feed/packages.git
4 years agonetatalk: fix compile error in mac os
Liangbin Lian [Sat, 1 Aug 2020 16:17:53 +0000 (00:17 +0800)]
netatalk: fix compile error in mac os

fix compile error in mac os when dtrace installed.

Signed-off-by: Liangbin Lian <jjm2473@gmail.com>
4 years agoMerge pull request #12882 from jefferyto/python3-backport-patches-openwrt-18.06
Rosen Penev [Mon, 20 Jul 2020 10:24:50 +0000 (03:24 -0700)]
Merge pull request #12882 from jefferyto/python3-backport-patches-openwrt-18.06

[openwrt-18.06] python3: Backport security fixes

4 years agopython3: Backport security fixes
Jeffery To [Mon, 20 Jul 2020 09:43:45 +0000 (17:43 +0800)]
python3: Backport security fixes

This backports fixes for security issues, including:
* CVE-2020-14422: Hash collisions in IPv4Interface and IPv6Interface
* CVE-2019-20907: Infinite loop in the tarfile module

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agohaveged: update to 1.9.13
Hannu Nyman [Sat, 18 Jul 2020 11:11:34 +0000 (14:11 +0300)]
haveged: update to 1.9.13

Update haveged to version 1.9.13.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 28cf20129081f9c6b8778b243cc3df1f610544c4)

4 years agoMerge pull request #12661 from jefferyto/python-3.6.11-openwrt-18.06
Rosen Penev [Tue, 30 Jun 2020 21:33:05 +0000 (14:33 -0700)]
Merge pull request #12661 from jefferyto/python-3.6.11-openwrt-18.06

[openwrt-18.06] python3: Update to 3.6.11

4 years agopython3: Update to 3.6.11
Jeffery To [Tue, 30 Jun 2020 16:01:28 +0000 (00:01 +0800)]
python3: Update to 3.6.11

This contains a fix for CVE-2020-8492 (Denial of service in
urllib.request.AbstractBasicAuthHandler)[1].

[1]: https://docs.python.org/release/3.6.11/whatsnew/changelog.html#python-3-6-11-release-candidate-1

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agoMerge pull request #12615 from stangri/18.06-https-dns-proxy
Rosen Penev [Fri, 26 Jun 2020 05:18:08 +0000 (22:18 -0700)]
Merge pull request #12615 from stangri/18.06-https-dns-proxy

[18.06] https-dns-proxy: re-add conffiles and add description to Makefile

4 years agohttps-dns-proxy: re-add conffiles and add description to Makefile
Stan Grishin [Fri, 26 Jun 2020 03:09:53 +0000 (03:09 +0000)]
https-dns-proxy: re-add conffiles and add description to Makefile

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoMerge pull request #12598 from stangri/18.06-https-dns-proxy
Rosen Penev [Thu, 25 Jun 2020 21:22:22 +0000 (14:22 -0700)]
Merge pull request #12598 from stangri/18.06-https-dns-proxy

[18.06] https-dns-proxy: bugfix: remove eDNS support

4 years agohttps-dns-proxy: bugfix: remove eDNS support
Stan Grishin [Thu, 25 Jun 2020 19:41:07 +0000 (19:41 +0000)]
https-dns-proxy: bugfix: remove eDNS support

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agohaveged: update to 1.9.12
Hannu Nyman [Sun, 21 Jun 2020 20:22:52 +0000 (23:22 +0300)]
haveged: update to 1.9.12

Update haveged to version 1.9.12

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 6392d50c3180b5da7a4ba041decf7a229d0e1c53)

4 years agohaveged: update to 1.9.11
Hannu Nyman [Sun, 14 Jun 2020 18:12:12 +0000 (21:12 +0300)]
haveged: update to 1.9.11

Update haveged to version 1.9.11

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit ca30b0ff91846a407469f6a77d1cbaf6b150d06d)

4 years agohaveged: move init script from 13 to 01
Karel Kočí [Wed, 11 Mar 2020 10:17:33 +0000 (11:17 +0100)]
haveged: move init script from 13 to 01

