Jeffery To [Sun, 6 Mar 2022 19:34:27 +0000 (03:34 +0800)]
golang: Update to 1.17.8
Includes fix for CVE-2022-24921 (regexp: stack overflow (process exit)
handling deeply nested regexp).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
9704e900da348449bdbc76228a56da19936d605c)
Jeffery To [Sun, 6 Mar 2022 20:01:16 +0000 (04:01 +0800)]
python-twisted: Update to 22.2.0
Includes fix for CVE-2022-21716 (The Twisted SSH client and server
implementation naively accepted an infinite amount of data for the
peer's SSH version identifier.)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
630d6800f284eef77426ad3980977b2e9b7896d3)
Jeffery To [Tue, 15 Feb 2022 13:28:16 +0000 (21:28 +0800)]
python-twisted: Update to 22.1.0, refresh patches
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
9f3816d1c6230076db33658d29c44b0dc5c849d1)
Maarten Aertsen [Fri, 25 Feb 2022 20:46:53 +0000 (21:46 +0100)]
mdnsresponder: Fix nullpointer dereference while parsing interface list
This patch was backported from https://github.com/IETF-Hackathon/mDNSResponder/commit/
1fb07b9524b4afed3a826c087db4dc48a7bfdb8
(cherry picked from commit
a4b33ab169a3ca60cd12c2eb5155e899779d3570)
Signed-off-by: Maarten Aertsen <spam-github@rtsn.nl>
Josef Schlehofer [Fri, 4 Mar 2022 13:12:25 +0000 (14:12 +0100)]
Merge pull request #17986 from CyberMind-FR/crowdsec-firewall-bouncer-remove-crowdsec-depency
[21.02] crowdsec-firewall-bouncer: remove crowdsec package dependency
Kerma Gérald [Tue, 21 Dec 2021 12:34:15 +0000 (13:34 +0100)]
crowdsec-firewall-bouncer: remove crowdsec package dependency
Remove un-necessary crowdsec package dependency, to be able to use
crowdsec-firewall-bouncer independently from crowdsec local installation.
(with remote API)
Fix issue: https://github.com/openwrt/packages/issues/17406
Description:
using crowdsec-firewall-bouncer on many OpenWRT devices connected
with my domain LAPI server (which collect many crowdsec machines,
mostly nginx), it works great. Actually, crowdsec package is not
mandatory for that usage, it would be great if it was not a dependency.
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
(cherry picked from commit
ffd97e173c913e89fcb0d2ab683fac87d03d92b4)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Chao Liu [Tue, 1 Mar 2022 16:35:44 +0000 (00:35 +0800)]
kcptun: bump to v20210922
Signed-off-by: Chao Liu <git@expiron.dev>
Rosen Penev [Mon, 28 Feb 2022 07:25:28 +0000 (23:25 -0800)]
samplicator: fix Wformat warning
Wrong type.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
97cbb3d20a50bb22d271665af7f8837c11e267ea)
Nikos Mavrogiannopoulos [Fri, 25 Feb 2022 22:53:10 +0000 (23:53 +0100)]
ocserv: updated to 1.1.6
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Nikos Mavrogiannopoulos [Fri, 25 Feb 2022 21:29:37 +0000 (22:29 +0100)]
openconnect: updated to 8.20
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Tianling Shen [Tue, 22 Feb 2022 15:00:42 +0000 (23:00 +0800)]
yq: Update to 4.20.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
7254169b12a9250538d1425644dd5e6c60463598)
Josef Schlehofer [Thu, 24 Feb 2022 14:46:13 +0000 (15:46 +0100)]
MarkupSafe: update to version 2.1.0
Changelog:
https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-0
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
2d10b0836df5c119fd570f00f57424ab19f59e66)
Rosen Penev [Tue, 15 Jun 2021 00:29:16 +0000 (17:29 -0700)]
domoticz: update to 2021.1
Remove outdated patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
edfb91f334457cb0b14c8a7bf01afa4fa9b895da)
Rosen Penev [Tue, 15 Jun 2021 00:09:49 +0000 (17:09 -0700)]
minizip: update to 3.0.2
Add back compat header as domoticz really wants it.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
953e23b0e67e04e69dc26928f21e66aaa64e2b04)
Rosen Penev [Sat, 20 Mar 2021 23:47:53 +0000 (16:47 -0700)]
minizip: update to 3.0.1
Switch to AUTORELEASE for simplicity.
