netatalk: update to 3.2.0.

Commit restores package after it was removed from OpenWrt 21.02.
Signed-off-by: Antonio Pastor <apccv@outlook.com>

yajl: backport CVE-2023-33460 fix

Removed old uclibc patches. Not relevant with modern musl or glibc.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit c9ff829fdb046a774c25cf3ce3382979b795edfd)

v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit d76d51a4b826588e09404515fbaf19f3f4442a62)

v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 5fb541f00f0ef9dd10793c40d0418809647105ba)

xray-core: Update to 24.11.21

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 3d05b2c1a9f3f631670e292f494c3525eba0c61a)

xray-core: Update to 24.11.11

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 41457908b83d32c4b1037ab99a82f59456fc0e22)

microsocks: backport upstream fixes

Fix segmentation fault with newer musl and improve throughput.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 77a7324de54e175029fa7ad051a3a17d1806e03e)

microsocks: update to 1.0.4

Signed-off-by: Ozan Göktan <ozan@goktan.site>
(cherry picked from commit 544e4a90619bc6bf39a6845d8e5b7b3c0b2e160a)

ksmbd-tools: update to version 3.5.3

- manually refresh patch 030-glib.patch

Major changes are:
    fix adduser / addshare prompting on musl libc
    fix use of veto files as global share parameter
    lookup primary group and don't recurse in ksmbd.conf @group handling
    fix a leak and an intermittent auth failure in Kerberos 5
    add global parameter kerberos support

detailed changelog here: https://github.com/cifsd-team/ksmbd-tools/releases/tag/3.5.3

Signed-off-by: Andrea Pesaresi <andreapesaresi82@gmail.com>
(cherry picked from commit 5b058c9949b3e3adcbc35347aa1acc40c3442e2c)

ksmbd-tools: update to version 3.5.2

Major changes are:
 - Add durable handles parameter to ksmbd.conf.
 - Add payload_sz in ksmbd_share_config_response to validate ipc
   response.
 - Fix UAF and cleanups.

Signed-off-by: Andrea Pesaresi <andreapesaresi82@gmail.com>
(cherry picked from commit 9cf0eae9bca7447354bcb96759f213ae407c9532)

libdeflate: update to 1.22

Release note:
https://github.com/ebiggers/libdeflate/blob/master/NEWS.md#version-122

Signed-off-by: Gábor Deé <dee.gabor@gmail.com>

zerotier: update to 1.14.1

Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit 660b10f0dc9ca81ec2f7b9f7d30ba1a745925d77)

zerotier: split configuration

Split configuration in global and per-network sections.
This change breaks existing configurations.

The following per-network settings are available:

* allow_managed
* allow_global
* allow_default
* allow_dns

See  https://docs.zerotier.com/config/#network-specific-configuration

Signed-off-by: Óscar García Amor <contact@ogarcia.me>
Reviewed-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit 5af81638787a1dd1f057bc238bc243225110607f)

zerotier: update to 1.14.0

Includes refreshed patches.

Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit cf6fef36b44de2c9d1b7910f6afd43e0c6ee946c)

adblock-fast: bugfix: dnsmasq instances confdir hack

* temporary hack until https://github.com/openwrt/openwrt/pull/16806 is merged

Signed-off-by: Stan Grishin <stangri@melmac.ca>

iperf3: fix crashing with musl

Upstream backport.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 9c9f4dd08875c77e145e834b939d0c40c043db60)

iperf3: explicitly disable SCTP

Since https://github.com/openwrt/openwrt/commit/3fa5ee0b28b736c5d06af34ed5c3e80f78235fe8
OpenWrt no longer disables SCTP support by default.
It caused the leak of libsctp dependency to iperf3.
Here we disable it explicitly to fix the build.

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
(cherry picked from commit 6c1ce8ccc78f1b34ade513aa134962eb143826f9)

ruby: update to 3.2.6

Ruby 3.2.6 is a minor bug fix release.