This is intended as a match with standard urngd. They serve same purpose
and urngd starts as first with 00. Starting haveged later can create
issues if you replace urngd with it. The example problem is if
uci-defaults script decides to generate certificate. Haveged can supply
entropy but it is started later and to mitigate this urngd would still
have to be installed. This means that haveget can't serve as replacement
without moving it to match start order of urngd.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit 1ef38f45d982beb46b2df6d3582ad0bc2b0007ca)

4 years agoMerge pull request #12508 from stangri/18.06-simple-adblock
Etienne Champetier [Sat, 13 Jun 2020 22:11:18 +0000 (18:11 -0400)]
Merge pull request #12508 from stangri/18.06-simple-adblock

[18.06] simple-adblock: racially-neutral names

4 years agosimple-adblock: racially-neutral names
Stan Grishin [Sat, 13 Jun 2020 20:39:21 +0000 (20:39 +0000)]
simple-adblock: racially-neutral names

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoMerge pull request #12455 from stangri/18.06-simple-adblock
Rosen Penev [Mon, 8 Jun 2020 20:50:52 +0000 (13:50 -0700)]
Merge pull request #12455 from stangri/18.06-simple-adblock

[18.06] simple-adblock: remove obsolete dshield.org links from config

4 years agosimple-adblock: remove obsolete dshield.org links from config
Stan Grishin [Mon, 8 Jun 2020 17:36:02 +0000 (17:36 +0000)]
simple-adblock: remove obsolete dshield.org links from config

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoMerge pull request #12335 from stangri/18.06-simple-adblock
Hannu Nyman [Wed, 3 Jun 2020 15:21:58 +0000 (18:21 +0300)]
Merge pull request #12335 from stangri/18.06-simple-adblock

[18.06] simple-adblock: bugfix: proper error reporting on failed downloads; lists update script

4 years agosimple-adblock: bugfix: proper error reporting on failed downloads; lists update...
Stan Grishin [Wed, 27 May 2020 00:26:28 +0000 (00:26 +0000)]
simple-adblock: bugfix: proper error reporting on failed downloads; lists update script

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agonano: update to 4.9.3
Hannu Nyman [Sun, 24 May 2020 17:41:28 +0000 (20:41 +0300)]
nano: update to 4.9.3

Update nano version to 4.9.3
Minor bugfix release.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 38be46a7ae496cf9f01dd2fd6fee74bc9f1b2673)

4 years agobind: update to version 9.11.19
Josef Schlehofer [Tue, 19 May 2020 10:20:26 +0000 (12:20 +0200)]
bind: update to version 9.11.19

Fixes:
CVE-2020-8616
CVE-2020-8617

Remove backported patch

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #12235 from jefferyto/python-openssl-ca-certs-openwrt-18.06
Rosen Penev [Wed, 20 May 2020 16:21:37 +0000 (09:21 -0700)]
Merge pull request #12235 from jefferyto/python-openssl-ca-certs-openwrt-18.06

[openwrt-18.06] python-openssl,python3-openssl: Add dependency on ca-bundle

4 years agopython-openssl,python3-openssl: Add dependency on ca-bundle
Jeffery To [Wed, 20 May 2020 07:46:59 +0000 (15:46 +0800)]
python-openssl,python3-openssl: Add dependency on ca-bundle

The ssl module assumes OpenSSL can load the default trust anchors (root
CA certificates).

From https://github.com/openwrt/packages/issues/12209

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agoPython: Fix compile of host modules
Jan Kardell [Mon, 8 Oct 2018 09:57:14 +0000 (11:57 +0200)]
Python: Fix compile of host modules

Add -rpath linker option to host build, pointing to staging/hostpkh/lib.
It's needed to find the correct host libs during runtime, without it the
hosts libs may be used instaead, causing failures.

Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit 0311e58bb645b8f5a2b96528d78edc90c811ed94)

4 years agoPython3: Fix host build on OpenSUSE
Jan Kardell [Mon, 1 Oct 2018 17:13:44 +0000 (19:13 +0200)]
Python3: Fix host build on OpenSUSE

The linker option -rpath is required to find libs in staging_dir. Now it
is included when building host modules. Without it the import test of
the _ctypes and _uuid modules would fail. The _ctypes module uses
libffi.so.6 from staging, but OpenSUSE LEAP 15 has libffi.so.7.
It will also fail on LEAP 42.x, Fedora28 and 29 and future or old
versions of Ubuntu.

