Findlay Feng [Tue, 27 Feb 2024 07:34:24 +0000 (15:34 +0800)]
proto-bonding: Modify ipaddr as optional
The configuration of ipaddr in proto-bonding is not necessary,
such as adding the bond interface to the bridge or
performing pppoe dialing on the bond interface, etc.
Signed-off-by: Findlay Feng <i@fengch.me>
Philip Prindeville [Thu, 28 Mar 2024 16:57:09 +0000 (10:57 -0600)]
perl-text-csv_xs: Update to 1.53
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Jonas Jelonek [Wed, 27 Mar 2024 13:54:02 +0000 (14:54 +0100)]
eza: update to 0.18.9
Release notes:
0.18.8 - https://github.com/eza-community/eza/releases/tag/v0.18.8
0.18.9 - https://github.com/eza-community/eza/releases/tag/v0.18.9
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
Philip Prindeville [Wed, 27 Mar 2024 23:57:52 +0000 (17:57 -0600)]
strongswan: drop unneeded sleep patch
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Philip Prindeville [Wed, 27 Mar 2024 20:03:00 +0000 (14:03 -0600)]
strongswan: backport upstream MUSL fix for farp_spoofer.c
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Philip Prindeville [Tue, 26 Mar 2024 00:25:31 +0000 (18:25 -0600)]
strongswan: backport upstream MUSL fix for pf_handler.c
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Philip Prindeville [Mon, 25 Mar 2024 23:13:13 +0000 (17:13 -0600)]
strongswan: simplify MUSL patch
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Philip Prindeville [Mon, 25 Mar 2024 00:20:59 +0000 (18:20 -0600)]
strongswan: Update to 5.9.14
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Thibaut VARÈNE [Mon, 25 Mar 2024 10:33:51 +0000 (11:33 +0100)]
uspot: update to Git HEAD (2024-03-25)
56eebdad085e uspot: wrap spotfilter device under tip_mode
1a96d57e5fe0 uspot: client_enable() wrap spotfilter data in tip_mode
fe12f9a7abde uspot: clear ratelimit state on startup/shutdown
976badc4d0b6 update README
53b8cb88a94a Makefile: require minimum ucode version
ff6163190d5a uspot/portal: report client_enable() failure
8601d9199233 include sample radcli dictionaries
c670f6c4b48f update README
094f0df88150 uspot: work around ucode#191 missing in 23.05
Update the package Makefile to reflect the changes from the following
above-listed commit:
53b8cb88a94a Makefile: require minimum ucode version
Fixes: https://github.com/f00b4r0/uspot/issues/4
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Jan Klos [Mon, 18 Mar 2024 16:53:02 +0000 (17:53 +0100)]
nginx: update to 1.25.4
Signed-off-by: Jan Klos <jan@klos.xyz>
krant [Sun, 24 Mar 2024 09:47:43 +0000 (11:47 +0200)]
rust: update to 1.77.0
- Restore patch hunk mis-deleted in
dccb910
- Refresh patches
- Remove --enable-missing-tools configure option deleted in the upstream
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Peca Nesovanovic [Wed, 20 Mar 2024 20:21:36 +0000 (21:21 +0100)]
p910nd: fix running multiple instances
Compile tested: (ramips, rb760igs, 23.05 snapshot)
Run tested: (ramips, rb760igs, 23.05 snapshot, tests done)
Description:
In case we have multiple device defined in /etc/config/p910nd then init script will try to start multiple instance with same instance name
drop instance name as resolution
tested on 23.05 snapshot with 2 USB printers
Signed-off-by: Peca Nesovanovic <peca.nesovanovic@sattrakt.com>
Philip Prindeville [Mon, 25 Mar 2024 00:48:12 +0000 (18:48 -0600)]
clixon: Update to 7.0.0
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
brvphoenix [Mon, 25 Mar 2024 12:40:46 +0000 (20:40 +0800)]
sing-box: update to 1.8.10
Signed-off-by: brvphoenix <brvphoenix@gmail.com>
brvphoenix [Mon, 25 Mar 2024 12:40:46 +0000 (20:40 +0800)]
sing-box: restart if the specified interfaces start up
Signed-off-by: brvphoenix <brvphoenix@gmail.com>
Oskari Rauta [Mon, 25 Mar 2024 07:28:07 +0000 (09:28 +0200)]
