Yousong Zhou [Mon, 18 Feb 2019 03:30:38 +0000 (03:30 +0000)]
pixman: bump to version 0.38.0
Release 0.37.0 was not actually released. From the git log, there are
two functional changes about optimization by using float points directly
Bump version to 0.38.0
pixman: Use maximum precision for pixman-bits-image, v2.
Implement floating point gradient computation, v2.
build: Add meson files to EXTRA_DIST
editorconfig: use tabs for Makefiles
Merge remote-tracking branch 'origin/master'
Post release version bump to 37.1
gitlab-ci: Add meson build to pipeline test
meson: Add a meson build system
Add .editorconfig file
Bump version to 0.36.0
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Rosen Penev [Thu, 13 Dec 2018 22:39:55 +0000 (14:39 -0800)]
git: Fix compilation without deprecated OpenSSL APIs
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Stijn Tintel [Sun, 17 Feb 2019 15:47:54 +0000 (17:47 +0200)]
vallumd: bump to 0.1.4
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Ted Hess [Sun, 17 Feb 2019 12:39:18 +0000 (07:39 -0500)]
Merge pull request #8235 from mhei/fix-libupnp
libupnp: add large file defines to CFLAGS
Peter Wagner [Sun, 17 Feb 2019 11:42:39 +0000 (12:42 +0100)]
libsndfile: update to 2019-02-07
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Rosen Penev [Sat, 16 Feb 2019 01:08:36 +0000 (17:08 -0800)]
irssi: Fix OpenSSL without deprecated APIs compilation
When OpenSSL is built without deprecated APIs, pkg-config first tries
OpenSSL in the staging directory but fails as it cannot find the
deprecated SSL_library_init function and ends up finding the system one.
Added PKG_BUILD_PARALLEL for faster compilation.
Added -Wl,--gc-sections to LDFLAGS to save ~10KB from the resulting ipk.
Reworked configure section as some of those options were renamed or
removed.
Removed EXTRA_* hacks that are no longer necessary.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Peter Wagner [Sat, 16 Feb 2019 23:12:43 +0000 (00:12 +0100)]
nfs-kernel-server: fix freeaddrinfo usage in nfs-kernel-server, because freeaddrinfo in musl after the 1.1.21
update, doesn't handly NULL pointers (which seems to spec conform) see
https://www.openwall.com/lists/musl/2019/02/03/3 for more info
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Michael Heimpold [Sat, 16 Feb 2019 20:40:38 +0000 (21:40 +0100)]
libupnp: add large file defines to CFLAGS
This fixes compilation with glibc and uClibc for the included
sample programs as reported by builtbots for e.g. arc target:
-snip-
In file included from ../../upnp/inc/upnp.h:402:0,
from common/sample_util.h:49,
from common/sample_util.c:42:
../../upnp/inc/FileInfo.h:22:2: error: #error libupnp uses large file support, so users must do that, too
#error libupnp uses large file support, so users must do that, too
^~~~~
Makefile:577: recipe for target 'common/tv_ctrlpt-sample_util.o' failed
-snap-
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Stijn Tintel [Sat, 16 Feb 2019 15:28:50 +0000 (17:28 +0200)]
Merge pull request #8219 from Apteryks/master
net-snmp: disable support for perl
Stijn Tintel [Sat, 16 Feb 2019 15:15:04 +0000 (17:15 +0200)]
Merge pull request #5821 from kbabioch/feat/ipNetToPhysicalTable
net-snmp: Enable MIB ip-mib/inetNetToMediaTable
Hannu Nyman [Sat, 16 Feb 2019 11:45:10 +0000 (13:45 +0200)]
