feed/packages.git
3 years agoatlas-sw-probe: improve key creation 15488/head
Ansuel Smith [Thu, 22 Apr 2021 23:58:41 +0000 (01:58 +0200)]
atlas-sw-probe: improve key creation

- Exit start if a probe_key is not present
- Add create_key command to generate a private_key based on the provided username in the atlas config.
- Add registration instruction in /etc/atlas
- Rework script to save probe_key on sysupgrade (the key are now adviced to be placed in the /etc/atlas dir and a link is used to make them accessible in the atlas-sw-scripts etc dir)

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
3 years agoMerge pull request #15483 from oskarirauta/feature_mtools
Rosen Penev [Wed, 21 Apr 2021 00:31:14 +0000 (17:31 -0700)]
Merge pull request #15483 from oskarirauta/feature_mtools

mtools: add new package

3 years agoMerge pull request #15449 from SibrenVasse/master
Rosen Penev [Wed, 21 Apr 2021 00:30:37 +0000 (17:30 -0700)]
Merge pull request #15449 from SibrenVasse/master

openssh: update to 8.6p1

3 years agoMerge pull request #15476 from rs/nextdns-1.32.0-master
Rosen Penev [Wed, 21 Apr 2021 00:29:34 +0000 (17:29 -0700)]
Merge pull request #15476 from rs/nextdns-1.32.0-master

nextdns: Update to version 1.32.0

3 years agoMerge pull request #15480 from oskarirauta/podman-311
Rosen Penev [Wed, 21 Apr 2021 00:28:50 +0000 (17:28 -0700)]
Merge pull request #15480 from oskarirauta/podman-311

podman: update to 3.1.1

3 years agopodman: update to 3.1.1 15480/head
Oskari Rauta [Tue, 20 Apr 2021 21:18:27 +0000 (00:18 +0300)]
podman: update to 3.1.1

 - Add support for AppArmor
 - Gracefully stop containers and pods on shutdown

I found out that If you change location of containers to persistent storage instead of tmpfs, starting them will fail unless they have been stopped. If this is the case that reboot has occurred before pods and containers have been stopped, they cannot be started, they have to be removed and re-created. Change in initscript tries to avoid that. Even if containers are running at tmpfs, this won't hurt. Still, if something happens and system hangs/reboots/etc, script won't save you from that. It's just a attempt to make things better.
I also enabled AppArmor support for future possibilities.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
3 years agomtools: add new package 15483/head
Oskari Rauta [Wed, 21 Apr 2021 00:19:14 +0000 (03:19 +0300)]
mtools: add new package

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
3 years agoMerge pull request #15473 from ClaymorePT/boost_1.76.0
Rosen Penev [Tue, 20 Apr 2021 22:15:55 +0000 (15:15 -0700)]
Merge pull request #15473 from ClaymorePT/boost_1.76.0

boost: Bump to version 1.76.0

3 years agocni-plugins-nft: add new package
Oskari Rauta [Tue, 20 Apr 2021 23:26:53 +0000 (02:26 +0300)]
cni-plugins-nft: add new package

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
3 years agoboost: Bump to version 1.76.0 15473/head
Carlos Miguel Ferreira [Tue, 20 Apr 2021 12:55:57 +0000 (13:55 +0100)]
boost: Bump to version 1.76.0

This commit updates boost to version 1.76.0

There are no new libraries in this version

More info about Boost 1.76.0 can be found at the usual place [1].

Note: This package update includes a fix merged to Boost.Fiber in [2]
which did not make into this version but it will be present in the next
one. For now, the patch is needed, but it will be removed in version
1.77.0

[1]: https://www.boost.org/users/history/version_1_76_0.html
[2]: https://github.com/boostorg/fiber/pull/276

Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
3 years agogenerate-ipv6-address: fix PIC compilation
Rosen Penev [Tue, 20 Apr 2021 01:28:14 +0000 (18:28 -0700)]
generate-ipv6-address: fix PIC compilation

This is a single C file. Don't bother using the Makefile.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agonextdns: Update to version 1.32.0 15476/head
Olivier Poitrey [Tue, 20 Apr 2021 15:08:38 +0000 (15:08 +0000)]
nextdns: Update to version 1.32.0

