feed/packages.git
2 years agohaproxy: update to version 2.2.22 18103/head
Josef Schlehofer [Fri, 18 Mar 2022 19:56:47 +0000 (20:56 +0100)]
haproxy: update to version 2.2.22

Fixes:
CVE-2022-0711

Changelog:
https://git.haproxy.org/?p=haproxy-2.2.git;a=blob;f=CHANGELOG;h=bfc5d6495e39ace56581663ce820e6909039a286;hb=bfc5d6495e39ace56581663ce820e6909039a286

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agotree: bump to 2.0.2
John Audia [Fri, 18 Feb 2022 18:45:03 +0000 (13:45 -0500)]
tree: bump to 2.0.2

Update to latest upstream release.

Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B

Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit c333a5b8c547076720b83dd02ae831a9e6efb138)

2 years agocurl: Fix compiling curl wolfSSL IPv6 disabled
Chris Osgood [Fri, 18 Mar 2022 14:48:07 +0000 (10:48 -0400)]
curl: Fix compiling curl wolfSSL IPv6 disabled

Fixes #18082

Signed-off-by: Chris Osgood <chris_github@functionalfuture.com>
(cherry picked from commit 4eb08bacf309d336f03ad001194b9c8c1847ac2b)

2 years agobind: bump to 9.18.1
Noah Meyerhans [Fri, 18 Mar 2022 01:32:38 +0000 (18:32 -0700)]
bind: bump to 9.18.1

Fixes multiple security issues:

 * CVE-2022-0667 -- An assertion could occur in resume_dslookup() if the
                    fetch had been shut down earlier
 * CVE-2022-0635 -- Lookups involving a DNAME could trigger an INSIST when
                    "synth-from-dnssec" was enabled
 * CVE-2022-0396 -- A synchronous call to closehandle_cb() caused
                    isc__nm_process_sock_buffer() to be called recursively,
                    which in turn left TCP connections hanging in the CLOSE_WAIT
                    state blocking indefinitely when out-of-order processing was
                    disabled.
 * CVE-2021-25220 -- The rules for acceptance of records into the cache
                     have been tightened to prevent the possibility of
                     poisoning if forwarders send records outside the
                     configured bailiwick

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit 4c6ea5379c02c97e49fde6e62cf0dad278f64313)

2 years agolibnetfilter-log: update to 1.0.2
Rosen Penev [Thu, 16 Dec 2021 04:36:17 +0000 (20:36 -0800)]
libnetfilter-log: update to 1.0.2

Remove all patches as they have been upstreamed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 28c1c0d24c0bcdc55ee3c83c478513a1552114c6)

2 years agoMerge pull request #18083 from mhei/21.02-libxml2-update
Michael Heimpold [Thu, 17 Mar 2022 20:06:52 +0000 (21:06 +0100)]
Merge pull request #18083 from mhei/21.02-libxml2-update

libxml2: update to 2.9.13

2 years agolibxml2: update to 2.9.13 18083/head
Michael Heimpold [Tue, 15 Mar 2022 20:24:32 +0000 (21:24 +0100)]
libxml2: update to 2.9.13

This fixes CVE-2022-23308.

Also switch to GNOME as download source and xz tarball.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 81fd836f97aee93c8cfcb4ebbf901c2a99c3525c)

2 years agoauc: don't segfault on invalid URL
Daniel Golle [Sun, 13 Mar 2022 23:48:28 +0000 (23:48 +0000)]
auc: don't segfault on invalid URL

Show error message instead of segfaulting in case of an invalid URL
being read from UCI config.

Fixes: #17971
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c0d2c82528e19a304164dade96e9b019114b8fb0)

2 years agoauc: fall back to 'sdcard' image
Daniel Golle [Mon, 14 Feb 2022 14:24:21 +0000 (14:24 +0000)]
auc: fall back to 'sdcard' image

Fallback to use 'sdcard' image in case there is neither 'sysupgrade'
nor 'combined' image available.
This allows using 'auc' on targets where 'sdcard' image is also used
for sysupgrade (such as some mvebu-based devices with eMMC).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 6b041752a00d125a4e651aa56f6abae0e06a59b6)

2 years agoauc: accept both 'y' and 'Y' as confirmation from user
Daniel Golle [Wed, 9 Feb 2022 17:41:49 +0000 (17:41 +0000)]
auc: accept both 'y' and 'Y' as confirmation from user

Accept both 'y' and 'Y' as positive confirmation when asking the user
if auc should proceed with requesting and installing an upgrade.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit d27ecdcc49f2d91a8758ff4c416385d6d57cf2e6)

