feed/packages.git
19 months agolighttpd: select mbedtls for default cryptolib
Glenn Strauss [Thu, 11 May 2023 05:34:59 +0000 (01:34 -0400)]
lighttpd: select mbedtls for default cryptolib

wolfssl has been the base TLS library in openwrt since 21.02
mbedtls will once again be the base TLS library in openwrt 23.??

Default to mbedtls for digest functions in lighttpd

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
19 months agolighttpd: include mod_h2 in base package
Glenn Strauss [Thu, 11 May 2023 00:52:05 +0000 (20:52 -0400)]
lighttpd: include mod_h2 in base package

The next version of lighttpd will move HTTP/2 support from the lighttpd
base executable into a separate module: mod_h2

Include patch to do so now, and update packaging to handle it.

HTTP/2 support is enabled by default since lighttpd 1.4.59, but if
HTTP/2 support is explicitly disabled in the configuration, then mod_h2
will not be loaded, thereby reducing lighttpd memory use.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
19 months agolighttpd: select wolfssl for default cryptolib
Glenn Strauss [Thu, 11 May 2023 00:50:08 +0000 (20:50 -0400)]
lighttpd: select wolfssl for default cryptolib

wolfssl has been a base TLS library in openwrt since 21.02

Default to wolfssl instead of Nettle for digest functions in lighttpd

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
19 months agolighttpd: update to lighttpd 1.4.70 release hash
Glenn Strauss [Thu, 11 May 2023 00:49:24 +0000 (20:49 -0400)]
lighttpd: update to lighttpd 1.4.70 release hash

remove patches included upstream

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
19 months agolibvorbis: fix soname of shared libraries
Robert Högberg [Fri, 12 May 2023 21:08:28 +0000 (23:08 +0200)]
libvorbis: fix soname of shared libraries

When building with cmake we don't get libvorbis*.so.N which means that
some applications may fail to dynamically load libvorbis libraries.

This seems to be a problem specific to cmake (autotools builds work).

Signed-off-by: Robert Högberg <robert.hogberg@gmail.com>
19 months agopigeonhole: update to version 0.5.20
Daniel Golle [Mon, 8 May 2023 11:22:01 +0000 (13:22 +0200)]
pigeonhole: update to version 0.5.20

v0.5.20 2022-12-12  Aki Tuomi <aki.tuomi@open-xchange.com>

    * No changes - release done to keep version numbers synced.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
19 months agodovecot: update to version 2.3.20
Daniel Golle [Mon, 8 May 2023 11:21:36 +0000 (13:21 +0200)]
dovecot: update to version 2.3.20

v2.3.20 2022-12-22  Aki Tuomi <aki.tuomi@open-xchange.com>

    + Add dsync_features=no-header-hashes. When this setting is enabled and
      one dsync side doesn't support mail GUIDs (i.e. imapc), there is no
      fallback to using header hashes. Instead, dsync assumes that all mails
      with identical IMAP UIDs contains the same mail contents. This can
      significantly improve dsync performance with some IMAP servers that
      don't support caching Date/Message-ID headers.
    + lua: HTTP client has more settings now, see
      https://doc.dovecot.org/admin_manual/lua/#dovecot.http.client
    + replicator: "doveadm replicator status" command now outputs when the
      next sync is expected for the user.
    - LAYOUT=index: duplicate GUIDs were not cleaned out. Also the list
      recovery was not optimal.
    - auth: Assert crash would occur when iterating multiple userdb
      backends.
    - director: Logging into director using master user with
      auth_master_user_separator character redirected user to a wrong
      backend, unless master_user_separator setting was also set to the same
      value. Merged these into auth_master_user_separator.
    - dsync: Couldn't always fix folder GUID conflicts automatically with
      Maildir format. This resulted in replication repeatedly failing
      with "Remote lost mailbox GUID".
    - dsync: Failed to migrate INBOX when using namespace prefix=INBOX/,
      resulting in "Remote lost mailbox GUID" errors.
    - dsync: INBOX was created too early with namespace prefix=INBOX/,
      resulting a GUID conflict. This may have been resolved automatically,
      but not always.
    - dsync: v2.3.18 regression: Wrong imapc password with dsync caused
      Panic: file lib-event.c: line 506 (event_pop_global):
      assertion failed: (event == current_global_event)
    - imapc: Requesting STATUS for a mailbox with imapc and INDEXPVT
      configured did not return correct (private) unseen counts.
    - lib-dict: Process would crash when committing data to redis without
      dict proxy.
    - lib-mail: Corrupted cached BODYSTRUCTURE caused panic during FETCH.
Fixes: Panic: file message-part-data.c: line 579 (message_part_is_attachment):
      assertion failed: (data != NULL). v2.3.13 regression.
    - lib-storage: mail_attribute_dict with dict-sql failed when it tried to
      lookup empty dict keys.
    - lib: ioloop-kqueue was missing include breaking some BSD builds.
    - lua-http: Dovecot Lua HTTP client could not resolve DNS names in mail
      processes, because it expected "dns-client" socket to exist in the
      current directory.
    - oauth2: Using %{oauth2:name} variables could cause useless
      introspections.
    - pop3: Sending POP3 command with ':' character caused an assert-crash.
      v2.3.18 regression.
    - replicator: Replication queue had various issues, potentially causing
      replication requests to become stuck.
    - stats: Invalid Prometheus label names were created with specific
      histogram group_by configurations. Prometheus rejected these labels.