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agoMerge pull request #15472 from sartura/uci2-update
Luka Perkov [Tue, 20 Apr 2021 13:50:01 +0000 (15:50 +0200)]
Merge pull request #15472 from sartura/uci2-update

uci2: update revision

3 years agoopenssh: update to 8.6p1 15449/head
Sibren Vasse [Mon, 19 Apr 2021 13:35:48 +0000 (15:35 +0200)]
openssh: update to 8.6p1

Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
3 years agouci2: update revision 15472/head
Jakov Petrina [Tue, 20 Apr 2021 08:08:19 +0000 (10:08 +0200)]
uci2: update revision

Signed-off-by: Jakov Petrina <jakov.petrina@sartura.hr>
3 years agoMerge pull request #15343 from accwebs/feature/udp-broadcast-relay-redux
Rosen Penev [Tue, 20 Apr 2021 04:24:46 +0000 (21:24 -0700)]
Merge pull request #15343 from accwebs/feature/udp-broadcast-relay-redux

udp-broadcast-relay-redux: Add package

3 years agoudp-broadcast-relay-redux: Add package 15343/head
Aaron Curley [Sun, 4 Apr 2021 19:24:07 +0000 (12:24 -0700)]
udp-broadcast-relay-redux: Add package

This commit is largely based on the work from Daniel Dickinson in
PR #2096 which was never merged. I tweaked it in a number of ways.
All bugs with this package are mine, not his.

Signed-off-by: Aaron Curley <accwebs@gmail.com>
3 years agoMerge pull request #15443 from ryzhovau/libtalloc_pyhton3_dep
Rosen Penev [Tue, 20 Apr 2021 01:59:54 +0000 (18:59 -0700)]
Merge pull request #15443 from ryzhovau/libtalloc_pyhton3_dep

libtalloc: add Python3/host dependency

3 years agoMerge pull request #15469 from rs/nextdns-1.12.5-master
Rosen Penev [Tue, 20 Apr 2021 01:59:29 +0000 (18:59 -0700)]
Merge pull request #15469 from rs/nextdns-1.12.5-master

nextdns: Update to version 1.12.5

3 years agonextdns: Update to version 1.12.5 15469/head
Olivier Poitrey [Tue, 20 Apr 2021 01:38:39 +0000 (01:38 +0000)]
nextdns: Update to version 1.12.5

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agoMerge pull request #15460 from rs/nextdns-1.12.3-master
Rosen Penev [Tue, 20 Apr 2021 00:47:37 +0000 (17:47 -0700)]
Merge pull request #15460 from rs/nextdns-1.12.3-master

nextdns: Update to version 1.12.3

3 years agonextdns: Update to version 1.12.3 15460/head
Olivier Poitrey [Mon, 19 Apr 2021 23:23:41 +0000 (23:23 +0000)]
nextdns: Update to version 1.12.3

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agoMerge pull request #15457 from rs/nextdns-1.31.3-master
Rosen Penev [Mon, 19 Apr 2021 23:08:27 +0000 (16:08 -0700)]
Merge pull request #15457 from rs/nextdns-1.31.3-master

nextdns: Update to version 1.31.3

3 years agonextdns: Update to version 1.31.3 15457/head
Olivier Poitrey [Mon, 19 Apr 2021 22:50:28 +0000 (22:50 +0000)]
nextdns: Update to version 1.31.3

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years agoMerge pull request #15436 from pprindeville/strongswan-gencerts-change-sysconfdir
Philip Prindeville [Sun, 18 Apr 2021 23:32:22 +0000 (17:32 -0600)]
Merge pull request #15436 from pprindeville/strongswan-gencerts-change-sysconfdir

strongswan: change name of config base directory

3 years agoMerge pull request #15445 from turris-cz/psmisc-killall-alternatives
Josef Schlehofer [Sun, 18 Apr 2021 17:50:38 +0000 (19:50 +0200)]
Merge pull request #15445 from turris-cz/psmisc-killall-alternatives

psmisc: move killall to /usr/libexec and add ALTERNATIVES

3 years agoirqbalance: upgrade to version 1.8.0
Hannu Nyman [Sun, 18 Apr 2021 15:26:43 +0000 (18:26 +0300)]
irqbalance: upgrade to version 1.8.0

Upgrade irqbalance to version 1.8.0

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
3 years agopsmisc: move killall to /usr/libexec and add ALTERNATIVES 15445/head
Josef Schlehofer [Sun, 18 Apr 2021 11:59:30 +0000 (13:59 +0200)]
psmisc: move killall to /usr/libexec and add ALTERNATIVES

Currently, this package can not be installed while using standard path
of busybox, because binary killall wants to be installed on the same
location as busybox.

