Florian Eckert [Mon, 17 Oct 2022 13:16:40 +0000 (15:16 +0200)]
mwan3: update to 2.11.3
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Wed, 8 Sep 2021 09:33:55 +0000 (11:33 +0200)]
mwan3: only send disconnected event if interface was connected before
Up to now on every interface down event a mwan3 disconnected event was
send. This is wrong because if the interface was never connected, then a
disconnected event should not get generated. This commit fixes this bug.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Wed, 14 Sep 2022 12:46:58 +0000 (14:46 +0200)]
mwan3: change log message on already added route
Only show message on already set route, if debugging is enabled.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Stan Grishin [Mon, 17 Oct 2022 06:57:41 +0000 (23:57 -0700)]
Merge pull request #19611 from stangri/master-https-dns-proxy
https-dns-proxy: upstream bugfix for ca_info
Michael Heimpold [Mon, 17 Oct 2022 05:42:47 +0000 (07:42 +0200)]
Merge pull request #19614 from mhei/libxml2-update-2.10.3
libxml2: update to 2.10.3
Florian Eckert [Mon, 17 Oct 2022 05:05:22 +0000 (07:05 +0200)]
Merge pull request #19606 from Gingernut1978/samba4
samba4: change perl dependency to fix menuconfig
Josef Schlehofer [Sun, 16 Oct 2022 22:22:14 +0000 (00:22 +0200)]
Merge pull request #18709 from paper42/tailscale-version
tailscale: fix --version
Daniel Golle [Sun, 16 Oct 2022 19:29:08 +0000 (20:29 +0100)]
libksba: update to version 1.6.2
Noteworthy changes in version 1.6.2 (2022-10-07) [C22/A14/R2]
------------------------------------------------
* Fix integer overflow in the CRL parser. [rK4b7d9cd4a0]
Release-info: https://dev.gnupg.org/T6230
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 16 Oct 2022 19:26:01 +0000 (20:26 +0100)]
auc: update to version 0.3.2
* fixes segfault when requesting downgrade
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Michael Heimpold [Sun, 16 Oct 2022 17:57:59 +0000 (19:57 +0200)]
libxml2: update to 2.10.3
This fixes:
- CVE-2022-40303
- CVE-2022-40304
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Stan Grishin [Sun, 16 Oct 2022 12:04:51 +0000 (12:04 +0000)]
https-dns-proxy: upstream bugfix for ca_info
* upstream bugfix: Add a forgotten 'NULL' initialize for ca_info
if not manually set
* make init script PKG_VERSION variable readonly so that a
shellcheck excettion can be removed
* add procd interface trigger to 'wan6' if IPv6 wan interface name
cannot be obtained on start
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Andrew Sim [Fri, 14 Oct 2022 17:47:28 +0000 (19:47 +0200)]
samba4: change perl dependency to fix menuconfig
Adding perlbase-json-pp to samba4-libs dependencies was the wrong approach and caused
samba packages not to be offered by menuconfig. AFAIK perlbase-json-pp is a perl helper
to building samba4 and seems to be already included in perl/host so use that instead to
fix the menuconfig issues.
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Josef Schlehofer [Fri, 14 Oct 2022 14:13:09 +0000 (16:13 +0200)]
Revert "wget: update to 1.21.3"
With the newer wget version, wget-nossl can not be compiled due to
missing library, so let's revert it.
