, 29 Mar 2020 07:01:04 +0000 (10:01 +0300)]
Merge pull request #11700 from stangri/18.06-simple-adblock
[18.06] simple-adblock: support multiple dnsmasq instances + internal refactoring
Stan Grishin [Sun, 29 Mar 2020 05:13:29 +0000 (05:13 +0000)]
simple-adblock: support multiple dnsmasq instances; rework communication between principal package and luci app
Signed-off-by: Stan Grishin <stangri@melmac.net>
Hannu Nyman [Thu, 26 Mar 2020 19:36:36 +0000 (21:36 +0200)]
nano: update to 4.9
Update nano editor to version 4.9
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
09fd4445b3f7c426212ed61b3989e1994255a8aa)
Rosen Penev [Sun, 22 Mar 2020 01:08:46 +0000 (18:08 -0700)]
Merge pull request #11626 from nxhack/18_06_icu_fix_CVE-2020-10531
[openwrt-18.06] icu: fix CVE-2020-10531
Hannu Nyman [Sat, 21 Mar 2020 07:47:15 +0000 (09:47 +0200)]
Merge pull request #11616 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: support for dnsmasq noresolv option
Hirokazu MORIKAWA [Fri, 20 Mar 2020 23:29:38 +0000 (08:29 +0900)]
icu: fix CVE-2020-10531
FIX CVE-2020-10531
An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Stan Grishin [Fri, 20 Mar 2020 21:22:49 +0000 (21:22 +0000)]
https-dns-proxy: support for dnsmasq noresolv option
Signed-off-by: Stan Grishin <stangri@melmac.net>
Yousong Zhou [Mon, 16 Mar 2020 07:25:51 +0000 (15:25 +0800)]
openvswitch: fix PIE build against 4.14 kernel
Reported-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/pull/11567
(cherry picked from commit
e9d6414437d27803a16b5d96c48b45140e989e5e)
Michael Heimpold [Tue, 25 Feb 2020 21:35:15 +0000 (22:35 +0100)]
php7: update to 7.2.28
This fixes:
- CVE-2020-7062
- CVE-2020-7063
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
95c72d8abaa8a99471275ae0723e4d941f36d81a)
Michael Heimpold [Fri, 7 Feb 2020 20:09:24 +0000 (21:09 +0100)]
php7: update to 7.2.27
This fixes:
- CVE-2020-7059
- CVE-2020-7060
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
3cf0c61f2ee1b94c8b09adb8c1cbc79281cfc32d)
Yousong Zhou [Fri, 18 Oct 2019 11:30:30 +0000 (11:30 +0000)]
xl2tpd: fix building failure caused by pfc
Fixes openwrt/packages#10270
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
0412c20f1b2d2e1f8b8c7e101aae6f66be50690a)
Yousong Zhou [Mon, 14 Oct 2019 07:05:26 +0000 (07:05 +0000)]
xl2tpd: bump to version 1.3.15
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/issues/11418
(cherry picked from commit
620ba386b4ffd38911e7ddf0c864979c0f834a11)
Rosen Penev [Wed, 19 Feb 2020 02:50:21 +0000 (18:50 -0800)]
icu: bump proper variable.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sun, 16 Feb 2020 07:01:20 +0000 (23:01 -0800)]
icu: backport upstream ARC patch
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hannu Nyman [Sat, 8 Feb 2020 09:24:35 +0000 (11:24 +0200)]
nano: update to 4.8
Update nano editor to version 4.8
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
7bc96280d31470b7dda75315154c8df72bde222a)
Rosen Penev [Fri, 7 Feb 2020 03:08:00 +0000 (19:08 -0800)]
Merge pull request #11252 from neheb/i22p
i2pd: fix various issues in 18.06