Collision:
• /usr/bin/killall: busybox (new-file), psmisc (existing-file)

Many of these binaries, which provides alternatives were moved to
folder /usr/libexec like wget, sed, findutils, less.
So I moved killall to /usr/libexec and others leave in touch and added
ALTERNATIVES for it, because preinstall script is no longer necessary.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agolibtalloc: add Python3/host dependency 15443/head
Alexander Ryzhov [Sun, 18 Apr 2021 10:57:14 +0000 (13:57 +0300)]
libtalloc: add Python3/host dependency
Otherwise, Package/Configure won't find distutils module from python3/host

Signed-off-by: Alexander Ryzhov <github@ryzhov-al.ru>
3 years agouvol: emmit ubus events and bring up volumes on boot
Daniel Golle [Sat, 17 Apr 2021 18:16:18 +0000 (19:16 +0100)]
uvol: emmit ubus events and bring up volumes on boot

Emmit ubus events when volumes come up/down.
Make sure volume state is always well defined by introducing
additional state 'write-prepare' (wp) during mkfs.
Add init scripts to bring up volumes at boot.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoMerge pull request #15440 from 1715173329/yq
Rosen Penev [Sat, 17 Apr 2021 22:40:34 +0000 (15:40 -0700)]
Merge pull request #15440 from 1715173329/yq

yq: Update to 4.7.0

3 years agoyq: Update to 4.7.0 15440/head
Tianling Shen [Sat, 17 Apr 2021 19:17:10 +0000 (03:17 +0800)]
yq: Update to 4.7.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
3 years agoMerge pull request #15439 from dibdot/adblock
Dirk Brenken [Sat, 17 Apr 2021 15:25:40 +0000 (17:25 +0200)]
Merge pull request #15439 from dibdot/adblock

adblock: update to 4.1.1

3 years agoadblock: update to 4.1.1 15439/head
Dirk Brenken [Sat, 17 Apr 2021 07:41:17 +0000 (09:41 +0200)]
adblock: update to 4.1.1

* support the RPZ trigger 'RPZ-CLIENT-IP' to always allow/block certain
  clients based on their IP (currently only supported by bind!)
* avoid promiscuous mode in tcpdump setup for adblock reporting
* speed up dns report preparation
* support dns report mailing (/etc/init.d/adblock report mail)
* fix bind autodetection
* update LuCI-frontend (separate PR)
* update readme

Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years agoMerge pull request #14656 from stintel/miniupnpd
Rosen Penev [Sat, 17 Apr 2021 01:24:36 +0000 (18:24 -0700)]
Merge pull request #14656 from stintel/miniupnpd

miniupnpd: introduce IGDv1 variant

3 years agoMerge pull request #15328 from ja-pa/atlas-probe-v2
Rosen Penev [Sat, 17 Apr 2021 01:23:17 +0000 (18:23 -0700)]
Merge pull request #15328 from ja-pa/atlas-probe-v2

atlas-sw-probe: add new package

3 years agoMerge pull request #15435 from cotequeiroz/atheepmgr
Rosen Penev [Sat, 17 Apr 2021 01:17:05 +0000 (18:17 -0700)]
Merge pull request #15435 from cotequeiroz/atheepmgr

atheepmgr: avoid libpciaccess dependency

3 years agostrongswan: change name of config base directory 15436/head
Philip Prindeville [Thu, 15 Apr 2021 23:55:55 +0000 (17:55 -0600)]
strongswan: change name of config base directory