Package wget-nossl is missing dependencies for the following libraries:
libnettle.so.8
This reverts commit
5075f5b7010617ba916f251b418ef7c79b760b0a.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Daniel Golle [Thu, 13 Oct 2022 18:46:52 +0000 (19:46 +0100)]
auc: update to 0.3.1
Remove wrongly placed 'break' statement to actually jump to the most
recent version of a release branch.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hannu Nyman [Thu, 13 Oct 2022 17:25:02 +0000 (19:25 +0200)]
Merge pull request #19577 from PolynomialDivision/update-wget-1-21-3
wget: update to 1.21.3
Daniel Golle [Mon, 10 Oct 2022 03:30:55 +0000 (04:30 +0100)]
auc: update to version 0.3.0
Most notably this brings support for processing package changes such
as suggesting to replace firewall with firewall4 when updating from
21.02.x -> 22.03.y release.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Nick Hainke [Mon, 10 Oct 2022 06:31:29 +0000 (08:31 +0200)]
wget: update to 1.21.3
Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2022-02/msg00017.html
Remove the patch "100-fix-sts-time". This patch was replaced upstream by
several other fixes, see:
https://git.savannah.gnu.org/cgit/wget.git/log/src/hsts.c
Signed-off-by: Nick Hainke <vincent@systemli.org>
Michal Vasilek [Wed, 12 Oct 2022 17:30:37 +0000 (19:30 +0200)]
tailscale: add version tests
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Michal Vasilek [Wed, 12 Oct 2022 17:29:55 +0000 (19:29 +0200)]
tailscale: fix -version
tailscale version, tailscaled -version and the web UI reported the wrong
version number which doesn't cause any issues, but it can be confusing.
This is fixed by specifying the version in go ldflags similar to how
it's done in many other go packages and the official tailscale Dockerfile.
version.Long version can not be specified in GO_PKG_LDFLAGS_X because it
contains a space and GO_PKG_LDFLAGS_X is always split at a space.
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Florian Eckert [Wed, 12 Oct 2022 13:35:42 +0000 (15:35 +0200)]
Merge pull request #19588 from pymumu/master
smartdns: update to 1.2022.38.1
Nick Peng [Wed, 12 Oct 2022 12:12:03 +0000 (20:12 +0800)]
smartdns: update to 1.2022.38.1
Signed-off-by: Nick Peng <pymumu@gmail.com>
Florian Eckert [Wed, 12 Oct 2022 10:12:10 +0000 (12:12 +0200)]
Merge pull request #19574 from Gingernut1978/arp-scan
arp-scan: update to latest 1.9.8
Andrew Sim [Wed, 12 Oct 2022 09:06:03 +0000 (11:06 +0200)]
arp-scan: update to latest 1.9.8 release
Maintainer: Sergey Urushkin urusha.v1.0@gmail.com
Compile tested: mediatek:mt7622
Run tested: mediatek:mt7622
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Alexandru Ardelean [Sat, 8 Oct 2022 19:08:29 +0000 (22:08 +0300)]
django-restframework: bump to version 3.14.0
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Josef Schlehofer [Tue, 11 Oct 2022 15:55:38 +0000 (17:55 +0200)]
Merge pull request #19584 from paper42/python3-update-master
python3: update to 3.10.7
Nick Hainke [Mon, 10 Oct 2022 06:24:44 +0000 (08:24 +0200)]
xz: update to 5.2.7
Update to latest version. No release notes available.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Michal Vasilek [Mon, 10 Oct 2022 13:39:46 +0000 (15:39 +0200)]
python3: update to 3.10.7
* fixes CVE-2021-28861
* adjust pip and setuptools versions
* refresh patches
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Florian Eckert [Mon, 10 Oct 2022 11:58:37 +0000 (13:58 +0200)]
Merge pull request #19582 from TDT-AG/pr/
20221022-stunnel
stunnel: update version to 5.66
Florian Eckert [Mon, 26 Sep 2022 13:22:34 +0000 (15:22 +0200)]
