feed/packages.git
12 months agoapinger: fixed bugs in apinger.init and apinger.rpc 22437/head
Jochen Dolze [Wed, 25 Oct 2023 16:58:12 +0000 (16:58 +0000)]
apinger: fixed bugs in apinger.init and apinger.rpc

Fix bug in init_apinger_config - debug/status_interval/rrd_interval were never set correctly
Fix bug in apinger_status - send and receive were swapped
Fix bug in apinger_status - added ability to use ipv6 on wan6

Signed-off-by: Jochen Dolze <jochen.dolze@schulergroup.com>
13 months agoMerge pull request #22427 from Linaro1985/update_mm_1.22.0
Florian Eckert [Wed, 18 Oct 2023 06:49:10 +0000 (08:49 +0200)]
Merge pull request #22427 from Linaro1985/update_mm_1.22.0

modemmanager: bump to 1.22.0

13 months agomodemmanager: bump to 1.22.0 22427/head
Maxim Anisimov [Tue, 17 Oct 2023 12:22:14 +0000 (15:22 +0300)]
modemmanager: bump to 1.22.0

- switch to builtin plugins
- import upstream patch for fixing support of ublox LARA-R6001 / LARA-R6001D modules
  (see: https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/779)

Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
13 months agoMerge pull request #22422 from stangri/master-https-dns-proxy
Stan Grishin [Wed, 18 Oct 2023 00:30:10 +0000 (18:30 -0600)]
Merge pull request #22422 from stangri/master-https-dns-proxy

13 months agonode: Friday October 13 2023 Security Releases
Hirokazu MORIKAWA [Tue, 17 Oct 2023 00:26:24 +0000 (09:26 +0900)]
node: Friday October 13 2023 Security Releases

This is a security release.
Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-44487: nghttp2 Security Release (High) (Depends on shared library provided by OpenWrt)
* CVE-2023-45143: undici Security Release (High)
* CVE-2023-38552: Integrity checks according to policies can be circumvented (Medium)
* CVE-2023-39333: Code injection via WebAssembly export names (Low)
More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
13 months agolibqmi: bump to 1.34.0
Maxim Anisimov [Tue, 17 Oct 2023 12:20:18 +0000 (15:20 +0300)]
libqmi: bump to 1.34.0

Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
13 months agolibmbim: bump to 1.30.0
Maxim Anisimov [Tue, 17 Oct 2023 12:18:56 +0000 (15:18 +0300)]
libmbim: bump to 1.30.0

Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
13 months agohttps-dns-proxy: bugfix: logging crashing instances on ath79 22422/head
Stan Grishin [Tue, 17 Oct 2023 09:43:34 +0000 (09:43 +0000)]
https-dns-proxy: bugfix: logging crashing instances on ath79

* finally fixes https://github.com/openwrt/packages/issues/19366
* simplify service_triggers
* improve output for dnsmasq restart
* improve grep/sed dependencies
* remove interface hotplug

Signed-off-by: Stan Grishin <stangri@melmac.ca>
13 months agoMerge pull request #21258 from blocktrron/add-cudy-bdinfo
David Bauer [Mon, 16 Oct 2023 20:21:26 +0000 (22:21 +0200)]
Merge pull request #21258 from blocktrron/add-cudy-bdinfo

cudy-bdinfo: add package

13 months agov2ray-geodata: Update to latest version
Tianling Shen [Mon, 16 Oct 2023 09:14:34 +0000 (17:14 +0800)]
v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
13 months agoMerge pull request #22416 from miska/samba
Tianling Shen [Mon, 16 Oct 2023 08:46:06 +0000 (16:46 +0800)]
Merge pull request #22416 from miska/samba

samba4: Update to version 4.18.8

13 months agosamba4: Update to version 4.18.8 22416/head
Michal Hrusecky [Mon, 16 Oct 2023 05:15:46 +0000 (07:15 +0200)]
samba4: Update to version 4.18.8

Mainly security release, fixing CVE-2023-3961, CVE-2023-4091,
CVE-2023-4154, CVE-2023-42669 and CVE-2023-42670. For more details see:
https://www.samba.org/samba/history/samba-4.18.8.html

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
13 months agoMerge pull request #22415 from pprindeville/isc-dhcp-avoid-external-cmds
Philip Prindeville [Mon, 16 Oct 2023 04:48:04 +0000 (22:48 -0600)]
Merge pull request #22415 from pprindeville/isc-dhcp-avoid-external-cmds

isc-dhcpd: Redux of convenience functions avoiding sed/cut

13 months agoisc-dhcpd: Redux of convenience functions avoiding sed/cut 22415/head
Philip Prindeville [Thu, 21 Sep 2023 23:40:18 +0000 (17:40 -0600)]
isc-dhcpd: Redux of convenience functions avoiding sed/cut