Fix needed in master and 18.06 branches.

Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit 6ade5a1e3adb189d062b707e2b8f731c9faab844)

4 years agounbound: update to version 1.10.1
Josef Schlehofer [Tue, 19 May 2020 09:50:37 +0000 (11:50 +0200)]
unbound: update to version 1.10.1

Fixes:
CVE-2020-12662
CVE-2020-12663

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #12207 from micmac1/mar-1806-10413
Hannu Nyman [Mon, 18 May 2020 05:49:19 +0000 (08:49 +0300)]
Merge pull request #12207 from micmac1/mar-1806-10413

[18.06] mariadb: minor version bump with CVE fixes

4 years agomariadb: bump to 10.1.45
Sebastian Kemper [Sun, 17 May 2020 22:24:28 +0000 (00:24 +0200)]
mariadb: bump to 10.1.45

Fixes:

  CVE-2020-2752
  CVE-2020-2812
  CVE-2020-2814

This commit also moves mysql_upgrade to the client package and installs
the configuration files readable for all, so that the clients can read
them.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agophp7: update to version 7.2.31
Michael Heimpold [Sat, 16 May 2020 11:48:47 +0000 (13:48 +0200)]
php7: update to version 7.2.31

This fixes:
  - CVE-2019-11048

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 2e6bd4cb86682b224803325127d3f777d40b3231)

4 years agoMerge pull request #12142 from EricLuehrsen/unbound_1806_1100
Hannu Nyman [Mon, 11 May 2020 12:09:22 +0000 (15:09 +0300)]
Merge pull request #12142 from EricLuehrsen/unbound_1806_1100

[openwrt-18.06] unbound: update to 1.10.0

4 years agounbound: update to 1.10.0
Eric Luehrsen [Mon, 11 May 2020 03:55:09 +0000 (23:55 -0400)]
unbound: update to 1.10.0

cherry-pick: f779ef48cd21474acf72ee151588737273a509c2
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
4 years agoMerge pull request #12058 from stangri/18.06-vpnbypass
Hannu Nyman [Sun, 3 May 2020 19:53:02 +0000 (22:53 +0300)]
Merge pull request #12058 from stangri/18.06-vpnbypass

[18.06] vpnbypass: bugfix: remove non-ASCII from system log; update README

4 years agovpnbypass: bugfix: remove non-ASCII from system log; update README
Stan Grishin [Sat, 2 May 2020 22:35:55 +0000 (22:35 +0000)]
vpnbypass: bugfix: remove non-ASCII from system log; update README

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoyoutube-dl: update to version 2020.3.24
Josef Schlehofer [Fri, 1 May 2020 09:47:42 +0000 (11:47 +0200)]
youtube-dl: update to version 2020.3.24

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #11995 from jefferyto/python-2.7.18-openwrt-18.06
Josef Schlehofer [Wed, 29 Apr 2020 08:57:13 +0000 (10:57 +0200)]
Merge pull request #11995 from jefferyto/python-2.7.18-openwrt-18.06

[openwrt-18.06] python: Update to 2.7.18, refresh patches

4 years agopython: Update to 2.7.18, refresh patches
Jeffery To [Tue, 28 Apr 2020 22:06:21 +0000 (06:06 +0800)]
python: Update to 2.7.18, refresh patches

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agomwan3: Fix json_load fails with some data
yurtesen [Tue, 12 Nov 2019 15:53:51 +0000 (17:53 +0200)]
mwan3: Fix json_load fails with some data

Sometimes the return value of `ubus -S call network.interface.wan status`
cause `json_load` to return `Failed to parse message data` error.

To avoid this, the JSON data always should be quoted with double quotes.

Signed-off-by: Evren Yurtesen <eyurtese@abo.fi>
Removed quoatation marks from commit heading
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 94e0c78826b15c95c40bfa82bbf8bba35dc56961)

4 years agolibarchive: update to 3.4.2
Rosen Penev [Sat, 22 Feb 2020 02:55:13 +0000 (18:55 -0800)]
libarchive: update to 3.4.2

Switch to normal tarballs. Remove autoreconf as a result.