stunnel: update version to 5.66
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Stan Grishin [Mon, 10 Oct 2022 10:55:23 +0000 (03:55 -0700)]
Merge pull request #19579 from ynezz/upstream/fix-curl-wolfssl
curl: error out if wolfSSL is not usable
Petr Štetiar [Mon, 10 Oct 2022 08:47:55 +0000 (10:47 +0200)]
curl: error out if wolfSSL is not usable
When we explicitly declare, that we would like to have curl built with
wolfSSL support using `--with-wolfssl` configure option, then we should
make sure, that we either endup with curl having that support, or it
shouldn't be available at all, otherwise we risk, that we end up with
regressions like following:
configure:25299: checking for wolfSSL_Init in -lwolfssl
configure:25321: x86_64-openwrt-linux-musl-gcc -o conftest [snip]
In file included from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/dsa.h:33,
from target-x86_64_musl/usr/include/wolfssl/wolfcrypt/asn_public.h:35,
from target-x86_64_musl/usr/include/wolfssl/ssl.h:35,
from conftest.c:47:
target-x86_64_musl/usr/include/wolfssl/wolfcrypt/integer.h:37:14: fatal error: wolfssl/wolfcrypt/sp_int.h: No such file or directory
#include <wolfssl/wolfcrypt/sp_int.h>
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
and in the end thus produce curl without https support:
curl: (1) Protocol "https" not supported or disabled in libcurl
So fix it, by making the working wolfSSL mandatory and error out in
configure step when that's not the case:
checking for wolfSSL_Init in -lwolfssl... no
configure: error: --with-wolfssl but wolfSSL was not found or doesn't work
References: #19005, #19547
Upstream-Status: Accepted [https://github.com/curl/curl/pull/9682]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Rob Ekl [Wed, 28 Sep 2022 02:05:31 +0000 (21:05 -0500)]
unbound: update control cert uci processing
Signed-off-by: Rob Ekl <ekl.rob@gmail.com>
Nikos Mavrogiannopoulos [Sun, 9 Oct 2022 07:35:38 +0000 (09:35 +0200)]
Merge pull request #19564 from PolynomialDivision/update-gnutls-3-7-8
gnutls: update to 3.7.8
Alexandru Ardelean [Sun, 9 Oct 2022 05:12:47 +0000 (08:12 +0300)]
Merge pull request #19451 from graysky2/rsyncfix
rsync: incorporate upstream fixes
Alexandru Ardelean [Sun, 9 Oct 2022 05:11:16 +0000 (08:11 +0300)]
Merge pull request #19538 from mhei/libzip-update-1.9.2
libzip: update to 1.9.2
Alexandru Ardelean [Sun, 9 Oct 2022 05:10:48 +0000 (08:10 +0300)]
Merge pull request #19546 from PolynomialDivision/update-iperf3
iperf3: update to 3.12
Alexandru Ardelean [Sun, 9 Oct 2022 05:10:10 +0000 (08:10 +0300)]
Merge pull request #19535 from qweaszxcdf/patch-3
rrdtool: update PKG_SOURCE_URL
Alexandru Ardelean [Sun, 9 Oct 2022 05:08:19 +0000 (08:08 +0300)]
Merge pull request #19554 from commodo/numpy
numpy: bump to version 1.23.3
Alexandru Ardelean [Sun, 9 Oct 2022 05:07:55 +0000 (08:07 +0300)]
Merge pull request #19552 from commodo/python-pytz
python3-pytz: bump to version 2022.4
Nick Hainke [Sat, 8 Oct 2022 22:22:27 +0000 (00:22 +0200)]
gnutls: update to 3.7.8
Release Notes:
https://lists.gnupg.org/pipermail/gnutls-help/2022-September/004765.html
Signed-off-by: Nick Hainke <vincent@systemli.org>
Tianling Shen [Sat, 8 Oct 2022 06:24:38 +0000 (14:24 +0800)]
cloudflared: Update to 2022.10.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Sat, 8 Oct 2022 06:25:38 +0000 (14:25 +0800)]
yq: Update to 4.28.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Thomas Huehn [Sat, 8 Oct 2022 13:11:17 +0000 (15:11 +0200)]
cpusage: add new package
This PR adds the new package "cpusage" to OpenWrt packages.
Cpusage is a small utility that prints cpu usage per second as output.