Also minimize messing with $IFS.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
13 months agoisc-dhcp: Use 'append' instead of manually appending
Philip Prindeville [Sat, 23 Sep 2023 23:09:30 +0000 (17:09 -0600)]
isc-dhcp: Use 'append' instead of manually appending

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
13 months agoMerge pull request #22414 from pprindeville/isc-dhcp-no-empty-ranges
Philip Prindeville [Mon, 16 Oct 2023 04:14:24 +0000 (22:14 -0600)]
Merge pull request #22414 from pprindeville/isc-dhcp-no-empty-ranges

isc-dhcp: refuse to add empty DHCP ranges

13 months agoisc-dhcp: refuse to add empty DHCP range 22414/head
Leon M. Busch-George [Mon, 16 Oct 2023 03:35:14 +0000 (21:35 -0600)]
isc-dhcp: refuse to add empty DHCP range

ipcalc.sh no longer outputs invalid ranges and fails with an error code in
such cases. React to the error.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
13 months agoisc-dhcp: adapt to new ipcalc paradigm
Leon M. Busch-George [Mon, 16 Oct 2023 03:33:15 +0000 (21:33 -0600)]
isc-dhcp: adapt to new ipcalc paradigm

With #12925, 'BROADCAST' will no longer be set if there is no local
broadcast address (rather than holding the global broadcast address).
Prepare for the merge but stay compatible with the old version of ipcalc.

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
13 months agorust: fix build with glibc, ARM and hard floats
Drew Young [Mon, 9 Oct 2023 21:19:50 +0000 (17:19 -0400)]
rust: fix build with glibc, ARM and hard floats

Patch the target triple for Rust with glibc to include hard floating
point support.

The GNU target triple used elsewhere does not include hard float support,
instead `-mfloat-abi=hard` is passed separately. For Rust it must be
included in the target triple. This was already being done for musl,
this commit adds the same patching for glibc.

Without this patch Rust compilation fails with an error like this
(abbreviated to fit the line length):

    ld: error: libstd.so uses VFP register arguments, ... does not
    ld: failed to merge target specific data of file ...

Signed-off-by: Drew Young <dyoung@viridiparente.com>
13 months agogolang: Update to 1.21.3
Jeffery To [Sun, 15 Oct 2023 13:09:52 +0000 (21:09 +0800)]
golang: Update to 1.21.3

Includes fix for CVE-2023-39325 (net/http, x/net/http2: rapid stream
resets can cause excessive work).

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agonghttp2: fix CVE-2023-44487
Hirokazu MORIKAWA [Sat, 14 Oct 2023 03:31:16 +0000 (12:31 +0900)]
nghttp2: fix CVE-2023-44487

update to v1.57.0
CVE-2023-44487 : HTTP/2 Rapid Reset

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
13 months agoprometheus-node-exporter-lua: bump package version 21551/head
Ivan Mironov [Thu, 13 Jul 2023 15:21:52 +0000 (17:21 +0200)]
prometheus-node-exporter-lua: bump package version

Signed-off-by: Ivan Mironov <mironov.ivan@gmail.com>
13 months agoprometheus-node-exporter-lua: add basic hwmon exporter
Ivan Mironov [Wed, 12 Jul 2023 23:45:44 +0000 (01:45 +0200)]
prometheus-node-exporter-lua: add basic hwmon exporter

This collector supports following metrics:

 * node_hwmon_temp_celsius
 * node_hwmon_pwm

and following auxiliary mappings:

 * node_hwmon_chip_names
 * node_hwmon_sensor_label

Tested on:

 * Banana Pi BPI-r3 / OpenWrt 23.05.0-rc2
 * TP-Link Archer C7 v5 / OpenWrt 22.03.5

Signed-off-by: Ivan Mironov <mironov.ivan@gmail.com>
13 months agoMerge pull request #20007 from dhewg/prometheus-node-exporter-ucode
Etienne Champetier [Sun, 15 Oct 2023 15:00:44 +0000 (11:00 -0400)]
Merge pull request #20007 from dhewg/prometheus-node-exporter-ucode

prometheus-node-exporter-ucode: add new package

13 months agoMerge pull request #22404 from vgaetera/openconnect-pfs
Nikos Mavrogiannopoulos [Sun, 15 Oct 2023 10:01:34 +0000 (12:01 +0200)]
Merge pull request #22404 from vgaetera/openconnect-pfs

openconnect: add support for option --pfs

13 months agoMerge pull request #22393 from jefferyto/maturin-1.3.0
Tianling Shen [Sun, 15 Oct 2023 03:51:06 +0000 (11:51 +0800)]
Merge pull request #22393 from jefferyto/maturin-1.3.0