podman: update to v5.0.0
Major version update to podman
- Obsolete patch removed
- patch 010-do-not-build-docs.patch refreshed
Changelog: https://github.com/containers/podman/releases/tag/v5.0.0
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Oskari Rauta [Mon, 25 Mar 2024 07:21:14 +0000 (09:21 +0200)]
lsd: update to v1.1.1
Changes:
- hex color parser for themes
- adds truncate option
- adds --literal flag
- adds disable option for permission
- upgrades many included sub modules/crates
- Fixes literal flags not regocnized
- adds and improves icons
Full changelogs:
- v1.1.0: https://github.com/lsd-rs/lsd/releases/tag/v1.1.0
- v1.1.1: https://github.com/lsd-rs/lsd/releases/tag/v1.1.1
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Philip Prindeville [Mon, 25 Mar 2024 00:38:32 +0000 (18:38 -0600)]
cligen: Update to 7.0.0
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Philip Prindeville [Sun, 24 Mar 2024 23:41:26 +0000 (17:41 -0600)]
perl-cgi: Update to 4.64
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Josef Schlehofer [Wed, 6 Mar 2024 08:11:59 +0000 (09:11 +0100)]
psmisc: update to version 23.7
Release notes:
https://gitlab.com/psmisc/psmisc/-/compare/v23.4...v23.7?from_project_id=334185&straight=false
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
krant [Sat, 23 Mar 2024 09:40:34 +0000 (11:40 +0200)]
opus: revert to autotools
Latest update in
6c3db5d has switched build system to Meson,
which is broken on several non-SIMD platforms. Turns out,
Meson support is not yet stable enough in the upstream,
so we revert to autotools and drop meson-related patch.
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Hannu Nyman [Sun, 24 Mar 2024 18:39:05 +0000 (20:39 +0200)]
irqbalance: update to version 1.9.4
Update irqbalance to version 1.9.4.
* refresh version in meson patch
* remove EINVAL handling patch as upstream seems to have silenced
the log spam for unmanageable IRQs
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Michael Heimpold [Sun, 24 Mar 2024 15:56:08 +0000 (16:56 +0100)]
Merge pull request #23681 from jummo/add_ddns_servercow
ddns-scripts: Add servercow.de as DDNS provider
Stan Grishin [Sun, 24 Mar 2024 13:55:05 +0000 (07:55 -0600)]
Merge pull request #23716 from stangri/master-https-dns-proxy
https-dns-proxy: prepare migration to APK
Stan Grishin [Sun, 24 Mar 2024 13:08:57 +0000 (07:08 -0600)]
Merge pull request #23717 from stangri/master-adblock-fast
adblock-fast: prepare migration to APK
Stan Grishin [Sun, 24 Mar 2024 13:07:26 +0000 (07:07 -0600)]
Merge pull request #23715 from stangri/master-nebula
nebula: prepare migration to APK
Stan Grishin [Sun, 24 Mar 2024 13:06:32 +0000 (07:06 -0600)]
Merge pull request #23714 from stangri/master-pbr
pbr: prepare migration to APK
Stan Grishin [Sat, 23 Mar 2024 01:02:32 +0000 (01:02 +0000)]
https-dns-proxy: prepare migration to APK
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Josef Schlehofer [Wed, 6 Mar 2024 07:31:43 +0000 (08:31 +0100)]
nnn: update to version 4.9
- Release notes:
https://github.com/jarun/nnn/compare/v4.4...v4.9
- Refresh patch to fix offset
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Michal Hrusecky [Tue, 13 Feb 2024 13:17:31 +0000 (14:17 +0100)]
knot-resolver: Update to version 5.7.1
- Fixes CVE-2023-50868 and CVE-2023-50387
- Also, the resolver has not been called 'Knot DNS Resolver' for quite
some time, so fix that, too.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
Šimon Bořek [Fri, 6 May 2022 11:18:08 +0000 (13:18 +0200)]
knot-resolver: enable dnstap module build by default
'dnstap' module will be built but not loaded by default at runtime
(configuration must be provided for it to be loaded). It is still possible to
disable dnstap build manually using menuconfig.