Signed-off-by: Thomas Huehn <thomas.huehn@hs-nordhausen.de>
David Bauer [Sat, 8 Oct 2022 02:00:50 +0000 (04:00 +0200)]
Merge pull request #19529 from blocktrron/qcsuper
qcsuper: add Package w/ necessary dependencies
Stan Grishin [Fri, 7 Oct 2022 21:27:38 +0000 (14:27 -0700)]
Merge pull request #19543 from stangri/master-https-dns-proxy
https-dns-proxy: update to 2022-08-12-1
Alexandru Ardelean [Tue, 1 Feb 2022 07:08:01 +0000 (09:08 +0200)]
numpy: bump to version 1.23.3
Also bump Cython version to 0.29.32
And yeeeey: zip -> tar.gz
And they fixed the Intel AVX extension stuff/detection.
Which is why I deferred updating it until now.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Andrew Sim [Thu, 6 Oct 2022 21:17:28 +0000 (23:17 +0200)]
samba4: remove duplicate entry from libldb-fix-musl-libc-unkown-type-error.patch
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Andrew Sim [Thu, 6 Oct 2022 20:44:23 +0000 (22:44 +0200)]
samba4: update to 4.17.0
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Nick Hainke [Fri, 7 Oct 2022 08:25:06 +0000 (10:25 +0200)]
iperf3: update to 3.12
Release Notes:
https://groups.google.com/g/iperf-dev/c/_DgSWrpl9Gk?pli=1
Signed-off-by: Nick Hainke <vincent@systemli.org>
Florian Eckert [Fri, 7 Oct 2022 07:40:01 +0000 (09:40 +0200)]
Merge pull request #19486 from TELUS-BBA/zabbix_ssl
zabbix: add variants for SSL support
Alexandru Ardelean [Fri, 7 Oct 2022 07:34:15 +0000 (10:34 +0300)]
python3-pytz: bump to version 2022.4
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Alexandru Ardelean [Fri, 7 Oct 2022 07:32:29 +0000 (10:32 +0300)]
Merge pull request #19453 from commodo/stress-ng
stress-ng: bump to version 0.14.05
Alexandru Ardelean [Sun, 25 Sep 2022 14:12:03 +0000 (17:12 +0300)]
stress-ng: bump to version 0.14.06
no longer needed: 010-dont_define_fortify.patch
upstreamed: 020-stress-sysinval-fix-fstat-fstat64-compat-check.patch
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Stan Grishin [Fri, 7 Oct 2022 06:26:21 +0000 (06:26 +0000)]
https-dns-proxy: update to 2022-08-12-1
* update to upstream version 2022-08-12
* add ca_certs_file option for CA certs file for curl
* add procd_add_interface_trigger for wan6 (hopefully fixes
https://github.com/openwrt/packages/issues/19531)
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Daniel Golle [Thu, 6 Oct 2022 15:48:23 +0000 (16:48 +0100)]
snowflake: update to version 2.3.1
03b2b56f Fix broker race condition
36f03dfd Record proxy type for proxy relay stats
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 6 Oct 2022 15:34:05 +0000 (16:34 +0100)]
perl-net-dns: update to version 1.35
**** 1.35 Oct 4, 2022
Improve SVCB error reporting.
Fix rt.cpan.org #144328
accept_reply test fails with matched consecutive "random"
generated packet->id
Fix rt.cpan.org #144299
Spelling errors.
**** 1.34 May 30, 2022
Improve robustness of EDNS option compose/decompose functions.
Simplify code in Makefile.PL.