maturin: Update to 1.3.0, build as Python (host-only) package

13 months agoMerge pull request #21005 from joelpet/prometheus-node-exporter-thermal
Etienne Champetier [Sat, 14 Oct 2023 19:22:37 +0000 (15:22 -0400)]
Merge pull request #21005 from joelpet/prometheus-node-exporter-thermal

prometheus-node-exporter-lua: Add thermal collector

13 months agoopenconnect: add support for option --pfs 22404/head
Vladislav Grigoryev [Sat, 14 Oct 2023 09:25:34 +0000 (12:25 +0300)]
openconnect: add support for option --pfs

Add support for the OpenConnect option `--pfs`.
Designed to require perfect forward secrecy.

Signed-off-by: Vladislav Grigoryev <vg.aetera@gmail.com>
13 months agonetbird: update to 0.23.9
Oskari Rauta [Fri, 13 Oct 2023 13:23:15 +0000 (16:23 +0300)]
netbird: update to 0.23.9

Changelog:
 - Add Pagination for IdP Users Fetch by @bcmmbaga in #1210
 - Rework peer connection status based on the update channel existence by @surik in #1213
 - Fix nil pointer exception in group delete by @pappz in #1211
 - Fix/key backup in config script by @pappz in #1206

Full changelog: https://github.com/netbirdio/netbird/compare/v0.23.8...v0.23.9

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
13 months agodnsdist: update to 1.8.2
Peter van Dijk [Wed, 11 Oct 2023 10:38:05 +0000 (12:38 +0200)]
dnsdist: update to 1.8.2

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
13 months agoh2o: ABI-breaking patch for CVE-2023-44487
Peter van Dijk [Wed, 11 Oct 2023 09:09:16 +0000 (11:09 +0200)]
h2o: ABI-breaking patch for CVE-2023-44487

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
bump soname

refreh

13 months agorust: update to 1.73.0
Oskari Rauta [Thu, 12 Oct 2023 13:24:31 +0000 (16:24 +0300)]
rust: update to 1.73.0

patches refreshed.
changelog at https://github.com/rust-lang/rust/releases/tag/1.73.0

Also added a configuration ardument and patch
from https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-lang/rust/files/1.72.0-bump-libc-deps-to-0.2.146.patch?id=515b5920046117355d88b3494c74da269ce9b30a
to provide support for building rust on musl hosts.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
rust: add support for musl build hosts

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
13 months agonode: bump to v18.18.1
Hirokazu MORIKAWA [Thu, 12 Oct 2023 04:05:38 +0000 (13:05 +0900)]
node: bump to v18.18.1

Notable Changes

 This release addresses some regressions that appeared in Node.js 18.18.0:

    (Windows) FS can not handle certain characters in file name #48673
    18 and 20 node images give error - Text file busy (after re-build images) nodejs/docker-node#1968
    libuv update in 18.18.0 breaks webpack's thread-loader #49911

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
13 months agopython3-texttable: update to version 1.7.0
Javier Marcet [Thu, 12 Oct 2023 19:43:54 +0000 (21:43 +0200)]
python3-texttable: update to version 1.7.0

Signed-off-by: Javier Marcet <javier@marcet.info>
13 months agopython-websocket-client: update to 1.6.4
Javier Marcet [Thu, 12 Oct 2023 19:44:22 +0000 (21:44 +0200)]
python-websocket-client: update to 1.6.4

- 1.6.4
  - Add support for HTTP 307 and 308 redirect codes

- 1.6.3
  - Fix type hints issues
  - Add support for Python beta release 3.12 in CI
  - Add maintainer email in setup.py

Signed-off-by: Javier Marcet <javier@marcet.info>
13 months agocatatonit: update to 0.2.0
Oskari Rauta [Fri, 13 Oct 2023 13:16:34 +0000 (16:16 +0300)]
catatonit: update to 0.2.0

no functional changes from catatonit 0.1.7, but license change
from GPL-3.0-or-later to GPL-2.0-or-later.

Switch package source to release version from git commit version.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
13 months agopodman: update to 4.7.1
Oskari Rauta [Fri, 13 Oct 2023 13:10:13 +0000 (16:10 +0300)]
podman: update to 4.7.1

Bugfixes

 - Fixed a bug involving non-English locales of Windows where machine installs using user-mode networking were rejected due to erroneous version detection (#20209).
 - Fixed a regression in --env-file handling (#19565).
 - Fixed a bug where podman inspect would fail when stat'ing a device failed.

API
 - The network list compat API endpoint is now much faster (#20035).