Several Makefile cleanups for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit c22dd1bf74fa5836a88fa417b467767bcfe8a4ff)
(cherry picked from commit 2085b990ffc875a5157c02a9e2b5bd04c8eb35b3)

4 years agolibarchive: update to version 3.4.1 (security fix)
Jan Pavlinec [Thu, 16 Jan 2020 14:47:08 +0000 (15:47 +0100)]
libarchive: update to version 3.4.1 (security fix)

Fixes CVE-2019-19221

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from df634dcc926650de22248b89620c649c0fef7602)
(cherry picked from commit ba43556aed90705bc04fd074d39ee6ea012a71f2)

4 years agophp7: update to version 7.2.30
Josef Schlehofer [Wed, 22 Apr 2020 16:04:10 +0000 (18:04 +0200)]
php7: update to version 7.2.30

Fixes:
CVE-2020-7066
CVE-2020-7064

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 09738290a319cc2af74a0be9a52aa5a76b6ca98e)

4 years agophp7: fix dependencies for mysqlnd (fixes #11113)
Michael Heimpold [Sun, 26 Jan 2020 20:53:14 +0000 (21:53 +0100)]
php7: fix dependencies for mysqlnd (fixes #11113)

When during the build the openssl extension is also selected, then
the mysqlnd extension depends on it, too.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 50b1cd3757497a569538d751f4681a40df1b1202)

4 years agoMerge pull request #11926 from stangri/18.06-simple-adblock
Hannu Nyman [Wed, 22 Apr 2020 17:57:48 +0000 (20:57 +0300)]
Merge pull request #11926 from stangri/18.06-simple-adblock

[18.06] simple-adblock: bugfix: start downloads on cold boot/fresh install

4 years agosimple-adblock: bugfix: start downloads on cold boot
Stan Grishin [Wed, 22 Apr 2020 17:46:23 +0000 (17:46 +0000)]
simple-adblock: bugfix: start downloads on cold boot

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoMerge pull request #11907 from BKPepe/18.06-git
tripolar [Tue, 21 Apr 2020 08:04:02 +0000 (10:04 +0200)]
Merge pull request #11907 from BKPepe/18.06-git

[18.06] git: update to version 2.20.4

4 years agogit: update to version 2.20.4
Josef Schlehofer [Tue, 21 Apr 2020 06:11:24 +0000 (08:11 +0200)]
git: update to version 2.20.4

Fixes CVE-2020-11008

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #11857 from BKPepe/18.06-git
Josef Schlehofer [Tue, 21 Apr 2020 05:22:14 +0000 (07:22 +0200)]
Merge pull request #11857 from BKPepe/18.06-git

[18.06] git: update to version 2.20.3

4 years agoMerge pull request #11883 from yousong/wget1806
tripolar [Sat, 18 Apr 2020 17:55:52 +0000 (19:55 +0200)]
Merge pull request #11883 from yousong/wget1806

[18.06] acme: depends on wget-ssl

4 years agoacme: depends on wget-ssl
Yousong Zhou [Mon, 6 Apr 2020 02:31:49 +0000 (10:31 +0800)]
acme: depends on wget-ssl

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit d917d662aedd9c133217b5c6d8c5a4f4a6bd3dea)

4 years agowget: make the ssl variant provides wget-ssl
Yousong Zhou [Mon, 6 Apr 2020 02:20:55 +0000 (10:20 +0800)]
wget: make the ssl variant provides wget-ssl

This is to address the need for specifying dependency on a wget
implementation with ssl support.

Now we have a game of names for opkg

 1. uclient-fetch: minimal version by openwrt project
 2. wget-nossl: gnu wget w/o ssl support
 3. wget-ssl: for the moment since this commit, gnu wget w/ ssl support
 4. wget: uclient-fetch, wget-nossl, or wget-ssl
 5. gnu-wget: wget-nossl or wget-ssl

By the time we provide some dummy package like uclient-fetch-ssl and
make it also provide wget-ssl, I guess by then we will also need
gnu-wget-ssl...

Ref: https://github.com/openwrt/packages/issues/11534
Ref: https://github.com/openwrt/packages/pull/9941
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 585e4a38feca24c9650d4e762b44146ecd75d4d0 &
resolved conflict)

4 years agowget: do not provide itself
Karel Kočí [Tue, 26 Nov 2019 12:56:22 +0000 (13:56 +0100)]
wget: do not provide itself

The package wget should not say that it provides itself.