2 years agoauc: add '-n' parameter for dry-run
Daniel Golle [Thu, 27 Jan 2022 16:45:36 +0000 (16:45 +0000)]
auc: add '-n' parameter for dry-run

Add option to allow only requesting an image but not actually download
or sysupgrade anything.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 19c135685f7b9eefbf75b5a96b780f4fa2b46f19)

2 years agoattendedsysupgrade-common: update to 2021
Paul Spooren [Thu, 29 Apr 2021 21:09:22 +0000 (23:09 +0200)]
attendedsysupgrade-common: update to 2021

* Use SPDX
* Use CA (ucert) public key
* Update repo link
* Update maintainer email
* Format description

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit a54b9570ad6abc0b3e1079e881d1dbe9a475e33d)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoMerge pull request #18010 from stangri/openwrt-21.02-curl
Stan Grishin [Mon, 14 Mar 2022 21:29:14 +0000 (14:29 -0700)]
Merge pull request #18010 from stangri/openwrt-21.02-curl

[21.02] curl: update to 7.82.0

2 years agoMerge pull request #18037 from M95D/openwrt-21.02
Josef Schlehofer [Mon, 14 Mar 2022 16:57:29 +0000 (17:57 +0100)]
Merge pull request #18037 from M95D/openwrt-21.02

tvheadend: bind to LAN IP by default

2 years agoyq: Update to 4.22.1
Tianling Shen [Thu, 10 Mar 2022 12:08:35 +0000 (20:08 +0800)]
yq: Update to 4.22.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit b31615c63c7ce4b2e17e566d31167ee54fd2c4d8)

2 years agoyq: Update to 4.21.1
Tianling Shen [Mon, 28 Feb 2022 06:55:54 +0000 (14:55 +0800)]
yq: Update to 4.21.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 5529031602d26659eccb5072e30b0e1c4ea87cea)

2 years agosyslog-ng: update to version 3.36.1
Josef Schlehofer [Thu, 10 Mar 2022 15:19:19 +0000 (16:19 +0100)]
syslog-ng: update to version 3.36.1

- Bump version in config file

Release notes:
https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-3.36.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 110d46eb370b9ea5962944386fb06c2abd1d50f1)

2 years agotvheadend: bind to LAN IP by default 18037/head
Marius Dinu [Fri, 18 Feb 2022 20:50:02 +0000 (22:50 +0200)]
tvheadend: bind to LAN IP by default

If config parameter is not set, tvheadend will bind to LAN IP address by default.
Fixes issue #16500 without requiring user modifications to config file. It's also more secure if firewall becomes disabled.

Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
(cherry picked from commit 95cbfe893b259433ec06f5a22bac7c047d1db517)

2 years agodockerd: fix compilation with glibc
Liang Yang [Sun, 27 Feb 2022 12:11:39 +0000 (20:11 +0800)]
dockerd: fix compilation with glibc

Signed-off-by: Liang Yang <ggg17226@gmail.com>
2 years agodocker: fix compilation with glibc
Liang Yang [Sun, 27 Feb 2022 12:09:27 +0000 (20:09 +0800)]
docker: fix compilation with glibc

Signed-off-by: Liang Yang <ggg17226@gmail.com>
2 years agoyggdrasil: bump to 0.4.3
George Iv [Sun, 20 Feb 2022 12:00:46 +0000 (07:00 -0500)]
yggdrasil: bump to 0.4.3

Signed-off-by: George Iv <zhoreeq@users.noreply.github.com>
(cherry picked from commit ed49a0bd3a5b482bf35310c9dfdcbb9bf8cefd26)

2 years agoi2pd: Update package
R4SAS I2P [Mon, 21 Feb 2022 19:52:44 +0000 (19:52 +0000)]
i2pd: Update package

* Update to 2.41.0
* Added use AUTORELEASE

Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
(cherry picked from commit c08bb2df62297967b3bced182bd77fcebac8fc9f)

2 years agoi2pd: add service reload support
R4SAS I2P [Mon, 7 Feb 2022 19:19:14 +0000 (19:19 +0000)]
i2pd: add service reload support

Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
(cherry picked from commit b9000cf231b166bf0f098785188ad61319b7019b)

2 years agocoova-chilli: remove kmod dep on binary package
Thibaut VARÈNE [Mon, 7 Mar 2022 12:02:15 +0000 (13:02 +0100)]
coova-chilli: remove kmod dep on binary package

There is no reason for the kmod to depend on the binary package
itself, neither for building nor for installing.