Openwrt updates: added patch to allow building with musl-1.2.4
Patch source is from gentoo https://github.com/vimproved/gentoo/blob/c4c349f11a4352be1965726eadfe3a8bd8a6fa9c/app-containers/podman/files/podman-4.5.0-fix-build-with-musl-1.2.4.patch

Issue was discussed by @jefferyto at mattn/go-sqlite3#1177

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
13 months agonginx: fix nginx lua module compilation error
Christian Marangi [Fri, 13 Oct 2023 18:32:41 +0000 (20:32 +0200)]
nginx: fix nginx lua module compilation error

Add pending patch fixing compilation error for missing pcre.h.

This is caused by a bug on their end by trying to add pcre.h even if we
are using the PCRE2 library.

Fixes: f0754531c4d8 ("nginx: move to PCRE2")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
13 months agomaturin: Update to 1.3.0, build as Python (host-only) package 22393/head
Jeffery To [Fri, 13 Oct 2023 17:51:09 +0000 (01:51 +0800)]
maturin: Update to 1.3.0, build as Python (host-only) package

Python packages that use maturin to build do not call the maturin
program directly; they use the maturin build backend[1]. This build
backend is a Python library provided with maturin that interfaces with
the maturin program.

This changes the maturin package to use the Python build process so that
the build backend is installed correctly.

This also renames the source package to python-maturin and moves it into
the lang/python directory.

[1]: https://www.maturin.rs/#source-distribution

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agoluajit2: update to v2.1-20231006
Javier Marcet [Fri, 13 Oct 2023 11:49:09 +0000 (13:49 +0200)]
luajit2: update to v2.1-20231006

Signed-off-by: Javier Marcet <javier@marcet.info>
13 months agoMerge pull request #22197 from oskarirauta/zsh
Josef Schlehofer [Wed, 11 Oct 2023 16:33:16 +0000 (18:33 +0200)]
Merge pull request #22197 from oskarirauta/zsh

zsh: use libpcre2 instead of libpcre

13 months agoopenblas: bump to version 0.3.24
Alexandru Ardelean [Mon, 9 Oct 2023 13:54:05 +0000 (16:54 +0300)]
openblas: bump to version 0.3.24

Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
13 months agodnsproxy: Update to 0.56.1
Tianling Shen [Wed, 11 Oct 2023 14:48:22 +0000 (22:48 +0800)]
dnsproxy: Update to 0.56.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
13 months agoMerge pull request #22339 from jefferyto/rust-build-performance
Tianling Shen [Wed, 11 Oct 2023 13:03:33 +0000 (21:03 +0800)]
Merge pull request #22339 from jefferyto/rust-build-performance

rust: Improve build performance

13 months agopython-setuptools-rust: Set cargo profile from environment variable 22339/head
Jeffery To [Sun, 8 Oct 2023 12:24:38 +0000 (20:24 +0800)]
python-setuptools-rust: Set cargo profile from environment variable

This adds a patch (submitted upstream in
https://github.com/PyO3/setuptools-rust/pull/364), to read the profile
to pass to cargo from an environment variable.

This also updates the Python include files to set the environment
variable based on values from rust-values.mk.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Set release profile settings
Jeffery To [Sat, 30 Sep 2023 05:57:43 +0000 (13:57 +0800)]
rust: Set release profile settings

* codegen-units, lto, opt-level - Set to values to optimize binary
  size[1].

* overflow-checks - Enabled because in release mode, integer overflows
  are defined as two's complement wrap[2]. It is highly unlikely that
  any program is intentionally relying on this behaviour; it would be
  better to panic instead of continue execution in this case.

* debug, debug-assertions, panic, rpath - Set to their default (release)
  values, to override any settings made by packages, e.g. ripgrep sets
  debug = 1[3].

[1]: https://github.com/johnthagen/min-sized-rust
[2]: https://huonw.github.io/blog/2016/04/myths-and-legends-about-integer-overflow-in-rust/
[3]: https://github.com/BurntSushi/ripgrep/blob/13.0.0/Cargo.toml#L79-L80

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Add option to use sccache
Jeffery To [Mon, 25 Sep 2023 02:00:58 +0000 (10:00 +0800)]
rust: Add option to use sccache

Using sccache makes recompilation of rustc and Rust packages faster.

This also makes the rust package visible in menuconfig, in order for the
sccache options to be accessible.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Use make's jobserver when building packages
Jeffery To [Sat, 23 Sep 2023 12:24:37 +0000 (20:24 +0800)]
rust: Use make's jobserver when building packages

This allows cargo to use make's jobserver when building packages, by
marking the cargo command as recursive (with the + prefix[1]) and
setting MAKEFLAGS.