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agoMerge pull request #15431 from pprindeville/strongswan-add-gencerts
Philip Prindeville [Thu, 15 Apr 2021 23:44:19 +0000 (17:44 -0600)]
Merge pull request #15431 from pprindeville/strongswan-add-gencerts

strongswan: add certificate generation utility

3 years agoatheepmgr: avoid libpciaccess dependency 15435/head
Eneas U de Queiroz [Thu, 15 Apr 2021 20:03:35 +0000 (17:03 -0300)]
atheepmgr: avoid libpciaccess dependency

HAVE_LIBPCIACCESS that is currently passed through MAKE_VARS to disable
building with libpciaccess can't be set through the environment.
Instead, use CONFIG_CON_PCI, which can be passed through the environment
and will disable libpciaccess.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
3 years agostrongswan: add certificate generation utility 15431/head
Philip Prindeville [Thu, 15 Apr 2021 00:16:25 +0000 (18:16 -0600)]
strongswan: add certificate generation utility

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agoMerge pull request #15357 from BKPepe/netdata
Josef Schlehofer [Thu, 15 Apr 2021 17:06:53 +0000 (19:06 +0200)]
Merge pull request #15357 from BKPepe/netdata

netdata: update to version 1.30.0

3 years agoMerge pull request #15432 from turris-cz/clamav-add-libiconv-dependency
Josef Schlehofer [Thu, 15 Apr 2021 15:11:28 +0000 (17:11 +0200)]
Merge pull request #15432 from turris-cz/clamav-add-libiconv-dependency

clamav: add libiconv dependencies when build with NLS

3 years agoclamav: add libiconv dependencies when build with NLS 15432/head
Josef Schlehofer [Wed, 14 Apr 2021 23:02:34 +0000 (01:02 +0200)]
clamav: add libiconv dependencies when build with NLS

NLS means Native Language Support and when you have it enabled (it is
not default), clamav can not be compiled as it shows following error:

Package clamav is missing dependencies for the following libraries:
libiconv.so.2

Also, it is required that package libiconv-full is compiled first/before
than clamav and then try to compile clamav.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agoMerge pull request #15430 from pprindeville/strongswan-add-ipsec-warning
Philip Prindeville [Thu, 15 Apr 2021 07:31:25 +0000 (01:31 -0600)]
Merge pull request #15430 from pprindeville/strongswan-add-ipsec-warning

strongswan: add deprecation warning to ipsec script

3 years agoopenvpn-easy-rsa: add missing configfile
Luiz Angelo Daros de Luca [Mon, 12 Apr 2021 21:09:52 +0000 (18:09 -0300)]
openvpn-easy-rsa: add missing configfile

/etc/profile.d/50-openvpn-easy-rsa.sh was not listed as configfile
and changes were lost during upgrades.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
3 years agoMerge pull request #15421 from ja-pa/onionshare-v2
Rosen Penev [Thu, 15 Apr 2021 02:10:01 +0000 (19:10 -0700)]
Merge pull request #15421 from ja-pa/onionshare-v2

onionshare-cli: add new package

3 years agongircd: update to 26.1
Rosen Penev [Wed, 14 Apr 2021 03:30:53 +0000 (20:30 -0700)]
ngircd: update to 26.1

Switch to AUTORELEASE for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agostm32flash: update to 0.6
Rosen Penev [Mon, 12 Apr 2021 05:40:31 +0000 (22:40 -0700)]
stm32flash: update to 0.6

Switch to AUTORELEASE for simplicity.

Use autotools build.

Remove upstream patch.

Minor cleanups for consistency between packages.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoyubico-pam: update to 2.27
Rosen Penev [Mon, 12 Apr 2021 07:07:52 +0000 (00:07 -0700)]
yubico-pam: update to 2.27

Switch to AUTORELEASE for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agouvol: make volume creation atomic
Daniel Golle [Thu, 15 Apr 2021 01:51:11 +0000 (02:51 +0100)]
uvol: make volume creation atomic

Make sure filesystem is ready when volume becomes available.
Use 'write-once' as initial state for read-only volumes, only allow
writing to volumes in that state and transision to 'read-only' once
write has completed.
Also fix a typo which prevented 'list' command from working with LVM.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agoocserv: don't build with libseccomp on ARC
Eneas U de Queiroz [Tue, 13 Apr 2021 11:25:55 +0000 (08:25 -0300)]
ocserv: don't build with libseccomp on ARC

libseccomp can't be built on ARC, so we must disable the option here as
well.  A different fix was first proposed by @zxlhhyccc in #15377.