That dependency prevents phase1 from building the kmod even though
support is enabled in the binary.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit 385923321bf0625b28b62f9e2538b2a3377c74bb)

2 years agocache-domains: Fixed hotplug script not running
Gerard Ryan [Tue, 8 Mar 2022 12:33:52 +0000 (22:33 +1000)]
cache-domains: Fixed hotplug script not running

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
2 years agoMerge pull request #18019 from rs/nextdns-1.37.10-openwrt-21.02
Stan Grishin [Mon, 7 Mar 2022 21:35:41 +0000 (13:35 -0800)]
Merge pull request #18019 from rs/nextdns-1.37.10-openwrt-21.02

[21.02] nextdns: Update to version 1.37.10

2 years agoMerge pull request #18012 from jefferyto/golang-1.17.8-openwrt-21.02
Josef Schlehofer [Mon, 7 Mar 2022 20:40:24 +0000 (21:40 +0100)]
Merge pull request #18012 from jefferyto/golang-1.17.8-openwrt-21.02

[openwrt-21.02] golang: Update to 1.17.8

2 years agonextdns: Update to version 1.37.10 18019/head
Olivier Poitrey [Mon, 7 Mar 2022 19:48:05 +0000 (19:48 +0000)]
nextdns: Update to version 1.37.10

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
2 years agogolang: Update to 1.17.8 18012/head
Jeffery To [Sun, 6 Mar 2022 19:34:27 +0000 (03:34 +0800)]
golang: Update to 1.17.8

Includes fix for CVE-2022-24921 (regexp: stack overflow (process exit)
handling deeply nested regexp).

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 9704e900da348449bdbc76228a56da19936d605c)

2 years agocurl: update to 7.82.0 18010/head
Stan Grishin [Sun, 6 Mar 2022 18:54:17 +0000 (18:54 +0000)]
curl: update to 7.82.0

* changelog: https://curl.se/changes.html#7_82_0

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 38b3a5f857a8b282328cb1e0ada48793bd4bcce5)

2 years agopython-twisted: Update to 22.2.0
Jeffery To [Sun, 6 Mar 2022 20:01:16 +0000 (04:01 +0800)]
python-twisted: Update to 22.2.0

Includes fix for CVE-2022-21716 (The Twisted SSH client and server
implementation naively accepted an infinite amount of data for the
peer's SSH version identifier.)

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 630d6800f284eef77426ad3980977b2e9b7896d3)

2 years agopython-twisted: Update to 22.1.0, refresh patches
Jeffery To [Tue, 15 Feb 2022 13:28:16 +0000 (21:28 +0800)]
python-twisted: Update to 22.1.0, refresh patches

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 9f3816d1c6230076db33658d29c44b0dc5c849d1)

2 years agomdnsresponder: Fix nullpointer dereference while parsing interface list
Maarten Aertsen [Fri, 25 Feb 2022 20:46:53 +0000 (21:46 +0100)]
mdnsresponder: Fix nullpointer dereference while parsing interface list

This patch was backported from https://github.com/IETF-Hackathon/mDNSResponder/commit/1fb07b9524b4afed3a826c087db4dc48a7bfdb8

(cherry picked from commit a4b33ab169a3ca60cd12c2eb5155e899779d3570)
Signed-off-by: Maarten Aertsen <spam-github@rtsn.nl>
2 years agoMerge pull request #17986 from CyberMind-FR/crowdsec-firewall-bouncer-remove-crowdsec...
Josef Schlehofer [Fri, 4 Mar 2022 13:12:25 +0000 (14:12 +0100)]
Merge pull request #17986 from CyberMind-FR/crowdsec-firewall-bouncer-remove-crowdsec-depency

[21.02] crowdsec-firewall-bouncer: remove crowdsec package dependency

2 years agocrowdsec-firewall-bouncer: remove crowdsec package dependency 17986/head
Kerma Gérald [Tue, 21 Dec 2021 12:34:15 +0000 (13:34 +0100)]
crowdsec-firewall-bouncer: remove crowdsec package dependency

Remove un-necessary crowdsec package dependency, to be able to use
crowdsec-firewall-bouncer independently from crowdsec local installation.
(with remote API)

Fix issue: https://github.com/openwrt/packages/issues/17406

Description:
  using crowdsec-firewall-bouncer on many OpenWRT devices connected
  with my domain LAPI server (which collect many crowdsec machines,
  mostly nginx), it works great. Actually, crowdsec package is not
  mandatory for that usage, it would be great if it was not a dependency.