Switch to building with Ninja for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
0ac671880dab9214daa49bb0ac3bfe0406c5b28f)
Rosen Penev [Sun, 21 Feb 2021 05:48:55 +0000 (21:48 -0800)]
minizip: update to 3.0.0
Switch to new upstream and switch package name.
Further disable features to avoid extra dependencies.
Build with PIC to avoid build failures with mips16.
Remove no longer needed patch. Upstream fixed it differently.
Use AUTORELEASE for simplicity.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
3b812f93d6d48ffcd896b33e9ff344ad0b8572a0)
Michal Vasilek [Wed, 23 Feb 2022 20:34:58 +0000 (21:34 +0100)]
expat: import patches for CVEs
* import patches for CVEs from alpine 3.13
CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-23852, CVE-2022-23990
CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
W. Michael Petullo [Mon, 10 May 2021 16:54:30 +0000 (11:54 -0500)]
nfdump: update to 1.6.23
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit
a64e94bd462bc8d68a36b9a545b24852b294ec0e)
Jo-Philipp Wich [Tue, 22 Feb 2022 22:28:55 +0000 (23:28 +0100)]
htpdate: drop freebsd.org from default server list
The FreeBSD project stopped publishing HTTP date headers and seeks to
limit further resource taxing by distributed htpdate clients using the
www.freebsd.org host as default time source.
Fixes: #17924
Reported-by: Allan Jude <allanjude@freebsd.org>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
e8713180026e0cf1c9d1421e3b664fee3fa4df12)
Hannu Nyman [Tue, 22 Feb 2022 17:21:01 +0000 (19:21 +0200)]
nano: update to 6.2
Update nano to 6.2.
Remove inactive second maintainer.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
a3f14c51149ff0c3604baf130987ee2bf5203edb)
Josef Schlehofer [Fri, 11 Feb 2022 16:00:48 +0000 (17:00 +0100)]
unbound: update to version 1.15.0
Refresh patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
2abe98e1343bc205d0e2fc0e6fbf32ede289ef87)
Tianling Shen [Thu, 17 Feb 2022 18:58:37 +0000 (02:58 +0800)]
yq: Update to 4.20.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
1578ea4383ed06a68996dfc7fe72c8b5aeda47fa)
Michael Heimpold [Sat, 19 Feb 2022 12:22:38 +0000 (13:22 +0100)]
Merge pull request #17900 from mhei/21.02-php8-update
[21.02] php8: update to 8.0.16
Michael Heimpold [Sat, 19 Feb 2022 12:22:31 +0000 (13:22 +0100)]
Merge pull request #17899 from mhei/21.02-php7-update
[21.02] php7: update to 7.4.28
Michal Hrusecky [Mon, 15 Nov 2021 10:59:39 +0000 (11:59 +0100)]
pcapplusplus: Add new package
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and
crafting of network packets. It is designed to be efficient, powerful
and easy to use. It provides C++ wrappers for the most popular packet
processing engines such as libpcap, WinPcap, DPDK and PF_RING.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit
2d8e396be33463e7ba8df7f1ff3b08d0443e54cb)
Josef Schlehofer [Fri, 18 Feb 2022 22:43:52 +0000 (23:43 +0100)]
Merge pull request #17895 from jefferyto/slide-switch-0.9.7-openwrt-21.02
[openwrt-21.02] slide-switch: Update to 0.9.7
Jan Hoffmann [Tue, 25 Jan 2022 19:10:09 +0000 (20:10 +0100)]
vnstat2: update to version 2.9
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit
948f0d29ccd825f5370d87549f8977b851db756e)
Jan Hoffmann [Wed, 27 Oct 2021 21:55:28 +0000 (23:55 +0200)]
vnstat2: add hotplug script for adding interfaces
If an interface doesn't exist yet when vnStat is started, it won't be
monitored, as only existing interfaces can be added to the database via
the vnstat command.