"The dnstap module supports logging DNS requests and responses to a unix socket
in dnstap format using fstrm framing library. This logging is useful if you need
effectively log all DNS traffic."[^1]
Adds dependency on 'protobuf', 'protobuf-c', 'libfstrm'. Listed packages are
available from OpenWrt packages, have uncomplicated manifests and
while 'protobuf-c' doesn't have a maintainer since spring 2020, all the
packages (including 'protobuf-c') seem to be maintained - the last
updates of all of them in autumn 2021.
As stated by Vladimír Čunát from Knot Resolver team they build dnstap
while packaging for majority of standard Linux distributions.
Therefore this change brings us closer to expected default.
[^1]: https://knot-resolver.readthedocs.io/en/stable/modules-dnstap.html
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
Šimon Bořek [Thu, 5 May 2022 15:53:30 +0000 (17:53 +0200)]
knot-resolver: do not overwrite -Ddnstap=enabled configuration
It was possible to enable dnstap in menuconfig, but the configuration
only added dependencies while leaving dnstap module build disabled.
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
Hauke Mehrtens [Sat, 23 Mar 2024 18:22:13 +0000 (19:22 +0100)]
snort3: Fix compilation with GCC 13
This fixes a compile problem with GCC 13.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 23 Mar 2024 17:02:12 +0000 (18:02 +0100)]
gost_engine: Update to version 3.0.3
This version contains minor bugfixes.
It fixes a compile problem with GCC 13.
Changes: https://github.com/gost-engine/engine/compare/v3.0.1...v3.0.3
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
krant [Sun, 25 Feb 2024 20:33:06 +0000 (22:33 +0200)]
imagemagick: update to 7.1.1.29
- Don't ignore version suffix (upstream 7.1.1-29 becomes 7.1.1.29)
- Avoid superfluous libstdcpp dependency
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Sun, 24 Mar 2024 02:21:01 +0000 (04:21 +0200)]
giflib: update to 5.2.2
Drop upstreamed CVE patches.
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Ivan Pavlov [Fri, 22 Mar 2024 05:47:29 +0000 (08:47 +0300)]
openvpn: update to 2.6.10
This is a bugfix release containing several security fixes specific to the Windows platform.
Bug fixes
---------
- Windows: if the win-dco driver is used (default) and the GUI requests
use of a proxy server, the connection would fail. Disable DCO in
this case.
- Compression: minor bugfix in checking option consistency vs. compiled-in
algorithm support
- systemd unit files: remove obsolete syslog.target
Security fixes
--------------
- CVE-2024-27459: Windows: fix a possible stack overflow in the
interactive service component which might lead to a local privilege
escalation.
- CVE-2024-24974: Windows: disallow access to the interactive service
pipe from remote computers.
- CVE-2024-27903: Windows: disallow loading of plugins from untrusted
installation paths, which could be used to attack openvpn.exe via
a malicious plugin.