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
(cherry picked from commit ffd97e173c913e89fcb0d2ab683fac87d03d92b4)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agokcptun: bump to v20210922
Chao Liu [Tue, 1 Mar 2022 16:35:44 +0000 (00:35 +0800)]
kcptun: bump to v20210922

Signed-off-by: Chao Liu <git@expiron.dev>
2 years agosamplicator: fix Wformat warning
Rosen Penev [Mon, 28 Feb 2022 07:25:28 +0000 (23:25 -0800)]
samplicator: fix Wformat warning

Wrong type.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 97cbb3d20a50bb22d271665af7f8837c11e267ea)

2 years agoocserv: updated to 1.1.6
Nikos Mavrogiannopoulos [Fri, 25 Feb 2022 22:53:10 +0000 (23:53 +0100)]
ocserv: updated to 1.1.6

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
2 years agoopenconnect: updated to 8.20
Nikos Mavrogiannopoulos [Fri, 25 Feb 2022 21:29:37 +0000 (22:29 +0100)]
openconnect: updated to 8.20

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
2 years agoyq: Update to 4.20.2
Tianling Shen [Tue, 22 Feb 2022 15:00:42 +0000 (23:00 +0800)]
yq: Update to 4.20.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 7254169b12a9250538d1425644dd5e6c60463598)

2 years agoMarkupSafe: update to version 2.1.0
Josef Schlehofer [Thu, 24 Feb 2022 14:46:13 +0000 (15:46 +0100)]
MarkupSafe: update to version 2.1.0

Changelog:
https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-0

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 2d10b0836df5c119fd570f00f57424ab19f59e66)

2 years agodomoticz: update to 2021.1
Rosen Penev [Tue, 15 Jun 2021 00:29:16 +0000 (17:29 -0700)]
domoticz: update to 2021.1

Remove outdated patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit edfb91f334457cb0b14c8a7bf01afa4fa9b895da)

2 years agominizip: update to 3.0.2
Rosen Penev [Tue, 15 Jun 2021 00:09:49 +0000 (17:09 -0700)]
minizip: update to 3.0.2

Add back compat header as domoticz really wants it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 953e23b0e67e04e69dc26928f21e66aaa64e2b04)

2 years agominizip: update to 3.0.1
Rosen Penev [Sat, 20 Mar 2021 23:47:53 +0000 (16:47 -0700)]
minizip: update to 3.0.1

Switch to AUTORELEASE for simplicity.

Switch to building with Ninja for faster compilation.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 0ac671880dab9214daa49bb0ac3bfe0406c5b28f)

2 years agominizip: update to 3.0.0
Rosen Penev [Sun, 21 Feb 2021 05:48:55 +0000 (21:48 -0800)]
minizip: update to 3.0.0

Switch to new upstream and switch package name.

Further disable features to avoid extra dependencies.

Build with PIC to avoid build failures with mips16.

Remove no longer needed patch. Upstream fixed it differently.

Use AUTORELEASE for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 3b812f93d6d48ffcd896b33e9ff344ad0b8572a0)

2 years agoexpat: import patches for CVEs
Michal Vasilek [Wed, 23 Feb 2022 20:34:58 +0000 (21:34 +0100)]
expat: import patches for CVEs

* import patches for CVEs from alpine 3.13

CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-23852, CVE-2022-23990
CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
2 years agonfdump: update to 1.6.23
W. Michael Petullo [Mon, 10 May 2021 16:54:30 +0000 (11:54 -0500)]
nfdump: update to 1.6.23

Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit a64e94bd462bc8d68a36b9a545b24852b294ec0e)

2 years agohtpdate: drop www.freebsd.org from default server list
Jo-Philipp Wich [Tue, 22 Feb 2022 22:28:55 +0000 (23:28 +0100)]
htpdate: drop freebsd.org from default server list

The FreeBSD project stopped publishing HTTP date headers and seeks to
limit further resource taxing by distributed htpdate clients using the
www.freebsd.org host as default time source.

Fixes: #17924
Reported-by: Allan Jude <allanjude@freebsd.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e8713180026e0cf1c9d1421e3b664fee3fa4df12)

2 years agonano: update to 6.2
Hannu Nyman [Tue, 22 Feb 2022 17:21:01 +0000 (19:21 +0200)]
nano: update to 6.2

Update nano to 6.2.
Remove inactive second maintainer.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit a3f14c51149ff0c3604baf130987ee2bf5203edb)

2 years agounbound: update to version 1.15.0 17918/head
Josef Schlehofer [Fri, 11 Feb 2022 16:00:48 +0000 (17:00 +0100)]
unbound: update to version 1.15.0

Refresh patch

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 2abe98e1343bc205d0e2fc0e6fbf32ede289ef87)

