Eneas U de Queiroz [Wed, 4 Oct 2023 11:54:15 +0000 (08:54 -0300)]
pymysql: add meta-package for sha256 support
Replace the PYTHON3_PYMYSQL_SHA_PASSWORD_SUPPORT option, which is
causing circular dependencies, with a meta-package that installs both
python3-pymysql and python3-cryptography.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
79b173a0c5e7cbb610a510ab759af1de488196c5)
Jeffery To [Mon, 13 Nov 2023 08:01:30 +0000 (16:01 +0800)]
golang: Update to 1.21.4
Includes fixes for CVE-2023-45283 and CVE-2023-45284 (path/filepath:
insecure parsing of Windows paths).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
0ebc7159818acf40a8eada46058312d2aff0281d)
Stan Grishin [Mon, 13 Nov 2023 21:44:38 +0000 (14:44 -0700)]
Merge pull request #22656 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: bugfix: ensure downloaded block-lists end with newline
Stan Grishin [Mon, 13 Nov 2023 10:07:46 +0000 (10:07 +0000)]
adblock-fast: bugfix: ensure downloaded block-lists end with newline
* ensure downloaded block-lists end with newline
* turn free/total RAM checks into functions calls
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
3787b4135584ad2a6510dbd883406d30575dce5c)
Philip Prindeville [Sun, 12 Nov 2023 18:21:04 +0000 (11:21 -0700)]
Merge pull request #22547 from wigyori/openwrt-23.05-riscv
[23.05] perl: add support for riscv64
Stan Grishin [Fri, 10 Nov 2023 19:48:32 +0000 (12:48 -0700)]
Merge pull request #22620 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: update to 1.0.1-1
Dirk Brenken [Wed, 8 Nov 2023 14:59:08 +0000 (15:59 +0100)]
banip: update 0.9.2-2
* support backup/restore for remote allowlists
* report the used log variant in status message
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
2411bcffaf273b901e61193b18f1ca7355dc832f)
Dirk Brenken [Sun, 5 Nov 2023 08:19:55 +0000 (09:19 +0100)]
banip: release 0.9.2-1
* the log file monitor now supports standard log files used by other log daemons like syslog-ng
Set 'ban_logreadfile' accordingly, by default it points to /var/log/messages
* removed logd dependency, closes #21932
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
c4e814074003a1d45bb583e98cac435575e09ca4)
Nikos Mavrogiannopoulos [Thu, 9 Nov 2023 19:06:34 +0000 (20:06 +0100)]
tang: set the right permissions to keys
Resolves: #22632
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Tianling Shen [Mon, 6 Nov 2023 04:04:28 +0000 (12:04 +0800)]
v2raya: Update to 2.2.4.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
eabb6b8a747acb2292b81ff59417310f12e319f7)
Tianling Shen [Mon, 6 Nov 2023 04:01:34 +0000 (12:01 +0800)]
v2ray-core: Update to 5.11.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
56e29ed7daf39b683be49f06cb4bc065b2bdfd35)
Stan Grishin [Wed, 8 Nov 2023 09:53:06 +0000 (09:53 +0000)]
adblock-fast: update to 1.0.1-1
* update Makefile copyright info
* organize functions shared between the init script, uci-defaults and
luci app in alphabetical order
* update error, warning and status messaging
* use single quotes instead double quotes for static text labels
* better warning for missing recommended packages
* rename dns function to resolver to better reflect its purpose
* improve resolver cleanup code
* move _resolver_config function inside resolver function to improve code readlibity
* rename _process_file_url to process_file_url_wrapper to better reflect its purpose
* add preflight check for available RAM vs total size of block lists
* move _config_add_url_size function inside adb_sizes function to improve code readlibity
* remove uci validation from status_service function to improve performance
* source init script from uci-defaults to include shared functions
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
11df396a18733111a0801d3967142ec0014b564b)
Michael Heimpold [Wed, 8 Nov 2023 06:38:31 +0000 (07:38 +0100)]
Merge pull request #22611 from mhei/23.05-php8-update-to-8.2.12
[23.05] php8: update to 8.2.12
Michael Heimpold [Fri, 27 Oct 2023 05:45:18 +0000 (07:45 +0200)]
php8: update to 8.2.12
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
8d6a63df8ad0b8bdb4073e20774f34ae26791c5d)
Michael Heimpold [Sat, 3 Jun 2023 15:57:18 +0000 (17:57 +0200)]
php8: fix linking on riscv64 platform (again)
The initial fix was done in
a2e76e497.
Later we could revert it with
5779ae4c5 since a global fix
in gcc was deployed.
