feed/packages.git
3 years agovpn-policy-routing: better processing of custom user files 15054/head
Stan Grishin [Mon, 8 Mar 2021 10:35:01 +0000 (10:35 +0000)]
vpn-policy-routing: better processing of custom user files

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agolibpam: update to 1.5.1
Rosen Penev [Mon, 30 Nov 2020 00:48:36 +0000 (16:48 -0800)]
libpam: update to 1.5.1

Fix installed paths. After e52d0487e88c3c8c57e1310d1a02b18eae0d142e
upstream, this bug was exposed.

Instead of working around it, fix the patch.

After this, everything consistently gets installed to ipkg-install/usr.

Minor Makefile reorganization.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit b75f250f3bf378bcaa0784d44f64ff2bb4e7af9a)

3 years agolibpam: update to 1.5.0
Rosen Penev [Wed, 25 Nov 2020 00:52:51 +0000 (16:52 -0800)]
libpam: update to 1.5.0

Fixes CVE-2020-27780

Removed upstreamed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 0f317e9fbde341549c0cd7c3d43742739d123c97)

3 years agolibpam: update to 1.4.0
Rosen Penev [Fri, 26 Jun 2020 00:29:54 +0000 (17:29 -0700)]
libpam: update to 1.4.0

Remove upstreamed patch and add a new one to fix compilation.

Add some more configure options.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit a05db1acfea43b8f94a417d56414ea1aae21c815)

3 years agonano: update to 5.6.1
Hannu Nyman [Sat, 6 Mar 2021 08:27:14 +0000 (10:27 +0200)]
nano: update to 5.6.1

Update nano editor to version 5.6.1

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 0f4138db0be558d0c957e3d4d78091a59ba660ec)

3 years agoninja: update to 1.10.2
Rosen Penev [Thu, 3 Dec 2020 00:32:59 +0000 (16:32 -0800)]
ninja: update to 1.10.2

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f25f29c740da5bcafb1500b55c9ebfb39eb35f9f)

3 years agoninja: fix typo
Rosen Penev [Wed, 9 Sep 2020 07:48:37 +0000 (00:48 -0700)]
ninja: fix typo

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 52569b80fa3334ebfe29c05a17ce7254561e2e2f)

3 years agoninja: use for CMake
Rosen Penev [Mon, 7 Sep 2020 20:37:25 +0000 (13:37 -0700)]
ninja: use for CMake

CMake supports Ninja for faster compilation and less bugginess when it
comes to parallel compilation. That is, some CMake packages currently
have PKG_BUILD_PARALLEL set where it is not needed with ninja.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 54449e9c6689b17379c24ca68f52a80ec5688f22)

3 years agoninja: update to 1.10.1
Rosen Penev [Fri, 28 Aug 2020 00:18:32 +0000 (17:18 -0700)]
ninja: update to 1.10.1

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 0f317d653643b49a6fd28b785b7655f0c08124b2)

3 years agoMerge pull request #14661 from TDT-AG/pr/20210203-19.07-keepalived
Florian Eckert [Wed, 3 Mar 2021 09:01:24 +0000 (10:01 +0100)]
Merge pull request #14661 from TDT-AG/pr/20210203-19.07-keepalived

keepalived: backport fixes

3 years agoMerge pull request #14988 from stangri/19.07-vpn-policy-routing
Rosen Penev [Tue, 2 Mar 2021 09:56:59 +0000 (01:56 -0800)]
Merge pull request #14988 from stangri/19.07-vpn-policy-routing

[19.07] vpn-policy-routing: update to 0.3.2-18

3 years agovpn-policy-routing: update to 0.3.2-18 14988/head
Stan Grishin [Mon, 1 Mar 2021 21:38:44 +0000 (21:38 +0000)]
vpn-policy-routing: update to 0.3.2-18

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agopython-maho-mqtt: bump to versio 1.5.1
Alexandru Ardelean [Tue, 29 Sep 2020 04:55:19 +0000 (07:55 +0300)]
python-maho-mqtt: bump to versio 1.5.1

Docs say it also supports MQTT 5.0.
Added to description.
Updated title as on pypi.org

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit ee0e11c1ab5ff94f6bfcd6d98c8f4b09327f7412)