For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Javier Marcet [Sat, 23 Mar 2024 10:08:46 +0000 (11:08 +0100)]
docker-compose: Update to version 2.26.0
Signed-off-by: Javier Marcet <javier@marcet.info>
jiangslee [Tue, 19 Mar 2024 07:15:40 +0000 (15:15 +0800)]
netbird: update to 0.26.3
Signed-off-by: jiangslee <jiangsili@qq.com>
Zephyr Lykos [Fri, 16 Feb 2024 02:09:05 +0000 (10:09 +0800)]
tailscale: Update to 1.62.0
https://github.com/tailscale/tailscale/releases/tag/v1.62.0
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
Stan Grishin [Sat, 23 Mar 2024 01:03:22 +0000 (01:03 +0000)]
pbr: prepare migration to APK
* remove dependencies/references to opkg
* simplify wan/wan6 discovery
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Stan Grishin [Sat, 23 Mar 2024 01:03:04 +0000 (19:03 -0600)]
Merge pull request #23684 from stangri/master-pbr
pbr: update to 1.1.4-5
Stan Grishin [Sat, 23 Mar 2024 01:02:48 +0000 (01:02 +0000)]
nebula: prepare migration to APK
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Stan Grishin [Sat, 23 Mar 2024 01:02:05 +0000 (01:02 +0000)]
adblock-fast: prepare migration to APK
Signed-off-by: Stan Grishin <stangri@melmac.ca>
krant [Wed, 20 Mar 2024 09:39:20 +0000 (11:39 +0200)]
opus: update to 1.5.1
- Switch to Meson build system
- Update patch with Meson build fixes
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Maxim Storchak [Sat, 16 Mar 2024 15:00:43 +0000 (17:00 +0200)]
tgt: update to 1.0.91
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
krant [Fri, 15 Mar 2024 14:55:53 +0000 (16:55 +0200)]
libstrophe: update to 0.13.1
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 14:49:57 +0000 (16:49 +0200)]
minisatip: update to 1.3.4
- Configure option 'dvbaes' renamed to 'dvbca'
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 14:38:42 +0000 (16:38 +0200)]
minizip: update to 4.0.5
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 14:19:06 +0000 (16:19 +0200)]
squid: update to 6.8
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 14:00:44 +0000 (16:00 +0200)]
libdeflate: update to 1.19
- Use proper tarball URL.
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 13:17:44 +0000 (15:17 +0200)]
hwdata: update to 0.380
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 13:11:59 +0000 (15:11 +0200)]
mpg123: update to 1.32.5
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 12:47:17 +0000 (14:47 +0200)]
unrar: update to 7.0.7
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 12:37:31 +0000 (14:37 +0200)]
git-lfs: update to 3.5.1
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Fri, 15 Mar 2024 12:36:28 +0000 (14:36 +0200)]
git: update to 2.44.0
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Wed, 13 Mar 2024 09:00:52 +0000 (11:00 +0200)]
erlang: update to 26.2.3
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
krant [Thu, 14 Mar 2024 15:28:54 +0000 (17:28 +0200)]
expat: update to 2.6.2
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Russell Senior [Tue, 19 Mar 2024 12:30:28 +0000 (05:30 -0700)]
pulseaudio: update to 17.0
changes:
remove meson_gio patch, already applied upstream
move pulseaudio-system.conf following upsteam change in
e96d278bfc5:
"daemon/meson.build: Install dbus policy in /usr, not /etc"
Signed-off-by: Russell Senior <russell@personaltelco.net>
Florian Eckert [Thu, 21 Mar 2024 09:22:26 +0000 (10:22 +0100)]
Merge pull request #23693 from TDT-AG/pr/
20240319-rrdtool1
rrdtool1: add license information
Florian Eckert [Thu, 21 Mar 2024 09:04:34 +0000 (10:04 +0100)]
rrdtool1: change download URL to https
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Florian Eckert [Tue, 19 Mar 2024 09:46:59 +0000 (10:46 +0100)]
rrdtool1: add license information
See the license information on the rrdtool homepage.
https://oss.oetiker.ch/rrdtool/license.en.html
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Tianling Shen [Thu, 21 Mar 2024 07:03:35 +0000 (15:03 +0800)]
dnsproxy: Update to 0.66.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Thu, 21 Mar 2024 07:03:30 +0000 (15:03 +0800)]
cloudflared: Update to 2024.3.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Thu, 21 Mar 2024 07:03:14 +0000 (15:03 +0800)]
v2ray-geodata: Update to latest version
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Thu, 21 Mar 2024 07:03:07 +0000 (15:03 +0800)]
v2ray-core: Update to 5.15.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Tianling Shen [Thu, 21 Mar 2024 07:02:50 +0000 (15:02 +0800)]
xray-core: Update to 1.8.9
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Ozan Göktan [Sun, 10 Mar 2024 13:39:46 +0000 (14:39 +0100)]
microsocks: update to 1.0.4
Signed-off-by: Ozan Göktan <ozan@goktan.site>
Michael Heimpold [Thu, 21 Mar 2024 06:42:15 +0000 (07:42 +0100)]
Merge pull request #23695 from mhei/php8-update-to-8.3.4
php8: update to 8.3.4
Peter van Dijk [Thu, 14 Mar 2024 10:16:41 +0000 (11:16 +0100)]
dnsdist: update to 1.9.1 and add maintainer
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Peter van Dijk [Fri, 15 Mar 2024 12:15:48 +0000 (13:15 +0100)]
pdns: update to 4.9.0 and add maintainer
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
Peter Liedholm [Mon, 4 Mar 2024 19:17:41 +0000 (20:17 +0100)]
telldus-mqtt: bump to 0.3
Signed-off-by: Peter Liedholm <peterfromswe884@gmail.com>
Josef Schlehofer [Tue, 5 Mar 2024 17:03:13 +0000 (18:03 +0100)]
lualanes: update to version 3.16.3 and use tarball
1. Update it to version 3.16.3
Release notes: https://github.com/LuaLanes/lanes/releases/tag/v3.16.3
2. Change to download tarball instead of checking out Git sources
In the previous commit (in the Fixes tag), it was changed to Git sources without any reason. Let's revert it back. Let's use again tagged release.