This also make gnu-wget provide general so it is not written in Makefile
twice.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 75f2be7d509e802f2d946d732e7a7539c2b27d2e &
resolved conflict)

4 years agoruby: update to 2.5.8
Luiz Angelo Daros de Luca [Thu, 9 Apr 2020 18:36:35 +0000 (15:36 -0300)]
ruby: update to 2.5.8

This release includes security fixes, specially:

* CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional fix)
* CVE-2020-10933: Heap exposure vulnerability in the socket library

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
4 years agogit: update to version 2.20.3
Josef Schlehofer [Wed, 15 Apr 2020 15:17:42 +0000 (17:17 +0200)]
git: update to version 2.20.3

Fixes CVE-2020-5260

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agonlbwmon: update to latest Git HEAD
Jo-Philipp Wich [Sat, 11 Apr 2020 21:22:41 +0000 (23:22 +0200)]
nlbwmon: update to latest Git HEAD

34a1887 nfnetlink: disable sequence number checking

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 53c48fae1502e7f87fd93ff299db98cd119fa304)

4 years agoMerge pull request #11821 from stangri/18.06-https-dns-proxy
Hannu Nyman [Sat, 11 Apr 2020 07:48:29 +0000 (10:48 +0300)]
Merge pull request #11821 from stangri/18.06-https-dns-proxy

[18.06] https-dns-proxy: bugfix: memory leak

4 years agohttps-dns-proxy: bugfix: memory leak
Stan Grishin [Sat, 11 Apr 2020 00:25:39 +0000 (00:25 +0000)]
https-dns-proxy: bugfix: memory leak

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agonlbwmon: update to latest Git HEAD
Jo-Philipp Wich [Fri, 10 Apr 2020 22:23:12 +0000 (00:23 +0200)]
nlbwmon: update to latest Git HEAD

e757e06 nfnetlink: allow specifying the socket buffer size
33c77cb nfnetlink: properly handle nl_recvmsgs() failures
95cced5 protocol: Include whitespace when reading names

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d81d777a0f009fe74d233de307a03f9951d6b960)

4 years agonlbwmon: bump to latest git
DENG Qingfang [Sat, 15 Feb 2020 17:52:15 +0000 (01:52 +0800)]
nlbwmon: bump to latest git

e921ca0a Add further commonly used protocols to the protocol file.

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 5e140462e42af3e5cb7680863794339f11ddda7d)

4 years agonlbwmon: add procd reload trigger for nlbwmon config
Richard Yu [Mon, 9 Dec 2019 12:23:29 +0000 (20:23 +0800)]
nlbwmon: add procd reload trigger for nlbwmon config

Signed-off-by: Richard Yu <yurichard3839@gmail.com>
(cherry picked from commit d5517583104c8521d978a911bff921588ba0e988)

4 years agonlbwmon: receive dhcp interface triggers
Kevin Darbyshire-Bryant [Mon, 5 Nov 2018 18:01:50 +0000 (18:01 +0000)]
nlbwmon: receive dhcp interface triggers

Not all interfaces may have been allocated address at nlbwmon startup so
it may not collect statistics as expected/configured.

Add interface triggers to catch dhcp events and restart as required.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 662d3f16d2702fe55116c852f5d456e90891ee89)

4 years agonet/nlbwmon: run with lower priority
Marc Benoit [Thu, 5 Apr 2018 22:03:34 +0000 (18:03 -0400)]
net/nlbwmon: run with lower priority

Even on a powerful platform a nlbwmon process'
activities are sometimes affecting throoughput and
latency. This is a backgroud process, that should not
be running with default priority.
Even if it is a little deplayed, that is not a worry in
this case. The routing should be the main priority,
bandwidth stats collection can wait a bit.

Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
(cherry picked from commit 9b3ecbd64a6328e13981165660d8930e8bb2446a)

4 years agoMerge pull request #11803 from stangri/18.06-simple-adblock
Rosen Penev [Wed, 8 Apr 2020 01:39:35 +0000 (18:39 -0700)]
Merge pull request #11803 from stangri/18.06-simple-adblock

[18.06] simple-adblock: bugfixes: remove escape chars from log, restore from cache on boot

4 years agosimple-adblock: bugfixes: remove escape chars from log, restore from cache on boot
Stan Grishin [Tue, 7 Apr 2020 21:55:51 +0000 (21:55 +0000)]
simple-adblock: bugfixes: remove escape chars from log, restore from cache on boot

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agonano: update to 4.9.2
Hannu Nyman [Tue, 7 Apr 2020 15:05:11 +0000 (18:05 +0300)]
nano: update to 4.9.2

Update nano editor to version 4.9.2

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit f11833d46cf71be65439397e2a7e03643fc78af2)

4 years agoMerge pull request #11773 from BKPepe/msmtp
Josef Schlehofer [Mon, 6 Apr 2020 07:45:41 +0000 (09:45 +0200)]
Merge pull request #11773 from BKPepe/msmtp

[18.06] msmtp: update to version 1.8.7

4 years agomsmtp: update to version 1.8.7
Josef Schlehofer [Sun, 5 Apr 2020 20:50:23 +0000 (22:50 +0200)]
msmtp: update to version 1.8.7

- It brings oauthbearer support
- It switches from OpenSSL to GnuTLS, which is fully compatible and
  brings more parameters

Makefile changes:
- Fix SPDX License Identifier
- Add PKG_CPE_ID
- The Project does not use sourceforce anymore.
- Uses GnuTLS instead of OpenSSL, which was discouraged

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agonano: update to 4.9.1
Hannu Nyman [Sun, 5 Apr 2020 16:20:19 +0000 (19:20 +0300)]
nano: update to 4.9.1

Update nano editor to version 4.9.1

 2020.03.31 - GNU nano 4.9.1 "Sapperdeflap"
 Two bugs introduced in version 4.9 are fixed: the cursor
 getting misplaced when undoing line cuts, and filtering
 of the whole buffer to a new buffer not working.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit f5c47a2606cea00ef70ae696224cd201ca1aceb8)

4 years agoMerge pull request #11756 from gladiac1337/haproxy-1.8.25-openwrt-18.06
Hannu Nyman [Fri, 3 Apr 2020 13:47:09 +0000 (16:47 +0300)]
Merge pull request #11756 from gladiac1337/haproxy-1.8.25-openwrt-18.06

[openwrt-18.06] haproxy: Update HAProxy to v1.8.25

4 years agohaproxy: Update HAProxy to v1.8.25
Christian Lachner [Fri, 3 Apr 2020 07:24:53 +0000 (09:24 +0200)]
haproxy: Update HAProxy to v1.8.25

- Update haproxy download URL and hash
- This fixes CVE-2020-11100 (http://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=525fbbe388ba033d638ff2a4efb83ae6526db5ab)

Signed-off-by: Christian Lachner <gladiac@gmail.com>
4 years agoMerge pull request #11700 from stangri/18.06-simple-adblock
Hannu Nyman [Sun, 29 Mar 2020 07:01:04 +0000 (10:01 +0300)]
Merge pull request #11700 from stangri/18.06-simple-adblock

[18.06] simple-adblock: support multiple dnsmasq instances + internal refactoring

4 years agosimple-adblock: support multiple dnsmasq instances; rework communication between...
Stan Grishin [Sun, 29 Mar 2020 05:13:29 +0000 (05:13 +0000)]
simple-adblock: support multiple dnsmasq instances; rework communication between principal package and luci app

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agonano: update to 4.9
Hannu Nyman [Thu, 26 Mar 2020 19:36:36 +0000 (21:36 +0200)]
nano: update to 4.9

Update nano editor to version 4.9

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 09fd4445b3f7c426212ed61b3989e1994255a8aa)

4 years agoMerge pull request #11626 from nxhack/18_06_icu_fix_CVE-2020-10531
Rosen Penev [Sun, 22 Mar 2020 01:08:46 +0000 (18:08 -0700)]
Merge pull request #11626 from nxhack/18_06_icu_fix_CVE-2020-10531