Merge pull request #8177 from neheb/ff
fio: Update to 3.13
Hannu Nyman [Sat, 16 Feb 2019 08:22:37 +0000 (10:22 +0200)]
Merge pull request #8163 from diizzyy/bash-patches
utils/bash: Import upstream patches for 5.0
Hannu Nyman [Sat, 16 Feb 2019 08:20:29 +0000 (10:20 +0200)]
Merge pull request #8195 from ja-pa/libarchive-security-fix
libarchive: patch security issues
Yousong Zhou [Sat, 16 Feb 2019 07:37:24 +0000 (07:37 +0000)]
shadowsocks-libev: flush ipv6 ss-rules on service stop
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Hannu Nyman [Fri, 15 Feb 2019 16:00:02 +0000 (18:00 +0200)]
Merge pull request #8220 from mstorchak/smartmontools-drivedb
smartmontools: move drive database to a separate packege
Dirk Brenken [Fri, 15 Feb 2019 15:32:53 +0000 (16:32 +0100)]
Merge pull request #8224 from dibdot/travelmate
travelmate: update 1.3.5
Dirk Brenken [Fri, 15 Feb 2019 08:29:58 +0000 (09:29 +0100)]
travelmate: update 1.3.5
* rework procd trigger handling
- react immediately on if down network events
- remove needless apply hook in LuCI
Signed-off-by: Dirk Brenken <dev@brenken.org>
Maxim Storchak [Thu, 14 Feb 2019 13:54:14 +0000 (15:54 +0200)]
smartmontools: move drive database to a separate packege
By default the database of the known drives is compiled into smartctl and smartd.
These tools also support loading external database from /usr/share/smartmontools/drivedb.h.
This changeset splits moves the database to a separate package
which allows to save some flash space and RAM for those for whom
generic S.M.A.R.T. attributes are enough.
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
Maxim Cournoyer [Thu, 14 Feb 2019 18:30:58 +0000 (13:30 -0500)]
net-snmp: disable support for perl
Using an external toolchain, it was discovered that net-snmp would
link with the Perl library (-lperl) from the host rather than from the
target.
Since we do not provide Perl as a dependency to net-snmp, the solution
is to disable support for it.
Fixes issue #8217.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@savoirfairelinux.com>
Hannu Nyman [Thu, 14 Feb 2019 16:30:44 +0000 (18:30 +0200)]
Merge pull request #7894 from neheb/spoof
spoofer: Fix compilation without deprecated OpenSSL APIs
Hannu Nyman [Thu, 14 Feb 2019 16:29:36 +0000 (18:29 +0200)]
Merge pull request #8066 from neheb/patch-5
tar: Update to 1.31
Hannu Nyman [Thu, 14 Feb 2019 16:25:18 +0000 (18:25 +0200)]
Merge pull request #8212 from neheb/dov
dovecot: Fix compilation with OpenSSL 1.1
Karl Palsson [Thu, 14 Feb 2019 11:14:13 +0000 (11:14 +0000)]
mosquitto: update to 1.5.7
This is a minor bugfix release. Full changelog available at:
https://mosquitto.org/blog/2019/02/version-1-5-7-released/
Most relevant to OpenWrt are probably:
* fixing persistent store bloat
* fix sorting of included config files
* fix errors related to per_listener_settings
Signed-off-by: Karl Palsson <karlp@etactica.com>
Rosen Penev [Thu, 14 Feb 2019 02:57:57 +0000 (18:57 -0800)]
dovecot: Fix compilation with OpenSSL 1.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hannu Nyman [Wed, 13 Feb 2019 20:11:35 +0000 (22:11 +0200)]
Merge pull request #7674 from neheb/task
taskwarror: Update to 2.5.1
Nikos Mavrogiannopoulos [Wed, 13 Feb 2019 18:55:24 +0000 (19:55 +0100)]
Merge pull request #8168 from neheb/tas