v2.3.19.1 2022-06-14  Aki Tuomi <aki.tuomi@open-xchange.com>

    - doveadm deduplicate: Non-duplicate mails were deleted.
      v2.3.19 regression.
    - auth: Crash would occur when iterating multiple backends.
Fixes: Panic: file userdb-blocking.c:
      line 125 (userdb_blocking_iter_next): assertion failed: (ctx->conn != NULL)

v2.3.19 2022-05-10  Aki Tuomi <aki.tuomi@open-xchange.com>

    + Added mail_user_session_finished event, which is emitted when the mail
      user session is finished (e.g. imap, pop3, lmtp). It also includes
      fields with some process statistics information.
      See https://doc.dovecot.org/admin_manual/list_of_events/ for more
      information.
    + Added process_shutdown_filter setting. When an event matches the filter,
      the process will be shutdown after the current connection(s) have
      finished. This is intended to reduce memory usage of long-running imap
      processes that keep a lot of memory allocated instead of freeing it to
      the OS.
    + auth: Add cache hit indicator to auth passdb/userdb finished events.
      See https://doc.dovecot.org/admin_manual/list_of_events/ for more
      information.
    + doveadm deduplicate: Performance is improved significantly.
    + imapc: COPY commands were sent one mail at a time to the remote IMAP
      server. Now the copying is buffered, so multiple mails can be copied
      with a single COPY command.
    + lib-lua: Add a Lua interface to Dovecot's HTTP client library. See
      https://doc.dovecot.org/admin_manual/lua/ for more information.
    - auth: Cache lookup would use incorrect cache key after username change.
    - auth: Improve handling unexpected LDAP connection errors/hangs.
      Try to fix up these cases by reconnecting to the LDAP server and
      aborting LDAP requests earlier.
    - auth: Process crashed if userdb iteration was attempted while auth-workers
      were already full handling auth requests.
    - auth: db-oauth2: Using %{oauth2:name} variables caused unnecessary
      introspection requests.
    - dict: Timeouts may have been leaked at deinit.
    - director: Ring may have become unstable if a backend's tag was changed.
      It could also have caused director process to crash.
    - doveadm kick: Numeric parameter was treated as IP address.
    - doveadm: Proxying can panic when flushing print output. Fixes
      Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed:
      (ioloop == current_ioloop).
    - doveadm sync: BROKENCHAR was wrongly changed to '_' character when
      migrating mailboxes. This was set by default to %, so any mailbox
      names containing % characters were modified to "_25".
    - imapc: Copying or moving mails with doveadm to an imapc mailbox could
      have produced "Error: Syncing mailbox '[...]' failed" Errors. The
      operation itself succeeded but attempting to sync the destination
      mailbox failed.
    - imapc: Prevent index log synchronization errors when two or more imapc
      sessions are adding messages to the same mailbox index files, i.e.
      INDEX=MEMORY is not used.
    - indexer: Process was slowly leaking memory for each indexing request.
    - lib-fts: fts header filters caused binary content to be sent to the
      indexer with non-default configuration.
    - doveadm-server: Process could hang in some situations when printing
      output to TCP client, e.g. when printing doveadm sync state.
    - lib-index: dovecot.index.log files were often read and parsed entirely,
      rather than only the parts that were actually necessary. This mainly
      increased CPU usage.
    - lmtp-proxy: Session ID forwarding would cause same session IDs being
      used when delivering same mail to multiple backends.
    - log: Log prefix update may have been lost if log process was busy.
      This could have caused log prefixes to be empty or in some cases
      reused between sessions, i.e. log lines could have been logged for the
      wrong user/session.
    - mail_crypt: Plugin crashes if it's loaded only for some users. Fixes
      Panic: Module context mail_crypt_user_module missing.
    - mail_crypt: When LMTP was delivering mails to both recipients with mail
      encryption enabled and not enabled, the non-encrypted recipients may
      have gotten mails encrypted anyway. This happened when the first
      recipient was encrypted (mail_crypt_save_version=2) and the 2nd
      recipient was not encrypted (mail_crypt_save_version=0).
    - pop3: Session would crash if empty line was sent.
    - stats: HTTP server leaked memory.
    - submission-login: Long credentials, such as OAUTH2 tokens, were refused
      during SASL interactive due to submission server applying line length
      limits.
    - submission-login: When proxying to remote host, authentication was not
      using interactive SASL when logging in using long credentials such as
      OAUTH2 tokens. This caused authentication to fail due to line length
      constraints in SMTP protocol.
    - submission: Terminating the client connection with QUIT command after
      mail transaction is started with MAIL command and before it is
      finished with DATA/BDAT can cause a segfault crash.
    - virtual: doveadm search queries with mailbox-guid as the only parameter
      crashes: Panic: file virtual-search.c: line 77 (virtual_search_get_records):
      assertion failed: (result != 0)

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
19 months ago banip: release 0.8.6-1
Dirk Brenken [Fri, 12 May 2023 20:30:29 +0000 (22:30 +0200)]
 banip: release 0.8.6-1

* made the fetch utility function/autodetection more bullet proof
* no longer add suspicious IPs to the local blocklist when the nft set timeout has been set
* restructure internal functions & small fixes

Signed-off-by: Dirk Brenken <dev@brenken.org>
19 months agoMerge pull request #18400 from nmav/tmp-tang-self-contained
Nikos Mavrogiannopoulos [Fri, 12 May 2023 13:54:44 +0000 (15:54 +0200)]
Merge pull request #18400 from nmav/tmp-tang-self-contained

make tang self-contained

19 months agoMerge pull request #20970 from nmav/tmp-ocserv
Nikos Mavrogiannopoulos [Fri, 12 May 2023 13:53:44 +0000 (15:53 +0200)]
Merge pull request #20970 from nmav/tmp-ocserv

ocserv: updated to 1.1.7

19 months agoglib2: fix host build offline download
Florian Eckert [Thu, 11 May 2023 09:43:20 +0000 (11:43 +0200)]
glib2: fix host build offline download

If buildsystem does not have a internet connection, then the build
fails. This is because of the fact, that glib2 is downloading and building
the missing dependencies during host compilation.

This cannot be allowed to happen. The package must also be built without
an internet connection.

Adding the missing host build dependency and removing the 'forcefallback'
fixes this issue.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
19 months agolibopen62541: Adding support
Michele Primavera [Wed, 26 Apr 2023 09:41:31 +0000 (11:41 +0200)]
libopen62541: Adding support
Open62541 is an opensource OPC UA library useful in IoT scenarios.

