feed/packages.git
2 years agoprosody: update to version 0.11.13
Josef Schlehofer [Fri, 28 Jan 2022 14:48:47 +0000 (15:48 +0100)]
prosody: update to version 0.11.13

Fixes CVEs:
- CVE-2022-0217
- CVE-2021-37601
- CVE-2021-32918
- CVE-2021-32920
- CVE-2021-32921
- CVE-2021-32917
- CVE-2021-32919

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agosamba4: update to 4.14.11; fix AD_DC build
Andy Walsh [Fri, 28 Jan 2022 09:03:42 +0000 (10:03 +0100)]
samba4: update to 4.14.11; fix AD_DC build

* update to 4.14.11
* fix AD_DC build
* add vfs_widelinks to defaults
* refresh patches
* fixes: #16697, #17692
* fixes: CVE-2016-2124, CVE-2020-25717, CVE-2020-25718, CVE-2020-25719, CVE-2020-25721, CVE-2020-25722, CVE-2021-3738, CVE-2021-23192

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
2 years agoopen2300: fix build on macos
Sergey V. Lobanov [Wed, 26 Jan 2022 22:40:54 +0000 (01:40 +0300)]
open2300: fix build on macos

This patch sets UNAME=Linux due to OpenWrt is always Linux but
`uname -s` return Darwin on MacOS and fails target build.

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agoisc-dhcp: fix build on macos
Sergey V. Lobanov [Wed, 26 Jan 2022 23:45:47 +0000 (02:45 +0300)]
isc-dhcp: fix build on macos

isc-dhcp uses system ar tool so build fails on Darwin build host.
Embedded bind lib uses system ar and ranlib tools and fails on Darwin

This patch explicitly specifies ar and ranlib tools for target build

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agoMerge pull request #17713 from turris-cz/clamav-update
Josef Schlehofer [Fri, 28 Jan 2022 16:34:48 +0000 (17:34 +0100)]
Merge pull request #17713 from turris-cz/clamav-update

clamav: update to version 0.104.2

2 years agoclamav: update to version 0.104.2
Josef Schlehofer [Fri, 28 Jan 2022 14:03:36 +0000 (15:03 +0100)]
clamav: update to version 0.104.2

Backported upstream pending pull request to fix following error:

CMake Error at /foo/staging_dir/host/share/cmake-3.19/Modules/FindPackageHandleStandardArgs.cmake:218 (message):
  Could NOT find CURSES (missing: CURSES_LIBRARY)

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agocrowdsec: update from latest upstream release 1.3.0
Kerma Gérald [Wed, 26 Jan 2022 08:45:39 +0000 (09:45 +0100)]
crowdsec: update from latest upstream release 1.3.0

Changes (from 1.2.3):
https://github.com/crowdsecurity/crowdsec/compare/v1.2.3...v1.3.0

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agoauc: add '-n' parameter for dry-run
Daniel Golle [Thu, 27 Jan 2022 16:45:36 +0000 (16:45 +0000)]
auc: add '-n' parameter for dry-run

Add option to allow only requesting an image but not actually download
or sysupgrade anything.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2 years agoMerge pull request #17646 from LugicoHDPlayer/feature-ddns-scripts-one-com
Florian Eckert [Thu, 27 Jan 2022 15:06:09 +0000 (16:06 +0100)]
Merge pull request #17646 from LugicoHDPlayer/feature-ddns-scripts-one-com

ddns-scripts: add one.com provider

2 years agoddns-scripts: add one.com provider
Luca Conte [Wed, 19 Jan 2022 14:56:47 +0000 (15:56 +0100)]
ddns-scripts: add one.com provider

Signed-off-by: Luca Conte <main@lugico.de>
2 years agoreptyr: fix build on macos
Sergey V. Lobanov [Wed, 26 Jan 2022 19:20:46 +0000 (22:20 +0300)]
reptyr: fix build on macos

This patch sets UNAME_S=Linux due to OpenWrt is always Linux but
`uname -s` return Darwin on MacOS and fails target build.

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agocollectd: remove libip4tc dependency
Tiago Gaspar [Sun, 23 Jan 2022 11:25:32 +0000 (11:25 +0000)]
collectd: remove libip4tc dependency
Base collectd doesn't require libip4tc as stated in the collectd git:

* libiptc (optional)
For querying iptables counters
<http://netfilter.org/>

And libip4tc is already added as a dependency in the iptables plugin
because it needs it, so remove this dependency from the default collectd
to make it compatible with the new nftables firewall4 (by not selecting
any iptables components).