3 years agoMerge pull request #14962 from EricLuehrsen/unbound_1131_1907
Rosen Penev [Sun, 28 Feb 2021 23:02:10 +0000 (15:02 -0800)]
Merge pull request #14962 from EricLuehrsen/unbound_1131_1907

[openwrt-19.07] unbound: update to 1.13.1

3 years agounbound: update to 1.13.1 14962/head
Eric Luehrsen [Sun, 21 Feb 2021 05:51:49 +0000 (00:51 -0500)]
unbound: update to 1.13.1

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
3 years agoMerge pull request #14918 from stangri/19.07-vpn-policy-routing
Dirk Brenken [Sat, 27 Feb 2021 05:21:20 +0000 (06:21 +0100)]
Merge pull request #14918 from stangri/19.07-vpn-policy-routing

[19.07] vpn-policy-routing: bugfix: netflix user file missing redirect

3 years agovpn-policy-routing: bugfix: netflix user file missing redirect 14918/head
Stan Grishin [Fri, 26 Feb 2021 22:03:41 +0000 (22:03 +0000)]
vpn-policy-routing: bugfix: netflix user file missing redirect

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agoMerge pull request #14903 from stangri/19.07-vpn-policy-routing
Rosen Penev [Fri, 26 Feb 2021 05:12:28 +0000 (21:12 -0800)]
Merge pull request #14903 from stangri/19.07-vpn-policy-routing

[19.07] vpn-policy-routing: update user netflix file

3 years agovpn-policy-routing: update user netflix file 14903/head
Stan Grishin [Fri, 26 Feb 2021 02:16:44 +0000 (02:16 +0000)]
vpn-policy-routing: update user netflix file

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agonano: update to version 5.6
Hannu Nyman [Thu, 25 Feb 2021 14:58:50 +0000 (16:58 +0200)]
nano: update to version 5.6

Upgrade nano to version 5.6

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit dffdfe4ac8c903fa843695af329c83c70a7c7e1a)

3 years agoMerge pull request #14888 from stangri/19.07-vpn-policy-routing
Rosen Penev [Thu, 25 Feb 2021 00:53:41 +0000 (16:53 -0800)]
Merge pull request #14888 from stangri/19.07-vpn-policy-routing

[19.07] vpn-policy-routing: custom user scripts improvements

3 years agovpn-policy-routing: custom user scripts improvements 14888/head
Stan Grishin [Wed, 24 Feb 2021 19:44:10 +0000 (19:44 +0000)]
vpn-policy-routing: custom user scripts improvements

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agolibedit: update to version 20210216-3.1
Jan Hak [Mon, 22 Feb 2021 08:55:55 +0000 (09:55 +0100)]
libedit: update to version 20210216-3.1

Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit fd7f43ae4674b234a975ec67c604abf6e933a0b3)

3 years agolibedit: update to version 20193112-3.1
Jan Hák [Tue, 28 Apr 2020 08:53:34 +0000 (10:53 +0200)]
libedit: update to version 20193112-3.1

Signed-off-by: Jan Hák <jhak@jhak.nic.cz>
(cherry picked from commit 58a5c548eb497552f53d42df677c70dbb36930f8)

3 years agoadblock: update blocklist sources
Dirk Brenken [Tue, 23 Feb 2021 14:46:43 +0000 (15:46 +0100)]
adblock: update blocklist sources

* change adguard url
* remove malwaredomains (discontinued)

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agoMerge pull request #14869 from stangri/19.07-vpn-policy-routing
Rosen Penev [Tue, 23 Feb 2021 13:12:03 +0000 (05:12 -0800)]
Merge pull request #14869 from stangri/19.07-vpn-policy-routing

[19.07] vpn-policy-routing: update to version 0.3

3 years agoknot: update to version 3.0.4
Jan Hak [Thu, 21 Jan 2021 08:42:56 +0000 (09:42 +0100)]
knot: update to version 3.0.4

Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit 341fffb8ddd462cc41650b13e425e6e71efdfe4e)

3 years agoknot: update to 3.0.3
Jan Hak [Wed, 16 Dec 2020 13:00:40 +0000 (14:00 +0100)]
knot: update to 3.0.3

Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit 5cd937865316f08144ebd8aaadfb2a1da19eeb10)

3 years agoknot: disable embedded xdp
Jan Hák [Mon, 16 Nov 2020 10:22:24 +0000 (11:22 +0100)]
knot: disable embedded xdp