But now, PHP itself applied a workaround/fix in 8.2.8,
so that we now require the initial fix again.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit
43b10ad9c1c288e3bc034a1c2be3bb0bd2749634)
S. Brusch [Sat, 21 Oct 2023 17:22:13 +0000 (19:22 +0200)]
crowdsec-firewall-bouncer: add ujail
* added ujail for crowdsec-firewall-bouncer
* set nice to reduce priority for process
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma GĂ©rald <gandalf@gk2.net>
Run tested: mediatek/filogic, BPI-R3, Openwrt 23.05.0
(cherry picked from commit
a8df73ce7277134c5bd318b3e63cc14e2c70e9a7)
Zoltan HERPAI [Thu, 12 Oct 2023 14:20:07 +0000 (16:20 +0200)]
perl: add support for riscv64
Required by sifiveu and upcoming riscv targets.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
(cherry picked from commit
cf59047d3c3f07baed76751e19f06db9c6541800)
Josef Schlehofer [Sun, 5 Nov 2023 12:58:43 +0000 (13:58 +0100)]
nmap: backport fix to be able to compile it with OpenSSL 1.1
The latest nmap version 7.9.3 currently fails to compile with OpenSSL 1.1 [1],
it required to backport upstream patch to fix the compilation. [2]
[1] https://github.com/nmap/nmap/issues/2516
[2] https://github.com/nmap/nmap/commit/
d6bea8dcdee36a3902cece14097993350306f1b6
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
2c87004346f9456cfd5cc58559ab8ff4e94cd773)
Jonas Jelonek [Wed, 25 Oct 2023 11:39:29 +0000 (13:39 +0200)]
iperf3-mt: new package
This adds a multithreaded variant of iperf3 as a package. This variant
is still experimental, developed in the mt branch of the iperf
repository and expected to be merged when it is considered stable.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
(cherry picked from commit
f369a2aaa9467c4ab91afeee382fe20088711735)
Tianling Shen [Sun, 5 Nov 2023 08:30:48 +0000 (16:30 +0800)]
Merge pull request #22597 from muink/dnsproxy-23.05
[23.05] dnsproxy: add more options
Anya Lin [Sat, 4 Nov 2023 04:19:06 +0000 (12:19 +0800)]
dnsproxy: new features
1. Add new options:
--http3 Enable HTTP/3 support (H3 first)
--timeout Timeout for outbound DNS queries to remote upstream servers in a human-readable form (default: 10s)
2. Allows listen on multiple interfaces and ports
Signed-off-by: Anya Lin <hukk1996@gmail.com>
(cherry picked from commit
47b4ebc5cb5d3bf24c8a15a8f5cb9a99faed5e1a)
Christian Marangi [Sat, 30 Sep 2023 22:45:06 +0000 (00:45 +0200)]
aircrack-ng: backport patch and move package to pcre2
Backport patch merged upstream for PCRE2 support and move package to
pcre2.
Also add an additional patch pending to fix linking both pcre and pcre2
if autotools detect both library. (aircrack-ng prefer pcre2 in presence
of both)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
cb1f7c7ee4e5e0978a3004a94af8016c85791eed)
Christian Marangi [Sat, 30 Sep 2023 22:43:21 +0000 (00:43 +0200)]
aircrack-ng: bump to release 1.7
Bump aircrack-ng to release 1.7
Changelog from [1]
Airdecap-ng: Endianness fixes
Airdecap-ng: Output PCAP as little endian
Airodump-ng: Fixed blank encryption field when APs have TKIP (and/or CCMP) with WPA2
Airodump-ng: Updated encryption filter (-t/--encrypt) for WPA3 and OWE
Airodump-ng: Fixed out-of-order timestamp captures
Airodump-ng: Ignore NULL PMKID
Airodump-ng: Fixed dropping management frames with zeroed timestamp
Airodump-ng: Fixed sorting where sometimes it started with a different field
Airodump-ng: Allow setting colors only in AP selection mode
Airodump-ng: Fix crash on 4K Linux console
Airodump-ng: Fixed issue where existing clients not linked to an AP become hidden when hitting 'o'
Airodump-ng: Allow use of WiFi 6E 6GHz frequencies
Airodump-ng: Look for oui.txt in /usr/share/hwdata
Airgraph-ng: Fixed graphviz package conflict
Airgraph-ng: Fixed downloading OUI with python3
Airgraph-ng: Ensure support/ directory is created when installing
Aircrack-ng: Fixed static compilation
Aircrack-ng: Fix handshake replay counter logic
Aircrack-ng: Handle timeout when parsing EAPOL
Aircrack-ng: Fixed WEP display
Aircrack-ng: Fixed spurious EXIT messages
Aircrack-ng: Improved handshake selection by fixing EAPOL timing and clearing state
Aircrack-ng: Ignore NULL PMKID
Aircrack-ng: Added Apple M1 detection
Aireplay-ng: In test mode, detect tampering of sequence number by firmware/driver
Aireplay-ng: Fixed incorrectly rewritten loops affecting fragmentation attack, and in some cases, SKA fake auth
Aireplay-ng: Fixed a bunch of instances where packets had their duration updated instead of the sequence number
Airmon-ng: Fix avahi killing
Airmon-ng: rewrite service stopping entirely
Airmon-ng: Codestyle fixes and code cleanup
Airmon-ng: Added a few Raspberry Pi hardware revisions
Airmon-ng: Fixes for 8812au driver
Airmon-ng: Fix iwlwifi firmware formatting
Airmon-ng: Remove broken KVM detection
Airmon-ng: Show regdomain in verbose mode
Airmon-ng: Updated Raspberry Pi hardware revisions
Airmon-ng: Document frequency usage
Airmon-ng: Add a sleep to help predictable names due to udev sometimes renaming interface
Airmon-ng: Added warning for broken radiotap headers in kernel 5.15 to 5.15.4
Airmon-ng: shellcheck fixes
Airmon-ng: support systemctl as some systems don't support 'service' anymore
Airmon-ng: Fixes for pciutils 3.8, backward compatible
Airbase-ng: use enum for frame type/subtype
Airbase-ng: remove a few IE in association responses
Besside-ng: Support and detect all channels in 5GHz in Auto-Channel mode
OSdep: Search additional IE for channel information
OSdep: Android macro fixes
Patches: Add missing patches that were on https://patches.aircrack-ng.org but not in repo
Patches: Updated freeradius-wpe patch for v3.2.0
Patches: Updated hostapd-wpe patch for v2.10
Patches: Added docker containers to test WPE patches
Autotools: make dist now creates VERSION file
Autotools: Added maintainer mode
Autotools: Initial support for Link Time Optimization (LTO) builds
Integration tests: Added a new test, and improved some existing ones
Airgraph-ng: switch airodump-join to Python 3
Manpages: Fixes (typos, tools name, etc.) and improvements
README: Updated dependencies and their installation on various distros in README.md and INSTALLING
README: Fixed typos and spelling in README.md and INSTALLING
Packages: Packages on PackageCloud now support any distro using .deb and .rpm, however, it requires reinstalling repo (BREAKING CHANGE)
General: Fix compilation with LibreSSL 3.5
General: Fix issues reported by Infer
General: Updated buildbots
General: Add Linux uclibc support
General: Compilation fixes on macOS with the Apple M1 CPU
General: Removed TravisCI and AppVeyor
General: Use Github Actions for CI (Linux, Win, macOS, code style, and PVS-Studio)
General: Added vscode devcontainer and documentation
General: Fix warnings from PVS-Studio and build with pedantic (See PR2174)
General: Shell script fixes thanks to shellcheck
General: Fixes for GCC 10 and 11
General: Fixed cross-compilation
General: Code refactoring, deduplication, cleanup, and misc code improvements
General: Coverity Scan fixes, which includes memory leaks, race conditions, division by 0, and other issues
General: PVS Studio improvements,fixes and updates
General: Code formatting/style fixes
General: Various fixes and improvements (code, CI, integration tests, coverity)
General: Update bug reporting template and update the process
[1] https://aircrack-ng.blogspot.com/2022/05/aircrack-ng-17.html
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
41922f33b5f2cbc58e504469cdcd14ffa33ee5f3)
Philip Prindeville [Sat, 4 Nov 2023 18:28:40 +0000 (12:28 -0600)]
Merge pull request #22578 from lowjoel/backport-strongswan-5.9.11
strongswan: Update to 5.9.11
Jeffery To [Mon, 30 Oct 2023 11:32:26 +0000 (19:32 +0800)]
pyodbc: Fix segmentation fault
4.0.36 included a change to decimal parsing[1] that requires the decimal
module. Trying to load the pyodbc module without python3-decimal
installed would lead to a segmentation fault.