libtasn1: Optimize compilation for size
Ted Hess [Wed, 13 Feb 2019 17:00:48 +0000 (12:00 -0500)]
Merge pull request #8116 from antonlacon/ffmpeg-next
ffmpeg: update to 3.4.5
Hannu Nyman [Wed, 13 Feb 2019 16:51:38 +0000 (18:51 +0200)]
Merge pull request #8190 from cshoredaniel/pr-gitolite-dropbear
gitolite: Drop openssh dependency
Hannu Nyman [Wed, 13 Feb 2019 16:50:33 +0000 (18:50 +0200)]
Merge pull request #8181 from jefferyto/golang-packaging-updates
golang: packaging updates
Hannu Nyman [Wed, 13 Feb 2019 16:49:51 +0000 (18:49 +0200)]
Merge pull request #8197 from Cynerd/python3-twisted
twisted: add Python3 variant
Ted Hess [Wed, 13 Feb 2019 16:42:00 +0000 (11:42 -0500)]
Merge pull request #8150 from ClaymorePT/boost_1.69.0_r2
boost: Release update with minor fix
Nikos Mavrogiannopoulos [Wed, 13 Feb 2019 08:18:21 +0000 (09:18 +0100)]
Merge pull request #8167 from neheb/p112
p11-kit: Update to 0.23.15
Carlos Miguel Ferreira [Thu, 7 Feb 2019 20:25:32 +0000 (20:25 +0000)]
boost: Release update with minor fix
This commit fixes the bug described in issue #8146 [1], where the
package fails to build if the boost package is selected without
selecting any of the internal non-header-only libraries.
[1]: https://github.com/openwrt/packages/issues/8146
Signed-off-by: Carlos Miguel Ferreira <carlosmf.pt@gmail.com>
Hauke Mehrtens [Tue, 12 Feb 2019 22:27:09 +0000 (23:27 +0100)]
Merge pull request #8158 from neheb/io
iotivity: Backport upstream patch to fix GCC 7+ compilation
Rosen Penev [Mon, 11 Feb 2019 00:33:20 +0000 (16:33 -0800)]
fio: Update to 3.13
Added -Wl,--gc-sections for smaller size.
Removed TARGET_CFLAGS as there is no difference in size.
Added PKG_BUILD_PARALLEL for faster compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sat, 9 Feb 2019 02:32:36 +0000 (18:32 -0800)]
iotivity: Backport upstream patch to fix GCC 7+ compilation
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Jeffery To [Tue, 12 Feb 2019 06:11:06 +0000 (14:11 +0800)]
rtl-ais: Update init script
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also fixes some space-indented lines to use tabs.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Karel Kočí [Tue, 12 Feb 2019 11:48:43 +0000 (12:48 +0100)]
twisted: add Python3 variant
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
Hannu Nyman [Tue, 12 Feb 2019 17:32:41 +0000 (19:32 +0200)]
Merge pull request #8196 from commodo/python-batch-updates
python,python3: batch updates
Hannu Nyman [Tue, 12 Feb 2019 17:31:33 +0000 (19:31 +0200)]
Merge pull request #8185 from micmac1/maria-10222
mariadb: update to 10.2.22 + clean up shared lib deps
Hannu Nyman [Tue, 12 Feb 2019 17:30:06 +0000 (19:30 +0200)]
Merge pull request #8192 from gladiac1337/feature-haproxy-v1.8.19
haproxy: Update HAProxy to v1.8.19
Ted Hess [Tue, 12 Feb 2019 15:52:32 +0000 (10:52 -0500)]
Merge pull request #8159 from neheb/xz
xz: Compile with PIC to fix linking errors
Yousong Zhou [Tue, 12 Feb 2019 11:52:17 +0000 (11:52 +0000)]
shadowsocks-libev: ss-rules: fix flushing ipv6 rules
"-6" has to be the first argument
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Yousong Zhou [Tue, 12 Feb 2019 08:04:51 +0000 (08:04 +0000)]
shadowsocks-libev: ss-rules: tweak for readability
- quash errors on detection of ipv6 nat
- remove unnecessary rule args "--comment ..." and "-p ..."