Signed-off-by: Michele Primavera <primavera@elmod.it>
19 months agolxc: set RUNTIME_PATH define to the /var/run path
Rafał Miłecki [Sat, 8 Apr 2023 16:18:55 +0000 (18:18 +0200)]
lxc: set RUNTIME_PATH define to the /var/run path

The default runtime directory used by LXC is /run which doesn't exist
in OpenWrt. It causes errors like:

Failed to create lock for foo
lxc-create: foo: tools/lxc_create.c: main: 260 Failed to create lxc container

There has been workaround for that in the lxc-auto.init but it requires
installing "lxc-auto" package. Replacing that "ln -s" workaround with
Makefile specifying RUNTIME_PATH define allows using pure "lxc" in
OpenWrt (without the "lxc-auto").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
19 months agowsdd2: fix stopping service
Rafał Miłecki [Thu, 11 May 2023 11:27:32 +0000 (13:27 +0200)]
wsdd2: fix stopping service

Function start_service() is called whenever service may need reloading.
If SMB server is not running it could be simply because it has been
stopped. Reloading service in such case is not an error so:
1. Don't log error as it isn't one
2. Don't exit with error code as it was confusing procd

This change fixes scenario like:
/etc/init.d/ksmbd stop
/etc/init.d/wsdd2 reload
(previously above wasn't stopping wsdd2)

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
19 months agoMerge pull request #20978 from jefferyto/numpy-build-fixes
Alexandru Ardelean [Thu, 11 May 2023 06:38:06 +0000 (09:38 +0300)]
Merge pull request #20978 from jefferyto/numpy-build-fixes

numpy: Build fixes

19 months agonumpy: Avoid build user config files
Jeffery To [Wed, 10 May 2023 15:49:46 +0000 (23:49 +0800)]
numpy: Avoid build user config files

This stops numpy from reading .numpy-site.cfg in the build user's home
directory. The code actually tries to find both .numpy-site.cfg and
site.cfg in the user's home directory; this patch prevents both.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agonumpy: Fix compilation when OpenBLAS support is not enabled
Jeffery To [Fri, 17 Feb 2023 03:47:15 +0000 (11:47 +0800)]
numpy: Fix compilation when OpenBLAS support is not enabled

Currently, if OpenBLAS support is not enabled, a site.cfg file is not
written and numpy will use build host paths for libraries. If the build
host has any conflicting libraries, specifically libpython3.10.a, then
compilation will fail.

This ensures site.cfg is always written with buildroot paths.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agonumpy: Fix pyproject.toml-based build
Jeffery To [Wed, 10 May 2023 16:26:17 +0000 (00:26 +0800)]
numpy: Fix pyproject.toml-based build

The versions of setuptools and wheel pinned in pyproject.toml are older
than the versions available in the packages repo. This unpins the
versions so that the build can proceed.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agoMerge pull request #20958 from jefferyto/python-trove-classifiers-2023.5.2
Tianling Shen [Wed, 10 May 2023 14:01:00 +0000 (22:01 +0800)]
Merge pull request #20958 from jefferyto/python-trove-classifiers-2023.5.2

python-trove-classifiers: Update to 2023.5.2

19 months agoCI: Do package run-tests only if target packages were built
Jeffery To [Wed, 10 May 2023 06:10:37 +0000 (14:10 +0800)]
CI: Do package run-tests only if target packages were built

Currently, the package run-test phase will fail for PRs that only
add/update host-only packages, as no target packages (*.ipk) are built.

This checks if any target packages are built before attempting the
run-tests.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agoCI: Run "apt-get update" before installing signify-openbsd
Jeffery To [Wed, 10 May 2023 05:51:59 +0000 (13:51 +0800)]
CI: Run "apt-get update" before installing signify-openbsd

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agodovecot: Fix iconv macro is missing compile error
Juan del Bosque [Fri, 14 Apr 2023 07:48:22 +0000 (09:48 +0200)]
dovecot: Fix iconv macro is missing compile error

Fix a Dovecot compile error when building with no other packages than
the default in master build, because iconv macro is missing.

Fixes: #20677
Signed-off-by: Juan del Bosque <juan@web64.pro>
19 months agoMerge pull request #20801 from jefferyto/python-pyproject
Jeffery To [Wed, 10 May 2023 04:11:07 +0000 (12:11 +0800)]
Merge pull request #20801 from jefferyto/python-pyproject

python: Add proper support for pyproject.toml-based builds, update Python packages for new build process

19 months agocoreutils: update to 9.3
Georgi Valkov [Mon, 8 May 2023 09:37:08 +0000 (12:37 +0300)]
coreutils: update to 9.3

Build system: Ubuntu Linux 22.04, macOS 12.6.5
Run-tested: x64, WRT3200ACM, TL-WR1043ND v4

[1] https://github.com/openwrt/packages/issues/20933
[2] https://debbugs.gnu.org/cgi/bugreport.cgi?bug=62404

Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
19 months agoocserv: updated to 1.1.7
Nikos Mavrogiannopoulos [Mon, 8 May 2023 18:37:33 +0000 (20:37 +0200)]
ocserv: updated to 1.1.7

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
19 months agoMerge pull request #20944 from stangri/master-https-dns-proxy
Stan Grishin [Tue, 9 May 2023 01:44:57 +0000 (19:44 -0600)]
Merge pull request #20944 from stangri/master-https-dns-proxy

https-dns-proxy: fixes/improvements

19 months agoMerge pull request #20942 from stangri/master-simple-adblock
Stan Grishin [Tue, 9 May 2023 01:44:48 +0000 (19:44 -0600)]
Merge pull request #20942 from stangri/master-simple-adblock

simple-adblock: add family to firewall json objects

19 months agoMerge pull request #20930 from stangri/master-pbr
Stan Grishin [Tue, 9 May 2023 01:41:31 +0000 (19:41 -0600)]
Merge pull request #20930 from stangri/master-pbr

pbr: ipv6 & migration bugfixes

19 months agoMerge pull request #20957 from jefferyto/golang-1.20.4
Tianling Shen [Mon, 8 May 2023 10:12:53 +0000 (18:12 +0800)]
Merge pull request #20957 from jefferyto/golang-1.20.4

golang: Update to 1.20.4

19 months agomwan3: bump PKG_VERSION to 2.11.7
Anna Tikhomirova [Wed, 3 May 2023 07:32:22 +0000 (10:32 +0300)]
mwan3: bump PKG_VERSION to 2.11.7

Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
19 months agomwan3: reset score to up+down on connected
Florian Eckert [Thu, 4 May 2023 11:10:38 +0000 (13:10 +0200)]
mwan3: reset score to up+down on connected

Set the score value to the maximum value when the connected function is
called. The same happens with a disconnected event, the score value is
there set to zero.

Suggested-by: Anna Tikhomirova <vamp@vampik.ru>
Suggested-by: Maxim Mikityanskiy <maxtram95@gmail.com>
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
19 months agomwan3: refactoring mwan3track action handling
Florian Eckert [Mon, 28 Nov 2022 09:13:25 +0000 (10:13 +0100)]
mwan3: refactoring mwan3track action handling

Refactoring the score handling, so that only one action could take place
during run. The behaviour should be more comprehensible, since several
score actions are not processed at the same time.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
19 months ago banip: release 0.8.5-2
Dirk Brenken [Mon, 8 May 2023 07:17:07 +0000 (09:17 +0200)]
 banip: release 0.8.5-2

* fixed a log parser regression introduced in latest 0.8.4 update

Signed-off-by: Dirk Brenken <dev@brenken.org>
19 months agoMerge pull request #20915 from mhei/open-plc-utils-update
Michael Heimpold [Mon, 8 May 2023 06:12:17 +0000 (08:12 +0200)]
Merge pull request #20915 from mhei/open-plc-utils-update

open-plc-utils: update to latest upstream version

19 months agopython-trove-classifiers: Update to 2023.5.2
Jeffery To [Mon, 8 May 2023 05:14:09 +0000 (13:14 +0800)]
python-trove-classifiers: Update to 2023.5.2

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agogolang: Update to 1.20.4
Jeffery To [Mon, 8 May 2023 04:14:54 +0000 (12:14 +0800)]
golang: Update to 1.20.4

Includes fixes for:
* CVE-2023-24539: html/template: improper sanitization of CSS values
* CVE-2023-24540: html/template: improper handling of JavaScript
  whitespace
* CVE-2023-29400: html/template: improper handling of empty HTML
  attributes

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agocrowdsec-firewall-bouncer: new upstream release version 0.0.26
S. Brusch [Fri, 5 May 2023 09:43:55 +0000 (11:43 +0200)]
crowdsec-firewall-bouncer: new upstream release version 0.0.26

Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Run tested: ipq40xx/generic, Fritzbox 4040, Openwrt 22.03.5

Update crowdsec-firewall-bouncer to latest upstream release version 0.0.26

19 months agotang: use sbin instead of libexec
Nikos Mavrogiannopoulos [Tue, 26 Apr 2022 07:50:08 +0000 (09:50 +0200)]
tang: use sbin instead of libexec

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
19 months agotang: remove post-installation key generation
Nikos Mavrogiannopoulos [Sun, 7 May 2023 11:35:14 +0000 (13:35 +0200)]
tang: remove post-installation key generation

The keys will be generated on startup.

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
19 months agotang: updated to version 12
Nikos Mavrogiannopoulos [Wed, 12 Apr 2023 18:19:10 +0000 (20:19 +0200)]
tang: updated to version 12

This version enables standalone operation.

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
19 months agosnort3: update to 3.1.61.0
John Audia [Sun, 7 May 2023 04:58:25 +0000 (00:58 -0400)]
snort3: update to 3.1.61.0

Upstream bump

Removed upstreamed patch: 900-fix_build_for_archs_contain_plus.patch[1]

1. https://github.com/snort3/snort3/commit/4de62ca9b9bfea4049ebe373a07076284b121bfe

Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B

Signed-off-by: John Audia <therealgraysky@proton.me>
19 months agognutls: update to v3.8.0
Antonio Flores [Sun, 7 May 2023 03:53:46 +0000 (23:53 -0400)]
gnutls: update to v3.8.0

Fixes: https://github.com/openwrt/openwrt/issues/12542
The detailed list of changes follows:

* Version 3.8.0 (released 2023-02-09)

** libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
Reported by Hubert Kario (#1050). Fix developed by Alexander Sosedkin.
[GNUTLS-SA-2020-07-14, CVSS: medium] [CVE-2023-0361]

** libgnutls: C++ library is now header only. All definitions from
gnutlsxx.c have been moved into gnutlsxx.h. Users of the C++
interface have two options:
1. include gnutlsxx.h in their application and link against
the C library. (default)
2. include gnutlsxx.h in their application, compile with
GNUTLS_GNUTLSXX_NO_HEADERONLY macro defined and link
against the C++ library.

** libgnutls: GNUTLS_NO_STATUS_REQUEST flag and %NO_STATUS_REQUEST
priority modifier have been added to allow disabling of the
status_request TLS extension in the client side.

** libgnutls: TLS heartbeat is disabled by default.
The heartbeat extension in TLS (RFC 6520) is not widely used given
other implementations dropped support for it. To enable back
support for it, supply --enable-heartbeat-support to configure
script.

** libgnutls: SRP authentication is now disabled by default.
It is disabled because the SRP authentication in TLS is not up to
date with the latest TLS standards and its ciphersuites are based
on the CBC mode and SHA-1. To enable it back, supply
--enable-srp-authentication option to configure script.