[openwrt-18.06] icu: fix CVE-2020-10531

4 years agoMerge pull request #11616 from stangri/18.06-https-dns-proxy
Hannu Nyman [Sat, 21 Mar 2020 07:47:15 +0000 (09:47 +0200)]
Merge pull request #11616 from stangri/18.06-https-dns-proxy

[18.06] https-dns-proxy: support for dnsmasq noresolv option

4 years agoicu: fix CVE-2020-10531
Hirokazu MORIKAWA [Fri, 20 Mar 2020 23:29:38 +0000 (08:29 +0900)]
icu: fix CVE-2020-10531

FIX CVE-2020-10531
 An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
4 years agohttps-dns-proxy: support for dnsmasq noresolv option
Stan Grishin [Fri, 20 Mar 2020 21:22:49 +0000 (21:22 +0000)]
https-dns-proxy: support for dnsmasq noresolv option

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoopenvswitch: fix PIE build against 4.14 kernel
Yousong Zhou [Mon, 16 Mar 2020 07:25:51 +0000 (15:25 +0800)]
openvswitch: fix PIE build against 4.14 kernel

Reported-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/pull/11567
(cherry picked from commit e9d6414437d27803a16b5d96c48b45140e989e5e)

4 years agophp7: update to 7.2.28
Michael Heimpold [Tue, 25 Feb 2020 21:35:15 +0000 (22:35 +0100)]
php7: update to 7.2.28

This fixes:
  - CVE-2020-7062
  - CVE-2020-7063

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 95c72d8abaa8a99471275ae0723e4d941f36d81a)

4 years agophp7: update to 7.2.27
Michael Heimpold [Fri, 7 Feb 2020 20:09:24 +0000 (21:09 +0100)]
php7: update to 7.2.27

This fixes:
  - CVE-2020-7059
  - CVE-2020-7060

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 3cf0c61f2ee1b94c8b09adb8c1cbc79281cfc32d)

4 years agoxl2tpd: fix building failure caused by pfc
Yousong Zhou [Fri, 18 Oct 2019 11:30:30 +0000 (11:30 +0000)]
xl2tpd: fix building failure caused by pfc

Fixes openwrt/packages#10270

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 0412c20f1b2d2e1f8b8c7e101aae6f66be50690a)

4 years agoxl2tpd: bump to version 1.3.15
Yousong Zhou [Mon, 14 Oct 2019 07:05:26 +0000 (07:05 +0000)]
xl2tpd: bump to version 1.3.15

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/issues/11418
(cherry picked from commit 620ba386b4ffd38911e7ddf0c864979c0f834a11)

4 years agoicu: bump proper variable.
Rosen Penev [Wed, 19 Feb 2020 02:50:21 +0000 (18:50 -0800)]
icu: bump proper variable.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agoicu: backport upstream ARC patch
Rosen Penev [Sun, 16 Feb 2020 07:01:20 +0000 (23:01 -0800)]
icu: backport upstream ARC patch

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agonano: update to 4.8
Hannu Nyman [Sat, 8 Feb 2020 09:24:35 +0000 (11:24 +0200)]
nano: update to 4.8

Update nano editor to version 4.8

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 7bc96280d31470b7dda75315154c8df72bde222a)

4 years agoMerge pull request #11252 from neheb/i22p
Rosen Penev [Fri, 7 Feb 2020 03:08:00 +0000 (19:08 -0800)]
Merge pull request #11252 from neheb/i22p

i2pd: fix various issues in 18.06

4 years agoi2pd: move chmod command
Rosen Penev [Wed, 5 Feb 2020 02:50:35 +0000 (18:50 -0800)]
i2pd: move chmod command

Similar change to upstream.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
4 years agoi2pd: Move DATADIR to /var/lib/i2pd, fix #5693
David Yang [Sun, 4 Mar 2018 16:58:43 +0000 (00:58 +0800)]
i2pd: Move DATADIR to /var/lib/i2pd, fix #5693

Original author: dartraiden <wowemuh@gmail.com>

Signed-off-by: David Yang <mmyangfl@gmail.com>
4 years agoMerge pull request #11227 from micmac1/sqlite3-18.06-2
Hannu Nyman [Mon, 3 Feb 2020 20:41:35 +0000 (22:41 +0200)]
Merge pull request #11227 from micmac1/sqlite3-18.06-2