Fix rt.cpan.org #142426
Avoid "Useless use of a constant in void context" warning.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 6 Oct 2022 15:32:29 +0000 (16:32 +0100)]
pcsc-lite: update to verion 1.9.9
1.9.9: Ludovic Rousseau
11 September 2022
- SCardEstablishContext() may return SCARD_W_SECURITY_VIOLATION if refused by Polkit
- Fix SCardReleaseContext() failure on orphan handles
- Fix SCardDisconnect() on orphan handle
- pcsc-spy: log the pioSendPci & pioRecvPci SCardTransmit() parameters
- Improve the log from pcscd: log the return code in text instead of hex
- Some other minor improvements
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 6 Oct 2022 15:27:31 +0000 (16:27 +0100)]
gawk: update to version 5.2.0
For changes see ChangeLog file[1].
[1]: https://git.savannah.gnu.org/cgit/gawk.git/plain/ChangeLog?h=gawk-5.2.0
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 6 Oct 2022 14:24:28 +0000 (15:24 +0100)]
libksba: update to version 1.6.1
Update to stable release 1.6.1.
See commit log since version 1.6.0 for changes[1].
[1]: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=shortlog;h=
d3c1e063d708a46ef39152256f8b1ea466b61be0
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Eneas U de Queiroz [Thu, 6 Oct 2022 13:02:59 +0000 (10:02 -0300)]
gnunnet: halt build if any command fails
There are many places in the packages' install recipes whith multiple
commands being executed in the same shell invocation, separated with a
semicolon (;). The return status will depend only on the last command
being run. The same thing happens in loops, where only the last file
will determine the result of the command.
Change the ';' to '&&', and exit the loop if any operation fails.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Eneas U de Queiroz [Thu, 6 Oct 2022 13:02:59 +0000 (10:02 -0300)]
gnunnet: don't copy non-existing files
There are six places pointing to files that do not exist any more:
- gns-import.sh in package gnunet-gns (dropped in v0.11.0)
- libgnunetdnsstub.so* in gnunet-vpn (integrated into util in v0.11.0)
- libgnunettun.so* in gnunet-vpn (integrated into util in v0.11.0)
- gnunet-service-ats-new in package gnunet (dropped in v0.12.0)
- libgnunetreclaimattribute.so.* (integrated into reclaim in v0.13.0)
- libgnunetabe.so.* in gnunet-reclaim (dropped in v0.17.2)
They were not noticed because their failing copy commands were part of
loops in which only the last operation had its exit status checked.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Eneas U de Queiroz [Thu, 6 Oct 2022 13:00:54 +0000 (10:00 -0300)]
gnunet: gnunet-rest: add libjose dependency
According to the package's configure.ac, reclaimID OpenID Connect plugin
depends on jose. It is installed by the gnunet-rest plugin package:
libgnunnetrest_openid_connect.so.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Michael Heimpold [Thu, 6 Oct 2022 19:06:05 +0000 (21:06 +0200)]
libzip: update to 1.9.2
Also drop already mainlined patch.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Glen Huang [Tue, 4 Oct 2022 12:59:42 +0000 (20:59 +0800)]
acme: remove help info of unused command
Signed-off-by: Glen Huang <i@glenhuang.com>
Glen Huang [Tue, 4 Oct 2022 12:59:22 +0000 (20:59 +0800)]
acme: fix acmesh dnsapi dependencies
Signed-off-by: Glen Huang <i@glenhuang.com>
Scott Roberts [Thu, 6 Oct 2022 12:44:03 +0000 (06:44 -0600)]
zabbix: add variants for SSL support
opkg does not offer ssl varients:
zabbix-agentd
zabbix-sender
zabbix-get
zabbix-proxy
zabbix-server
resolve this by adding ssl varients.