** libgnutls: All code has been indented using "indent -ppi1 -linux".
CI/CD has been adjusted to catch regressions. This is implemented
through devel/indent-gnutls, devel/indent-maybe and .gitlab-ci.yml’s
commit-check. You may run devel/indent-gnutls to fix any
indentation issues if you make code modifications.

** guile: Guile-bindings removed.
They have been extracted into a separate project to reduce complexity
and to simplify maintenance, see <https://gitlab.com/gnutls/guile/>.

** minitasn1: Upgraded to libtasn1 version 4.19.

** API and ABI modifications:
GNUTLS_NO_STATUS_REQUEST: New flag
GNUTLS_SRTP_AEAD_AES_128_GCM: New gnutls_srtp_profile_t enum member
GNUTLS_SRTP_AEAD_AES_256_GCM: New gnutls_srtp_profile_t enum member

Signed-off-by: Antonio Flores <antflores627@gmail.com>
19 months agohaproxy: update to v2.6.13
Christian Lachner [Sun, 7 May 2023 08:34:39 +0000 (10:34 +0200)]
haproxy: update to v2.6.13

- Update haproxy PKG_VERSION and PKG_HASH
- See changes: http://git.haproxy.org/?p=haproxy-2.6.git;a=shortlog

Signed-off-by: Christian Lachner <gladiac@gmail.com>
19 months agocloudflared: Update to 2023.5.0
Tianling Shen [Sun, 7 May 2023 09:33:16 +0000 (17:33 +0800)]
cloudflared: Update to 2023.5.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
19 months agosmartdns: bump to 1.2023.42
Nick Peng [Sat, 6 May 2023 14:30:24 +0000 (22:30 +0800)]
smartdns: bump to 1.2023.42

Signed-off-by: Nick Peng <pymumu@gmail.com>
19 months agohttps-dns-proxy: fixes/improvements
Stan Grishin [Sun, 7 May 2023 02:55:34 +0000 (02:55 +0000)]
https-dns-proxy: fixes/improvements

* use shared memory to store output data
* add family option to firewall json objects, due to reports that IPv6 hijacking
  doesn't work without explicit family declaration

Signed-off-by: Stan Grishin <stangri@melmac.ca>
19 months agosimple-adblock: add family to firewall json objects
Stan Grishin [Sun, 7 May 2023 02:29:53 +0000 (02:29 +0000)]
simple-adblock: add family to firewall json objects

Signed-off-by: Stan Grishin <stangri@melmac.ca>
19 months ago banip: release 0.8.5-1
Dirk Brenken [Sat, 6 May 2023 20:41:56 +0000 (22:41 +0200)]
 banip: release 0.8.5-1

* add support for external allowlist URLs to reference additional IPv4/IPv6 feeds, set 'ban_allowurl' accordingly
* make download retries in case of an error configurable, set 'ban_fetchretry' accordingly (default 5)
* small fixes
* readme update
* LuCI update (separate commit)

Signed-off-by: Dirk Brenken <dev@brenken.org>
19 months agolibxml2: remove - moved to OpenWrt main repo
Hannu Nyman [Sat, 6 May 2023 08:48:26 +0000 (11:48 +0300)]
libxml2: remove - moved to OpenWrt main repo

Remove libxml2 that was moved into the main OpenWrt repo.
Commit in OpenWrt: 9b0b46985c112c664354dc745d8cfb313166744b

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
19 months agogperf: remove - moved to OpenWrt main repo
Hannu Nyman [Sat, 6 May 2023 08:46:49 +0000 (11:46 +0300)]
gperf: remove - moved to OpenWrt main repo

Remove gperf that was moved into the main OpenWrt repo.
Commit in OpenWrt: 2070a2ca27bdb2b1e4e1587274e192e42f247516

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
19 months agonginx: fix compilation error for nginx-full
Christian Marangi [Fri, 5 May 2023 12:29:16 +0000 (14:29 +0200)]
nginx: fix compilation error for nginx-full

Fix compilation error for stream module not converted to use the PACKAGE
config flag and a missing required dependency for the DAV ext module.

Drop additional config for STREAM module since they are now included and
built by default.

Fixes: 65a676ed56fb ("nginx: introduce support for dynamic modules")
Fixes: #20906
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agoMerge pull request #20925 from jefferyto/python-hatchling-1.14.1
Tianling Shen [Sat, 6 May 2023 12:28:23 +0000 (20:28 +0800)]
Merge pull request #20925 from jefferyto/python-hatchling-1.14.1

python-hatchling: Update to 1.14.1

19 months agortl_433: update to 22.11
Robert Högberg [Thu, 4 May 2023 07:25:57 +0000 (09:25 +0200)]
rtl_433: update to 22.11

Signed-off-by: Robert Högberg <robert.hogberg@gmail.com>
19 months agouwsgi: make LuCI work
Glen Huang [Thu, 4 May 2023 09:27:52 +0000 (17:27 +0800)]
uwsgi: make LuCI work

LuCI is no longer powered by lua, but ucode

Signed-off-by: Glen Huang <me@glenhuang.com>
19 months agopbr: ipv6 & migration bugfixes
Stan Grishin [Fri, 5 May 2023 01:48:27 +0000 (01:48 +0000)]
pbr: ipv6 & migration bugfixes

* suppress RTNETLINK errors when inserting ipv6 routes
* only display global scope IPv6 gateways in status/WebUI
* stop and disable vpn-policy-routing when migrating

Signed-off-by: Stan Grishin <stangri@melmac.ca>
19 months agoMerge pull request #20912 from stangri/master-pbr
Stan Grishin [Fri, 5 May 2023 01:41:14 +0000 (19:41 -0600)]
Merge pull request #20912 from stangri/master-pbr

pbr: update to 1.1.1-1

19 months ago banip: update 0.8.4-5
Dirk Brenken [Thu, 4 May 2023 20:40:48 +0000 (22:40 +0200)]
 banip: update 0.8.4-5

* fix remaining small issues
* standardize log wording
* polished up for branch 23.x