This adds python3-decimal as a dependency.
This also adds python3-uuid as a dependency as the module can accept and
return uuid objects[2].
[1]: https://github.com/mkleehammer/pyodbc/commit/
6b107a2bcaf7379e5ba182007b6ecae1bc2fc931
[2]: https://github.com/mkleehammer/pyodbc/commit/
2ad7a9ced7c9c33232c173668c0830a484cc92f3
Fixes: f02f3ee8c768 ("pyodbc: Update to 4.0.39")
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
668a0f9dd8baa2fb6275ff0e022b6f1bf390b7c2)
Oskari Rauta [Tue, 31 Oct 2023 20:07:46 +0000 (22:07 +0200)]
speedtestcpp: update to 1.20.3
changes:
- fixes a bug where science notations (exponentials) are displayed during tests during high speed bursts
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit
58d8f9272139f29ec63f8fdde74a835fe031dece)
Koen Vandeputte [Mon, 16 Oct 2023 09:59:33 +0000 (11:59 +0200)]
wavemon: bump to 9.5.0
The current version is broken, as it refuses to work properly
with the current nl80211 state.
Bumping this fixes full wavemon support
Changelog: 9.5.0:
https://github.com/uoaerg/wavemon/releases/tag/v0.9.5
Changelog 9.4.0:
https://github.com/uoaerg/wavemon/releases/tag/v0.9.4
Note that since 0.9.4, wavemon has a dependency on libnl-cli
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
(cherry picked from commit
d10b26525c29a8fc694f3bab0db3a678b4bf3ebd)
Christian Marangi [Wed, 1 Nov 2023 00:42:59 +0000 (01:42 +0100)]
libndpi: bump to release 4.8
Bump to release 4.8 to make it easier to backport PCRE2 support patch.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
97a7165e7238f0966d6404faf775df8cf5f99a77)
Christian Marangi [Sun, 29 Oct 2023 15:31:41 +0000 (16:31 +0100)]
haproxy: move to PCRE2
Move to PCRE2 as PCRE is EOL and won't receive any more security update
anymore.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
f25f4d395d854b299a8bc81bb2834df7916b9153)
Philip Prindeville [Tue, 27 Jun 2023 21:56:03 +0000 (15:56 -0600)]
strongswan: Update to 5.9.11
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
(cherry picked from commit
08158d2718c9776a6ccb9412e65b1ffff5b94758)
Signed-off-by: Joel Low <joel@joelsplace.sg>
Jeffery To [Mon, 30 Oct 2023 15:56:43 +0000 (23:56 +0800)]
python3: Fix building C extensions with setuptools
setuptools provides a local copy of distutils and when building a C
extension, this distutils will add the target LIBDIR (/usr/lib) to the
list of library paths.
If the build system has a libpython3.11.so in /usr/lib, then the linker
will try to link to this shared library and fail.
This adapts 008-distutils-use-python-sysroot.patch for host setuptools
to add the correct library directory.
Fixes: https://github.com/openwrt/packages/issues/22330
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
624fb955619c0b4b368e2ac1880619f159e3b8d6)
Tianling Shen [Wed, 1 Nov 2023 16:26:03 +0000 (00:26 +0800)]
Merge pull request #22559 from jefferyto/rust-fixes-openwrt-23.05
[openwrt-23.05] rust: Fix compile error if build dir and DL_DIR on separate filesystems, compile error for mipsel_24kc+24kf
Tianling Shen [Wed, 1 Nov 2023 16:25:37 +0000 (00:25 +0800)]
Merge pull request #22567 from douglarek/openwrt-23.05
[openwrt-23.05] sing-box: update to v1.6.0
Anton Antonov [Tue, 3 Oct 2023 11:57:17 +0000 (12:57 +0100)]
efibootmgr: Add armsr target support
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
(cherry picked from commit
3be58aa1d317877415c810bc8dc6a43030064a64)
Anton Antonov [Tue, 3 Oct 2023 11:56:39 +0000 (12:56 +0100)]
efivar: Add armsr target support
Backport up-stream patch:
https://github.com/rhboot/efivar/commit/
ca48d3964d26f5e3b38d73655f19b1836b16bd2d
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
(cherry picked from commit
c618100c8282867d8dc10a98472060c6b432dbc2)
Anton Antonov [Tue, 3 Oct 2023 11:55:54 +0000 (12:55 +0100)]
dmidecode: Add armsr target support
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
(cherry picked from commit
ee47bf4a5202f610251c7192b219481ee2d84dfe)
Moritz Warning [Tue, 24 Oct 2023 19:10:37 +0000 (21:10 +0200)]
zerotier: fix typo
Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit
9e38e78000d93cd809427dd41d271c823d34dc3a)
Christian Marangi [Sat, 28 Oct 2023 16:48:16 +0000 (18:48 +0200)]
aircrack-ng: fix wrong inclusion of libbsd if detected
Currently aircrack-ng try to link with libbsd if it does detect the
library in staging_dir. This is the case with buildbot where every
package is selected and compiled.