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Jan Pavlinec [Tue, 12 Feb 2019 10:51:50 +0000 (11:51 +0100)]
libarchive: patch security issues
Fixes
CVE-2019-
1000019
CVE-2019-
1000020
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Alexandru Ardelean [Tue, 12 Feb 2019 09:51:04 +0000 (11:51 +0200)]
python-pyopenssl: bump to version 19.0.0
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Alexandru Ardelean [Tue, 12 Feb 2019 09:49:54 +0000 (11:49 +0200)]
python-lxml: bump to version 4.3.1
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Alexandru Ardelean [Tue, 12 Feb 2019 09:48:48 +0000 (11:48 +0200)]
python-cryptography: bump to version 2.5
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Alexandru Ardelean [Tue, 12 Feb 2019 09:47:11 +0000 (11:47 +0200)]
python-pyasn1-modules: bump to version 0.2.4
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Alexandru Ardelean [Mon, 4 Feb 2019 09:28:00 +0000 (11:28 +0200)]
python,python3: fix CVE-2019-5010 - Denial of Service
This patch addresses issue:
[ssl][CVE-2019-5010] TALOS-2018-0758 Denial of Service
Link to Python issue:
https://bugs.python.org/issue35746
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Alexandru Ardelean [Mon, 4 Feb 2019 14:36:25 +0000 (16:36 +0200)]
python,python3: move shebang handle in install script
This extends the Python[3] shebang fixup to all packages.
Only Python scripts in `/usr/bin` will be handled at the moment. Later it
may make sense to also cover executables in `/bin`, though typically Python
executables shouldn't be placed there.
Previously the shebang handling was only done for python[3]-pip &
python[3]-setuptools.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Alexandru Ardelean [Tue, 5 Feb 2019 10:04:43 +0000 (12:04 +0200)]
python,python3: make deletion tolerant for paths with spaces
Piping to xargs does not handle spaces in paths too well, because it splits
up the paths.
For deleting empty dirs, we also need to do several retries, otherwise
`find` will try to go through the directories after they're deleted.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Christian Lachner [Tue, 12 Feb 2019 07:56:12 +0000 (08:56 +0100)]
haproxy: Update HAProxy to v1.8.19
- Update haproxy download URL and hash
Signed-off-by: Christian Lachner <gladiac@gmail.com>
Luiz Angelo Daros de Luca [Fri, 8 Feb 2019 03:38:33 +0000 (01:38 -0200)]
ruby: fix build for uclibc
Backporting upstream fix. Closes #8051.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Peter Wagner [Mon, 11 Feb 2019 23:48:34 +0000 (00:48 +0100)]
irssi: update to 1.2.0
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Sebastian Kemper [Mon, 11 Feb 2019 20:49:20 +0000 (21:49 +0100)]
mariadb: bump to 10.2.22
From upstream release notes:
- Backport Information Schema CHECK_CONSTRAINTS Table.
- MDEV-17475: Maximum value of table_definition_cache is now
2097152.
- InnoDB ALTER TABLE fixes: MDEV-16499, MDEV-18186, MDEV-18237, MDEV-18222,
MDEV-18256, MDEV-18016, MDEV-16849
- Mariabackup fixes: MDEV-18185, MDEV-18201, MDEV-18194
- Galera crash recovery fix: MDEV-15740
- Encryption fixes: MDEV-18129, MDEV-18183, MDEV-18279
- Fixes for the following security vulnerabilities:
- CVE-2019-2510
- CVE-2019-2537
OpenWrt notes:
- OpenSSL patch dropped as issue fixed upstream
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Sebastian Kemper [Mon, 11 Feb 2019 20:44:36 +0000 (21:44 +0100)]
mariadb: fix libmariadb depends
The shared library does not depend on libatomic nor libstdcpp anymore.
This is very good news for the users of said lib.