This also:

* Give cargo/x.py the build directory instead of having to change the
  current directory (and opening subshells)

* Set PKG_BUILD_PARALLEL/HOST_BUILD_PARALLEL for Rust packages to enable
  the use of make's jobserver

[1]: https://www.gnu.org/software/make/manual/html_node/POSIX-Jobserver.html

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Consolidate cargo environment variables
Jeffery To [Mon, 25 Sep 2023 03:58:12 +0000 (11:58 +0800)]
rust: Consolidate cargo environment variables

This consolidates all environment variables for cargo into:

* CARGO_HOST_CONFIG_VARS / CARGO_PKG_CONFIG_VARS

  These contain all cargo-specific environment variables, i.e. without
  "common" variables like CC.

* CARGO_HOST_VARS / CARGO_PKG_VARS (renamed from CARGO_VARS)

  These contain all environment variables to be passed to cargo.

This also:

* Set the CARGO_BUILD_TARGET environment variable instead of using the
  --target command-line option

* Update Python include files to use CARGO_HOST_CONFIG_VARS /
  CARGO_PKG_CONFIG_VARS

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Move CARGO_HOME to $(DL_DIR)/cargo
Jeffery To [Fri, 22 Sep 2023 16:26:20 +0000 (00:26 +0800)]
rust: Move CARGO_HOME to $(DL_DIR)/cargo

As CARGO_HOME mainly functions as a download and source cache[1], moving
it into $(DL_DIR) allows it to persist and be reused between different
buildroots/sdks (when DL_DIR is set to a custom/external location).

[1]: https://doc.rust-lang.org/cargo/guide/cargo-home.html

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Move cargo config options into environment variables
Jeffery To [Sun, 1 Oct 2023 18:16:22 +0000 (02:16 +0800)]
rust: Move cargo config options into environment variables

This also:

* Modify the "release" profile in place of adding the "stripped" profile

  Only the profile for target is modified; there are no file size
  constraints for host.

* For host, build with the "release" profile

* For target, build with either the "dev" or "release" profile based on
  CONFIG_DEBUG

There is no environment variable to specify the "strip" option, but
enabling this option is not necessary as the build system will already
strip binaries based on CONFIG_NO_STRIP / CONFIG_USE_STRIP /
CONFIG_USE_SSTRIP.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Install to $(STAGING_DIR)/host
Jeffery To [Fri, 22 Sep 2023 16:02:01 +0000 (00:02 +0800)]
rust: Install to $(STAGING_DIR)/host

This allows rustc/cargo/etc to be called without having to set PATH, as
$(STAGING_DIR)/host/bin is already in PATH.

This also fixes CARGO_HOME not being set during Host/Configure and
Host/Compile.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Improve Host/Install speed
Jeffery To [Wed, 11 Oct 2023 04:56:20 +0000 (12:56 +0800)]
rust: Improve Host/Install speed

* Compress dist archives with gzip instead of xz; gzip is faster to
  compress and decompress

* Use a for loop instead of calling find to extract archives

* Use libdeflate's gzip to decompress instead of gzip

* Limit search for install scripts to top level of extracted archives

This also runs the install scripts with bash instead of sh, in
accordance with the shebang lines inside the scripts.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Cache bootstrap downloads to $(DL_DIR)/rustc
Jeffery To [Sun, 1 Oct 2023 20:52:32 +0000 (04:52 +0800)]
rust: Cache bootstrap downloads to $(DL_DIR)/rustc

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Add RUST_HOST_FEATURES for host builds
Jeffery To [Mon, 25 Sep 2023 03:28:45 +0000 (11:28 +0800)]
rust: Add RUST_HOST_FEATURES for host builds

Features to be enabled for host may not be the same as those for target.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agorust: Use build host Python
Jeffery To [Sat, 30 Sep 2023 08:49:11 +0000 (16:49 +0800)]
rust: Use build host Python

The build system already requires Python to be installed.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agocurl: Update to version 8.4.0
Michal Hrusecky [Wed, 11 Oct 2023 06:18:45 +0000 (08:18 +0200)]
curl: Update to version 8.4.0

For detailed changes, see https://curl.se/changes.html#8_4_0
Switching to tar.bz2 for the time being as tar.xz is not yet available.
Fixes CVE-2023-38546 and CVE-2023-38545.