Fix this by adding a pending patch that permits to disable libbsd
inclusion even if detected and set the related config flag.
aircrack-ng use 2 function of libbsd and it's not worth to include the
entire library for 2 simple function for string manipulation.
Also add an additional patch that permits to use musl or glibc version
of these string functions.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
bd21652b79175de0ec017761ff1e259a562104e9)
Glenn Strauss [Tue, 31 Oct 2023 05:09:38 +0000 (01:09 -0400)]
lighttpd: update to lighttpd 1.4.73 release hash
* update to lighttpd 1.4.73 release hash
* update maintainer
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
f3e26bef52ef4c401a3a582b839bc632376d4de7)
Leo Douglas [Tue, 31 Oct 2023 03:04:30 +0000 (11:04 +0800)]
sing-box: update to v1.6.0
see changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.6.0
Signed-off-by: Leo Douglas <douglarek@gmail.com>
(cherry picked from commit
84c431702e97ba70228ec45b60482163fc0d974d)
Rui Salvaterra [Sun, 3 Sep 2023 17:22:55 +0000 (18:22 +0100)]
tor: update to 0.4.8.7 stable
Bugfix release, see the changelog [1] for what's new.
[1] https://gitlab.torproject.org/tpo/core/tor/-/raw/tor-0.4.8.7/ChangeLog
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit
5cb304e2b3484691b9f60a3a47a707dfcf5fa34b)
Christian Marangi [Sun, 29 Oct 2023 14:45:45 +0000 (15:45 +0100)]
zabbix: move to PCRE2 library
Move to PCRE2 library as PCRE is not EOL and won't receive any security
updates anymore.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
3dfb00c6c6758524282c6fa4a1995280ea613e9c)
Christian Marangi [Sun, 29 Oct 2023 14:18:19 +0000 (15:18 +0100)]
postfix: move to PCRE2 library
Move to PCRE2 library as PCRE is EOL and won't receive any security
updates anymore.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
f585559690e4d607f5fea5eeed4517d5c157098c)
Christian Marangi [Sun, 29 Oct 2023 14:16:41 +0000 (15:16 +0100)]
postfix: bump to 3.8.2 release
Bump postfix to 3.8.2 release.
Refresh patches and drop patch 502-detect-glibc.patch as it got merged
upstream.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
4b7d365b8644586029823f04c57a03a6f721e5ab)
Jan Hák [Thu, 26 Oct 2023 14:03:38 +0000 (16:03 +0200)]
knot: patch enabling PKCS11 related code only if PKCS11 is available
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
3efee178f23ef9bf78678369be48bcaa430456b2)
Jan Hák [Wed, 25 Oct 2023 13:20:12 +0000 (15:20 +0200)]
knot: update to version 3.3.2
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
fbfa63a03be5916873e3b2d1d17d21d1742de7de)
Christian Marangi [Sun, 29 Oct 2023 15:15:02 +0000 (16:15 +0100)]
fdm: update to 2.2 release and switch to PCRE2
Update to release 2.2 and switch to PCRE2. New release switched from
PCRE to PCRE2 and is now required.
Drop patch merged upstream and backport 2 additional patch that fix a
user-after-free and a PCRE2 bug.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
13982c13d09803b8979f7934c6048db9ad240338)
Christian Marangi [Sun, 29 Oct 2023 16:22:22 +0000 (17:22 +0100)]
tvheadend: drop support for PCRE
Drop support for PCRE as it's now EOL and won't receive any security
updates anymore.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
9ea2ec7cd1d9902352a67d6152107e9c452d6dbb)
Marius Dinu [Fri, 16 Jun 2023 12:59:44 +0000 (15:59 +0300)]
tvheadend: add dependency on gettext (host)
Gettext is a prerequisite to build OpenWrt according to:
https://openwrt.org/docs/guide-developer/toolchain/install-buildsystem
but github automated tests fail without this explicit dependency:
2023-06-19T08:02:45.1940511Z checking for py module gzip ... ok
2023-06-19T08:02:45.1968662Z checking for /builder/staging_dir/host/bin/pkg-config ...ok
2023-06-19T08:02:45.1998491Z ERROR: no gettext binaries found
2023-06-19T08:02:45.1999746Z checking for xgettext ... fail
2023-06-19T08:02:45.2008403Z make[2]: *** [Makefile:263: /builder/build_dir/target-arm_cortex-a9+vfpv3-d16_musl_eabi/tvheadend-2023-06-05/.configured_a17fb5ef857664f03cd0ce37cc5ea591] Error 1
Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
(cherry picked from commit
fb68d07bfae3d38691c87179e216207e4323a52b)
Marius Dinu [Mon, 12 Jun 2023 07:47:03 +0000 (10:47 +0300)]
tvheadend: update to 2023-06-05
Update to git master 2023-06-05 and removed unneeded compatibility patch.
Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
(cherry picked from commit
dedf51702e098d042f5392de4d640b0d72825676)
Martin Strobel [Sun, 29 Oct 2023 15:16:57 +0000 (16:16 +0100)]
freeradius3: switch to pcre2
use libpcre2 as dependency for freeradius3-common
because PCRE is EOL with no further updates
Compile & run tested on mediatek mt76 ubnt-ui6-lr-v1 with musl
Signed-off-by: Martin Strobel <arctus@crza.de>
(cherry picked from commit
19ec30255f1379cb2d25f7ace22523039cc8aa67)
Jianhui Zhao [Sun, 28 May 2023 14:04:17 +0000 (22:04 +0800)]
freeradius3: Update to 3.0.26
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
(cherry picked from commit
dda8ba0ca732d613238db973f00e20dc83d8fc77)
Jeffery To [Thu, 26 Oct 2023 08:11:06 +0000 (16:11 +0800)]
rust: Fix compile error for mipsel_24kc+24kf
Currently, rust fails to build for mipsel_24kc+24kf with "opcode not
supported on this processor: mips1 (mips1)" errors when building
libunwind.