Signed-off-by: Dirk Brenken <dev@brenken.org>
19 months ago banip: update 0.8.4-4
Dirk Brenken [Thu, 4 May 2023 10:07:09 +0000 (12:07 +0200)]
 banip: update 0.8.4-4

* add housekeeping to the autoallow function, only the current uplink will be held
* fix small issues
* cosmetics

Signed-off-by: Dirk Brenken <dev@brenken.org>
19 months agomwan3: bump PKG_VERSION to 2.11.6
Anna Tikhomirova [Wed, 3 May 2023 07:32:22 +0000 (10:32 +0300)]
mwan3: bump PKG_VERSION to 2.11.6

Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
19 months agomwan3: fix addition of routes to mwan3_connected ipset
Anna Tikhomirova [Fri, 28 Apr 2023 20:12:37 +0000 (23:12 +0300)]
mwan3: fix addition of routes to mwan3_connected ipset

Addition of routes to mwan3_connected ipset is broken. The ipset name was
changed from mwan3_connected_v4/6 to mwan3_connected_ipv4/6, but this
change was not reflected in mwan3rtmon.

Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
* Update commit message
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
19 months agomwan3: bump PKG_VERSION to 2.11.5
Anna Tikhomirova [Wed, 3 May 2023 06:40:34 +0000 (09:40 +0300)]
mwan3: bump PKG_VERSION to 2.11.5

Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
19 months agomwan3: fix addition of iptables rules for mwan3 sticky rules
Anna Tikhomirova [Fri, 28 Apr 2023 20:33:39 +0000 (23:33 +0300)]
mwan3: fix addition of iptables rules for mwan3 sticky rules

Addition of iptables rules for mwan3 sticky rules is broken, resulting
in non-working sticky rules. The required parameters for the function
'mwan3_set_sticky_iptables' were passed in the wrong order.

Signed-off-by: Anna Tikhomirova <vamp@vampik.ru>
* Update commit message
* Quoting function arguments
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
19 months agopython-hatchling: Update to 1.14.1
Jeffery To [Thu, 4 May 2023 06:10:43 +0000 (14:10 +0800)]
python-hatchling: Update to 1.14.1

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agotailscale: update to 1.40.0
Zephyr Lykos [Tue, 2 May 2023 10:14:54 +0000 (18:14 +0800)]
tailscale: update to 1.40.0

Signed-off-by: Zephyr Lykos <git@mochaa.ws>
19 months ago banip: update 0.8.4-3
Dirk Brenken [Tue, 2 May 2023 19:41:37 +0000 (21:41 +0200)]
 banip: update 0.8.4-3

* add the option 'ban_autoallowuplink' to limit the uplink autoallow function: 'subnet' (default), 'ip' or 'disable'

Signed-off-by: Dirk Brenken <dev@brenken.org>
19 months agosqlite3: Update to 3.41.2
Tianling Shen [Tue, 2 May 2023 13:40:18 +0000 (21:40 +0800)]
sqlite3: Update to 3.41.2

Fixes: CVE-2021-20227
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
19 months agoMerge pull request #20768 from stangri/master-simple-adblock
Stan Grishin [Tue, 2 May 2023 01:35:55 +0000 (19:35 -0600)]
Merge pull request #20768 from stangri/master-simple-adblock

simple-adblock: implement curl_additional_param compressed_cache_dir

19 months agoopen-plc-utils: update to latest upstream version
Michael Heimpold [Mon, 1 May 2023 18:18:52 +0000 (20:18 +0200)]
open-plc-utils: update to latest upstream version

This adds support for QCA7006AQ chipset identification.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
19 months agosing-box: update to 1.2.6
Van Waholtz [Mon, 1 May 2023 11:04:24 +0000 (19:04 +0800)]
sing-box: update to 1.2.6

Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
19 months agoCI: Enable runtime_test for mips_24kc
Van Waholtz [Mon, 1 May 2023 11:04:24 +0000 (19:04 +0800)]
CI: Enable runtime_test for mips_24kc

Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
19 months agosedutil: Add new package
Javier Marcet [Wed, 8 Feb 2023 13:40:10 +0000 (14:40 +0100)]
sedutil: Add new package

The Drive Trust Alliance Self Encrypting Drive Utility

Signed-off-by: Javier Marcet <javier@marcet.info>
19 months agocache-domains: added pre-test.sh CI step
Gerard Ryan [Sat, 29 Apr 2023 06:25:49 +0000 (16:25 +1000)]
cache-domains: added pre-test.sh CI step

Some packages variants have conflicting dependencies with the
base packages and the CI test will fail to install before anything
can be done by the packages to setup the system for install.

This change adds a pre-test.sh that runs before the install so things
like the default libustream variant can be swapped out as shown in the
updated cache-domains.

Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
19 months agokea: procd_close_instance doesn't take a parameter
Philip Prindeville [Thu, 20 Apr 2023 00:32:54 +0000 (18:32 -0600)]
kea: procd_close_instance doesn't take a parameter

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
19 months agokea: Update to 2.2.0
Philip Prindeville [Wed, 19 Apr 2023 00:21:29 +0000 (18:21 -0600)]
kea: Update to 2.2.0

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
19 months agogetdns: fix compilation with OPENSSL_NO_DEPRECATED
Andre Heider [Tue, 21 Feb 2023 14:54:16 +0000 (15:54 +0100)]
getdns: fix compilation with OPENSSL_NO_DEPRECATED

SSL_get_peer_certificate() is deprecated, OpenSSL v3.0 added
SSL_get0_peer_certificate() and SSL_get1_peer_certificate().

Use the latter since the return value is explicitely X509_free()ed
here, see [0].

[0] https://www.openssl.org/docs/manmaster/man3/SSL_get_peer_certificate.html

Signed-off-by: Andre Heider <a.heider@gmail.com>
19 months agopython-hatchling: Update to 1.14.0
Jeffery To [Fri, 14 Apr 2023 08:09:36 +0000 (16:09 +0800)]
python-hatchling: Update to 1.14.0

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agopython-trove-classifiers: Add new host-only package
Jeffery To [Fri, 14 Apr 2023 08:03:02 +0000 (16:03 +0800)]
python-trove-classifiers: Add new host-only package

From the README:

Canonical source for classifiers on PyPI.