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
13 months agopython-zope-interface: Update to 6.1, refresh patch
Jeffery To [Mon, 9 Oct 2023 01:21:58 +0000 (09:21 +0800)]
python-zope-interface: Update to 6.1, refresh patch

This also updates the list of dependencies and adds a test.sh script for
the packages feed CI.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agoMerge pull request #22352 from commodo/stress-ng
Alexandru Ardelean [Wed, 11 Oct 2023 07:06:53 +0000 (10:06 +0300)]
Merge pull request #22352 from commodo/stress-ng

stress-ng: bump to version 0.17.0

13 months agoMerge pull request #22348 from miska/samba4
Tianling Shen [Wed, 11 Oct 2023 01:50:42 +0000 (09:50 +0800)]
Merge pull request #22348 from miska/samba4

samba4: Update to version 4.18.7

13 months agopython-pycares: bump to 4.4.0
Fabian Lipken [Mon, 9 Oct 2023 06:46:12 +0000 (08:46 +0200)]
python-pycares: bump to 4.4.0

Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
13 months agoMerge pull request #22343 from jefferyto/python-3.11.6
Tianling Shen [Wed, 11 Oct 2023 01:48:04 +0000 (09:48 +0800)]
Merge pull request #22343 from jefferyto/python-3.11.6

python3: Update to 3.11.6, refresh patches

13 months agoMerge pull request #22345 from muink/patch-1
Tianling Shen [Wed, 11 Oct 2023 01:40:08 +0000 (09:40 +0800)]
Merge pull request #22345 from muink/patch-1

librespeed-go: Reload the daemon after modifying the tls certificate

13 months agoprocs: Add new package
Facundo Acevedo [Sun, 2 Jul 2023 22:02:43 +0000 (19:02 -0300)]
procs: Add new package

Procs is a modern, feature-rich alternative to the 'ps' command written in Rust

Signed-off-by: Facundo Acevedo <facevedo@disroot.org>
13 months agoMerge pull request #22203 from pprindeville/perl-text-csv_xs-update-1.52
Philip Prindeville [Tue, 10 Oct 2023 21:02:41 +0000 (16:02 -0500)]
Merge pull request #22203 from pprindeville/perl-text-csv_xs-update-1.52

Perl text csv xs update 1.52

13 months agoperl-text-csv_xs: Update to 1.52 22203/head
Philip Prindeville [Sun, 24 Sep 2023 18:48:03 +0000 (12:48 -0600)]
perl-text-csv_xs: Update to 1.52

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
13 months agokmod: update to 31
Nick Hainke [Mon, 2 Oct 2023 07:45:19 +0000 (09:45 +0200)]
kmod: update to 31

Release Notes:
https://github.com/kmod-project/kmod/blob/aff617ea871d0568cc491bd116c0be1e857463bb/NEWS#L1

Signed-off-by: Nick Hainke <vincent@systemli.org>
13 months agostress-ng: bump to version 0.17.00 22352/head
Alexandru Ardelean [Mon, 2 Oct 2023 12:39:30 +0000 (15:39 +0300)]
stress-ng: bump to version 0.17.00

Refreshed 001-disable-extra-stressors.patch
Dropped 002-disable-compiler-test.patch
  - no longer needed since commit https://github.com/ColinIanKing/stress-ng/commit/a24c7f2048548e6e9ded652b0d16a7da37e4edf0

Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
13 months agozsh: backport PCRE2 patches and move to it 22197/head
Christian Marangi [Tue, 10 Oct 2023 10:29:49 +0000 (12:29 +0200)]
zsh: backport PCRE2 patches and move to it

Backport PCRE2 patches from upstream and move package to PCRE2 library
as PCRE is EOL and won't receive any security update anymore.

Patch are backported with minimal change, only the Changelog change is
commented out as it would conflict and makes no sense to adapt for the
purpose of backport patches.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
13 months agosnowflake: update to 2.6.1
Nick Hainke [Fri, 22 Sep 2023 08:21:53 +0000 (10:21 +0200)]
snowflake: update to 2.6.1

Release Notes:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/tags/v2.6.1

Remove upstreamed patches:
- 0001-Bump-minimum-required-version-of-go.patch
- 0002-Update-dependencies.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
13 months agocloudreve: Update to 3.8.3
Tianling Shen [Mon, 9 Oct 2023 03:48:10 +0000 (11:48 +0800)]
cloudreve: Update to 3.8.3

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
13 months agolibrespeed-go: Reload the daemon after modifying the tls certificate 22345/head
Anya Lin [Tue, 10 Oct 2023 01:13:14 +0000 (09:13 +0800)]
librespeed-go: Reload the daemon after modifying the tls certificate

Make the daemon reload after the tls certificate is updated

Signed-off-by: Anya Lin <hukk1996@gmail.com>
13 months agosamba4: Update to version 4.18.7 22348/head
Michal Hrusecky [Mon, 9 Oct 2023 06:41:46 +0000 (08:41 +0200)]
samba4: Update to version 4.18.7

Update to the latest stable version in 4.18 series, for details, see
https://www.samba.org/samba/history/samba-4.18.7.html