2 years agoyq: Update to 4.20.1
Tianling Shen [Thu, 17 Feb 2022 18:58:37 +0000 (02:58 +0800)]
yq: Update to 4.20.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 1578ea4383ed06a68996dfc7fe72c8b5aeda47fa)

2 years agoMerge pull request #17900 from mhei/21.02-php8-update
Michael Heimpold [Sat, 19 Feb 2022 12:22:38 +0000 (13:22 +0100)]
Merge pull request #17900 from mhei/21.02-php8-update

[21.02] php8: update to 8.0.16

2 years agoMerge pull request #17899 from mhei/21.02-php7-update
Michael Heimpold [Sat, 19 Feb 2022 12:22:31 +0000 (13:22 +0100)]
Merge pull request #17899 from mhei/21.02-php7-update

[21.02] php7: update to 7.4.28

2 years agopcapplusplus: Add new package
Michal Hrusecky [Mon, 15 Nov 2021 10:59:39 +0000 (11:59 +0100)]
pcapplusplus: Add new package

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and
crafting of network packets. It is designed to be efficient, powerful
and easy to use. It provides C++ wrappers for the most popular packet
processing engines such as libpcap, WinPcap, DPDK and PF_RING.

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 2d8e396be33463e7ba8df7f1ff3b08d0443e54cb)

2 years agoMerge pull request #17895 from jefferyto/slide-switch-0.9.7-openwrt-21.02
Josef Schlehofer [Fri, 18 Feb 2022 22:43:52 +0000 (23:43 +0100)]
Merge pull request #17895 from jefferyto/slide-switch-0.9.7-openwrt-21.02

[openwrt-21.02] slide-switch: Update to 0.9.7

2 years agovnstat2: update to version 2.9
Jan Hoffmann [Tue, 25 Jan 2022 19:10:09 +0000 (20:10 +0100)]
vnstat2: update to version 2.9

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit 948f0d29ccd825f5370d87549f8977b851db756e)

2 years agovnstat2: add hotplug script for adding interfaces
Jan Hoffmann [Wed, 27 Oct 2021 21:55:28 +0000 (23:55 +0200)]
vnstat2: add hotplug script for adding interfaces

If an interface doesn't exist yet when vnStat is started, it won't be
monitored, as only existing interfaces can be added to the database via
the vnstat command.

This adds a hotplug script which adds any configured interfaces to the
vnStat database when it goes up.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit f9ea8142601cee5542f9ba0f4e5a24e53ab59a6d)

2 years agovnstat2: fix all interfaces being monitored when none are configured
Jan Hoffmann [Thu, 21 Oct 2021 21:38:58 +0000 (23:38 +0200)]
vnstat2: fix all interfaces being monitored when none are configured

By default, vnstatd adds all available interfaces on startup when its
database is empty. The --noadd option prevents this, but it breaks
import of legacy databases, and causes vnstatd to exit immediately
after startup, which breaks reloading.

This changes the init script to add the --noadd option when no legacy
databases need to be imported, and patches vnstatd to keep running
even when no interfaces are configured.

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit ecae7dedde0ccd2a636e93620ced41bca807d405)

2 years agovnstat2: update to version 2.8
Jan Hoffmann [Fri, 10 Sep 2021 16:25:34 +0000 (18:25 +0200)]
vnstat2: update to version 2.8

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit 73fff7a4ed0687996cc43d7ad4878161b5bd21e5)

2 years agophp7: update to 7.4.28 17899/head
Michael Heimpold [Fri, 18 Feb 2022 21:40:37 +0000 (22:40 +0100)]
php7: update to 7.4.28

This fixes:
    - CVE-2021-21708

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agophp8: update to 8.0.16 17900/head
Michael Heimpold [Fri, 18 Feb 2022 21:36:10 +0000 (22:36 +0100)]
php8: update to 8.0.16

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agoslide-switch: Update to 0.9.7 17895/head
Jeffery To [Fri, 18 Feb 2022 10:24:33 +0000 (18:24 +0800)]
slide-switch: Update to 0.9.7

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 12930f4ec33dff832bfbb309b1092709ba017797)

2 years agoMerge pull request #17866 from neheb/1
Hauke Mehrtens [Thu, 17 Feb 2022 17:57:20 +0000 (17:57 +0000)]
Merge pull request #17866 from neheb/1

[21.02] ksmbd: update to 3.44

2 years agogolang: Update to 1.17.7, refresh patch
Jeffery To [Mon, 14 Feb 2022 19:31:36 +0000 (03:31 +0800)]
golang: Update to 1.17.7, refresh patch