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit 1f9d6fbb26c20490dc58f84e5c86fa2c35012412)

3 years agoknot: update to 3.0.2
Jan Hák [Mon, 16 Nov 2020 10:21:48 +0000 (11:21 +0100)]
knot: update to 3.0.2

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit a54828926dc2aa731fbfefe87a7a9687837fc2be)

3 years agoknot: disable libnghttp2 autodetection
Daniel Salzman [Tue, 27 Oct 2020 15:05:33 +0000 (16:05 +0100)]
knot: disable libnghttp2 autodetection

Signed-off-by: Daniel Salzman <daniel.salzman@nic.cz>
(cherry picked from commit 67e3c594de15985b76871ea5c1ba2fd05427900d)

3 years agoknot: update to version 3.0.1
Jan Hak [Mon, 26 Oct 2020 10:06:41 +0000 (11:06 +0100)]
knot: update to version 3.0.1

definition of PSELECT_COMPAT could be removed many years ago, is no longer needed

Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit 4069bb1e727a00d68352ff6baefac9f5a94e156f)

3 years agoscreen: backport fix for CVE-2021-26937
Josef Schlehofer [Tue, 23 Feb 2021 07:08:43 +0000 (08:08 +0100)]
screen: backport fix for CVE-2021-26937

Security reports:
- https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html
This issue can be reproduced even on OpenWrt
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982435

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit c250298fa3e60251dfbbb0df40b36c6d67bbea09)

3 years agoopenvswitch: update to version 2.11.6 (security fix)
Josef Schlehofer [Tue, 23 Feb 2021 06:28:13 +0000 (07:28 +0100)]
openvswitch: update to version 2.11.6 (security fix)

Fixes CVEs:
- CVE-2020-35498
- In DPDK: CVE-2015-8011 and CVE-2020-27827
- In LLDP: CVE-2019-14818, CVE-2020-10722, CVE-2020-10723 and CVE-2020-10724

Removed patches:
- 0001-compat-Include-confirm_neigh-parameter-if-needed.patch because they
are included in this release as it was backported
- 0010-acinclude-Fix-build-with-kernels-with-prandom-moved-.patch
included in this release as it was backported

Other patches were refreshed.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agovpn-policy-routing: update to version 0.3 14869/head
Stan Grishin [Tue, 23 Feb 2021 01:12:28 +0000 (01:12 +0000)]
vpn-policy-routing: update to version 0.3

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agoMerge pull request #14710 from stangri/19.07-https-dns-proxy
Rosen Penev [Tue, 23 Feb 2021 00:27:00 +0000 (16:27 -0800)]
Merge pull request #14710 from stangri/19.07-https-dns-proxy

[19.07] https-dns-proxy: support for force DNS/DNS hijacking

3 years agonetdata: update to version 1.29.2
Josef Schlehofer [Mon, 22 Feb 2021 18:05:35 +0000 (19:05 +0100)]
netdata: update to version 1.29.2

Release notes:
https://github.com/netdata/netdata/releases/tag/v1.29.2

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit e8021bf14d591edfb3fe36dd194b8109d4f7ffd3)

3 years agonetdata: update to version 1.29.1
Josef Schlehofer [Wed, 10 Feb 2021 13:17:47 +0000 (14:17 +0100)]
netdata: update to version 1.29.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit d0736d5e738cad74f81a99de0b039f75e7ca9768)

3 years agoMerge pull request #14845 from jefferyto/python-3.7.10-openwrt-19.07
Josef Schlehofer [Mon, 22 Feb 2021 17:46:34 +0000 (18:46 +0100)]
Merge pull request #14845 from jefferyto/python-3.7.10-openwrt-19.07

[openwrt-19.07] python3: Update to 3.7.10, refresh patches

3 years agopython3: Update to 3.7.10, refresh patches 14845/head
Jeffery To [Mon, 22 Feb 2021 13:02:55 +0000 (21:02 +0800)]
python3: Update to 3.7.10, refresh patches

Includes fixes for:
* CVE-2021-3177 - ctypes: Buffer overflow in PyCArg_repr
* CVE-2021-23336 - urllib parse_qsl(): Web cache poisoning - semicolon
  as a query args separator