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
13 months agoMerge pull request #22303 from perrin4869/ddns-scripts/add-samples-to-package
Florian Eckert [Mon, 9 Oct 2023 06:36:16 +0000 (08:36 +0200)]
Merge pull request #22303 from perrin4869/ddns-scripts/add-samples-to-package

ddns-scripts: add samples to package

13 months agopppossh: depend on dbclient
Sergey Ponomarev [Wed, 20 Sep 2023 14:30:41 +0000 (17:30 +0300)]
pppossh: depend on dbclient

The package should not only depend on a package dropbear but on the dbclient.
Otherwise the dbclient may be disabled during compilation and the dependency will be not satisfied.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agodnsproxy: Update to 0.56.0
Tianling Shen [Sat, 7 Oct 2023 04:59:43 +0000 (12:59 +0800)]
dnsproxy: Update to 0.56.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
13 months agov2ray-core: Update to 5.8.0
Tianling Shen [Sat, 7 Oct 2023 04:51:06 +0000 (12:51 +0800)]
v2ray-core: Update to 5.8.0

Removed upstreamed patches.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
13 months agov2ray-geodata: add package v2ray-geosite-ir
Kaveh Dadgar [Sat, 7 Oct 2023 19:44:02 +0000 (21:44 +0200)]
v2ray-geodata: add package v2ray-geosite-ir

"Iran Hosted Domains" is a comprehensive list of Iranian domains and services that are hosted within the country.

Signed-off-by: Kaveh Dadgar <Kavehdadgar666@protonmail.com>
13 months agotailscale: Update to 1.50.1
Zephyr Lykos [Fri, 6 Oct 2023 10:55:02 +0000 (18:55 +0800)]
tailscale: Update to 1.50.1

https://github.com/tailscale/tailscale/releases/tag/v1.50.1

Signed-off-by: Zephyr Lykos <git@mochaa.ws>
13 months agocni-protocol: update protocol
Oskari Rauta [Sun, 8 Oct 2023 14:51:50 +0000 (17:51 +0300)]
cni-protocol: update protocol

Changes to protocol file and it's description.
Works better now and restarts firewall automaticly
when tunnel comes available. More informative/guiding
description.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
13 months agosing-box: update to v1.5.2
Leo Douglas [Fri, 29 Sep 2023 11:38:04 +0000 (19:38 +0800)]
sing-box: update to v1.5.2

* Enable `with_ech` and `with_dhcp`, just like upstream
* See changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.5.2

Signed-off-by: Leo Douglas <douglarek@gmail.com>
sing-box: ShadowsocksR is marked as deprecated since v1.5.0

Signed-off-by: Leo Douglas <douglarek@gmail.com>
sing-box: remove dhcp by default

Signed-off-by: Leo Douglas <douglarek@gmail.com>
13 months agopython3: Update to 3.11.6, refresh patches 22343/head
Jeffery To [Mon, 9 Oct 2023 01:18:40 +0000 (09:18 +0800)]
python3: Update to 3.11.6, refresh patches

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
13 months agokea: bump to 2.4.0
Stijn Tintel [Sat, 7 Oct 2023 22:47:09 +0000 (01:47 +0300)]
kea: bump to 2.4.0

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
13 months agokea: bump to 2.2.1
Stijn Tintel [Sat, 7 Oct 2023 12:26:07 +0000 (15:26 +0300)]
kea: bump to 2.2.1

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
13 months agocudy-bdinfo: add package 21258/head
David Bauer [Fri, 2 Jun 2023 01:50:00 +0000 (03:50 +0200)]
cudy-bdinfo: add package

This program can be used to obtain information stored on the bdinfo
parition found on routers from Shenzhen Cudy Technology.

While this tool is not necessary for operation with OpenWrt, it can be
helpful to decrypt information generated by the stock firmware as well
as to obtain additional device-specific information.

Signed-off-by: David Bauer <mail@david-bauer.net>
13 months agoesp2net: add Espressif ESP chip USB-Network proxy
Nuno Gonçalves [Tue, 20 Jun 2023 15:54:16 +0000 (16:54 +0100)]
esp2net: add Espressif ESP chip USB-Network proxy

Signed-off-by: Nuno Gonçalves <nunojpg@gmail.com>
13 months agolighttpd: update to lighttpd 1.4.72 release hash
Glenn Strauss [Sat, 7 Oct 2023 06:24:55 +0000 (02:24 -0400)]
lighttpd: update to lighttpd 1.4.72 release hash

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
13 months agolua-eco: update to 3.0.1
Jianhui Zhao [Sun, 8 Oct 2023 08:20:08 +0000 (16:20 +0800)]
lua-eco: update to 3.0.1