Signed-off-by: Scott Roberts <ttocsr@gmail.com>
Florian Eckert [Thu, 6 Oct 2022 11:03:01 +0000 (13:03 +0200)]
Merge pull request #19476 from TDT-AG/pr/
20220928-lcd4linux
lcd4linux: minor init improvments
David Bauer [Mon, 12 Sep 2022 00:41:27 +0000 (02:41 +0200)]
qcsuper: add package
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Mon, 12 Sep 2022 00:41:14 +0000 (02:41 +0200)]
python-pycrate: add package
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Mon, 12 Sep 2022 00:40:46 +0000 (02:40 +0200)]
python-crcmod: add package
Signed-off-by: David Bauer <mail@david-bauer.net>
Josef Schlehofer [Thu, 6 Oct 2022 09:45:23 +0000 (11:45 +0200)]
Merge pull request #19372 from cotequeiroz/libgd
libgd: avoid recursive and redundant dependencies
Alexandru Ardelean [Fri, 23 Sep 2022 11:59:42 +0000 (14:59 +0300)]
django: bump to version 4.1.1
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Michael Heimpold [Thu, 6 Oct 2022 05:40:56 +0000 (07:40 +0200)]
Merge pull request #19534 from mhei/php8-pecl-http-update-4.2.3
php8-pecl-http: update to 4.2.3
Philip Prindeville [Wed, 5 Oct 2022 22:01:33 +0000 (16:01 -0600)]
Merge pull request #19532 from pprindeville/isc-dhcp-drop-gratuitous-named-reload
isc-dhcp: avoid gratuitous reload of named
Hirokazu MORIKAWA [Wed, 5 Oct 2022 02:27:26 +0000 (11:27 +0900)]
node: bump to v16.17.1
The following CVEs are fixed in this release:
* CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
* Insufficient fix for macOS devices on v18.5.0
* CVE-2022-32222: Node 18 reads openssl.cnf from /home/iojs/build/ upon startup on MacOS (Medium)
* CVE-2022-32213: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)
* Insufficient fix on v18.5.0
* CVE-2022-32215: HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)
* Insufficient fix on v18.5.0
* CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)
* CVE-2022-35255: Weak randomness in WebCrypto keygen
More detailed information on each of the vulnerabilities can be found in September 22nd 2022 Security Releases blog post.
llhttp updated to 6.0.10
llhttp is updated to 6.0.10 which includes fixes for the following vulnerabilities.
* HTTP Request Smuggling - CVE-2022-32213 bypass via obs-fold mechanic (Medium)(CVE-2022-32213 ): The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
* HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)(CVE-2022-32215): The llhttp parser in the http module does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
* HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)(CVE-35256): The llhttp parser in the http does not correctly handle header fields that are not terminated with CLRF. This can lead to HTTP Request Smuggling (HRS).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Glenn Strauss [Sat, 1 Oct 2022 07:58:16 +0000 (03:58 -0400)]
lighttpd: remove deprecated modules
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Ryan Shi [Wed, 5 Oct 2022 19:35:57 +0000 (03:35 +0800)]
rrdtool: update PKG_SOURCE_URL
Signed-off-by: Ryan Shi <qweaszxcdf@users.noreply.github.com>
Michael Heimpold [Wed, 5 Oct 2022 18:52:38 +0000 (20:52 +0200)]
php8-pecl-http: update to 4.2.3
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Philip Prindeville [Wed, 5 Oct 2022 17:18:33 +0000 (11:18 -0600)]
isc-dhcp: avoid gratuitous reload of named
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Florian Eckert [Wed, 5 Oct 2022 14:27:46 +0000 (16:27 +0200)]
Merge pull request #19520 from dyarkovoy/master
mwan3: support offload routing modifier
Denys Yarkovyi [Tue, 4 Oct 2022 07:27:16 +0000 (00:27 -0700)]
mwan3: support offload routing modifier
Signed-off-by: Denys Yarkovyi <dyarkovoy@gmail.com>
Stan Grishin [Wed, 5 Oct 2022 06:41:06 +0000 (23:41 -0700)]
Merge pull request #19527 from stangri/master-https-dns-proxy
https-dns-proxy: add settings for canary domains
Stan Grishin [Tue, 4 Oct 2022 22:07:52 +0000 (22:07 +0000)]
https-dns-proxy: add settings for canary domains
* add setting to enable/disable blocking access to iCloud Private Relay resolvers
* add setting to enable/disable blocking access to Mozilla resolvers
* rename variables loaded from config in the init script
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Stan Grishin [Tue, 4 Oct 2022 22:06:09 +0000 (15:06 -0700)]
Merge pull request #19525 from stangri/master-https-dns-proxy
https-dns-proxy: bugfix: prevent canary domains duplicates
Stan Grishin [Tue, 4 Oct 2022 21:25:42 +0000 (21:25 +0000)]
https-dns-proxy: bugfix: prevent canary domains duplicates
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Petr Štetiar [Mon, 3 Oct 2022 17:03:15 +0000 (19:03 +0200)]
treewide: fix security issues by bumping all packages using libwolfssl
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit
ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.