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
3 years agozerotier: bump to 1.6.4
Moritz Warning [Sun, 21 Feb 2021 02:24:25 +0000 (03:24 +0100)]
zerotier: bump to 1.6.4

Signed-off-by: Moritz Warning <moritzwarning@web.de>
3 years agoMerge pull request #14785 from nmeyerhans/openwrt-19.07+bind-9.16.12
Rosen Penev [Fri, 19 Feb 2021 01:10:31 +0000 (17:10 -0800)]
Merge pull request #14785 from nmeyerhans/openwrt-19.07+bind-9.16.12

bind: bump to 9.16.12

3 years agobind: bump to 9.16.12 14785/head
Noah Meyerhans [Thu, 18 Feb 2021 22:55:43 +0000 (14:55 -0800)]
bind: bump to 9.16.12

Includes fix for security issues:

* CVE-2020-8625: BIND servers are vulnerable if they are running an
  affected version and are configured to use GSS-TSIG features.

Disable backtrace functionality, as it is unreliable across
architectures and generally only supported by upstream on amd64

Remove a patch that has been incorporated upstream

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
3 years agoMerge pull request #14778 from BKPepe/ksmbd-19.07-drop-arc4-dependency
Rosen Penev [Wed, 17 Feb 2021 20:58:29 +0000 (12:58 -0800)]
Merge pull request #14778 from BKPepe/ksmbd-19.07-drop-arc4-dependency

ksmbd: remove kmod-crypto-arc4 dependency

3 years agoksmbd: remove kmod-crypto-arc4 dependency 14778/head
Josef Schlehofer [Wed, 17 Feb 2021 19:31:53 +0000 (20:31 +0100)]
ksmbd: remove kmod-crypto-arc4 dependency

This kernel module is already set for target/linux/generic/config-4.14
in OpenWrt 19.07 branch. This solves a problem that this package can not
be installed on the router:

 * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-fs-ksmbd:
 *  kmod-crypto-arc4
 * opkg_install_cmd: Cannot install package kmod-fs-ksmbd.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agoMerge pull request #14647 from neheb/k9
Hauke Mehrtens [Tue, 16 Feb 2021 22:26:50 +0000 (22:26 +0000)]
Merge pull request #14647 from neheb/k9

[19.07] ksmbd(-tools): update to 3.3.4

3 years agoMerge pull request #14714 from 1715173329/ttyd-bp
Rosen Penev [Mon, 15 Feb 2021 00:06:57 +0000 (16:06 -0800)]
Merge pull request #14714 from 1715173329/ttyd-bp

[19.07] ttyd: force enable authentication for login

3 years agohtop: update to 3.0.5-1
John Audia [Sun, 14 Feb 2021 18:05:44 +0000 (20:05 +0200)]
htop: update to 3.0.5-1

Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit 476f70e9a04c9ba7f98b21adde8f9fe20801a455)

3 years agopython-paho-mqtt: Update to version 1.5.0
Josef Schlehofer [Mon, 11 Nov 2019 22:06:48 +0000 (23:06 +0100)]
python-paho-mqtt: Update to version 1.5.0

Try to fix license according to SPDX.
Add PKG_LICENSE_FILES.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit f8e36f9fd6d5040f3ce69a1dd3f844872ea306b9)
[use pypi.mk for Python package]

3 years agoMerge pull request #14715 from pprindeville/isc-dhcp-stable-fix-coredump
Philip Prindeville [Wed, 10 Feb 2021 19:34:19 +0000 (12:34 -0700)]
Merge pull request #14715 from pprindeville/isc-dhcp-stable-fix-coredump

isc-dhcp: seeing crashes when attempting to update dynamic dns

3 years agoisc-dhcp: seeing crashes when attempting to update dynamic dns 14715/head
Philip Prindeville [Fri, 11 Dec 2020 00:20:59 +0000 (17:20 -0700)]
isc-dhcp: seeing crashes when attempting to update dynamic dns

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agottyd: force enable authentication for login 14714/head
Tianling Shen [Sun, 7 Feb 2021 17:48:21 +0000 (01:48 +0800)]
ttyd: force enable authentication for login

Currently, we called `/usr/libexec/login.sh` as login command, but unfortunately the auth
is disabled by default in it[1], and this is really serious as it could be a free "backdoor"
for any spoiler who has conntectd to the router via LAN or wireless.