Because mipsel_24kc+24kf is hard-float, a certain section of
src/llvm-project/libunwind/src/UnwindRegistersRestore.S is selected to
be compiled; the instructions in this section require MIPS II.
mipsel_24kc+24kf is compiled for MIPS32 Release 2 (MIPS32 is based on
MIPS II), but the C flags used to select this architecture were not
passed to the rust bootstrap (to be passed back to gcc).
This passes the C flags to rust bootstrap to fix this compile error.
This also adds PKG_BUILD_FLAGS:=no-mips16 as attempting to generate
MIPS16 code leads to a different compile error.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
54616e7049701996fab1dfb85ba0ebc3189b53ec)
Jeffery To [Thu, 26 Oct 2023 07:48:28 +0000 (15:48 +0800)]
rust: Fix compile error if build dir and DL_DIR on separate filesystems
The rust bootstrap downloads files into a "tmp" directory then moves the
files into the "cache" directory using std::fs::rename. There are no
issues in the original/unpatched case as "tmp" and "cache" are
subdirectories in the build directory ($(HOST_BUILD_DIR)/build) and so
are nearly guaranteed to be on the same filesystem.
35768bf31e5867046874dc6fd0374ff8fe575da2 changed where files are
saved/cached (in $(DL_DIR)/rustc). If HOST_BUILD_DIR and DL_DIR are on
separate filesystems, then using std::fs::rename to move the files will
fail.[1]
This updates 0002-rustc-bootstrap-cache.patch to account for this case,
i.e. if std::fs::rename fails, fall back to copying the file then
removing the original.
[1]: https://github.com/openwrt/packages/pull/22457
Fixes: 35768bf31e58 ("rust: Cache bootstrap downloads to $(DL_DIR)/rustc")
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
f9f1e0220f872263d8f12c38df9984a40625430f)
Stan Grishin [Mon, 30 Oct 2023 20:28:14 +0000 (14:28 -0600)]
Merge pull request #22543 from stangri/openwrt-23.05-ngtcp2
[23.05] ngtcp2: update to 1.0.1
Dirk Brenken [Fri, 27 Oct 2023 08:48:04 +0000 (10:48 +0200)]
travelmate: release 2.1.1-2
* more small fixes & enhancements
* cosmetics
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
efe0cbcb7541eff4072fa5421a244ac05cab43e6)
Dirk Brenken [Tue, 24 Oct 2023 15:27:40 +0000 (17:27 +0200)]
travelmate: release 2.1.1
* various vpn/wireguard improvements & fixes
* improved compatibility with new netifd
* added open STA improvements by @brianjmurrell
* closes #22227 #22288 #22357
Signed-off-by: Dirk Brenken dev@brenken.org
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit
81658c58236a050b22dbf08309b637576db1a5c9)
Stan Grishin [Sun, 29 Oct 2023 19:33:15 +0000 (19:33 +0000)]
ngtcp2: update to 1.0.1
* https://github.com/ngtcp2/ngtcp2/compare/v1.0.0...v1.0.1
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
9d194e834852143124df7aed12297e0f754e9ece)
Tianling Shen [Wed, 25 Oct 2023 11:40:20 +0000 (19:40 +0800)]
dnsproxy: Update to 0.56.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
ad8f2b5e8e4d7a84f034bf458221e6721c0efedb)
Tianling Shen [Wed, 25 Oct 2023 11:40:11 +0000 (19:40 +0800)]
rclone: Update to 1.64.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
0d6bbc3bddeb0a0c2b9daaff9d40e3e0361ee763)
Tianling Shen [Fri, 20 Oct 2023 08:28:20 +0000 (16:28 +0800)]
rclone: Update to 1.64.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
0449b530ba1d75911abf52c30d3cbee056b8f7b4)
Stan Grishin [Thu, 26 Oct 2023 22:09:37 +0000 (16:09 -0600)]
Merge pull request #22513 from stangri/openwrt-23.05-https-dns-proxy
[23.05] https-dns-proxy: bugfix: crashes on logging from upstream
Stan Grishin [Thu, 26 Oct 2023 22:08:08 +0000 (16:08 -0600)]
Merge pull request #22510 from stangri/openwrt-23.05-curl
[23.05] curl: prepare for HTTP/3 support
Stan Grishin [Thu, 26 Oct 2023 22:08:01 +0000 (16:08 -0600)]
Merge pull request #22509 from stangri/openwrt-23.05-ngtcp2
[23.05] ngtcp2: add new package
Stan Grishin [Thu, 26 Oct 2023 22:07:53 +0000 (16:07 -0600)]
Merge pull request #22508 from stangri/openwrt-23.05-nghttp3
[23.05] nghttp3: add new package
Stan Grishin [Thu, 26 Oct 2023 14:39:06 +0000 (14:39 +0000)]
https-dns-proxy: bugfix: crashes on logging from upstream
* update to 2023-10-25 upstream version which fixes the crashes on logging on ath79
* remove no longer needed 030-src-logging.c-fix-crash.patch
* update 010-cmakelists-remove-cflags.patch to work with a new version
* update 020-src-options.c-add-version.patch to work with a new version
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
6b92b6c6d27a8ec67e63a5726dee0c9e8cc2b7ec)
Stan Grishin [Wed, 18 Oct 2023 18:58:00 +0000 (18:58 +0000)]
curl: prepare for HTTP/3 support
* these changes along with 2 PRs below and using non-standard
openssl library allow for building curl with HTTP/3 support
* https://github.com/openwrt/packages/pull/22443
* https://github.com/openwrt/packages/pull/22444
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
6bd2b89d839026c3365da7205359b1568f955e6b)
Stan Grishin [Wed, 18 Oct 2023 15:43:14 +0000 (15:43 +0000)]
ngtcp2: add new package
* add new package to allow building of curl with HTTP/3 support
* switch to using cmake
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
f6e57976402f51bd7b7bbe9dacad7153543b3002)
Stan Grishin [Wed, 18 Oct 2023 15:39:55 +0000 (15:39 +0000)]
nghttp3: add new package
* add new package to allow building of curl with HTTP/3 support
* switch to using cmake
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