This commit updates the depends accordingly.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Hannu Nyman [Mon, 11 Feb 2019 19:53:37 +0000 (21:53 +0200)]
Merge pull request #8135 from ja-pa/unbound-update
unbound: update to version 1.9.0 and remove old patch
Yousong Zhou [Mon, 11 Feb 2019 13:21:04 +0000 (13:21 +0000)]
shadowsocks-libev: flush ss rules on entry
Fixes issue reported in openwrt/luci#2527
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Jeffery To [Mon, 11 Feb 2019 08:00:56 +0000 (16:00 +0800)]
golang: Ignore GOFLAGS, GO111MODULE environment variables
These were added in Go 1.11.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Sat, 9 Feb 2019 12:00:56 +0000 (20:00 +0800)]
golang: Install go.mod/go.sum by default
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Sat, 9 Feb 2019 11:52:49 +0000 (19:52 +0800)]
golang: Install files with .cpp/.hpp suffixes by default
This also updates the URL for dh-golang.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jeffery To [Sat, 9 Feb 2019 11:42:06 +0000 (19:42 +0800)]
golang: Fix handling of filenames with spaces
Closes #7127.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Jan Pavlinec [Tue, 5 Feb 2019 16:26:42 +0000 (17:26 +0100)]
unbound: update to version 1.9.0
Changes:
-remove old dns64 patch
-refresh openssl deprecated patch
-add DoT error log patch https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4206
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Michael Heimpold [Sun, 10 Feb 2019 20:45:16 +0000 (21:45 +0100)]
php7: fix cross compiling patch (fixes #8166)
Fixes: e148924a4 ("php7: update to 7.2.15")
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Jan Pavlinec [Sun, 10 Feb 2019 11:56:53 +0000 (12:56 +0100)]
openssh: patch scp security issues
Fixes
CVE-2019-6109
CVE-2019-6111
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
Hannu Nyman [Sun, 10 Feb 2019 12:42:24 +0000 (14:42 +0200)]
Merge pull request #8164 from diizzyy/patch-6
bluez: Cosmetic fixes
Hannu Nyman [Sun, 10 Feb 2019 12:41:31 +0000 (14:41 +0200)]
Merge pull request #8169 from dengqf6/uwsgi
uwsgi-cgi: update to 2.0.18 and use official tarball
Deng Qingfang [Sun, 10 Feb 2019 12:25:10 +0000 (20:25 +0800)]
uwsgi-cgi: update to 2.0.18 and use official tarball
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Rosen Penev [Sun, 10 Feb 2019 07:27:17 +0000 (23:27 -0800)]
libtasn1: Optimize compilation for size
Disabled doc and valgrind tests to speed up compilation.
Added --disable-ld-version-script to reduce compiled size.
Added -Wl,--gc-sections to reduce compiled size.
From 28339 to 27700 bytes.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sun, 10 Feb 2019 06:41:32 +0000 (22:41 -0800)]
p11-kit: Update to 0.23.15
Disable debug to save some space: 163689 vs. 155034 bytes.
Add -Wl,--gc-sections. Down to 138627 bytes.
Miscellaneous cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hannu Nyman [Sat, 9 Feb 2019 22:00:25 +0000 (00:00 +0200)]
Merge pull request #8162 from neheb/key
keyutils: Make reproducible
Rosen Penev [Sat, 15 Dec 2018 19:11:17 +0000 (11:11 -0800)]
taskwarrior: Update to 2.5.1
Makefile adjustments for consistency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Daniel Golle [Fri, 8 Feb 2019 20:59:50 +0000 (21:59 +0100)]
libudev-fbsd: update to git source as of 2017-12-16
Remove patches 001-fix-unused.patch and 002-replace-nitems.patch,
similar fixes to make libudev-fbsd compile were applied upstream.