[18.06] sqlite3: bump to 3.31.1

4 years agosqlite3: bump to 3.31.1
Sebastian Kemper [Mon, 3 Feb 2020 19:19:17 +0000 (20:19 +0100)]
sqlite3: bump to 3.31.1

Upstreamed patch removed.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #11186 from micmac1/18.06-maria-10.1.44
Rosen Penev [Fri, 31 Jan 2020 00:30:19 +0000 (16:30 -0800)]
Merge pull request #11186 from micmac1/18.06-maria-10.1.44

[18.06] mariadb: security bump to 10.1.44

4 years agomariadb: security bump to 10.1.44
Sebastian Kemper [Thu, 30 Jan 2020 21:21:50 +0000 (22:21 +0100)]
mariadb: security bump to 10.1.44

Addresses CVE-2020-2574. Patches refreshed.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoddns-scripts: Change protocols of afraid.org urls to HTTPS.
Kwonjin Jeong [Sat, 30 Nov 2019 18:14:33 +0000 (03:14 +0900)]
ddns-scripts: Change protocols of afraid.org urls to HTTPS.

- Use HTTPS protocol for updating urls for afraid.org to protect the password.
- Bump/align package version number.

Signed-off-by: Kwonjin Jeong <gram25gwh@gmail.com>
(cherry-picked from e25b55899927eb5638cc6a13a568ee4271eed2b2)

4 years agonode-hid: fix i386 build fail
Hirokazu MORIKAWA [Wed, 17 Apr 2019 05:55:05 +0000 (14:55 +0900)]
node-hid: fix i386 build fail

more stability for parallel build

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from 1aa55f86b56766074677bcda23f19cd7e5b5601f)

4 years agonode-serialport: fix i386 build fail
Hirokazu MORIKAWA [Fri, 19 Apr 2019 00:22:23 +0000 (09:22 +0900)]
node-serialport: fix i386 build fail

more stability for parallel build

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry-picked from 1ce1ca6e0622c6ad7fb61e44b7c96b028939186a)

4 years agoMerge pull request #11124 from stangri/18.06-https-dns-proxy
Hannu Nyman [Sun, 26 Jan 2020 20:39:51 +0000 (22:39 +0200)]
Merge pull request #11124 from stangri/18.06-https-dns-proxy

[18.06] https-dns-proxy: fix deleting server items, configurable dnsmasq settings change

4 years agoMerge pull request #11127 from micmac1/18.06-tiff
Jiri Slachta [Sun, 26 Jan 2020 17:27:28 +0000 (18:27 +0100)]
Merge pull request #11127 from micmac1/18.06-tiff

[18.06] tiff: update to 4.1.0

4 years agotiff: update version to 4.1.0
Jiri Slachta [Mon, 11 Nov 2019 20:49:06 +0000 (21:49 +0100)]
tiff: update version to 4.1.0

Signed-off-by: Jiri Slachta <jiri@slachta.eu>
4 years agotiff: patch security issues
Jan Pavlinec [Tue, 9 Apr 2019 11:28:10 +0000 (13:28 +0200)]
tiff: patch security issues

Fixes
CVE-2019-7663
CVE-2019-6128

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
4 years agohttps-dns-proxy: fix deleting server items, configurable dnsmasq settings change
Stan Grishin [Sun, 26 Jan 2020 04:15:13 +0000 (21:15 -0700)]
https-dns-proxy: fix deleting server items, configurable dnsmasq settings change

Signed-off-by: Stan Grishin <stangri@melmac.net>
4 years agoMerge pull request #9795 from LoEE/jpc/git-macos-cross
Rosen Penev [Sat, 25 Jan 2020 23:25:00 +0000 (15:25 -0800)]
Merge pull request #9795 from LoEE/jpc/git-macos-cross

[18.06]git: fix cross compilation on macOS

4 years agolibsoup: fix intltool host dependency. Cleaup some build args
Ted Hess [Tue, 13 Nov 2018 21:31:57 +0000 (16:31 -0500)]
libsoup: fix intltool host dependency. Cleaup some build args

Signed-off-by: Ted Hess <thess@kitschensync.net>
(cherry-picked from 0daec55ce50d4dffae040645227a718ce528b978)