Fixes: b93e5b45b1daac827d429b51d8763226268f2b9a ("lualanes: Version bump to v3.16.2")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
krant [Wed, 20 Mar 2024 09:40:45 +0000 (11:40 +0200)]
xz: update to 5.6.1
- Change source URL to the up-to-date one
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
Tianling Shen [Thu, 21 Mar 2024 05:55:34 +0000 (13:55 +0800)]
Merge pull request #23475 from mcha-forks/go-1.22
golang: update to 1.22.1
Stan Grishin [Mon, 18 Mar 2024 01:43:50 +0000 (01:43 +0000)]
pbr: update to 1.1.4-5
This update includes the following changes:
1. Makefile
* update copyright
* attempt to implement the proper variants to avoid luci-app dependency on both variants
* quietly stop service on uninstall
2. Config-file
* add the list of dnsmasq instances to target in supported dnsmasq modes
* for default pbr variant, set the `resolver_set` to `dnsmasq.nftset`
* for iptables pbr variant, set the `resolver_set` to `dnsmasq.ipset`
* add the `nft_file_support` (disabled by default)
* introduce `procd_boot_delay` to delay service start on boot
* introduce the following nft set creation options:
* nft_set_auto_merge
* nft_set_counter
* nft_set_flags_interval
* nft_set_flags_timeout
* nft_set_gc_interval
* nft_set_policy
* nft_set_timeout
* add the pbr.user.wg_server_and_client custom user script to allow running wg server and
client at the same time
* add the "Ignore Local Requests" sample policy
3. Hotplug firewall/interface scripts
* better logged messages
4. The pbr and pbr-iptables uci defaults script
* use functions from the init script
* improve vpn-policy-routing migration
5. The pbr-netifd uci defaults script
* use functions from the init script
* improve uci operations
6. Introduce the firewall.include file
7. Improve pbr.user.aws custom user script
8. Improve pbr.user.netflix custom user script
9. Introduce pbr.user.wg_server_and_client custom user script
10. Update the init file:
* refactor some code to allow the init script file to be sourced by the uci defaults scripts
and the luci rpcd script for shared functions
* add support for `nft_file_mode` in which service prepares the fw4-compatible atomic nft/include
file for faster operations on service reload
* improve Tor support (nft mode only)
* implement support for nft set options
* update validation functions for new options/parameters
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Andreas Gnau [Wed, 6 Mar 2024 15:48:45 +0000 (16:48 +0100)]
nginx: Fix compilation with LTO
When CONFIG_USE_LTO=y, the int-size detection script will fail because a
variable gets optimised out. Mark it as volatile to fix the issue.
Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
Toke Høiland-Jørgensen [Wed, 20 Mar 2024 16:17:03 +0000 (17:17 +0100)]
net/acme-common: Fix example config
Make sure we quote all strings, and add missing "option" in second example.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Zephyr Lykos [Fri, 8 Mar 2024 04:35:07 +0000 (12:35 +0800)]
golang: Update to 1.22.1
Go 1.22.1 contains the following security fixes:
- CVE-2024-24783:
crypto/x509: Verify panics on certificates with an unknown public key
algorithm
- CVE-2023-45290
net/http: memory exhaustion in Request.ParseMultipartForm
- CVE-2023-45289
net/http, net/http/cookiejar: incorrect forwarding of sensitive headers
and cookies on HTTP redirect
- CVE-2024-24785
html/template: errors returned from MarshalJSON methods may break
template escaping
- CVE-2024-24784
net/mail: comments in display names are incorrectly handled
https://go.dev/doc/devel/release#go1.22.1
https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
Zephyr Lykos [Mon, 19 Feb 2024 11:47:01 +0000 (19:47 +0800)]
golang: Update to 1.22.0
Added a third bootstrap stage since go1.22 (and onwards) requires
at least go1.20.14 to build.[1]
[1]: https://go.dev/doc/go1.22#bootstrap
Signed-off-by: Zephyr Lykos <git@mochaa.ws>
Michael Heimpold [Sun, 17 Mar 2024 14:58:30 +0000 (15:58 +0100)]
mmc-utils: update to upstream's
e1281d4de916 commit
Included upstream changes:
e1281d4de916 mmc-utils: mmc_cmds: fix type-punned warning on &ext_csd[] casting
b5ca140312d2 mmc-utils: lsmmc: Fix emmc capacity calculation
d1d8a05eeb4b mmc-utils: lsmmc: Disintegrade print_mmc_csd
3b055a2129bf mmc-utils: lsmmc: Simplify interface processing functions
e82719f1d29c mmc-utils: lsmmc: Simplify prinitng manufacturer name
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Til Kaiser [Fri, 26 Jan 2024 17:09:37 +0000 (18:09 +0100)]
mstflint: add new package
This commit adds a new package, including tools for
diagnosing Mellanox Spectrum Switches and ConnectX
NICs and querying and installing firmware.
Package Contents:
mflash lib
This lib provides low level Flash
access through Mellanox HCAs.
mtcr lib (implemented in mtcr.h file)
This lib enables access to HCA hardware registers.
mstregdump
This utility dumps hardware registers from
Mellanox hardware for later analysis by Mellanox.
mstvpd
This utility dumps the on-card VPD.
mstmcra
This debug utility reads/writes a to/from
the device configuration register space.
mstconfig
This tool sets or queries non-volatile
configurable options for Mellanox HCAs.
mstfwmanager
Mellanox firmware update and query utility which scans
the system for available Mellanox devices (only mst
PCI devices) and performs the necessary firmware updates.
mstreg
The mlxreg utility allows users to obtain information
regarding supported access registers, such as their
fields and attributes.
mstfwtrace
The mstfwtrace utility extracts and prints trace messages
generated by the firmware running on 5th generation
devices iRISCs. This tool supports secure FW flow only.
mstlink
The mstlink tool is used to check and debug
link status and issues related to them.
Signed-off-by: Til Kaiser <mail@tk154.de>
John Audia [Tue, 12 Mar 2024 12:13:02 +0000 (08:13 -0400)]
openssh: bump to 9.7p1
Release notes: https://www.openssh.com/txt/release-9.7
Removed upstreamed patch: 010-better_fzero-call-detection.patch
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
Patrick Hemmen [Sun, 17 Mar 2024 15:59:51 +0000 (16:59 +0100)]
ddns-scripts: Add servercow.de as DDNS provider
Add servercow.de as dynamic DNS provider provider.
Signed-off-by: Patrick Hemmen <jummo4@yahoo.de>
Alexandru Ardelean [Tue, 19 Mar 2024 14:33:29 +0000 (16:33 +0200)]
Merge pull request #23648 from commodo/python-updates1
python-{pytz,dateutil,evdev},django: bump versions
Florian Eckert [Tue, 19 Mar 2024 13:08:55 +0000 (14:08 +0100)]
luafilesystem: add missing license information
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
John Audia [Thu, 14 Mar 2024 19:14:45 +0000 (15:14 -0400)]
snort3: update to 3.1.82.0
Changelog: https://github.com/snort3/snort3/releases/tag/3.1.82.0
Removed patches/010-gcc13.patch
,,_ -*> Snort++ <*-
o" )~ Version 3.1.82.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2024 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.14
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.13 30 Jan 2024
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.3.1
Using Hyperscan version 5.4.2 2024-03-06
Using LZMA version 5.4.6
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
Josef Schlehofer [Tue, 5 Mar 2024 19:44:47 +0000 (20:44 +0100)]
syslog-ng: enable http module based on zlib support in curl
Since version 4.4.0, syslog-ng added compression to http() destination
using zlib from curl. [1] However, zlib is currently disabled in curl [2]
and it prevented syslog-ng to start.