Refresh remaining patches.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Engberg [Sat, 9 Feb 2019 13:41:35 +0000 (13:41 +0000)]
utils/bash: Import upstream patches for 5.0
Source:
ftp://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-001
ftp://ftp.gnu.org/gnu/bash/bash-5.0-patches/bash50-002
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Hannu Nyman [Sat, 9 Feb 2019 12:41:20 +0000 (14:41 +0200)]
Merge pull request #7823 from BKPepe/owfs3.2p3
owfs: update to version v3.2p3
Michael Heimpold [Sat, 9 Feb 2019 12:35:53 +0000 (13:35 +0100)]
php7: update to 7.2.15
Also refresh patch which does not apply cleanly anymore.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Daniel Engberg [Sat, 9 Feb 2019 12:01:56 +0000 (13:01 +0100)]
bluez: Cosmetic fixes
Use $(INSTALL_BIN) instead of $(CP) when installing binaries
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Rosen Penev [Sat, 9 Feb 2019 03:54:53 +0000 (19:54 -0800)]
xz: Compile with PIC to fix linking errors
While researching CircleCI build failures, I came across a linking error
relating to liblzma, where ld instructs to recompile with fPIC.
Unfortunately, this increases filesize. Added some configure flags to try
to mitigate is somewhat.
Removed maintainer as he is no longer active.
Added PKG_CPE_ID for proper CVE tracking.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sat, 9 Feb 2019 04:45:00 +0000 (20:45 -0800)]
keyutils: Make reproducible
Based on debian patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hannu Nyman [Fri, 8 Feb 2019 17:31:13 +0000 (19:31 +0200)]
Merge pull request #8111 from neheb/ng
ngircd: Update to 25
Hannu Nyman [Fri, 8 Feb 2019 17:30:40 +0000 (19:30 +0200)]
Merge pull request #8126 from jefferyto/tgt-init
tgt: Update init script
Hannu Nyman [Fri, 8 Feb 2019 17:29:56 +0000 (19:29 +0200)]
Merge pull request #8156 from BKPepe/youtube-dl-2019.02.08
youtube-dl: update to version 2019.02.08
Toke Høiland-Jørgensen [Fri, 8 Feb 2019 16:18:24 +0000 (17:18 +0100)]
Merge ACME fixes
Closes #8149
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Toke Høiland-Jørgensen [Fri, 8 Feb 2019 16:17:37 +0000 (17:17 +0100)]
acme: Bump package revision
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Adrien DAURIAT [Wed, 30 Jan 2019 22:32:51 +0000 (23:32 +0100)]
acme: Fix loading credentials
Move loading credential function before cert renewal call as credentials might be needed for some renewal operations ( ex: DNS )
Signed-off-by: Adrien DAURIAT <16813527+dauriata@users.noreply.github.com>
[toke@toke.dk: Port to master branch]
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Josef Schlehofer [Thu, 7 Feb 2019 22:58:44 +0000 (23:58 +0100)]
youtube-dl: update to version 2019.02.08
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Daniel Golle [Fri, 8 Feb 2019 13:12:00 +0000 (14:12 +0100)]
Merge pull request #7631 from neheb/patch-1
cryptsetup: replace libgcrypt with AFALG and remove OpenSSL variant
Karl Palsson [Thu, 7 Feb 2019 14:02:27 +0000 (14:02 +0000)]
mosquitto: bump to 1.5.6
This is a bugfix and security release.
CVE-2018-12551: If Mosquitto is configured to use a password file for
authentication, any malformed data in the password file will be
treated as valid. This typically means that the malformed data becomes
a username and no password. If this occurs, clients can circumvent
authentication and get access to the broker by using the malformed
username. In particular, a blank line will be treated as a valid empty
username. Other security measures are unaffected.
=> Users who have only used the mosquitto_passwd utility to create and
modify their password files are unaffected by this vulnerability.
CVE-2018-12550: If an ACL file is empty, or has only blank lines or
comments, then mosquitto treats the ACL file as not being defined,
which means that no topic access is denied. Although denying access to
all topics is not a useful configuration, this behaviour is unexpected
and could lead to access being incorrectly granted in some
circumstances.