Fixes: #15313
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
3 years agodocker-compose: Update to version 1.29.1
Javier Marcet [Wed, 14 Apr 2021 18:06:40 +0000 (18:06 +0000)]
docker-compose: Update to version 1.29.1

Bugs:

- Fix for invalid handler warning on Windows builds

- Fix config hash to trigger container recreation on IPC mode updates

- Fix conversion map for placement.max_replicas_per_node

- Remove extra scan suggestion on build

Signed-off-by: Javier Marcet <javier@marcet.info>
3 years agolibupnp: restore building tools
Alexander Egorenkov [Wed, 14 Apr 2021 17:15:35 +0000 (19:15 +0200)]
libupnp: restore building tools

This enables tools again which has been disabled in commit
498506af9 ("libupnp: update to 1.14.5"). Disabling tools leads to the
header upnptools.h not being installed into /usr/include. But e.g. mpd-full
depends on this header.

Fixes: 498506af9 ("libupnp: update to 1.14.5")
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
3 years agonetdata: update to version 1.30.1 15357/head
Josef Schlehofer [Wed, 14 Apr 2021 22:39:03 +0000 (00:39 +0200)]
netdata: update to version 1.30.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agoluv: update to 1.40.0-0
Rosen Penev [Wed, 14 Apr 2021 03:13:47 +0000 (20:13 -0700)]
luv: update to 1.40.0-0

Simplify CMake section.

Fix pkgconfig paths.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agostrongswan: add deprecation warning to ipsec script 15430/head
Philip Prindeville [Wed, 14 Apr 2021 18:27:07 +0000 (12:27 -0600)]
strongswan: add deprecation warning to ipsec script

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agofdm: don't use host headers
Alexander Ryzhov [Wed, 14 Apr 2021 07:45:13 +0000 (10:45 +0300)]
fdm: don't use host headers

Signed-off-by: Alexander Ryzhov <github@ryzhov-al.ru>
3 years agopython-greenlet: support MIPS architecture
Alexandru Ardelean [Mon, 12 Apr 2021 06:43:35 +0000 (09:43 +0300)]
python-greenlet: support MIPS architecture

Fixes: https://github.com/openwrt/packages/issues/15370
This is inspired from:
   https://github.com/wlanslovenija/firmware-packages-opkg/blob/330bc94dccd16a3e92ac2fdde08c81a598e12f94/lang/python-greenlet/Makefile

The `PKG_USE_MIPS16:=0` is not taken into consideration when building
Python modules. That's because the sysconfig is used.

This is only an issue with greenlet (on MIPS) so far.

One option is to do `PKG_USE_MIPS16:=0` in the core Python package.
But, since we know that the `wlanslovenija` group has successfully used
greenlet on MIPS with this construct, we might as well adopt it until GCC10
becomes the main compiler.

As noted here:
  https://github.com/openwrt/packages/issues/15370#issuecomment-817015484
GCC10 doesn't have this problem.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agolibupnp: update to 1.14.5
Rosen Penev [Wed, 14 Apr 2021 02:57:44 +0000 (19:57 -0700)]
libupnp: update to 1.14.5

Switch to compiling with CMake. Faster.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoumpdcli: update to 1.5.11
Rosen Penev [Wed, 14 Apr 2021 03:25:48 +0000 (20:25 -0700)]
umpdcli: update to 1.5.11

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agolibupnpp: update to 0.21.0
Rosen Penev [Wed, 14 Apr 2021 03:21:45 +0000 (20:21 -0700)]
libupnpp: update to 0.21.0

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agopulseaudio: fix compilation without doxygen
Rosen Penev [Wed, 14 Apr 2021 04:34:35 +0000 (21:34 -0700)]
pulseaudio: fix compilation without doxygen