Link: https://github.com/ruby/ruby/releases/tag/v3_2_6
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

php8: update to 8.2.26

This fixes:
    - CVE-2024-8929
    - CVE-2024-8932
    - CVE-2024-11233
    - CVE-2024-11234
    - CVE-2024-11236

Upstream changelog:
https://www.php.net/ChangeLog-8.php#8.2.26

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

yggdrasil: bump to 0.5.10

Signed-off-by: George Iv <zhoreeq@users.noreply.github.com>
(cherry picked from commit 4ee4b22e431ca3c27c1ab26dc0daba5ca6198443)

adblock: update 4.2.3-2

* correctly parse json objects with hyphens in the autodetection functions

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 823633c0e60ad9efb3afe9c4e63b34c93fa55f7c)

adblock: release 4.2.3-1

* optimized procd settings for better performance
* reworked autodetection functions (still broken in master due to apk migration)
* made the tld function optional, set 'adb_tld' accordingly (enabled by default)
* reworked count function
* various code improvements

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 8afc26fafbd913d829734ab22fc09abaf8874ae8)

banIP: update 1.0.1-2

* correctly parse json objects with hyphens in the autodetection function

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 3140259fc68952355b62a364a97527003adaf1fe)

banIP: release 1.0.1-1

* optimized procd settings for better performance
* made the log monitor working again (even on master with apk migration issues)
* reworked the fetch autodetection function (still broken in master due to apk migration)

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 8609a5bbe5b999045dcd9a10714d9e47e4359599)

banIP: update to 1.0.0-10

* minimal fix to support all download utilities in currently broken apk snapshots
  (see https://github.com/openwrt/openwrt/issues/16907 for details)

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 4f00d8f0ee66effd40ec7c56a5a9a7395a7a8d54)

django: bump to 4.2.16

Fixes a bunch of CVEs.
CVE-2024-45230
  https://nvd.nist.gov/vuln/detail/CVE-2024-45230

CVE-2024-45231
  https://nvd.nist.gov/vuln/detail/CVE-2024-45231

(And maybe a few more).

Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>

node: bump to v18.20.5

Notable Changes
  esm: mark import attributes and JSON module as stable (Nicolò Ribaudo)

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

openwisp-monitoring: align PKG_SOURCE_VERSION with PKG_VERSION

Previously, `PKG_SOURCE_VERSION` in the Makefile was incorrectly
set to `0.1.1` instead of tracking `PKG_VERSION`. This mismatch
caused compilation issues for the package.

This fix ensures `PKG_SOURCE_VERSION` dynamically aligns with
`PKG_VERSION` to prevent future discrepancies.

Signed-off-by: Gagan Deep <pandafy.dev@gmail.com>

CI: multi-arch-test-build: move to shared workflow

Move multi-arch-test-build to shared workflow.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 2a35a9cab226a43d5521b6356cb5e64a5b174df2)

openwisp-monitoring: allow not depending on rpcd-mod-iwinfo

Add option to exclude rpcd-mod-iwinfo from dependency.

Signed-off-by: Gagan Deep <pandafy.dev@gmail.com>
(cherry picked from commit ca503cc4054d9a13558c7b552886a6dba359a0eb)

openwisp-monitoring: fix Makefile for 0.2.0 update

Commit 5e69da4ccb760da66f00f91e6cb2248ddcdabe5d upgraded openwisp-monitoring
to version 0.2.0 but missed necessary Makefile adjustments, causing the
package to break in OpenWrt feeds.

This patch updates the Makefile to ensure proper functionality of
openwisp-monitoring with the 0.2.0 release.

Signed-off-by: Gagan Deep <pandafy.dev@gmail.com>
(cherry picked from commit 886b3fa36d0b82071b10d0169d6950b0aaa6f16c)

openwisp-config: fix Makefile for 1.1.0

Update configuration in Makefile to fix #25168.
Add "/etc/openwisp/" to conf files.

Signed-off-by: Gagan Deep <pandafy.dev@gmail.com>
(cherry picked from commit 67d4fa3b05e0a8ee0724bc245d6eec318351876a)

rust: update to 1.81.0

- Automatically refresh one patch
- Other patch is unchanged

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
(cherry picked from commit 541060ee563a57ff5acbad4e55285ef86c5a9172)

zabbix: zabbix-agentd: depend on libevent2-pthreads

zabbix-agentd requires libevent2-pthreads to build
correctly, so add it to DEPENDS.