CVE-2018-12546. If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked, the retained message will still be delivered to future
subscribers. This behaviour may be undesirable in some applications,
so a configuration option `check_retain_source` has been introduced to
enforce checking of the retained message source on publish.
Plus the following bugfixes:
* wills not sent to websocket clients
* spaces now allowed in bridge usernames
* durable clients not receiving offline messages with
per_listener_settings==true
* compilation with openssl without deprecated apis
* TLS working over SOCKS
* better comment handling in config files
Full changelog available at: https://github.com/eclipse/mosquitto/blob/fixes/ChangeLog.txt#L1
Signed-off-by: Karl Palsson <karlp@etactica.com>
Jeffery To [Mon, 4 Feb 2019 12:02:28 +0000 (20:02 +0800)]
tgt: Update init script
This replaces the use of uci_validate_section() with
uci_load_validate(), which removes the need to declare local variables
for every config option.
This also adds a service_triggers() function, removes a duplicate
option, and removes some unnecessary curly brackets.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Ian Leonard [Fri, 8 Feb 2019 01:40:45 +0000 (17:40 -0800)]
ffmpeg: build fix for fdk-aac 2.0
Signed-off-by: Ian Leonard <antonlacon@gmail.com>
Ian Leonard [Sun, 3 Feb 2019 23:30:45 +0000 (15:30 -0800)]
ffmpeg: disable assembly on MIPS
Disable use of assembly on MIPS to allow it to build. MIPS is not
expected to be high performance in OpenWrt, and this allows it to still
be used for media identification as updated versions of ffmpeg are
brought in.
The error is in
libavcodec/mips/aacdec_mips.c: In function 'imdct_and_windowing_mips'
regarding: 'asm' has impossible constraints in multiple locations.
Signed-off-by: Ian Leonard <antonlacon@gmail.com>
Ian Leonard [Sat, 10 Nov 2018 07:49:22 +0000 (23:49 -0800)]
ffmpeg: update to 3.4.5
Signed-off-by: Ian Leonard <antonlacon@gmail.com>
Hannu Nyman [Thu, 7 Feb 2019 18:52:37 +0000 (20:52 +0200)]
Merge pull request #8114 from neheb/av
davfs2: Update to 1.5.5
Hannu Nyman [Thu, 7 Feb 2019 18:50:17 +0000 (20:50 +0200)]
Merge pull request #8124 from aparcar/prometheus-2.7.1
prometheus: update to 2.7.1
Alexey I. Froloff [Thu, 7 Feb 2019 12:22:56 +0000 (15:22 +0300)]
net/acme: commit uhttpd configuration if update_httpd set
uhttpd configuration should be commited when update_uhttpd set.
Signed-off-by: Alexey I. Froloff <raorn@raorn.name>
Alexey I. Froloff [Thu, 7 Feb 2019 12:16:10 +0000 (15:16 +0300)]
net/acme: issue_cert should always call post_checks on exit
issue_cert fuction may return without calling post_checks, which leaves
port 80 open and uhttpd configuration is not restored is listen_http was
set.
Always call post_checks when returning from issue_cert.
Signed-off-by: Alexey I. Froloff <raorn@raorn.name>
Jonas Gorski [Wed, 6 Feb 2019 19:06:41 +0000 (20:06 +0100)]
znc: fix patches applying
git is hard. :-(
Reported-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Fixes: 4629f043e08e ("znc: update to 1.7.2")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Hannu Nyman [Wed, 6 Feb 2019 17:35:09 +0000 (19:35 +0200)]
Merge pull request #8130 from lucize/freetype-host
freetype: add host config flags
Hannu Nyman [Wed, 6 Feb 2019 17:34:37 +0000 (19:34 +0200)]
Merge pull request #8136 from ja-pa/dovecot-security-fix
dovecot: update to version 2.3.4.1 (security fix)