Meson update makes this error now.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoMerge pull request #15406 from pprindeville/strongswan-add-chacha20poly1305
Philip Prindeville [Wed, 14 Apr 2021 03:48:04 +0000 (21:48 -0600)]
Merge pull request #15406 from pprindeville/strongswan-add-chacha20poly1305

strongswan: handle chacha20poly1305 as AEAD

3 years agoonionshare-cli: add new package 15421/head
Jan Pavlinec [Wed, 7 Apr 2021 10:14:08 +0000 (12:14 +0200)]
onionshare-cli: add new package

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agohcxdumptool: update to 6.1.6
Rosen Penev [Mon, 12 Apr 2021 04:24:18 +0000 (21:24 -0700)]
hcxdumptool: update to 6.1.6

Fix compilation without deprecated OpenSSL APIs.

Backport upstream patch to fix stdout.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agohcxtools: update to 6.1.6
Rosen Penev [Mon, 12 Apr 2021 04:18:19 +0000 (21:18 -0700)]
hcxtools: update to 6.1.6

Add patch fixing compilation without deprecated OpenSSL APIs.

Fix installation. This never worked as the section was misnamed.

Updated tool names.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoglib2: update to 2.68.1
Rosen Penev [Tue, 13 Apr 2021 04:42:04 +0000 (21:42 -0700)]
glib2: update to 2.68.1

Removed two now pointless patches as they were added as options.

Switch to AUTORELEASE for simplicity.

Update MESON_ARGS.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoMerge pull request #15420 from ja-pa/ooniprobe-3.9.2
Rosen Penev [Tue, 13 Apr 2021 20:01:24 +0000 (13:01 -0700)]
Merge pull request #15420 from ja-pa/ooniprobe-3.9.2

ooniprobe: update to version 3.9.2

3 years agostrongswan: handle chacha20poly1305 as AEAD 15406/head
Philip Prindeville [Tue, 13 Apr 2021 03:59:30 +0000 (21:59 -0600)]
strongswan: handle chacha20poly1305 as AEAD

chacha20policy1305 is also an AEAD cipher, and hence does not
permit a hash algorithm.

Fixes issue #15397.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agostrongswan: fail on serious configuration errors
Philip Prindeville [Tue, 13 Apr 2021 04:42:05 +0000 (22:42 -0600)]
strongswan: fail on serious configuration errors

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agostrongswan: drop subshell when possible
Philip Prindeville [Tue, 13 Apr 2021 18:32:57 +0000 (12:32 -0600)]
strongswan: drop subshell when possible

A subshell caused by $(...) can't persistently modify globals as a
side-effect.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years agoMerge pull request #15412 from luizluca/ruby-3.0.1
Luiz Angelo Daros de Luca [Tue, 13 Apr 2021 16:04:43 +0000 (13:04 -0300)]
Merge pull request #15412 from luizluca/ruby-3.0.1

ruby: update to 3.0.1

3 years agoooniprobe: update to version 3.9.2 15420/head
Jan Pavlinec [Tue, 13 Apr 2021 14:44:25 +0000 (16:44 +0200)]
ooniprobe: update to version 3.9.2

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
3 years agovips: update to 8.10.6
Rosen Penev [Mon, 12 Apr 2021 05:30:29 +0000 (22:30 -0700)]
vips: update to 8.10.6

Switch to AUTORELEASE for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agoMerge pull request #15379 from jow-/bonding-accept-uci-list
Florian Eckert [Tue, 13 Apr 2021 07:29:22 +0000 (09:29 +0200)]
Merge pull request #15379 from jow-/bonding-accept-uci-list

bonding: accept list of slaves in uci list notation

3 years agocollectd: enable cpufreq for rockchip target
Tomas Lara [Tue, 13 Apr 2021 05:37:18 +0000 (01:37 -0400)]
collectd: enable cpufreq for rockchip target

Enable collectd-mod-cpufreq  for rockchip

Signed-off-by: Tomas Lara <tl849670@gmail.com>
3 years agosquid: update to 4.14
Rosen Penev [Mon, 12 Apr 2021 05:48:55 +0000 (22:48 -0700)]
squid: update to 4.14

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agovala: update to 0.52.1
Rosen Penev [Mon, 12 Apr 2021 05:35:12 +0000 (22:35 -0700)]
vala: update to 0.52.1