Signed-off-by: Yanase Yuki <dev@zpc.st>
(cherry picked from commit e61c3ea01cba8e29f6fef232b049c224255501ad)

mwan3: close flock fd when starting mwan3.user scripts

Fixes deadlock with multiple init script calls

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 619629ce85991fbb5aa8677ea076ab2de1043ba4)

adblock: update to 4.2.2-8

* get rid of remaining opkg calls and static adblock versioning
* fixed bind autodetection

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit e3217b54edd17a71edc3f8992ccb87b13222c84c)

travelmate: update to 2.1.3-2

* fixed gathering/printing of system information in travelmate status
* make use of a central command selector function

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 5af7612c515460ed5fa4903a580ccc8427e3163e)

adblock: update to 4.2.2-7

* fixed gathering/printing of system information in adblock status
* added missing hagezi category (samsung tracker)

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit bbaa72d739368ef2131d4d7aca8ab626be6658b3)

banIP: update to 1.0.0-9

* fixed gathering/printing of system information in banIP status
* removed broken iblocklist.com feeds
* updated readme

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit fb19c1469654f39b3904accfb398bb88b884562b)

i2pd: Update to 2.54.0

* Updating package to 2.54.0
* Changed Makefile to install binary to /usr/bin (as in upstream)
* Updated init.rc script with new path

Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
(cherry picked from commit f28940ddedc6f9cd39b0825e56422c13b93e4c39)

pdns-recursor: update to 4.9.9

fixes CVE-2024-25590

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>

openwisp-monitoring: update to 0.2.0

Signed-off-by: Gagan Deep <pandafy.dev@gmail.com>
(cherry picked from commit 4540a0abf8debf995bac9b76502909dc5f06647b)

openwisp-config: update to 1.1.0

Signed-off-by: Gagan Deep <pandafy.dev@gmail.com>
(cherry picked from commit af4a89482cff4fbdcb1281b6677c7a74e51c95ec)

sing-box: Update to 1.9.7

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 91639e2e5dd129e4805f1ff801c4a7eb411a6ee0)

xray-core: update to 24.9.30

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit caa09e5377050794be23af8e4bd079bbad137150)

banIP: update to 1.0.0-8

* supports comments (introduced with a #), for MAC addresses
  in the allow and block list, e.g. 26:5e:a0:6a:9c:da # Test
* added hagezi threat ip feed
* added an adguard logterm to the readme
* removed the broken talos feed

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 270e6f12644eb0ba3b1596cb73e267edf3980570)

adblock: update to 4.2.2-6

* fixed adblock status reporting
* optimized the mail template
* removed unanswered DNS requests from reporting
* various small fixes

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 1294b54471e4bd17d1b3de9fc777ffa0ae9e429d)

dockerd: Update to 27.3.1

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit ade186898684bfe40beb3e7f3fab59ae5fe7938a)

dockerd: fix typo in config for no_proxy

the "http_proxy" here should be "no_proxy"

Signed-off-by: Joe Zheng <joe.zheng@intel.com>
(cherry picked from commit dcea616c6134c0d1630174d2fff6a95ffcf60fe6)

dockerd: increase PKG_RELEASE for http proxy update

Fixes: e795bab25325 ("dockerd: add config options for http proxy")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 9ec663013beba8fe6800d8bfbd5b75c33e8f804a)

dockerd: add config options for http proxy

add config options to set http porxy for dockerd, refer to
https://docs.docker.com/engine/daemon/proxy/ for details

use the *_proxy environment variable as the default value, so in most
cases, dockerd can use the system proxy settings just like opkg.

Signed-off-by: Joe Zheng <joe.zheng@intel.com>
(cherry picked from commit e795bab253253e260b61e156d5e5c00e8189cb98)

runc: Update to 1.1.14

This is the fourteenth patch release in the 1.1.z release branch of
runc. It includes a fix for a low severity security issue
(CVE-2024-45310) as well as some minor build-related fixes (including Go
1.23 support).
Fix CVE-2024-45310, a low-severity attack that allowed
maliciously configured containers to create empty files and directories on
the host.
Add support for Go 1.23.
Revert "allow overriding VERSION value in Makefile" and add EXTRA_VERSION.
rootfs: consolidate mountpoint creation logic.

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit c1e6edfa862e065caa6f8b3e9fd50d38d7ed57f5)

containerd: Update to 1.7.22

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit f49b8252e62885960261ffa07a1e8058bb1eb6a4)

docker: Update to 27.3.1

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 605fb1af62be3cf251749d58483087fde8e5c849)

dockerd: Update to 27.1.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit a58474e8381d405357247b20e944f3a3318ea173)

docker: Update to 27.1.2

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit e0258ed7ea5be1200dad4826d5d6913db79c59e7)

php8: update to 8.2.24

This fixes:
    - CVE-2024-8925
    - CVE-2024-8926
    - CVE-2024-8927
    - CVE-2024-9026