This includes fixes for:

* CVE-2022-23772: math/big: Rat.SetString may consume large amount of
  RAM and crash

* CVE-2022-23806: crypto/elliptic: IsOnCurve returns true for invalid
  field elements

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 69c53fcb6ce58a23c51cb9c1a403f5843a565f44)

2 years agotvheadend: fix first-run
Marius Dinu [Tue, 15 Feb 2022 20:44:20 +0000 (22:44 +0200)]
tvheadend: fix first-run

The first-run command should create a new tvheadend configuration including an admin account with no name and no password, but it aborts (-A) too early without saving the files. I reported the bug here: https://tvheadend.org/issues/6140
This workaround fixes the problem by removing the tvheadend -A switch and replacing it with a 10s delay and a kill signal. That should be enough even for slow routers to generate and save the configuration. It is meant to be a temporary fix until tvheadend bug is resolved.

Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
2 years agoksmbd-tools: update to 3.4.4
Rosen Penev [Tue, 15 Feb 2022 02:31:34 +0000 (18:31 -0800)]
ksmbd-tools: update to 3.4.4

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 3ffd540b049dd521dd62f43427f61f264396ad97)

2 years agoksmbd-tools: Fix ksmbd service is semi-killed at system startup
Georgi Valkov [Sun, 28 Nov 2021 17:22:56 +0000 (19:22 +0200)]
ksmbd-tools: Fix ksmbd service is semi-killed at system startup

The configuration for the ksmbd service is auto-generated when
the OpenWRT configuration changes, and also during startup,
hence ksmbd.init has to reload the kernel module. It does that by
calling kill_server, which does not perform cleanup. This results
in ksmbd being killed but not restarted properly during boot.
This patch resolves the issue by using stop_service, which performs
proper cleanup.

https://forum.openwrt.org/t/ksmbd-samba3-4-alternative-ex-cifsd-smbd-package-support-thread/51695/68

Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
(cherry picked from commit 4af04cdc05af1e78dab310550fae5bae21d51c8c)

2 years agoksmbd: update to 3.4.4 17866/head
Rosen Penev [Tue, 15 Feb 2022 01:14:15 +0000 (17:14 -0800)]
ksmbd: update to 3.4.4

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 4adeed48797610f9e2304c84b65593c3aedf04e8)

2 years agoksmbd: update to 3.4.2
Marcos Del Sol Vives [Sun, 17 Oct 2021 11:28:51 +0000 (13:28 +0200)]
ksmbd: update to 3.4.2

Signed-off-by: Marcos Del Sol Vives <marcos@orca.pet>
(cherry picked from commit 2b48a6952a4d3283164b2e4df1bdfdc7e4c32fde)

2 years agoksmbd: update to 3.4.1
Rosen Penev [Wed, 11 Aug 2021 23:19:58 +0000 (16:19 -0700)]
ksmbd: update to 3.4.1

Add AUTORELEASE as 19.07 compatibility is not needed.

Add dependency hacks and add comments.

Add upstream patch to get rid of FS_POSIX_ACL requirement.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit c732305ad3f9f282f4601a2418c0f6595a3aa40e)

2 years agodockerd: Update to 20.10.12
Gerard Ryan [Sat, 12 Feb 2022 11:33:51 +0000 (21:33 +1000)]
dockerd: Update to 20.10.12

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
2 years agodocker: Update to 20.10.12
Gerard Ryan [Sat, 12 Feb 2022 11:32:30 +0000 (21:32 +1000)]
docker: Update to 20.10.12

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
2 years agoyq: Update to 4.19.1
Tianling Shen [Sun, 6 Feb 2022 11:57:57 +0000 (19:57 +0800)]
yq: Update to 4.19.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 4454f8bb3efb4353633e67fc4cfd38d15cf678f6)

2 years agodtc: drop package
Rafał Miłecki [Mon, 3 Jan 2022 12:47:45 +0000 (13:47 +0100)]
dtc: drop package

It has been imported as core package into OpenWrt repository. Its fdtget
is required by sysupgrade on U-Boot devices so it couldn't live in an
extra feed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c8d4c89daae4c406f3744ca52c7451fe07c9a59e)

2 years agoknot: update to 3.1.6
Jan Hák [Wed, 9 Feb 2022 13:16:04 +0000 (14:16 +0100)]
knot: update to 3.1.6

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit 4de863e418f80cd52293e1ae0de153dcc2cb7141)

2 years agoknot: update to 3.1.5
Jan Hák [Tue, 21 Dec 2021 14:44:57 +0000 (15:44 +0100)]
knot: update to 3.1.5

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit 2a56e478f57faad7a4346f5aef843bae517027e7)

2 years agonano: update to 6.1
Hannu Nyman [Wed, 9 Feb 2022 16:26:49 +0000 (18:26 +0200)]
nano: update to 6.1

Update nano to version 6.1.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 717efb8c9622cc73bc8ab1c4ac2e67252b9c4401)

2 years agoxray-core: Update to 1.5.3
Tianling Shen [Fri, 4 Feb 2022 09:34:24 +0000 (17:34 +0800)]
xray-core: Update to 1.5.3

Removed outdated `alterId` in sample config.