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
13 months agonextdns: Update to version 1.41.0
Olivier Poitrey [Sat, 7 Oct 2023 01:30:22 +0000 (01:30 +0000)]
nextdns: Update to version 1.41.0

Signed-off-by: Olivier Poitrey <rs@nextdns.io>
13 months agosshtunnel: update version to 5.1
Sergey Ponomarev [Wed, 20 Sep 2023 14:27:45 +0000 (17:27 +0300)]
sshtunnel: update version to 5.1

Make it depends on ether Dropbear dbclient or OpenSSH client

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agosshtunnel: allow empty port and user
Sergey Ponomarev [Wed, 21 Jun 2023 17:01:31 +0000 (20:01 +0300)]
sshtunnel: allow empty port and user

A user may have some host configured in the .ssh/config with user and port.
But we anyway have to specify them in the sshtunnel.
The change fixes this

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agosshtunnel: add enabled option
Sergey Ponomarev [Wed, 21 Jun 2023 16:59:28 +0000 (19:59 +0300)]
sshtunnel: add enabled option

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agosshtunnel: allow empty remoteaddress
Sergey Ponomarev [Wed, 21 Jun 2023 16:58:48 +0000 (19:58 +0300)]
sshtunnel: allow empty remoteaddress

Just empty or * may have some semantic difference on a server

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agosshtunnel: StrictHostKeyChecking for Dropbear
Sergey Ponomarev [Sat, 3 Jun 2023 11:23:33 +0000 (14:23 +0300)]
sshtunnel: StrictHostKeyChecking for Dropbear

The dbclient doesn't support the -o StrictHostKeyChecking but it has it's own -y option:
-y    Always accept remote host key if unknown
-y -y Don't perform any remote host key checking (caution)

So we can add these options to make the StrictHostKeyChecking working.
The dbclient will ignore -o StrictHostKeyChecking but use the -y or -yy instead.

The only problem is that the -y flag is also used by the openssh-client:

-y Send log information using the syslog(3) system module.  By default this information is sent to stderr.

This is not critical and once the dbclient start to support the StrictHostKeyChecking we can remove the -y flag.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agosshtunnel: Use -i $IdentityFile instead of -o IdentityFile=$IdentityFile
Sergey Ponomarev [Sat, 3 Jun 2023 10:23:35 +0000 (13:23 +0300)]
sshtunnel: Use -i $IdentityFile instead of -o IdentityFile=$IdentityFile

This makes the sshtunnel compatible with Dropbear.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agosshtunnel: set StrictHostKeyChecking=accept-new by default
Sergey Ponomarev [Sat, 3 Jun 2023 10:10:32 +0000 (13:10 +0300)]
sshtunnel: set StrictHostKeyChecking=accept-new by default

Without the option the ssh will propt a user to accept the host key.
So a user should perform a connection manualy and accept before useing the sshtunnel.
The accept-new is a reasonable trade off.

Also the LogLevel is INFO by default.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agosshtunnel: uci_sshtunnel use example.com
Sergey Ponomarev [Sat, 3 Jun 2023 09:46:03 +0000 (12:46 +0300)]
sshtunnel: uci_sshtunnel use example.com

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agosshtunnel: uci_sshtunnel simplify
Sergey Ponomarev [Sat, 3 Jun 2023 09:44:19 +0000 (12:44 +0300)]
sshtunnel: uci_sshtunnel simplify

Simplify comment and make it shorter.
Remove triling tab after retrydelay.
Use a full path for IdentityFile because otherwise the uci validation fails with the relative path ~/.ssh

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
13 months agoexim: update to version 4.96.1
Daniel Golle [Fri, 6 Oct 2023 21:38:23 +0000 (23:38 +0200)]
exim: update to version 4.96.1

This is a security release.

JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which
      could be triggered by externally-supplied input.  Found by Trend Micro.
      CVE-2023-42115

JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
      be triggered by externally-controlled input.  Found by Trend Micro.
      CVE-2023-42116

JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
      be triggered by externally-controlled input.  Found by Trend Micro.
      CVE-2023-42114

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
13 months agolibvpx: update to 1.13.1
Luiz Angelo Daros de Luca [Sat, 7 Oct 2023 03:00:07 +0000 (00:00 -0300)]
libvpx: update to 1.13.1

v1.13.0

This release includes more Neon and AVX2 optimizations, adds a new codec
control to set per frame QP, upgrades GoogleTest to v1.12.1, and includes
numerous bug fixes.

v1.13.1

This release contains two security related fixes. One each for VP8 and VP9.

- https://crbug.com/1486441 (CVE-2023-5217)
- Fix bug with smaller width bigger size (CVE-2023-44488)

Fixes #22318

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>