This commit changes the configuration opinion to enable http module only if
zlib support is enabled for curl and as well it adds dependency for zlib (in that case).
If the zlib is disabled, then it disables http module, so syslog-ng can start
and thus zlib dependency is not required.
[1] https://gitlab.nic.cz/turris/os/packages/-/issues/932
[2] https://github.com/openwrt/packages/blob/
93cbaacbfb13048ad378520a7afea7c9027dd1d6/net/curl/Config.in#L134
Fixes: 4dd49d7c3cd571107958154f1ed1ec8d8dba7464 ("syslog-ng: update to version 4.4.0")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Rosen Penev [Mon, 26 Feb 2024 20:40:14 +0000 (12:40 -0800)]
shairport-sync: get rid of libstdcpp
--as-needed gets rid of it apparently.
Remove empty patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Christian Marangi [Tue, 19 Mar 2024 10:40:36 +0000 (11:40 +0100)]
libpfring: backport patch fixing compilation error for sa_data
Backport patch fixing compilation error for sa_data not well defined.
This is triggered only on platform that makes use of fortify string and
cause compilation error due to the fact that sa_data is not well defined
and his size is arbitrary.
Patch has been accepted in the PF_RING project and this is just a
backport.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Fabian Lipken [Mon, 18 Mar 2024 07:07:21 +0000 (08:07 +0100)]
fx: update to 33.0.0
Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
Dirk Brenken [Tue, 19 Mar 2024 05:08:16 +0000 (06:08 +0100)]
Merge pull request #23690 from drujd/unbound_1.19.3
unbound: update to 1.19.3
Tianling Shen [Tue, 19 Mar 2024 04:37:49 +0000 (12:37 +0800)]
rclone: Update to 1.66.0
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Dirk Brenken [Mon, 18 Mar 2024 21:09:09 +0000 (22:09 +0100)]
travelmate: update 2.1.2-6
* fix vpn semaphore handling (#23643), thanks to @brianjmurrell
* disable vpn processing by default
Signed-off-by: Dirk Brenken <dev@brenken.org>
Jan Klos [Mon, 18 Mar 2024 20:26:51 +0000 (21:26 +0100)]
unbound: update to 1.19.3
Signed-off-by: Jan Klos <jan@klos.xyz>
Stan Grishin [Mon, 18 Mar 2024 16:21:16 +0000 (10:21 -0600)]
Merge pull request #22211 from alaviss/adguard-network-wait
adguardhome: wait for interfaces to be up at boot
Rosen Penev [Mon, 26 Feb 2024 20:45:06 +0000 (12:45 -0800)]
espeak: remove libstdcpp dependency
Apparently it goes away when passing --as-needed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hauke Mehrtens [Sun, 17 Mar 2024 19:04:09 +0000 (20:04 +0100)]
minisatip: Fix configure option for openssl
The configure option which depends on openSSL is named --disable-dvbca
and not --disable-dvbaes
This fixes the following warning:
configure: WARNING: unrecognized options: --disable-dependency-tracking, --disable-nls, --disable-dvbaes
When the option is not set configure will check if openssl is available
and compile against openssl if it find openssl. This breaks the build
because openssl is not defined as a package dependency.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Michael Heimpold [Sun, 17 Mar 2024 17:00:30 +0000 (18:00 +0100)]
php8: update to 8.3.4
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Paul Donald [Fri, 15 Mar 2024 13:42:12 +0000 (14:42 +0100)]
unbound: spell fix
Closes openwrt/luci#6993
Signed-off-by: Paul Donald <newtwen@gmail.com>