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agomeson: update to 0.57.2
Rosen Penev [Tue, 13 Apr 2021 04:44:17 +0000 (21:44 -0700)]
meson: update to 0.57.2

Remove upstream backport.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years agodjango: bump to version 3.2
Alexandru Ardelean [Mon, 12 Apr 2021 07:13:43 +0000 (10:13 +0300)]
django: bump to version 3.2

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years agoruby: update to 3.0.1 15412/head
Luiz Angelo Daros de Luca [Mon, 12 Apr 2021 21:19:00 +0000 (18:19 -0300)]
ruby: update to 3.0.1

Fixes two CVEs:

CVE-2021-28965: XML round-trip vulnerability in REXML
CVE-2021-28966: Path traversal in Tempfile on Windows

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
3 years agoMerge pull request #15396 from BKPepe/update-bottle
Josef Schlehofer [Mon, 12 Apr 2021 09:14:49 +0000 (11:14 +0200)]
Merge pull request #15396 from BKPepe/update-bottle

python3-bottle: update to version 0.12.19

3 years agoMerge pull request #15398 from BKPepe/babel-update
Josef Schlehofer [Mon, 12 Apr 2021 09:14:38 +0000 (11:14 +0200)]
Merge pull request #15398 from BKPepe/babel-update

python-babel: update to version 2.9.0

3 years agopython-docker: Update to 5.0.0
Javier Marcet [Sun, 11 Apr 2021 06:03:55 +0000 (06:03 +0000)]
python-docker: Update to 5.0.0

Breaking changes:

- Remove support for Python 2.7

- Make Python 3.6 the minimum version supported

Features:

- Add limit parameter to image search endpoint

Bugfixes:

- Fix KeyError exception on secret create

- Verify TLS keys loaded from docker contexts

- Update PORT_SPEC regex to allow square brackets for IPv6 addresses

- Fix containers and images documentation examples

Signed-off-by: Javier Marcet <javier@marcet.info>
3 years agodocker-compose: Update to version 1.29.0
Javier Marcet [Sun, 11 Apr 2021 06:05:36 +0000 (06:05 +0000)]
docker-compose: Update to version 1.29.0

Features:

- Add profile filter to docker-compose config

- Add a depends_on condition to wait for successful service completion

Miscellaneous:

- Add image scan message on build

- Update warning message for --no-ansi to mention --ansi never as alternative

- Bump docker-py to 5.0.0

- Bump PyYAML to 5.4.1

- Bump python-dotenv to 0.17.0

Signed-off-by: Javier Marcet <javier@marcet.info>
3 years agonode: bump to v14.16.1
Hirokazu MORIKAWA [Mon, 12 Apr 2021 01:47:17 +0000 (10:47 +0900)]
node: bump to v14.16.1

April 2021 Security Releases
- OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) (CVE-2021-3450)
- OpenSSL - NULL pointer deref in signature_algorithms processing (High) (CVE-2021-3449)
- npm upgrade - Update y18n to fix Prototype-Pollution (High) (CVE-2020-7774)

OpenSSL-related vulnerabilities do not affect the OpenWrt package. Because OpenWrt's OpenSSL shared library has been updated.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
3 years agoMerge pull request #15400 from cotequeiroz/circular_deps
Eneas U de Queiroz [Mon, 12 Apr 2021 01:00:03 +0000 (22:00 -0300)]
Merge pull request #15400 from cotequeiroz/circular_deps

libseccomp,crun: Fix circular deps

3 years agoRevert "libseccomp: don't build on ARC" 15400/head
Eneas U de Queiroz [Sun, 11 Apr 2021 22:38:50 +0000 (19:38 -0300)]
Revert "libseccomp: don't build on ARC"

This reverts commit b29e609701987072fbd991a9ffc203103f99b943.

Adding DEPENDS+=@!arc will cause a circular dependency, because some
packages select libseccomp based on a build option.

Commit e29483d7e ("libseccomp: workaround a recursive dependency") added
a workaround that was not properly documented, so I'll explain here.