This adds a hotplug script which adds any configured interfaces to the
vnStat database when it goes up.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit
f9ea8142601cee5542f9ba0f4e5a24e53ab59a6d)
Jan Hoffmann [Thu, 21 Oct 2021 21:38:58 +0000 (23:38 +0200)]
vnstat2: fix all interfaces being monitored when none are configured
By default, vnstatd adds all available interfaces on startup when its
database is empty. The --noadd option prevents this, but it breaks
import of legacy databases, and causes vnstatd to exit immediately
after startup, which breaks reloading.
This changes the init script to add the --noadd option when no legacy
databases need to be imported, and patches vnstatd to keep running
even when no interfaces are configured.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit
ecae7dedde0ccd2a636e93620ced41bca807d405)
Jan Hoffmann [Fri, 10 Sep 2021 16:25:34 +0000 (18:25 +0200)]
vnstat2: update to version 2.8
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit
73fff7a4ed0687996cc43d7ad4878161b5bd21e5)
Michael Heimpold [Fri, 18 Feb 2022 21:40:37 +0000 (22:40 +0100)]
php7: update to 7.4.28
This fixes:
- CVE-2021-21708
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Michael Heimpold [Fri, 18 Feb 2022 21:36:10 +0000 (22:36 +0100)]
php8: update to 8.0.16
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Jeffery To [Fri, 18 Feb 2022 10:24:33 +0000 (18:24 +0800)]
slide-switch: Update to 0.9.7
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
12930f4ec33dff832bfbb309b1092709ba017797)
Hauke Mehrtens [Thu, 17 Feb 2022 17:57:20 +0000 (17:57 +0000)]
Merge pull request #17866 from neheb/1
[21.02] ksmbd: update to 3.44
Jeffery To [Mon, 14 Feb 2022 19:31:36 +0000 (03:31 +0800)]
golang: Update to 1.17.7, refresh patch
This includes fixes for:
* CVE-2022-23772: math/big: Rat.SetString may consume large amount of
RAM and crash
* CVE-2022-23806: crypto/elliptic: IsOnCurve returns true for invalid
field elements
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
69c53fcb6ce58a23c51cb9c1a403f5843a565f44)
Marius Dinu [Tue, 15 Feb 2022 20:44:20 +0000 (22:44 +0200)]
tvheadend: fix first-run
The first-run command should create a new tvheadend configuration including an admin account with no name and no password, but it aborts (-A) too early without saving the files. I reported the bug here: https://tvheadend.org/issues/6140
This workaround fixes the problem by removing the tvheadend -A switch and replacing it with a 10s delay and a kill signal. That should be enough even for slow routers to generate and save the configuration. It is meant to be a temporary fix until tvheadend bug is resolved.
Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
Rosen Penev [Tue, 15 Feb 2022 02:31:34 +0000 (18:31 -0800)]
ksmbd-tools: update to 3.4.4
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
3ffd540b049dd521dd62f43427f61f264396ad97)
Georgi Valkov [Sun, 28 Nov 2021 17:22:56 +0000 (19:22 +0200)]
ksmbd-tools: Fix ksmbd service is semi-killed at system startup
The configuration for the ksmbd service is auto-generated when
the OpenWRT configuration changes, and also during startup,
hence ksmbd.init has to reload the kernel module. It does that by
calling kill_server, which does not perform cleanup. This results
in ksmbd being killed but not restarted properly during boot.