In my option, it shouldn't be exposed to anyone without auth, so I set the default login
command to `/bin/login`. And for those who really want that, they can do it themselves.

1. `login.sh` adjusts whether use authentication or not from system config named ttylogin,
which is set to disabled by default. See package/base-files/files/bin/config_generate#L243.

Signed-off-by: Tianling Shen <cnsztl@project-openwrt.eu.org>
Backported from f45bb2981d41e1005a2658661da2475518835db8

3 years agohttps-dns-proxy: support for force DNS/DNS hijacking 14710/head
Stan Grishin [Wed, 10 Feb 2021 05:59:24 +0000 (05:59 +0000)]
https-dns-proxy: support for force DNS/DNS hijacking

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agomosquitto: bump to 1.6.13
Karl Palsson [Mon, 8 Feb 2021 15:20:53 +0000 (15:20 +0000)]
mosquitto: bump to 1.6.13

Includes various fixes: (2.0.7 + 1.6.13 dual release)
https://mosquitto.org/blog/2021/02/version-2-0-7-released/

Signed-off-by: Karl Palsson <karlp@etactica.com>
3 years agoMerge pull request #14681 from jonathanunderwood/openwrt-19.07-getdns-no-static-linking
Rosen Penev [Sun, 7 Feb 2021 23:19:51 +0000 (15:19 -0800)]
Merge pull request #14681 from jonathanunderwood/openwrt-19.07-getdns-no-static-linking

[19.07] getdns: disable static linking of getdns utilities

3 years agogetdns: disable static linking of getdns utilities 14681/head
Jonathan G. Underwood [Sun, 7 Feb 2021 13:40:36 +0000 (13:40 +0000)]
getdns: disable static linking of getdns utilities

This fixes issue #13361.

Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
3 years agoMerge pull request #14670 from jonathanunderwood/openwrt-19.07-cherry-pick
Rosen Penev [Sat, 6 Feb 2021 22:34:29 +0000 (14:34 -0800)]
Merge pull request #14670 from jonathanunderwood/openwrt-19.07-cherry-pick

[19.07] getdns: cherry pick recent fixes from master

3 years agoMerge pull request #14677 from mwarning/zt2
Rosen Penev [Sat, 6 Feb 2021 22:33:43 +0000 (14:33 -0800)]
Merge pull request #14677 from mwarning/zt2

zerotier: update to 1.6.3

3 years agozerotier: update to 1.6.3 14677/head
Moritz Warning [Fri, 5 Feb 2021 16:38:26 +0000 (17:38 +0100)]
zerotier: update to 1.6.3

Signed-off-by: Moritz Warning <moritzwarning@web.de>
3 years agogetdns: Fix TLS V1.3 Ciphersuites option in Stubby 14670/head
Harris K Kusuma [Mon, 1 Feb 2021 11:06:09 +0000 (18:06 +0700)]
getdns: Fix TLS V1.3 Ciphersuites option in Stubby

Description :
Fix typo in CMAKE getdns included files, so Stubby can use TLS v1.3 with chipersuites options ON.

This solve issue that's written in here :
https://github.com/getdnsapi/stubby/issues/240
https://github.com/getdnsapi/stubby/issues/257

Signed-off-by: Harris K Kusuma <igharris.kk@gmail.com>
3 years agogetdns: fix compilation without deprecated OpenSSL APIs
Rosen Penev [Sun, 2 Aug 2020 22:05:11 +0000 (15:05 -0700)]
getdns: fix compilation without deprecated OpenSSL APIs

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agokeepalived: fix config typo 14661/head
Florian Eckert [Mon, 15 Jun 2020 09:47:20 +0000 (11:47 +0200)]
keepalived: fix config typo

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit a8a1fbfa0da2676583f0289e7ed2806a3191800c)

* Update PKG_RELEASE to 5

3 years agokeepalived: add script security param to fix warning
Florian Eckert [Wed, 29 Apr 2020 17:40:46 +0000 (19:40 +0200)]
keepalived: add script security param to fix warning

Openwrt is a single user system. So keepalived is runnig as root.
If we add the config options `script_user root` and
`enabled_script_security' the following warnings are gone.