Upstream changelog:
https://www.php.net/ChangeLog-8.php#8.2.24

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

ecdsautils: update to 0.4.2

1b53b726f3dc ecdsautils 0.4.2
554e2585efd9 sha256: fix misaligned buffer read in ecdsa_sha256_update()
8c17b073647f sha256: remove burnStack function

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit d57306298e55f372954856a7f49fd2294d6fae46)

hev-socks5-server: update to 2.6.8

Signed-off-by: Ray Wang <r@hev.cc>
(cherry picked from commit c99669e0887f0fac94c804bb7fd348ed9339d9eb)

pbr: bugfix for dns & tor policies

Signed-off-by: Stan Grishin <stangri@melmac.ca>

rclone: Update to 1.68.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 86179f138a4c2f078d5412253aebc0578b8ab1e0)

v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 5fc567d198ac0ba8e821f1eb4e4c3b89b38e9fba)

btop: Update to 1.4.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 7e9ef57819a4adb2b17ee253569052e91f539600)

sing-box: Update to 1.9.6

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 06eb251067537d576fee86f8471377239b5254fe)

sing-box: Update to 1.9.5

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 500a8ab995a020a336948f058e7755efafff80e7)

delve: update to 1.23.1

Signed-off-by: Aleksey Kolosov <softovick@gmail.com>

adblock-fast: bugfixes and shellcheck update

* BUGFIX: correctly identify available RAM
* BUGFIX: properly store remote list filesize in config
* shellcheck updates

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 4bdaea90d63ed12af4b513d833de64bac5f0f2b8)

banIP: update to 1.0.0-7

* fixed auto allow-/blocklist-issue with IPv6 addresses in CIDR notation
* removed edrop feed from readme (had been removed from feeds for a while)

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit aeda25086e7797b403a4307d88716e66f3239504)

softflowd: add '-b' option to config

- add '-b' option to enable bidirectional flow probing

Signed-off-by: Rafal Macyszyn <rafal@v92.pl>
(cherry picked from commit 80b15f0b9e6135978a7d17543d4be5fd13481b1a)

softflowd: bump to 1.1.0

The tag is now prefixed with v; update PKG_SOURCE_URL and PKG_BUILD_DIR
to reflect this.
Drop upstreamed patches. Refresh leftover patch.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 4bdf55d35248500efd41e5f7b61c428d3a22db85)

adblock: update to 4.2.2-5

* filter out unrelated multicast traffic from reporting

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 3474adc309cf77fd9e461e964965cbcfc3c51620)

adblock: update to 4.2.2-4

* fixed wrongly detected NX domains in adblock reporting
* remove existing pcap files when restarting/stopping adblock
   to prevent problems when changing tcpdump parameters

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 180ee1321934cfd27d1245426f8fed3053a1cc66)

v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit fecdb92b3ffa6c30a551bb4cbc79cc417f05be8e)

v2ray-core: Update to 5.18.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 7eef7e36e91b4e39a226a479a9702b22f3880b39)

v2ray-core: Update to 5.17.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit a2d87d2658161d0fd265986a0bc9922fe908f3dc)

v2ray-core: update to 5.16.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 0c645cb6a6d643aabde2e4027b5bcf6802b6df66)

rclone: Update to 1.68.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 59986cf970e5e5fdff1c579996ebb7eec7e05dbe)

travelmate: update to 2.1.3-1

* fixed STA connection issues / restart the travelmate interface on new connections via ubus
* fixed NTP hotplug issues / trigger the NTP hotplug event via ubus
* fixed minor log issues (mail/hotplug)
* readme update

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 7f976e1602254ee4ae793b611abd596e607d26b3)

php8: update to 8.2.23

Upstream changelog:
https://www.php.net/ChangeLog-8.php#8.2.23

A minor adaption to a single patch is required.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

banip: update 1.0.0-6

* automatic blocking of IP ranges via RDAP request now supports multiple CIDRs
* cosmetics

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit b157e03e8024a2a32993688b0450cda9497deedd)

gg: Update to 0.2.19

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 7ba22665d75f87083dc15a4dfe4abe4b1fd6ab99)

cloudflared: reload service if wan inferface has (re)connected

Sometimes the wan connection needs time to be established (e.g. cold
boot after power loss) and the service may crash as the internet is
yet available. Add a trigger to reload the service once the wan
interface is up.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 52037eb625a864c7e9b2b4e30b975bc5a8092192)
[based upon 23.05 branch]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

nano: update to 8.2

Update nano editor to version 8.2

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 14a80bff16bcbc5768fee7eaf6eff7b445b78a19)

glib2: update to 2.74.7 to fix several CVEs

Bump glib2 to 2.74.7 which fixes CVE-2023-29499, CVE-2023-32611,
CVE-2023-32636, CVE-2023-32643, CVE-2023-32665 and on top of that
backport CVE-2024-34397 fix from Debian Bookworm glib2 package
2.74.6-2+deb12u2. While at it refresh the patches so they apply cleanly.