This patch resolves the issue by using stop_service, which performs
proper cleanup.
https://forum.openwrt.org/t/ksmbd-samba3-4-alternative-ex-cifsd-smbd-package-support-thread/51695/68
Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
(cherry picked from commit
4af04cdc05af1e78dab310550fae5bae21d51c8c)
Rosen Penev [Tue, 15 Feb 2022 01:14:15 +0000 (17:14 -0800)]
ksmbd: update to 3.4.4
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
4adeed48797610f9e2304c84b65593c3aedf04e8)
Marcos Del Sol Vives [Sun, 17 Oct 2021 11:28:51 +0000 (13:28 +0200)]
ksmbd: update to 3.4.2
Signed-off-by: Marcos Del Sol Vives <marcos@orca.pet>
(cherry picked from commit
2b48a6952a4d3283164b2e4df1bdfdc7e4c32fde)
Rosen Penev [Wed, 11 Aug 2021 23:19:58 +0000 (16:19 -0700)]
ksmbd: update to 3.4.1
Add AUTORELEASE as 19.07 compatibility is not needed.
Add dependency hacks and add comments.
Add upstream patch to get rid of FS_POSIX_ACL requirement.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
c732305ad3f9f282f4601a2418c0f6595a3aa40e)
Gerard Ryan [Sat, 12 Feb 2022 11:33:51 +0000 (21:33 +1000)]
dockerd: Update to 20.10.12
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Gerard Ryan [Sat, 12 Feb 2022 11:32:30 +0000 (21:32 +1000)]
docker: Update to 20.10.12
Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
Tianling Shen [Sun, 6 Feb 2022 11:57:57 +0000 (19:57 +0800)]
yq: Update to 4.19.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
4454f8bb3efb4353633e67fc4cfd38d15cf678f6)
Rafał Miłecki [Mon, 3 Jan 2022 12:47:45 +0000 (13:47 +0100)]
dtc: drop package
It has been imported as core package into OpenWrt repository. Its fdtget
is required by sysupgrade on U-Boot devices so it couldn't live in an
extra feed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
c8d4c89daae4c406f3744ca52c7451fe07c9a59e)
Jan Hák [Wed, 9 Feb 2022 13:16:04 +0000 (14:16 +0100)]
knot: update to 3.1.6
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
4de863e418f80cd52293e1ae0de153dcc2cb7141)
Jan Hák [Tue, 21 Dec 2021 14:44:57 +0000 (15:44 +0100)]
knot: update to 3.1.5
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit
2a56e478f57faad7a4346f5aef843bae517027e7)
Hannu Nyman [Wed, 9 Feb 2022 16:26:49 +0000 (18:26 +0200)]
nano: update to 6.1
Update nano to version 6.1.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
717efb8c9622cc73bc8ab1c4ac2e67252b9c4401)
Tianling Shen [Fri, 4 Feb 2022 09:34:24 +0000 (17:34 +0800)]
xray-core: Update to 1.5.3
Removed outdated `alterId` in sample config.
Updated geodata to latest version while at it.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
d8d261fe2d728213d60d12c9a247e057926d79d2)
Michal Vasilek [Fri, 4 Feb 2022 14:04:17 +0000 (15:04 +0100)]
ruby: update to 3.0.3
* fixes CVE-2021-41817, CVE-2021-41816 and CVE-2021-41819
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit
51cf0dc2cc4b159bc80b70c90ed1c1abe1f59936)
Stan Grishin [Sun, 6 Feb 2022 06:12:14 +0000 (22:12 -0800)]
Merge pull request #17812 from stangri/openwrt-21.02
[21.02] https-dns-proxy: init script refactoring
Stan Grishin [Sun, 6 Feb 2022 05:58:03 +0000 (05:58 +0000)]
https-dns-proxy: init script refactoring
* consolidate dnsmasq config manipulation into one function
* more elegant code for PROCD data processing (Thanks @jow-!)