Classifiers categorize projects per PEP 301. Use this package to
validate classifiers in packages for PyPI upload or download.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agopython-calver: Add new host-only package
Jeffery To [Fri, 14 Apr 2023 07:57:46 +0000 (15:57 +0800)]
python-calver: Add new host-only package

From the README:

The calver package is a setuptools extension for automatically defining
your Python package version as a calendar version.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
19 months agoopenssh: add respawn and reloading via signal
Erik Karlsson [Wed, 12 Apr 2023 16:09:07 +0000 (18:09 +0200)]
openssh: add respawn and reloading via signal

Configure the openssh server to respawn. Reload by sending SIGHUP

Signed-off-by: Erik Karlsson <erik.karlsson@genexis.eu>
19 months agozoneinfo: adjust to current timezone data file structure
Hannu Nyman [Sun, 30 Apr 2023 07:50:56 +0000 (10:50 +0300)]
zoneinfo: adjust to current timezone data file structure

Tweak the package to better match the current file structure in the
upstream time zone database. Add missing aliases. Make some clarifications

* Combine -northmerica and -southamerica into -america, as all
  current official America/xxx definitions were already in -northamerica
  and only the unofficial/deprecated Brazil/xxx, Chile and Argentina were
  in -southamerica. (Confusingly America/Sao_Paulo was in northamerica,
  while Brazil was in southamerica.)
  * Add PROVIDES for the old package names

* Add missing top-level dir country/nation alias links.
* Define Eire in -europe instead of -core.

* Rename -india to -indian, as it contains the Indian ocean islands
  instead of the actual Asia/Kolkata zone for the mainland India.
  * Add PROVIDES for the old package name

* Add 'Ocean' to all ocean zone titles.

* Make all zoneinfo-packages depend on zoneinfo-core, so that zone.tab,
  the UTC based definitions and the still existing short zone codes are
  always available.

* Clarify menuconfig menu as "Time Zone info"

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
19 months agolighttpd: build fixes
Glenn Strauss [Sun, 30 Apr 2023 08:11:01 +0000 (04:11 -0400)]
lighttpd: build fixes

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
19 months agopbr: update to 1.1.1-1
Stan Grishin [Mon, 1 May 2023 00:44:34 +0000 (00:44 +0000)]
pbr: update to 1.1.1-1

*** MAKEFILE ***
* remove libubus dependency as it was causing issues
  https://forum.openwrt.org/t/policy-based-routing-pbr-package-discussion/140639/318
* move firewall hotplug directory/file creation out of default section into
  pbr and pbr-iptables packages sections in preparation for dropping it from pbr
* fix no new line after output when uninstalling packages

*** UCI-DEFAULTS ***
* only add firewall include to firewall config if the include file exists
* add shellcheck exception to netifd uci-defaults file

*** SCRIPTS ***
* more informative logging for firewall and iface hotplug scripts
* more informative logging for firewall include script

*** SERVICE ***
* introduce lock-file to prevent package starting on external events if it hasn't
  been auto- or manually started before
* use the `ip`, not `ip-full` command to prevent errors on OpenWrt 21.02
* parse firewall WAN zone to append list of interfaces
* append error and warning "arrays" with new messages
* used shared memory to store the service output/logging messages
* improve is_ovpn function to filter out false positives when interface names started
  with `tun`
* introduce is_valid_ovpn to find OpenVPN tunnels where the device name in OpenVPN config
  matches the device name in network config
* introduce opkg_get_version to compare versions of principal and luci packages
* better code to obtain AdGuardHome version with betas installed
* optimize code and add better logging for errors when inserting policies with iptables
* optimize code and add better logging for errors when inserting policies with nft
* bugfix: insert policies in all specified protocols
* bugfix: support using physical devices in policies in nft mode
* bugfix: use iptPrefix, not nftPrefix in iptables commands
* implement Tor support in nft mode
* bugfix: fix spelling for User File Syntax error
* restart service fully (instead of quick reload) for OpenVPN interface events, as
  the order/number of supported interfaces
* more verbose output (showing handles) of status in nft mode
* improve `icmp_interface`, `ignored_interface`, `supported_interface` validation
  regexes
* improve `interface`, validation regex

Signed-off-by: Stan Grishin <stangri@melmac.ca>
19 months agosamba4: decouple quotas from vfs option
Javier Marcet [Sun, 23 Apr 2023 13:25:36 +0000 (15:25 +0200)]
samba4: decouple quotas from vfs option

Signed-off-by: Javier Marcet <javier@marcet.info>
19 months agopython-eventlet: bump to version 0.33.3
Stepan Henek [Thu, 27 Apr 2023 13:02:18 +0000 (15:02 +0200)]
python-eventlet: bump to version 0.33.3

old eventlet is not working well with python3.10

```
root@turris:~# python3
Python 3.10.9 (main, Feb  9 2023, 10:37:45) [GCC 11.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import eventlet
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python3.10/site-packages/eventlet/__init__.py", line 17, in <module>
  File "/usr/lib/python3.10/site-packages/eventlet/convenience.py", line 7, in <module>
  File "/usr/lib/python3.10/site-packages/eventlet/green/socket.py", line 4, in <module>
  File "/usr/lib/python3.10/site-packages/eventlet/green/_socket_nodns.py", line 11, in <module>
  File "/usr/lib/python3.10/site-packages/eventlet/greenio/__init__.py", line 3, in <module>
  File "/usr/lib/python3.10/site-packages/eventlet/greenio/base.py", line 32, in <module>
  File "/usr/lib/python3.10/site-packages/eventlet/timeout.py", line 166, in wrap_is_timeout
TypeError: cannot set 'is_timeout' attribute of immutable type 'TimeoutError'
```

see 0.33.3 release notes for details - https://eventlet.net/doc/changelog.html#id1