References: https://security-tracker.debian.org/tracker/source-package/glib2.0
Fixes: CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665, CVE-2024-34397
Signed-off-by: Petr Štetiar <ynezz@true.cz>

rust: update to 1.80.1

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit d4416c2e6399a2c715d684c7b439a0ac4ff93e96)

rust: update to 1.80.0

- Remove two upstreamed patches
- Manually refresh one patch
- Automatically refresh another patch

Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com>
(cherry picked from commit 8d68f0b0dbb0d3f3929144507e28a449c67ea3ca)

yq: Update to 4.44.3

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

yq: Update to 4.44.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 78d0e1662961145b03c88e7181aeb93b855c9142)

yq: Update to 4.43.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit ab21adbbff2fa0376d454e52630def0c15db5320)

v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit b9de33f106c61d150ca6c335e1d3a74bd150f769)

xray-core: update to 1.8.24

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit 1c7bd8ba1d116466aba9192e8b589a40a3632df3)

apfree-wifidog: update to 7.08.2035

https://github.com/liudf0716/apfree-wifidog/releases/tag/7.08.2035

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit 632d4ea93d2a3e9dd5c842bbbf1ffa7290987a5f)

apfree-wifidog: modify wifidogx.init
1. to address the isssue of incomplement firwall rules
2. added support for gateway settings

Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
(cherry picked from commit d552c5733a3459466e5f2509f2ce681d413e0ede)

dhtd: udpate to 1.0.2

Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit 3934cfdbdcda4d2a7508a2d3220e2088f889bb25)

dhtd: update to 1.0.1

Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit ed5e79644dbf5668558f28c980b2f10c52e8bce4)

crowdsec-firewall-bouncer: new upstream release version 0.0.29

Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Run tested: mediatek/filogic, BPI-R3, Openwrt 23.05.4

Description:
 - updated to new upstream release version 0.0.29
 - added retry_initial_commit option to init script (by Quba1)
 - aligned namings in script with crowdsec-firewall-bouncer

Co-authored-by: Quba1 <22771850+Quba1@users.noreply.github.com>
(cherry picked from commit 5988abae10d9c20d87efe23a6ac5d8645aee51af)

sing-box: update to 1.9.4

Signed-off-by: Milinda Brantini <C_A_T_T_E_R_Y@outlook.com>
(cherry picked from commit b788651e272ab7459ac9ea4298ada4cfe6d8aad0)

lxc: fix huge binary sizes by backporting upstream Meson dynlink fixes

LXC after the switch to the Meson build system increased the binary sizes
significantly as each binary is basically static so shipping complete
liblxc which should be linked dynamically.

Upstream later fixed it with series of 10 commits and this fixes are
available in LXC release v6.0.0. Since we can't upstep to that release,
lets fix it by backporting those fixes only, basically making libxlc a
shared library again.

Package sizes before:

 384K lxc-user-nic_5.0.3-1_aarch64_cortex-a53.ipk
 383K lxc-ls_5.0.3-1_aarch64_cortex-a53.ipk
 382K lxc-top_5.0.3-1_aarch64_cortex-a53.ipk
 382K lxc-copy_5.0.3-1_aarch64_cortex-a53.ipk
 381K lxc-unshare_5.0.3-1_aarch64_cortex-a53.ipk
 380K lxc-start_5.0.3-1_aarch64_cortex-a53.ipk
 380K lxc-monitor_5.0.3-1_aarch64_cortex-a53.ipk
 380K lxc-info_5.0.3-1_aarch64_cortex-a53.ipk
 380K lxc-create_5.0.3-1_aarch64_cortex-a53.ipk
 380K lxc-autostart_5.0.3-1_aarch64_cortex-a53.ipk
 380K lxc-attach_5.0.3-1_aarch64_cortex-a53.ipk
 379K lxc-execute_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-wait_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-usernsexec_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-unfreeze_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-stop_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-freeze_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-device_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-destroy_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-console_5.0.3-1_aarch64_cortex-a53.ipk
 378K lxc-cgroup_5.0.3-1_aarch64_cortex-a53.ipk
 376K liblxc_5.0.3-1_aarch64_cortex-a53.ipk
 375K lxc-config_5.0.3-1_aarch64_cortex-a53.ipk
 12K lxc-hooks_5.0.3-1_aarch64_cortex-a53.ipk
 11K lxc-templates_5.0.3-1_aarch64_cortex-a53.ipk
 3.7K lxc-checkconfig_5.0.3-1_aarch64_cortex-a53.ipk
 2.4K lxc-configs_5.0.3-1_aarch64_cortex-a53.ipk
 1.9K lxc-auto_5.0.3-1_aarch64_cortex-a53.ipk
 1.6K lxc-common_5.0.3-1_aarch64_cortex-a53.ipk
 1.2K lxc-unprivileged_5.0.3-1_aarch64_cortex-a53.ipk
 978 lxc_5.0.3-1_aarch64_cortex-a53.ipk