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
88265c4fb93e42e7f96ee555019715e78639f093)
Jeffery To [Fri, 4 Feb 2022 11:22:06 +0000 (19:22 +0800)]
slide-switch: Update to 0.9.6
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
c5e0785795a1810adac661fe7ffe458e6d85d71f)
Josef Schlehofer [Sat, 29 Jan 2022 10:34:56 +0000 (11:34 +0100)]
ffmpeg: update to version 4.3.3
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
a68e9db8d4c3a29c86261cd6bb1933fab1cc3a35)
Michal Vasilek [Thu, 3 Feb 2022 18:52:50 +0000 (19:52 +0100)]
tinyionice: add package
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
(cherry picked from commit
bb801a5a6fa287eb4d17f7f4372285d3a5aec9fd)
Tianling Shen [Sun, 30 Jan 2022 06:02:57 +0000 (14:02 +0800)]
yq: Update to 4.18.1
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
c665f0b50c391a78fc664673ce6bbeea64f477a8)
Tianling Shen [Sun, 23 Jan 2022 09:49:01 +0000 (17:49 +0800)]
yq: Update to 4.17.2
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit
029b37aad0e2a72f58c28aaa89cb3ca339be32d3)
Josef Schlehofer [Thu, 3 Feb 2022 15:24:02 +0000 (16:24 +0100)]
Merge pull request #17737 from JonnyTischbein/telegraf-1.21.3-openwrt_21.02
telegraf: add package version 1.21.3 to openwrt 21.02
Josef Schlehofer [Fri, 28 Jan 2022 16:05:28 +0000 (17:05 +0100)]
apache2: security update to version 2.4.52
Fixes CVEs:
- CVE-2021-44790
- CVE-2021-44224
Refreshed patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
6c6c99ffb54f06031443c17023bd9891c449410b)
Noah Meyerhans [Tue, 1 Feb 2022 05:04:14 +0000 (21:04 -0800)]
bind: bump to 9.18.0
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit
127ef1207ba0484fadb224a46155a46b48150e34)
Stan Grishin [Wed, 2 Feb 2022 17:12:45 +0000 (09:12 -0800)]
Merge pull request #17764 from stangri/openwrt-21.02
[21.02] https-dns-proxy: update to 2021-11-22-1
Kerma Gérald [Wed, 26 Jan 2022 08:45:39 +0000 (09:45 +0100)]
crowdsec: update from latest upstream release 1.3.0
Changes (from 1.2.3):
https://github.com/crowdsecurity/crowdsec/compare/v1.2.3...v1.3.0
(cherry picked from commit
d2fd1f8346de74caf6b069bd61fa9d358d0789f6)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Nick Hainke [Tue, 1 Feb 2022 20:56:23 +0000 (21:56 +0100)]
wg-installer: use babeld add_interface function
With commit
385200443554 ("babeld: add add_interface function") babeld
has a new ubus function allowing to dynamically add an interface.
Before the add_interface function, we were required to reload babeld.
The reload influenced the babeld routing. However, the remove part is
still missing and will be added at a later stage.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
40b87aac950db3e310b6a353392a7ecd66e7c6f2)
Kerma Gérald [Sat, 15 Jan 2022 07:33:46 +0000 (08:33 +0100)]
crowdsec-firewall-bouncer: fix name in initd to start the process
crowdsec rename the binary from crowdsec-firewall-bouncer to cs-firewall-bouncer
the initd need the correct binary name to start the process
the link for github source need also to be fixed (only the information one)
fix the BuildDate
updated copyright
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
(cherry picked from commit
d6b116cb43802048d883a13e2d2e95eea76ad565)
Hannu Nyman [Tue, 1 Feb 2022 21:41:59 +0000 (23:41 +0200)]
nano: Add a plus variant with more features
Nano is by default built as "tiny" with most features disabled.