b1d4241cdf27dbf2ea4f2c78de6bbb3b7e876652)
Nick Hainke [Mon, 23 Oct 2023 12:07:09 +0000 (14:07 +0200)]
snowflake: update to 2.7.0
Release Notes:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/tags/v2.7.0
Proxy churn is removed and because of that also distinctcounter:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/commit/
6393af6bab0f7c3c95b11352d5c582d2000062fa
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
2496d74340e90b8a50ddb312c0841d26f52c4821)
Leo Douglas [Tue, 24 Oct 2023 02:43:12 +0000 (10:43 +0800)]
sing-box: update to v1.5.4
changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.5.4
Signed-off-by: Leo Douglas <douglarek@gmail.com>
(cherry picked from commit
4be4a791b5469ca9a8dae0c31e2563a2d7b751a1)
Andrew Sim [Sun, 22 Oct 2023 06:12:44 +0000 (08:12 +0200)]
transmission: update to 4.0.4
Update Transamission to 4.0.4 stable release
Changelog: https://github.com/transmission/transmission/releases/tag/4.0.4
Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
(cherry picked from commit
45170d9b672b6e017f51c7ac2cdae9b636f2c0b2)
Liangbin Lian [Mon, 10 Jul 2023 07:53:33 +0000 (15:53 +0800)]
transmission: fix depends on libmbedtls
If a firmware build with curl without mbedtls, install transmission from openwrt official repo will fail to start
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
(cherry picked from commit
2311e7921893453094bd065e1a94ffa8d850c8b7)
Daniel Golle [Mon, 23 Oct 2023 10:20:20 +0000 (11:20 +0100)]
exim: update to version 4.96.2
Fixes vulnerabilities:
- Improper Neutralization of Special Elements (CVE-2023-42117)
- dnsdb Out-Of-Bounds Read (CVE-2023-42119)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
86ec7b19bc5f5935152b1423bb4f450ccefaabae)
Daniel Golle [Sat, 5 Aug 2023 01:32:24 +0000 (02:32 +0100)]
cryptsetup: update to version 2.6.1
Cryptsetup 2.6.1 Release Notes
==============================
Stable bug-fix release with minor extensions.
All users of cryptsetup 2.6.0 should upgrade to this version.
Changes since version 2.6.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~
* bitlk: Fixes for BitLocker-compatible on-disk metadata parser
(found by new cryptsetup OSS-Fuzz fuzzers).
- Fix a possible memory leak if the metadata contains more than
one description field.
- Harden parsing of metadata entries for key and description entries.
- Fix broken metadata parsing that can cause a crash or out of memory.
* Fix possible iteration overflow in OpenSSL2 PBKDF2 crypto backend.
OpenSSL2 uses a signed integer for PBKDF2 iteration count.
As cryptsetup uses an unsigned value, this can lead to overflow and
a decrease in the actual iteration count.
This situation can happen only if the user specifies
--pbkdf-force-iterations option.
OpenSSL3 (and other supported crypto backends) are not affected.
* Fix compilation for new ISO C standards (gcc with -std=c11 and higher).
* fvault2: Fix compilation with very old uuid.h.
* verity: Fix possible hash offset setting overflow.
* bitlk: Fix use of startup BEK key on big-endian platforms.
* Fix compilation with latest musl library.
Recent musl no longer implements lseek64() in some configurations.
Use lseek() as 64-bit offset is mandatory for cryptsetup.
* Do not initiate encryption (reencryption command) when the header and
data devices are the same.
If data device reduction is not requsted, this leads to data corruption
since LUKS metadata was written over the data device.
* Fix possible memory leak if crypt_load() fails.
* Always use passphrases with a minimal 8 chars length for benchmarking.
Some enterprise distributions decided to set an unconditional check
for PBKDF2 password length when running in FIPS mode.
This questionable change led to unexpected failures during LUKS format
and keyslot operations, where short passwords were used for
benchmarking PBKDF2 speed.
PBKDF2 benchmark calculations should not be affected by this change.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
5c21b26a939470a44c25fec7a54416d052def1a9)
Daniel Golle [Sat, 5 Aug 2023 00:47:18 +0000 (01:47 +0100)]
lvm2: update LVM2 to 2.03.22 and DM to 1.02.196
Remove downstream patch 004-missing-includes.patch which was merged
upstream in version 2.03.19
LVM2 changelog since version 2.03.17
version 2.03.22 - 02nd August 2023
==================================
Fix pv_major/pv_minor report field types so they are integers, not strings.
Add lvmdevices --delnotfound to delete entries for missing devices.
Always use cachepool name for metadata backup LV for lvconvert --repair.
Make metadata backup LVs read-only after pool's lvconvert --repair.
Improve VDO and Thin support with lvmlockd.
Handle 'lvextend --usepolicies' for pools for all activation variants.
Fix memleak in vgchange autoactivation setup.
Update py-compile building script.
Support conversion from thick to fully provisioned thin LV.
Cache/Thin-pool can use error and zero volumes for testing.
Individual thin volume can be cached, but cannot take snapshot.
Better internal support for handling error and zero target (for testing).
Resize COW above trimmed maximal size is does not return error.
Support parsing of vdo geometry format version 4.
Add lvm.conf thin_restore and cache_restore settings.
Handle multiple mounts while resizing volume with a FS.
Handle leading/trailing spaces in sys_wwid and sys_serial used by deivce_id.