Signed-off-by: Stepan Henek <stepan.henek@nic.cz>
19 months agorestic: update to 0.15.2
Tom Stöveken [Thu, 27 Apr 2023 16:33:41 +0000 (18:33 +0200)]
restic: update to 0.15.2

Maintainer: Tom Stöveken <tom@naaa.de>
Compile tested: SDK for OpenWrt 22.03.4
Run tested: x86/64 @ Intel(R) Celeron(R) CPU N3160 @ 1.60GHz, OpenWrt 22.03.4

Description:
Updated to version 0.15.2

Signed-off-by: Tom Stöveken <tom@naaa.de>
19 months agobanip: update 0.8.4-2
Dirk Brenken [Fri, 28 Apr 2023 10:07:06 +0000 (12:07 +0200)]
banip: update 0.8.4-2

* fix domain lookup function (parse banIP config vars)
* update readme

Signed-off-by: Dirk Brenken <dev@brenken.org>
19 months agolibreswan: update to 4.10
Nick Hainke [Tue, 25 Apr 2023 21:37:11 +0000 (23:37 +0200)]
libreswan: update to 4.10

Release Notes:
https://github.com/libreswan/libreswan/releases/tag/v4.10

Fixes: CVE-2023-23009
Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agonginx: rename nginx-all-module to nginx-full
Christian Marangi [Thu, 20 Apr 2023 19:11:11 +0000 (21:11 +0200)]
nginx: rename nginx-all-module to nginx-full

Rename nginx-all-module to nginx-full to follow pattern used by other
package and other projects.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agonginx: update to 1.24.0 and update headers-more module
Christian Marangi [Thu, 20 Apr 2023 12:17:20 +0000 (14:17 +0200)]
nginx: update to 1.24.0 and update headers-more module

Update nginx to 1.24.0 and update headers-more module to fix compilation
error.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agonginx: update lua module to latest openresty version
Christian Marangi [Thu, 20 Apr 2023 11:50:21 +0000 (13:50 +0200)]
nginx: update lua module to latest openresty version

Update lua module to latest openrestry version. Additional config are
required to correctly use it.

Switch it to luajit from liblua as this is what is currently supported
for the module since plain lua support was dropped from the module.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agonginx: introduce support for dynamic modules
Christian Marangi [Fri, 8 Oct 2021 23:18:41 +0000 (01:18 +0200)]
nginx: introduce support for dynamic modules

Start building sub package that provide dynamic modules.

Each module needs to be loaded using load_modules.
Refer to nginx documentation on how to use this.

This should result in lower memory usage as only used module are loaded.

Also fix the uci-default scripts to add the required ubus module for
luci module.

-fvisibility=hidden is needed to be dropped to correctly support loading
dynamic modules.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agonginx-util: add support for loading dynamic module in uci template
Christian Marangi [Thu, 20 Apr 2023 10:59:08 +0000 (12:59 +0200)]
nginx-util: add support for loading dynamic module in uci template

Add support for loading dynamic module in uci template by adding .module
file in module.d directory.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
19 months agoacme: remove redundant postinst
Glen Huang [Wed, 26 Apr 2023 11:46:46 +0000 (19:46 +0800)]
acme: remove redundant postinst

opkg runs uci-defaults if a package installs one, in acme-common's case
that's identical to postinst.

prerm shouldn't be run a image builder, so it's unnecessary to check
IPKG_INSTROOT

Signed-off-by: Glen Huang <me@glenhuang.com>
19 months agoiperf3: update to 3.13
Nick Hainke [Wed, 26 Apr 2023 06:21:25 +0000 (08:21 +0200)]
iperf3: update to 3.13

Release Notes:
https://software.es.net/iperf/news.html#iperf-3-13-released

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agopcre2: only build static library for host
Tianling Shen [Wed, 26 Apr 2023 00:00:10 +0000 (08:00 +0800)]
pcre2: only build static library for host

Fix potential linking issue:
```
/mnt/snapshot/staging_dir/hostpkg/bin/swig: error while loading shared
  libraries: libpcre2-8.so.0: cannot open shared object file:
    No such file or directory

error: command '/mnt/snapshot/staging_dir/hostpkg/bin/swig' failed with
  exit code 127
```

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
19 months agolibrespeed-go: update file permissions for ujail
Tianling Shen [Wed, 26 Apr 2023 03:35:19 +0000 (11:35 +0800)]
librespeed-go: update file permissions for ujail

This fixes "permission denied" error when access files as a normal user.

Reported-by: Anya Lin <hukk1996@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
19 months agoiperf: update to 2.1.9
Nick Hainke [Wed, 26 Apr 2023 06:10:38 +0000 (08:10 +0200)]
iperf: update to 2.1.9

Changelog can be found here:
https://sourceforge.net/projects/iperf2/files/

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agogzip: update to 1.12
Nick Hainke [Tue, 25 Apr 2023 21:30:11 +0000 (23:30 +0200)]
gzip: update to 1.12

Release Notes:
https://lists.gnu.org/archive/html/info-gnu/2022-04/msg00003.html

Fixes: CVE-2022-1271
Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agokmod: update to 30
Nick Hainke [Thu, 6 Apr 2023 06:23:52 +0000 (08:23 +0200)]
kmod: update to 30

Release Notes:
- https://github.com/kmod-project/kmod/releases/tag/v28
- https://github.com/kmod-project/kmod/releases/tag/v29
- https://github.com/kmod-project/kmod/releases/tag/v30

Signed-off-by: Nick Hainke <vincent@systemli.org>
19 months agoyaml: only build static library
Luiz Angelo Daros de Luca [Tue, 25 Apr 2023 16:48:22 +0000 (13:48 -0300)]
yaml: only build static library

Do not build shared libraries to avoid host programs to dynamic link
libraries at non-standard paths.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>