Rosen Penev [Wed, 5 Feb 2020 02:50:35 +0000 (18:50 -0800)]
i2pd: move chmod command
Similar change to upstream.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
David Yang [Sun, 4 Mar 2018 16:58:43 +0000 (00:58 +0800)]
i2pd: Move DATADIR to /var/lib/i2pd, fix #5693
Original author: dartraiden <wowemuh@gmail.com>
Signed-off-by: David Yang <mmyangfl@gmail.com>
Hannu Nyman [Mon, 3 Feb 2020 20:41:35 +0000 (22:41 +0200)]
Merge pull request #11227 from micmac1/sqlite3-18.06-2
[18.06] sqlite3: bump to 3.31.1
Sebastian Kemper [Mon, 3 Feb 2020 19:19:17 +0000 (20:19 +0100)]
sqlite3: bump to 3.31.1
Upstreamed patch removed.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Rosen Penev [Fri, 31 Jan 2020 00:30:19 +0000 (16:30 -0800)]
Merge pull request #11186 from micmac1/18.06-maria-10.1.44
[18.06] mariadb: security bump to 10.1.44
Sebastian Kemper [Thu, 30 Jan 2020 21:21:50 +0000 (22:21 +0100)]
mariadb: security bump to 10.1.44
Addresses CVE-2020-2574. Patches refreshed.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Kwonjin Jeong [Sat, 30 Nov 2019 18:14:33 +0000 (03:14 +0900)]
ddns-scripts: Change protocols of afraid.org urls to HTTPS.
- Use HTTPS protocol for updating urls for afraid.org to protect the password.
- Bump/align package version number.
Signed-off-by: Kwonjin Jeong <gram25gwh@gmail.com>
(cherry-picked from
e25b55899927eb5638cc6a13a568ee4271eed2b2)
Hirokazu MORIKAWA [Wed, 17 Apr 2019 05:55:05 +0000 (14:55 +0900)]
node-hid: fix i386 build fail
more stability for parallel build
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from
1aa55f86b56766074677bcda23f19cd7e5b5601f)
Hirokazu MORIKAWA [Fri, 19 Apr 2019 00:22:23 +0000 (09:22 +0900)]
node-serialport: fix i386 build fail
more stability for parallel build
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from
1ce1ca6e0622c6ad7fb61e44b7c96b028939186a)
Hannu Nyman [Sun, 26 Jan 2020 20:39:51 +0000 (22:39 +0200)]
Merge pull request #11124 from stangri/18.06-https-dns-proxy
[18.06] https-dns-proxy: fix deleting server items, configurable dnsmasq settings change
Jiri Slachta [Sun, 26 Jan 2020 17:27:28 +0000 (18:27 +0100)]
Merge pull request #11127 from micmac1/18.06-tiff
[18.06] tiff: update to 4.1.0
Jiri Slachta [Mon, 11 Nov 2019 20:49:06 +0000 (21:49 +0100)]
tiff: update version to 4.1.0
Signed-off-by: Jiri Slachta <jiri@slachta.eu>
Jan Pavlinec [Tue, 9 Apr 2019 11:28:10 +0000 (13:28 +0200)]
tiff: patch security issues
Fixes
CVE-2019-7663
CVE-2019-6128
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Stan Grishin [Sun, 26 Jan 2020 04:15:13 +0000 (21:15 -0700)]
https-dns-proxy: fix deleting server items, configurable dnsmasq settings change
Signed-off-by: Stan Grishin <stangri@melmac.net>
Rosen Penev [Sat, 25 Jan 2020 23:25:00 +0000 (15:25 -0800)]
Merge pull request #9795 from LoEE/jpc/git-macos-cross
[18.06]git: fix cross compilation on macOS
Ted Hess [Tue, 13 Nov 2018 21:31:57 +0000 (16:31 -0500)]
libsoup: fix intltool host dependency. Cleaup some build args
Signed-off-by: Ted Hess <thess@kitschensync.net>
(cherry-picked from
0daec55ce50d4dffae040645227a718ce528b978)