Updated geodata to latest version while at it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit d8d261fe2d728213d60d12c9a247e057926d79d2)

2 years agoruby: update to 3.0.3
Michal Vasilek [Fri, 4 Feb 2022 14:04:17 +0000 (15:04 +0100)]
ruby: update to 3.0.3

* fixes CVE-2021-41817, CVE-2021-41816 and CVE-2021-41819

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit 51cf0dc2cc4b159bc80b70c90ed1c1abe1f59936)

2 years agoMerge pull request #17812 from stangri/openwrt-21.02
Stan Grishin [Sun, 6 Feb 2022 06:12:14 +0000 (22:12 -0800)]
Merge pull request #17812 from stangri/openwrt-21.02

[21.02] https-dns-proxy: init script refactoring

2 years agohttps-dns-proxy: init script refactoring 17812/head
Stan Grishin [Sun, 6 Feb 2022 05:58:03 +0000 (05:58 +0000)]
https-dns-proxy: init script refactoring

* consolidate dnsmasq config manipulation into one function
* more elegant code for PROCD data processing (Thanks @jow-!)

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 88265c4fb93e42e7f96ee555019715e78639f093)

2 years agoslide-switch: Update to 0.9.6
Jeffery To [Fri, 4 Feb 2022 11:22:06 +0000 (19:22 +0800)]
slide-switch: Update to 0.9.6

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit c5e0785795a1810adac661fe7ffe458e6d85d71f)

2 years agoffmpeg: update to version 4.3.3
Josef Schlehofer [Sat, 29 Jan 2022 10:34:56 +0000 (11:34 +0100)]
ffmpeg: update to version 4.3.3

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit a68e9db8d4c3a29c86261cd6bb1933fab1cc3a35)

2 years agotinyionice: add package
Michal Vasilek [Thu, 3 Feb 2022 18:52:50 +0000 (19:52 +0100)]
tinyionice: add package

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit bb801a5a6fa287eb4d17f7f4372285d3a5aec9fd)

2 years agoyq: Update to 4.18.1
Tianling Shen [Sun, 30 Jan 2022 06:02:57 +0000 (14:02 +0800)]
yq: Update to 4.18.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit c665f0b50c391a78fc664673ce6bbeea64f477a8)

2 years agoyq: Update to 4.17.2
Tianling Shen [Sun, 23 Jan 2022 09:49:01 +0000 (17:49 +0800)]
yq: Update to 4.17.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 029b37aad0e2a72f58c28aaa89cb3ca339be32d3)

2 years agoMerge pull request #17737 from JonnyTischbein/telegraf-1.21.3-openwrt_21.02
Josef Schlehofer [Thu, 3 Feb 2022 15:24:02 +0000 (16:24 +0100)]
Merge pull request #17737 from JonnyTischbein/telegraf-1.21.3-openwrt_21.02

telegraf: add package version 1.21.3 to openwrt 21.02

2 years agoapache2: security update to version 2.4.52
Josef Schlehofer [Fri, 28 Jan 2022 16:05:28 +0000 (17:05 +0100)]
apache2: security update to version 2.4.52

Fixes CVEs:
- CVE-2021-44790
- CVE-2021-44224

Refreshed patches

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 6c6c99ffb54f06031443c17023bd9891c449410b)

2 years agobind: bump to 9.18.0
Noah Meyerhans [Tue, 1 Feb 2022 05:04:14 +0000 (21:04 -0800)]
bind: bump to 9.18.0

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit 127ef1207ba0484fadb224a46155a46b48150e34)

2 years agoMerge pull request #17764 from stangri/openwrt-21.02
Stan Grishin [Wed, 2 Feb 2022 17:12:45 +0000 (09:12 -0800)]
Merge pull request #17764 from stangri/openwrt-21.02

[21.02] https-dns-proxy: update to 2021-11-22-1

2 years agocrowdsec: update from latest upstream release 1.3.0
Kerma Gérald [Wed, 26 Jan 2022 08:45:39 +0000 (09:45 +0100)]
crowdsec: update from latest upstream release 1.3.0

Changes (from 1.2.3):
https://github.com/crowdsecurity/crowdsec/compare/v1.2.3...v1.3.0

(cherry picked from commit d2fd1f8346de74caf6b069bd61fa9d358d0789f6)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agowg-installer: use babeld add_interface function
Nick Hainke [Tue, 1 Feb 2022 20:56:23 +0000 (21:56 +0100)]
wg-installer: use babeld add_interface function

With commit 385200443554 ("babeld: add add_interface function") babeld
has a new ubus function allowing to dynamically add an interface.