That is suitable for basic tasks in routers with small flash.
Add a new nano-plus variant that enables selected additional
features in the build config:
* multiple files (multibuffer)
* Unicode/utf8
* justify
* .nanorc support
* help
* also some key bindings get enabled as "tiny" configure option
is removed.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit
85cb71d8d81af3c549406d5f42080ed58be9b9b0)
Stan Grishin [Mon, 31 Jan 2022 21:42:59 +0000 (21:42 +0000)]
https-dns-proxy: update to 2021-11-22-1
* update to 2021-11-22 upstream source
* update patch file
* update init script to preserve manual entries
(fixes https://github.com/stangri/source.openwrt.melmac.net/issues/149)
* update init script service_triggers
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit
1e5e7ce469b1df0e2481ea2f0f65521c44531182)
Nick Hainke [Mon, 17 Jan 2022 09:16:59 +0000 (10:16 +0100)]
dawn: update to 2022-01-17
877e2dc iwinfo: fix get_bandwidth_iwinfo
9ce01ec datastorage: fix multi-SSID
9187665 treewide: improve maintaince
6bf9b6d memory: Tighten up some memory handling to help spot errors
4df0c98 treewide: improve logging
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
7cb73ae3b9d0f7cf3f5846bd76cffac6feaa5ef7)
Josef Schlehofer [Thu, 30 Dec 2021 19:02:47 +0000 (20:02 +0100)]
python-dns: update to version 2.1.0
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
447c6fd57b5ed92f82ab9945e1bd350f3e4866d5)
Josef Schlehofer [Fri, 28 Jan 2022 14:48:47 +0000 (15:48 +0100)]
prosody: update to version 0.11.13
Fixes CVEs:
- CVE-2022-0217
- CVE-2021-37601
- CVE-2021-32918
- CVE-2021-32920
- CVE-2021-32921
- CVE-2021-32917
- CVE-2021-32919
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
dcedbe802744102b215835f1dd53bc2bb5756807)
Jonathan Pagel [Sat, 29 Jan 2022 10:39:06 +0000 (11:39 +0100)]
telegraf: Update package to version 1.21.3
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit
912bb2c803e7e6d1c0020a59e08fab72d077a7a7)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Jonathan Pagel [Sun, 31 Oct 2021 16:43:25 +0000 (17:43 +0100)]
telegraf: Move config file to /etc/telegraf.conf because
/etc/config is the default uci folder. Also marking it as
configuration file prevents overwriting it on updates.
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit
abb33331e532b1de40adea6553589770b3e9ddb9)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Jonathan Pagel [Wed, 28 Jul 2021 07:33:15 +0000 (09:33 +0200)]
telegraf: Add package for telegraf
Telegraf is a plugin-driven agent for collecting and sending metrics
and events. It supports various inputs (including prometheus
endpoints) and is able to send data into InfluxDB.