> local1.info Keepalived_vrrp[5382]: SECURITY VIOLATION - scripts are
being executed but script_security not enabled.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 1b1ba710632f8f4850f02c22e83734a6c8b5c41a)

3 years agoksmbd: update to 3.3.4 14647/head
Rosen Penev [Thu, 4 Feb 2021 08:23:59 +0000 (00:23 -0800)]
ksmbd: update to 3.3.4

Manually added from master.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoksmbd-tools: update to 3.3.4
Rosen Penev [Thu, 4 Feb 2021 01:26:48 +0000 (17:26 -0800)]
ksmbd-tools: update to 3.3.4

Manually updated.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agokeepalived: set default run directory for pid file on build
Florian Eckert [Mon, 4 Nov 2019 12:24:34 +0000 (13:24 +0100)]
keepalived: set default run directory for pid file on build

This fixes a runtime startup error on system which does not have a
toplevel runtime directory for the pid file. On openwrt the pid is
located at /var/run and not on /run. To fix that add a configure option to
move the pid location to /var/run.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit bc98aaa3f711f1cd6f7fa3a65da43411c2db98aa)

* Patch adapted for the branch so that it can be applied correctly

3 years agoMerge pull request #14632 from stangri/19.07-simple-adblock
Rosen Penev [Wed, 3 Feb 2021 03:40:16 +0000 (19:40 -0800)]
Merge pull request #14632 from stangri/19.07-simple-adblock

[19.07] simple-adblock: remove dependency on jsonfilter & old code

3 years agosimple-adblock: remove dependency on jsonfilter & old code 14632/head
Stan Grishin [Tue, 2 Feb 2021 22:11:20 +0000 (22:11 +0000)]
simple-adblock: remove dependency on jsonfilter & old code

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agosudo: backport patches for CVE-2021-3156
Josef Schlehofer [Wed, 27 Jan 2021 22:27:57 +0000 (23:27 +0100)]
sudo: backport patches for CVE-2021-3156

This security vulnerability is known as Baron Samedit [1] and there is a
research by Qualys [2] and they discovered it. Unfortunately or
fortunately, there isn't present sudoedit on OpenWrt.

Two patches were applied cleanly and the other two required manual
intervention. Those were backported from version 1.9.5p2

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
[2] https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agoMerge pull request #14575 from Andy2244/samba4-fix-#13758
Rosen Penev [Tue, 26 Jan 2021 22:53:53 +0000 (14:53 -0800)]
Merge pull request #14575 from Andy2244/samba4-fix-#13758

[19.07] samba4: fix for #13758

3 years agosamba4: fix for #13758 14575/head
Andy Walsh [Tue, 26 Jan 2021 11:24:57 +0000 (12:24 +0100)]
samba4: fix for #13758

* fix for possible exploit #13758
* sanetize all external template/config inputs
* fix some shellcheck warnings

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
3 years agoMerge pull request #14565 from rs/nextdns-1.10.1-openwrt-19.07
Rosen Penev [Tue, 26 Jan 2021 07:07:17 +0000 (23:07 -0800)]
Merge pull request #14565 from rs/nextdns-1.10.1-openwrt-19.07

[19.07] nextdns: Update to version 1.10.1

3 years agoMerge pull request #14558 from cartender/pr/19_fix_php7_conf_ac
Michael Heimpold [Mon, 25 Jan 2021 22:54:21 +0000 (23:54 +0100)]
Merge pull request #14558 from cartender/pr/19_fix_php7_conf_ac

php7: Fix prepare target incorrectly referencing 'configure.in' instead of 'configure.ac'

3 years agonextdns: Update to version 1.10.1 14565/head
Olivier Poitrey [Mon, 25 Jan 2021 17:55:29 +0000 (17:55 +0000)]
nextdns: Update to version 1.10.1

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agophp7: Fix prepare target incorrectly referencing 'configure.in' instead of 'configure.ac' 14558/head
Giovanni Giacobbi [Fri, 22 Jan 2021 00:25:39 +0000 (00:25 +0000)]
php7: Fix prepare target incorrectly referencing 'configure.in' instead of 'configure.ac'

Package release version unchanged as it does not impact the build result in any way.

Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
3 years agomsmtp: update to version 1.8.14
Josef Schlehofer [Mon, 18 Jan 2021 22:49:16 +0000 (23:49 +0100)]
msmtp: update to version 1.8.14

Release notes for 1.8.1.3:
https://marlam.de/msmtp/news/msmtp-1-8-13/

Release notes for 1.8.1.4:
https://marlam.de/msmtp/news/msmtp-1-8-13/

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit ff76e24e5aa8e4e2dc38d0b9ac7f3f92059c7a39)

3 years agoyoutube-dl: update to version 2021.1.16
Josef Schlehofer [Sun, 24 Jan 2021 08:26:17 +0000 (09:26 +0100)]
youtube-dl: update to version 2021.1.16

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 5d839fc06b48e43c3aa444469ac7d91b85519040)

3 years agoyoutube-dl: update to version 2020.12.7
Josef Schlehofer [Mon, 7 Dec 2020 02:32:29 +0000 (03:32 +0100)]
youtube-dl: update to version 2020.12.7

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 87e15391cd50b4f72da686f76ed2a012694c2c3f)

3 years agoMerge pull request #14501 from stangri/19.07-https-dns-proxy
Rosen Penev [Sat, 23 Jan 2021 01:42:24 +0000 (17:42 -0800)]
Merge pull request #14501 from stangri/19.07-https-dns-proxy

[19.07] https-dns-proxy: bugfix: high CPU utilization

3 years agoMerge pull request #14499 from nemesisdesign/openwrt-19.07
Rosen Penev [Tue, 19 Jan 2021 07:39:47 +0000 (23:39 -0800)]
Merge pull request #14499 from nemesisdesign/openwrt-19.07

openwisp-config: update to version 0.5.0

3 years agohttps-dns-proxy: bugfix: high CPU utilization 14501/head
Stan Grishin [Mon, 18 Jan 2021 15:28:06 +0000 (15:28 +0000)]
https-dns-proxy: bugfix: high CPU utilization

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agoopenwisp-config: update to version 0.5.0 14499/head
Federico Capoano [Mon, 18 Jan 2021 14:55:30 +0000 (09:55 -0500)]
openwisp-config: update to version 0.5.0

Full changelog available at https://github.com/openwisp/openwisp-config/releases/tag/0.5.0

Signed-off-by: Federico Capoano <f.capoano@openwisp.io>
(cherry picked from commit 9f7b8088c374a5c8533c61baf56ae57343f6fb67)

# Conflicts:
# admin/openwisp-config/Makefile

3 years agoRevert "libzip: update to 1.7.3"
Rosen Penev [Sun, 17 Jan 2021 09:59:54 +0000 (01:59 -0800)]
Revert "libzip: update to 1.7.3"

This reverts commit d8f0ebaa3d2582628e34fa9d7d1d003cc94de24e.

Versions 1.7.2 and above mandate CMake 3.1.7, making this unsuitable
for backporting.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agolibzip: update to 1.7.3
Michael Heimpold [Wed, 15 Jul 2020 21:51:21 +0000 (23:51 +0200)]
libzip: update to 1.7.3

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 1335121067561e3ddc9ca4e6e66244d04985c47b)

3 years agolibzip: update to 1.7.1 (closes #12512)
Michael Heimpold [Sun, 14 Jun 2020 13:09:31 +0000 (15:09 +0200)]
libzip: update to 1.7.1 (closes #12512)

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit fa566417cab7bd75702a82bc4532a204d6cfc0fb)

3 years agolibzip: update to 1.6.1
Michael Heimpold [Wed, 12 Feb 2020 20:05:45 +0000 (21:05 +0100)]
libzip: update to 1.6.1

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 5a6054d4777c5d403375deacea6ec15f58d1ceb9)

3 years agolibzip: update to 1.6.0
Michael Heimpold [Sat, 1 Feb 2020 23:00:12 +0000 (00:00 +0100)]
libzip: update to 1.6.0

Also remove upstreamed patch.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 3b622a612c53c6e9ebeed05ec188214f7912d839)

3 years agolibzip: fix musl-fts failure
Sebastian Kemper [Mon, 16 Dec 2019 22:33:30 +0000 (23:33 +0100)]
libzip: fix musl-fts failure

musl doesn't support fts. But with the extra package musl-fts installed,
libzip picks up the fts header and fails at the linking stage:

zipcmp.c:(.text.startup+0x130): undefined reference to `fts_open'
/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-8.3.0_musl/lib/gcc/mips-openwrt-linux-musl/8.3.0/../../../../mips-openwrt-linux-musl/bin/ld: zipcmp.c:(.text.startup+0x172): undefined reference to `fts_read'

So with musl-fts we need to link in libfts. To address that this commits
patches the cmake setup to check if fts is available in libc itself or
in any external libfts.