Before the add_interface function, we were required to reload babeld.
The reload influenced the babeld routing. However, the remove part is
still missing and will be added at a later stage.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 40b87aac950db3e310b6a353392a7ecd66e7c6f2)

2 years agocrowdsec-firewall-bouncer: fix name in initd to start the process
Kerma Gérald [Sat, 15 Jan 2022 07:33:46 +0000 (08:33 +0100)]
crowdsec-firewall-bouncer: fix name in initd to start the process

crowdsec rename the binary from crowdsec-firewall-bouncer to cs-firewall-bouncer
the initd need the correct binary name to start the process
the link for github source need also to be fixed (only the information one)
fix the BuildDate
updated copyright

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
(cherry picked from commit d6b116cb43802048d883a13e2d2e95eea76ad565)

2 years agonano: Add a plus variant with more features
Hannu Nyman [Tue, 1 Feb 2022 21:41:59 +0000 (23:41 +0200)]
nano: Add a plus variant with more features

Nano is by default built as "tiny" with most features disabled.
That is suitable for basic tasks in routers with small flash.

Add a new nano-plus variant that enables selected additional
features in the build config:
 * multiple files (multibuffer)
 * Unicode/utf8
 * justify
 * .nanorc support
 * help
 * also some key bindings get enabled as "tiny" configure option
   is removed.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 85cb71d8d81af3c549406d5f42080ed58be9b9b0)

2 years agohttps-dns-proxy: update to 2021-11-22-1 17764/head
Stan Grishin [Mon, 31 Jan 2022 21:42:59 +0000 (21:42 +0000)]
https-dns-proxy: update to 2021-11-22-1

* update to 2021-11-22 upstream source
* update patch file
* update init script to preserve manual entries
(fixes https://github.com/stangri/source.openwrt.melmac.net/issues/149)
* update init script service_triggers

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 1e5e7ce469b1df0e2481ea2f0f65521c44531182)

2 years agodawn: update to 2022-01-17 17552/head
Nick Hainke [Mon, 17 Jan 2022 09:16:59 +0000 (10:16 +0100)]
dawn: update to 2022-01-17

877e2dc iwinfo: fix get_bandwidth_iwinfo
9ce01ec datastorage: fix multi-SSID
9187665 treewide: improve maintaince
6bf9b6d memory: Tighten up some memory handling to help spot errors
4df0c98 treewide: improve logging

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 7cb73ae3b9d0f7cf3f5846bd76cffac6feaa5ef7)

2 years agopython-dns: update to version 2.1.0
Josef Schlehofer [Thu, 30 Dec 2021 19:02:47 +0000 (20:02 +0100)]
python-dns: update to version 2.1.0

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 447c6fd57b5ed92f82ab9945e1bd350f3e4866d5)

2 years agoprosody: update to version 0.11.13
Josef Schlehofer [Fri, 28 Jan 2022 14:48:47 +0000 (15:48 +0100)]
prosody: update to version 0.11.13

Fixes CVEs:
- CVE-2022-0217
- CVE-2021-37601
- CVE-2021-32918
- CVE-2021-32920
- CVE-2021-32921
- CVE-2021-32917
- CVE-2021-32919

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit dcedbe802744102b215835f1dd53bc2bb5756807)

2 years agotelegraf: Update package to version 1.21.3 17737/head
Jonathan Pagel [Sat, 29 Jan 2022 10:39:06 +0000 (11:39 +0100)]
telegraf: Update package to version 1.21.3

Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit 912bb2c803e7e6d1c0020a59e08fab72d077a7a7)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
2 years agotelegraf: Move config file to /etc/telegraf.conf because
Jonathan Pagel [Sun, 31 Oct 2021 16:43:25 +0000 (17:43 +0100)]
telegraf: Move config file to /etc/telegraf.conf because
/etc/config is the default uci folder. Also marking it as
configuration file prevents overwriting it on updates.

Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit abb33331e532b1de40adea6553589770b3e9ddb9)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>