https://www.influxdata.com/time-series-platform/telegraf/
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
(cherry picked from commit
0781a15c932187788a69d9a3eb005062fb8eaf7b)
Signed-off-by: Jonathan Pagel <jonny_tischbein@systemli.org>
Bernd Kuhls [Sat, 27 Feb 2021 18:51:57 +0000 (19:51 +0100)]
ffmpeg: update to 4.3.2
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
(cherry picked from commit
900a146de306c500849b93bc2e36977958f308ff)
Josef Schlehofer [Fri, 28 Jan 2022 14:03:36 +0000 (15:03 +0100)]
clamav: update to version 0.104.2
Backported upstream pending pull request to fix following error:
CMake Error at /foo/staging_dir/host/share/cmake-3.19/Modules/FindPackageHandleStandardArgs.cmake:218 (message):
Could NOT find CURSES (missing: CURSES_LIBRARY)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
eddbb64bc98a6b4fb50e9ae069ce3383e079a8c0)
Lucian Cristian [Sun, 19 Sep 2021 18:27:33 +0000 (21:27 +0300)]
clamav: update to 0.104.0
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
(cherry picked from commit
44eb2ae61901888f023e8dee295610436fb875c9)
Hirokazu MORIKAWA [Mon, 24 Jan 2022 07:27:30 +0000 (16:27 +0900)]
node: January 10th 2022 Security Releases
Update to v14.18.3
January 10th 2022 Security Releases:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Prototype pollution via console.table properties (Low)(CVE-2022-21824)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit
8278998e48565090fc1c75da8e0921aa6cd4a4b6)
Josef Schlehofer [Mon, 24 Jan 2022 22:04:13 +0000 (23:04 +0100)]
tvheadend: fix conffiles section
The previous one was wrong, and it did not work. It could be checked
inside compiled package in control.tar.gz that there was missing
``conffiles`` file with content `/etc/config/tvheadend`
It is also possible to verify that the config is not overwritten on the router
by running ``opkg install tvheadend --force-reinstall``
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
752d1ffc28971b9b641162498a877750fa687bbd)
Glenn Strauss [Fri, 29 Oct 2021 03:16:03 +0000 (23:16 -0400)]
lighttpd: update to lighttpd 1.4.64 release hash
remove long-deprecated modules
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
3badd766681460bde8025d401b36dfc400c01cda)
Glenn Strauss [Sat, 4 Dec 2021 15:15:37 +0000 (10:15 -0500)]
lighttpd: update to lighttpd 1.4.63 release hash
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
35dff58b3ae34361c2c31ea48b10377205bcc6c6)
Glenn Strauss [Thu, 2 Dec 2021 06:49:49 +0000 (01:49 -0500)]
lighttpd: update to lighttpd 1.4.62 release hash
depend on libpcre2 instead of libpcre
also remove patches incorporated upstream into lighttpd 1.4.62
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit
ddecac45c8f813b0711ec625ab424e33e7a8da9c)
Josef Schlehofer [Mon, 24 Jan 2022 11:25:00 +0000 (12:25 +0100)]
tvheadend: fix typo in uriparser
Fixes: 0449c109e78d4e5b998fc26415ecaa5bb5c274c3 ("tvheadend: disable
uriparser")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
5879260515332a338e77776a7cbb50b56a48f03a)
Michael Heimpold [Mon, 24 Jan 2022 06:45:04 +0000 (07:45 +0100)]
Merge pull request #17677 from mhei/21.02-php8-update
[21.02] php8: update to 8.0.15
Nick Hainke [Sat, 22 Jan 2022 22:27:02 +0000 (23:27 +0100)]
wg-installer: fix multiple namespaces
Add flag "--lookup-default-namespace" to signal that wg-installer should
look already established wireguard sessions in the default namespace.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
94efdcf02a723fbcdcc6a192e026e0c2f766a158)
Michael Heimpold [Sat, 22 Jan 2022 20:24:37 +0000 (21:24 +0100)]
php8: update to 8.0.15
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Josef Schlehofer [Fri, 21 Jan 2022 10:01:29 +0000 (11:01 +0100)]
tvheadend: disable uriparser
This avoids to add liburiparser as dependency.