So when musl-fts is installed on the system the setup will be the
following:

musl: use libfts
uclibc: use fts from libc
glibc: like uclibc

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 0c381f7c7a6fbd6d62632fa67671a2dd2a5051a5)

3 years agolibzip: add package
Michael Heimpold [Mon, 2 Dec 2019 23:07:42 +0000 (00:07 +0100)]
libzip: add package

This introduces libzip which is e.g. a dependency for upcoming upgrade
of PHP to version 7.4.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit a4a98d5efedd413a2fd31bffb88f9f072b9805eb)

3 years agonano: update to 5.5
Hannu Nyman [Fri, 15 Jan 2021 13:54:41 +0000 (15:54 +0200)]
nano: update to 5.5

Update nano editor to version 5.5

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit be75f779737dc09328eb60896f477fde27a21e4f)

3 years agoidevicerestore: update to 1.0.0
Rosen Penev [Sat, 20 Jun 2020 06:14:42 +0000 (23:14 -0700)]
idevicerestore: update to 1.0.0

Switched to upstream tarballs as they are now available

Removed autoreconf as a result.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 18f3410ac4595b977139932e022d879ff64caa10)

3 years agoidevicerestore: update to 2020-04-20
Rosen Penev [Fri, 1 May 2020 04:32:24 +0000 (21:32 -0700)]
idevicerestore: update to 2020-04-20

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit b112de71e1efed6b66096a65b24ad0f9c1057bf9)

3 years agoidevicerestore: update to 2020-02-17
Rosen Penev [Fri, 28 Feb 2020 00:50:47 +0000 (16:50 -0800)]
idevicerestore: update to 2020-02-17

Fix compilation under glibc.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 355d8b1388fa3cb238c1e2e4364470470805ea69)

3 years agoidevicerestore: Update to 2019-12-26
Rosen Penev [Thu, 6 Feb 2020 20:23:01 +0000 (12:23 -0800)]
idevicerestore: Update to 2019-12-26

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 905c7c62fbbb1309a459659ec55af00587e3cbe1)

3 years agoidevicerestore: Add package
Rosen Penev [Sat, 14 Dec 2019 07:00:06 +0000 (23:00 -0800)]
idevicerestore: Add package

Allows to flash an iOS device without using iTunes.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 9fbe1c247e6d705e24896de3050271ae0024a7b5)

3 years agolibirecovery: update to official tarball
Rosen Penev [Sat, 20 Jun 2020 05:59:43 +0000 (22:59 -0700)]
libirecovery: update to official tarball

Removed autoreconf as a result.

Unfortunately, the two versions are not identical. Bumped PKG_RELEASE
to deal with it.

Disable static libraries as they're fairly useless.

Adjusted filepaths.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 4e203a1949ee43f114fa0373b165eb6cdada5e7f)

3 years agolibirecovery: fix version
Rosen Penev [Fri, 28 Feb 2020 00:49:22 +0000 (16:49 -0800)]
libirecovery: fix version

The hash was correct but not the source version. No idea how this happened

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 7c7a922cb047176dc89efc713176862ee7cba82e)

3 years agolibirecovery: Update to 1.0.0
Rosen Penev [Thu, 6 Feb 2020 20:22:24 +0000 (12:22 -0800)]
libirecovery: Update to 1.0.0

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit bedf33b7e220b4f14a988440ced39b2a8ca578d2)

3 years agolibirecovery: Add package
Rosen Penev [Sat, 14 Dec 2019 06:37:34 +0000 (22:37 -0800)]
libirecovery: Add package

Needed for idevicerestore

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 0b51b4c46947b68e99f542541d916d382cd34a9c)

3 years agohaproxy: Update HAProxy to v2.0.20
Christian Lachner [Mon, 11 Jan 2021 06:07:23 +0000 (07:07 +0100)]
haproxy: Update HAProxy to v2.0.20

- Update haproxy download URL and hash

Signed-off-by: Christian Lachner <gladiac@gmail.com>