Enhance lvm_import_vdo and use snapshot when converting VDO volume.
Fix parsing of VDO metadata.
Fix failing -S|--select for non-reporting cmds if using LV info/status fields.
Allow snapshots of raid+integrity LV.
Fix multisegment RAID1 allocator to prevent using single disk for more legs.
version 2.03.21 - 21st April 2023
=================================
Fix activation of vdo-pool for with 0 length headers (converted pools).
Avoid printing internal init messages when creation integration devices.
Allow (write)cache over raid+integrity LV.
version 2.03.20 - 21st March 2023
=================================
Fix segfault if using -S|--select with log/report_command_log=1 setting.
Configure now fails when requested lvmlockd dependencies are missing.
Add some configure Gentoo enhancements for static builds.
version 2.03.19 - 21st February 2023
====================================
Configure supports --with-systemd-run executed from udev rules.
Enhancement for build with MuslC systemd and non-bash system shells (dash).
Do not reset SYSTEMD_READY variable in udev for PVs on MD and loop devices.
Ensure udev is processing origin LV before its thick snapshots LVs.
Fix and improve runtime memory size detection for VDO volumes.
version 2.03.18 - 22nd December 2022
====================================
Fix issues reported by coverity scan.
Fix warning for thin pool overprovisioning on lvextend (2.03.17).
Add support for writecache metadata_only and pause_writeback settings.
Fix missing error messages in lvmdbusd.
DM changelog since version 1.02.187:
Version 1.02.196 - 02nd August 2023
===================================
Version 1.02.195 - 21st April 2023
==================================
Version 1.02.193 - 21st March 2023
==================================
Version 1.02.191 - 21st February 2023
=====================================
Improve parallel creation of /dev/mapper/control device node.
Import previous ID_FS_* udev records in 13-dm-disk.rules for suspended DM dev.
Remove NAME="mapper/control" rule from 10-dm.rules to avoid udev warnings.
Version 1.02.189 - 22nd December 2022
=====================================
Improve 'dmsetup create' without given table line with new kernels.
(Version 1.02.188 is missing)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
4db53132ba66359e25fa6fd29aba87541551adf2)
Stan Grishin [Tue, 24 Oct 2023 04:56:14 +0000 (22:56 -0600)]
Merge pull request #22491 from stangri/openwrt-23.05-https-dns-proxy
[23.05] https-dns-proxy: bugfix: prevent crashes on IPv6 systems
Stan Grishin [Tue, 24 Oct 2023 02:14:08 +0000 (02:14 +0000)]
https-dns-proxy: bugfix: prevent crashes on IPv6 systems
* update service triggers so that procd_add_raw_trigger is only
executed on boot and not on other service actions
* remove outdated iface hotplug script
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
5dd08fe23f0ad376bcc3f12c7a50d7ac8c73e2bb)
ValdikSS ValdikSS [Sun, 22 Oct 2023 16:30:04 +0000 (19:30 +0300)]
tor: fix daemon reloading
procd requires init script name, not the path to executable
Signed-off-by: ValdikSS ValdikSS <iam@valdikss.org.ru>
(cherry picked from commit
af58942738c13c431f531e78f368d18a0d2dd84d)
Rui Salvaterra [Wed, 26 Jul 2023 22:32:34 +0000 (23:32 +0100)]
tor: update to 0.4.8.4 stable
First release of the 0.4.8.x series, see the changelog [1] for what's new.
[1] https://gitlab.torproject.org/tpo/core/tor/-/raw/tor-0.4.8.4/ChangeLog
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit
1b2c1ddbb2a693aca87fae96beff3b1741951c90)
Alexandru Ardelean [Sat, 14 Oct 2023 06:03:52 +0000 (09:03 +0300)]
stress-ng: backport immintrin.h header detection for GCC 13
Backport patch from:
https://github.com/ColinIanKing/stress-ng/commit/
cd84c46ce780242879e8aaa7d698b9cd87996dbd
With GCC 12 there is no issue.
With GCC 13, there is a compilation issue on x86_64.
Fixes https://github.com/openwrt/packages/issues/22373
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
(cherry picked from commit
98bcb56eb3de7ae1ffc1ed66287168750a72a059)
Alexandru Ardelean [Mon, 2 Oct 2023 12:39:30 +0000 (15:39 +0300)]
stress-ng: bump to version 0.17.00
Refreshed 001-disable-extra-stressors.patch
Dropped 002-disable-compiler-test.patch
- no longer needed since commit https://github.com/ColinIanKing/stress-ng/commit/
a24c7f2048548e6e9ded652b0d16a7da37e4edf0
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
(cherry picked from commit
f4df9c1786354698a108b415799a61ac1af4e389)
Alexandru Ardelean [Fri, 26 May 2023 11:21:19 +0000 (14:21 +0300)]
stress-ng: bump to version 0.15.10
Merged patches into a single one.
Disabling libmpfr (which got added recently).
To avoid potentially new build failures.
And disabling test-compiler check.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
(cherry picked from commit
8168fc84df6521a33ef220f63dc65e7d01a196a5)
Christian Marangi [Mon, 9 Oct 2023 16:30:58 +0000 (18:30 +0200)]
shadowsocks-libev: convert to PCRE2
Convert package to PCRE2 by porting a pending patch from a closed PR.
The PR is old but the code never changed and is simple enough to check
the changes. The patch apply directly with no changes (aside from
commenting out the travis CI file)
The PR was never merged as PCRE2 at times was too new and they were
trying to find a better regex lib.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
db305165c9a0b9b69a83f6379d0994c3708d58e8)
Josef Schlehofer [Fri, 13 Oct 2023 06:57:18 +0000 (08:57 +0200)]
ooniprobe: remove unused package
This package is not maintained anymore in the OpenWrt packages feed
and since we updated Go to 1.21 version, it is not compiled either.