Same bump has been done in buildroot in commit
f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Florian Eckert [Thu, 29 Sep 2022 14:19:53 +0000 (16:19 +0200)]
lcd4linux: add debug option
Setting the DEBUG variable in the init script to '1' enables the
lcd4linux verbose mode, by setting the arg '-vv'. The option also
redirects the error and stdout to the syslog.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Michael Heimpold [Tue, 4 Oct 2022 05:25:06 +0000 (07:25 +0200)]
Merge pull request #19512 from mhei/php8-update-8.1.11
php8: update to 8.1.11
Stan Grishin [Tue, 4 Oct 2022 03:59:51 +0000 (20:59 -0700)]
Merge pull request #19501 from stangri/master-simple-adblock
simple-adblock: allow domains bugfix & canary domains support
Nick Hainke [Fri, 30 Sep 2022 10:03:05 +0000 (12:03 +0200)]
expat: update to 2.4.9
Fixes CVE-2022-40674.
Release Notes:
- https://github.com/libexpat/libexpat/blob/R_2_4_8/expat/Changes
- https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes
Signed-off-by: Nick Hainke <vincent@systemli.org>
Andrew Sim [Sat, 1 Oct 2022 10:12:34 +0000 (12:12 +0200)]
samba4: update waf-cross-answers
* update waf-cross-answers for 4.14.x
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Andrew Sim [Sat, 1 Oct 2022 10:09:32 +0000 (12:09 +0200)]
samba4: update to 4.14.14
* update to 4.14.14
* fixes: CVE-2022-2031, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746, CVE-2022-32742
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
Javier Marcet [Sun, 2 Oct 2022 16:58:15 +0000 (18:58 +0200)]
python-stem: update to v1.8.1
Signed-off-by: Javier Marcet <javier@marcet.info>
Michael Heimpold [Mon, 3 Oct 2022 09:08:08 +0000 (11:08 +0200)]
php8: update to 8.1.11
This fixes:
- CVE-2022-31628
- CVE-2022-31629
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Michael Heimpold [Mon, 3 Oct 2022 08:01:29 +0000 (10:01 +0200)]
Merge pull request #19478 from mhei/libmodbus-update-3.1.8
libmodbus: update to 3.1.8
Michael Heimpold [Mon, 3 Oct 2022 08:01:15 +0000 (10:01 +0200)]
Merge pull request #19497 from mhei/php8-ext-sodium
php8: php8-pecl-sodium with php8-mod-sodium (refs #18997)
Vladimir Ulrich [Sun, 2 Oct 2022 02:26:50 +0000 (05:26 +0300)]
zoneinfo: updated to the latest release
Signed-off-by: Vladimir Ulrich <admin@evl.su>
Tianling Shen [Sun, 2 Oct 2022 04:58:23 +0000 (12:58 +0800)]
gg: Update to 0.2.13
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Sun, 2 Oct 2022 04:55:46 +0000 (12:55 +0800)]
dnsproxy: Update to 0.45.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Sun, 2 Oct 2022 04:57:25 +0000 (12:57 +0800)]
cloudflared: Update to 2022.9.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
projects / feed / packages.git / log