The problem arises when libseccomp is selected depending on some config
option:

define Pakcage/foo
  DEPENDS=+FOO_SECCOMP:libseccomp

Even if the condition is correctly defined, excluding arc, such as:

define Package/foo/config
  config FOO_SECCOMP
    depends on !arc

the config generator will parse libseccomp's DEPENDS variable and
generate menuconfig statements like these:

config PACKAGE_foo
   select PACKAGE_libseccomp if FOO_SECCOMP
   depends on !FOO_SECCOMP || !arc

The last condition is always true because FOO_SECCOMP will always be
be false when arc is true.  The config generator is not able to
simplify/optimize the condition.

The circular dependecy occurs because FOO_SECCOMP depends on
PACKAGE_foo, and the redundant, always true line will make PACKAGE_foo
depend on FOO_SECCOMP.

As a workaround, we can add the 'depends on !arc' line to
Package/libseccomp/config, outside of the DEPENDS variable, so that the
redundant depends line line does not get generated.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Cc: Daniel Golle <daniel@makrotopia.org>
3 years agocrun: Don't build on arc
Eneas U de Queiroz [Sun, 11 Apr 2021 22:36:16 +0000 (19:36 -0300)]
crun: Don't build on arc

The package needs libseccomp, which does not currently support arc.
In order to avoid a circular dependency, we must avoid arc here as well.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
3 years agoMerge pull request #15382 from cotequeiroz/strongswan
Philip Prindeville [Sun, 11 Apr 2021 23:10:58 +0000 (17:10 -0600)]
Merge pull request #15382 from cotequeiroz/strongswan

strongswan: libnttft must not select strongswan

3 years agopython-babel: update to version 2.9.0 15398/head
Josef Schlehofer [Sun, 11 Apr 2021 23:05:21 +0000 (01:05 +0200)]
python-babel: update to version 2.9.0

Update copyright

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agopython3-bottle: update to version 0.12.19 15396/head
Josef Schlehofer [Sun, 11 Apr 2021 22:47:47 +0000 (00:47 +0200)]
python3-bottle: update to version 0.12.19

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years agonode: #14983 NODEJS_ICU_SMALL is default
Robin Rainton [Sun, 11 Apr 2021 10:32:37 +0000 (12:32 +0200)]
node: #14983 NODEJS_ICU_SMALL is default

Signed-off-by: Robin Rainton <robin@rainton.com>
3 years agonetdata: disable shared memory totals by default
Tiago Gaspar [Sat, 10 Apr 2021 23:21:58 +0000 (00:21 +0100)]
netdata: disable shared memory totals by default

Fix log spam:
daemon.err netdata[2090]: PROCFILE: Cannot open file '/proc/sysvipc/shm'
This is caused by a non existant /proc/sysvipc/shm because of the
CONFIG_PROC_STRIPPED option that is enabled by default in the kernel
generic target config

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
3 years agohttps-dns-proxy: bugfix: race condition with dnsmasq
Stan Grishin [Sun, 11 Apr 2021 01:29:59 +0000 (01:29 +0000)]
https-dns-proxy: bugfix: race condition with dnsmasq

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agoCI: remove leftover travis files
Paul Spooren [Sat, 5 Sep 2020 23:41:11 +0000 (13:41 -1000)]
CI: remove leftover travis files

THe current CI uses both CircleCI and GitHub Action CI, but not Travis.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agouvol: some improvements
Daniel Golle [Sun, 11 Apr 2021 00:41:05 +0000 (01:41 +0100)]
uvol: some improvements

 * use lvm --reportformat json
 * add 'list' and 'align' commands
 * add help output

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years agosimple-adblock: update to 1.8.7-3
Stan Grishin [Sat, 10 Apr 2021 18:54:41 +0000 (18:54 +0000)]
simple-adblock: update to 1.8.7-3

Signed-off-by: Stan Grishin <stangri@melmac.net>
3 years agotaglib: fix config file paths
Rosen Penev [Sat, 10 Apr 2021 10:30:50 +0000 (03:30 -0700)]
taglib: fix config file paths

Gerbera stupidly uses taglib-config to find the paths. Fix them to avoid
adding /usr/lib

Signed-off-by: Rosen Penev <rosenp@gmail.com>