Let's hope that with removing this package from our feed,
someone will step it and become a maintainer to take care of this package.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
5a917a2a1cd068081d6f30e6ffc282ae977423bb)
Christian Marangi [Thu, 28 Sep 2023 21:51:28 +0000 (23:51 +0200)]
micropython-lib: move to PCRE2
Add pending patch converting the package to PCRE2.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
d191c3d0c409e150d7234a52715718dbe05c1bce)
Nick Hainke [Thu, 19 Oct 2023 13:31:27 +0000 (15:31 +0200)]
conntrack-tools: update to 1.4.8
Release Notes:
https://marc.info/?l=netfilter&m=
169598613909790&w=2
Furthermore, switch to "tar.xz".
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
af666be21fac7ba06bd8bbd7d70c15cb60c1bd7c)
Stan Grishin [Sat, 21 Oct 2023 13:35:50 +0000 (07:35 -0600)]
Merge pull request #22465 from stangri/openwrt-23.05-adblock-fast
[23.05] adblock-fast: bugfix: allow command
Stan Grishin [Sat, 21 Oct 2023 02:26:02 +0000 (02:26 +0000)]
adblock-fast: bugfix: allow command
* fix sed to properly purge allowed domains from block-lists
* ensure resolver is restarted on allow command
* reduce pause default/max in attempt to make it work with luci
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
42cc50eec890b2f86c5f9573938051149a62321d)
Drew Young [Mon, 9 Oct 2023 21:19:50 +0000 (17:19 -0400)]
rust: fix build with glibc, ARM and hard floats
Patch the target triple for Rust with glibc to include hard floating
point support.
The GNU target triple used elsewhere does not include hard float support,
instead `-mfloat-abi=hard` is passed separately. For Rust it must be
included in the target triple. This was already being done for musl,
this commit adds the same patching for glibc.
Without this patch Rust compilation fails with an error like this
(abbreviated to fit the line length):
ld: error: libstd.so uses VFP register arguments, ... does not
ld: failed to merge target specific data of file ...
Signed-off-by: Drew Young <dyoung@viridiparente.com>
(cherry picked from commit
3d799c3eeedfe8813ca3fb2debadffb231f621c1)
Liangbin Lian [Tue, 11 Jul 2023 07:59:54 +0000 (15:59 +0800)]
shairport-sync: fix init script
'name' may contains '%h' or '%v', printf will fail on that
Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
(cherry picked from commit
97ec5d2a6855180295c024782aad50da8081504f)
Christian Marangi [Wed, 18 Oct 2023 11:25:49 +0000 (13:25 +0200)]
net-snmp: backport patch fixing memory leak for PCRE2
Backport patch fixing memory leak for PCRE2 present upstream.
Fixes: #22428
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
9f5036169175d853e2e0c76663f0bc98a8645f85)
Hirokazu MORIKAWA [Tue, 17 Oct 2023 00:26:24 +0000 (09:26 +0900)]
node: Friday October 13 2023 Security Releases
This is a security release.
Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-44487: nghttp2 Security Release (High) (Depends on shared library provided by OpenWrt)
* CVE-2023-45143: undici Security Release (High)
* CVE-2023-38552: Integrity checks according to policies can be circumvented (Medium)
* CVE-2023-39333: Code injection via WebAssembly export names (Low)
More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
9101a21e535d2247b3fb85e0660f7bb0dd4a4290)
Julian Grinblat [Wed, 4 Oct 2023 18:02:50 +0000 (03:02 +0900)]
ddns-scripts: add ddns-scripts-utils package
The samples in the repo are useful for configuring cenrtain aspects of
ddns, and their inclusion is hinted at within their source code
Signed-off-by: Julian Grinblat <julian@dotcore.co.il>
(cherry picked from commit
565fda4105017a08b7c818c60a930ebb8252eeb9)
danielpinto8zz6 [Fri, 1 Sep 2023 12:19:42 +0000 (13:19 +0100)]
ddns-scripts: desec.io - update url to https
Signed-off-by: Daniel Pinto <danielpinto8zz6@gmail.com>
desec.io ddns update is not working, after testing the endpoint I got a 301, after a bit of search I found out we are
supposed to use https instead of http
more info here: https://talk.desec.io/t/301-from-update-dedyn-io/644/2
bump PKG_RELEASE
(cherry picked from commit
f425e37fb04cd5d0d83e713dbb994a859cf9663d)
Baptiste Fouques [Tue, 25 Apr 2023 10:01:47 +0000 (12:01 +0200)]
ddns: Prevent clearing of desec.io entries
When using both ipv4 and ipv6 entries on the same host, ddns is clearing A
(or AAAA) record depending on the connection (ipv4 or ipv6).
see https://desec.readthedocs.io/en/latest/dyndns/update-api.html#determine-ip-addresses
Signed-off-by: Baptiste Fouques <bateast@duck.com>
Update comment and bump PKG_RELEASE number.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
1ea13ed8a168459568e1ce831db3c1ddf63b8905)
Stan Grishin [Wed, 18 Oct 2023 00:30:43 +0000 (18:30 -0600)]
Merge pull request #22424 from stangri/openwrt-23.05-https-dns-proxy
Stan Grishin [Tue, 17 Oct 2023 09:43:34 +0000 (09:43 +0000)]
https-dns-proxy: bugfix: logging crashing instances on ath79
* finally fixes https://github.com/openwrt/packages/issues/19366
* simplify service_triggers
* improve output for dnsmasq restart
* improve grep/sed dependencies
* remove interface hotplug
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
38c026250f2bdae36fbd5bba6a9d529fb7082ed1)
Peter van Dijk [Wed, 11 Oct 2023 10:38:05 +0000 (12:38 +0200)]
dnsdist: update to 1.8.2
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit
b19f8a822b948c75bb40dfec03ab0a9344e25963)
Peter van Dijk [Fri, 8 Sep 2023 11:16:21 +0000 (13:16 +0200)]
dnsdist: update to 1.8.1
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
(cherry picked from commit
e25bb510de90671f4c8c9df42b850cc7c34d31be)