Package tvheadend is missing dependencies for the following libraries:
liburiparser.so.1
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
0449c109e78d4e5b998fc26415ecaa5bb5c274c3)
Jeffery To [Sun, 16 Jan 2022 20:32:03 +0000 (04:32 +0800)]
python3: Update to 3.9.10, refresh patches
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Nick Hainke [Thu, 20 Jan 2022 14:24:05 +0000 (15:24 +0100)]
wg-installer: remove unused dependency
Remove the dependency "coreutils-realpath" from
wg-installer-server-hotplug-olsrd.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
fab86eb626b677f8329482f427c6837e59fe4597)
Nick Hainke [Thu, 20 Jan 2022 13:10:12 +0000 (14:10 +0100)]
wg-installer: create wireguard key if it does not exist
Check if the key exists which is given by
option wg_key '/etc/wgserver/wg.key'
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
324fa79d7c8a90e899a81bbb3ae0c5a5a602f88e)
Nick Hainke [Thu, 20 Jan 2022 08:06:24 +0000 (09:06 +0100)]
wg-installer: install cronjob
Install a cronjob that removes unused wireguard interfaces every 10
minutes.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
432a965689f09c6bb86cd24753f79d739b9bcf46)
Nick Hainke [Tue, 18 Jan 2022 17:31:46 +0000 (18:31 +0100)]
wg-installer: check if a key is already inserted
Check if a peer is already existing with a given public key. Introduce a
response code for signaling why the server rejected the request.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
da48bc3792705b12fc104459ed9f5f1b73544d17)
Nick Hainke [Wed, 19 Jan 2022 17:40:16 +0000 (18:40 +0100)]
wg-installer: rework code
Use shellcheck to rework the code. Use "export" to return variables from
a function call. Further, fix typos.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
69c81790d1045e064cd9c643a1643a0f919f448d)
Nick Hainke [Tue, 18 Jan 2022 16:39:53 +0000 (17:39 +0100)]
wg-installer: cosmetic changes
Use "ip addr" instead of "ip addres" or "ip a".
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
38a9a3e0dc9713af7509e455ca9a71567d80323f)
Josef Schlehofer [Tue, 18 Jan 2022 15:24:52 +0000 (16:24 +0100)]
cryptsetup: update to version 2.4.3
Fixes: CVE-2021-4122
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
a2427edf76fffd294fbcc70f94c7d59d420d07b4)
Josef Schlehofer [Thu, 30 Dec 2021 17:24:39 +0000 (18:24 +0100)]
git: update to version 2.34.1
- Refreshed patches
- Release notes 2.34.0:
https://github.com/git/git/blob/
2ae0a9cb8298185a94e5998086f380a355dd8907/Documentation/RelNotes/2.34.0.txt
- Release notes 2.34.1:
https://github.com/git/git/blob/
2ae0a9cb8298185a94e5998086f380a355dd8907/Documentation/RelNotes/2.34.1.txt
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
042bf16072627d763ba22a4d80c03cb32406a936)
Kerma Gérald [Sat, 15 Jan 2022 09:59:49 +0000 (10:59 +0100)]
crowdsec: update from upstream latest release 1.2.3
update from latest upstream release 1.2.3
updated copyright
(cherry picked from commit
de41b63ca45be91273e0ea97213b2a6a29ba2a9a)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Moritz Warning [Tue, 23 Nov 2021 20:19:57 +0000 (21:19 +0100)]
smcroute: update to 2.5.5
Signed-off-by: Moritz Warning <moritzwarning@web.de>
Moritz Warning [Sun, 14 Nov 2021 23:53:40 +0000 (00:53 +0100)]
smcroute: update to 2.5.4
Signed-off-by: Moritz Warning <moritzwarning@web.de>
Jeffery To [Mon, 17 Jan 2022 11:10:26 +0000 (19:10 +0800)]
Merge pull request #17619 from erdoukki/21.02-2to3
[21.02] 2to3: add package host tool
Nick Hainke [Sun, 16 Jan 2022 09:21:53 +0000 (10:21 +0100)]
wg-installer: switch to ubus call for olsrd hotplug
Use ubus ipc calls to add and remove interfaces.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
b89eb0115fc21183175af68c0a8807b25bd71c99)
Nick Hainke [Sun, 16 Jan 2022 09:04:36 +0000 (10:04 +0100)]
wg-installer: rework iproute2 commands
- Use ip address add instead of ip a a
- Directly add broadcast address
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
fea27cec05c0d76d3bb6aad1b4bfd53270c1c263)