Sizes after:

 378K liblxc_5.0.3-2_aarch64_cortex-a53.ipk
 27K lxc-user-nic_5.0.3-2_aarch64_cortex-a53.ipk
 24K lxc-ls_5.0.3-2_aarch64_cortex-a53.ipk
 21K lxc-usernsexec_5.0.3-2_aarch64_cortex-a53.ipk
 21K lxc-top_5.0.3-2_aarch64_cortex-a53.ipk
 20K lxc-unshare_5.0.3-2_aarch64_cortex-a53.ipk
 20K lxc-copy_5.0.3-2_aarch64_cortex-a53.ipk
 20K lxc-attach_5.0.3-2_aarch64_cortex-a53.ipk
 18K lxc-start_5.0.3-2_aarch64_cortex-a53.ipk
 18K lxc-info_5.0.3-2_aarch64_cortex-a53.ipk
 18K lxc-execute_5.0.3-2_aarch64_cortex-a53.ipk
 18K lxc-device_5.0.3-2_aarch64_cortex-a53.ipk
 18K lxc-create_5.0.3-2_aarch64_cortex-a53.ipk
 18K lxc-autostart_5.0.3-2_aarch64_cortex-a53.ipk
 17K lxc-destroy_5.0.3-2_aarch64_cortex-a53.ipk
 16K lxc-wait_5.0.3-2_aarch64_cortex-a53.ipk
 16K lxc-unfreeze_5.0.3-2_aarch64_cortex-a53.ipk
 16K lxc-stop_5.0.3-2_aarch64_cortex-a53.ipk
 16K lxc-freeze_5.0.3-2_aarch64_cortex-a53.ipk
 16K lxc-console_5.0.3-2_aarch64_cortex-a53.ipk
 16K lxc-cgroup_5.0.3-2_aarch64_cortex-a53.ipk
 15K lxc-monitor_5.0.3-2_aarch64_cortex-a53.ipk
 13K lxc-config_5.0.3-2_aarch64_cortex-a53.ipk
 12K lxc-hooks_5.0.3-2_aarch64_cortex-a53.ipk
 11K lxc-templates_5.0.3-2_aarch64_cortex-a53.ipk
 3.7K lxc-checkconfig_5.0.3-2_aarch64_cortex-a53.ipk
 2.4K lxc-configs_5.0.3-2_aarch64_cortex-a53.ipk
 1.9K lxc-auto_5.0.3-2_aarch64_cortex-a53.ipk
 1.6K lxc-common_5.0.3-2_aarch64_cortex-a53.ipk
 1.1K lxc-unprivileged_5.0.3-2_aarch64_cortex-a53.ipk
 944 lxc_5.0.3-2_aarch64_cortex-a53.ipk

Sum of Package Sizes:

 Before: 8758.78K
 After:   814.64K

The total package size has decreased by approximately 90% after the fix.

References: https://github.com/lxc/lxc/pull/4401
Signed-off-by: Petr Štetiar <ynezz@true.cz>

adblock: update to 4.2.2-3

* bugfix: users reported unexpected side effects with  the newly introduced rpc-sys ubus service, reverted that part
*bugfix: made "tcpdump" optional

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 4803143a91a9d7d80e4ba584dbb4a5e5d4c4567f)

adblock: update to 4.2.2-2

* removal of a superfluous opkg code block (missed in the last commit)
* cosmetics

Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 9428ef4320919c66dc0759c97033f84c6bb9adb2)