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
2 years agominiupnpd: declare nftables variant as DEFAULT_VARIANT
Hannu Nyman [Wed, 26 Jan 2022 17:30:29 +0000 (19:30 +0200)]
miniupnpd: declare nftables variant as DEFAULT_VARIANT

Declare the nftables variant as the DEFAULT_VARIANT
as nftables firewall4 is the now default in OpenWrt.

Additionally,
 * toggle CONFLICTS placement to avoid circular dependency warning
 * use AUTORELEASE

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2 years agogpsd: fix build on macos
Sergey V. Lobanov [Fri, 21 Jan 2022 22:25:16 +0000 (01:25 +0300)]
gpsd: fix build on macos

gpsd build fails on macos due to using sys.platform in build logic.

This patch allows to redefine target platform to fix the issue.

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agopostfix: fix build on macos
Sergey V. Lobanov [Wed, 19 Jan 2022 23:37:17 +0000 (02:37 +0300)]
postfix: fix build on macos

macos build fails due to two reasons:
1. using build host ar and ranlib tools
2. using uname -r to get kernel version

First issue is fixed by specifying ar and ranlib from toolchain
Second issue is fixed by specifying kernel release major version=5
Using 'uname -r' from build host for cross-compiling is not a good
idea even for Linux build host

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agodnsproxy: Update to 0.40.6
Tianling Shen [Tue, 25 Jan 2022 09:03:57 +0000 (17:03 +0800)]
dnsproxy: Update to 0.40.6

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agopdns: update to 4.6.0
Peter van Dijk [Tue, 25 Jan 2022 12:44:52 +0000 (13:44 +0100)]
pdns: update to 4.6.0

* Bump to 4.6.0
* Remove "random" backend as it is gone upstream

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
2 years agovnstat2: update to version 2.9
Jan Hoffmann [Tue, 25 Jan 2022 19:10:09 +0000 (20:10 +0100)]
vnstat2: update to version 2.9

Signed-off-by: Jan Hoffmann <jan@3e8.eu>
2 years agoproxychains-ng: update to version 4.16
Daniel Bermond [Tue, 25 Jan 2022 19:54:21 +0000 (16:54 -0300)]
proxychains-ng: update to version 4.16

Maintainer: me

Build system: Arch Linux x86_64
Build tested: ipq806x/R7800
Run tested  : ipq806x/R7800

Signed-off-by: Daniel Bermond <danielbermond@gmail.com>
2 years agoMerge pull request #17676 from mhei/php8-update
Michael Heimpold [Tue, 25 Jan 2022 20:40:04 +0000 (21:40 +0100)]
Merge pull request #17676 from mhei/php8-update

php8: update to 8.1.2

2 years agoMerge pull request #17688 from svlobanov/stress-ng-fix-build-on-macos
Alexandru Ardelean [Tue, 25 Jan 2022 10:17:33 +0000 (12:17 +0200)]
Merge pull request #17688 from svlobanov/stress-ng-fix-build-on-macos

stress-ng: fix build on macos

2 years agoMerge pull request #17689 from BKPepe/tvheadend-conffiles
Josef Schlehofer [Tue, 25 Jan 2022 08:00:29 +0000 (09:00 +0100)]
Merge pull request #17689 from BKPepe/tvheadend-conffiles

tvheadend: fix conffiles section

2 years agocrun: update to v1.4.1
Oskari Rauta [Mon, 24 Jan 2022 00:57:59 +0000 (02:57 +0200)]
crun: update to v1.4.1

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2 years agoconmon: update to 2.0.32
Oskari Rauta [Mon, 24 Jan 2022 01:08:01 +0000 (03:08 +0200)]
conmon: update to 2.0.32

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2 years agonode: January 10th 2022 Security Releases
Hirokazu MORIKAWA [Mon, 24 Jan 2022 07:27:30 +0000 (16:27 +0900)]
node: January 10th 2022 Security Releases

Update to v14.18.3

January 10th 2022 Security Releases:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Prototype pollution via console.table properties (Low)(CVE-2022-21824)

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
2 years agomicropython: Update to 1.18, refresh patches
Jeffery To [Sun, 23 Jan 2022 18:34:18 +0000 (02:34 +0800)]
micropython: Update to 1.18, refresh patches

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2 years agoyq: Update to 4.17.2
Tianling Shen [Sun, 23 Jan 2022 09:49:01 +0000 (17:49 +0800)]
yq: Update to 4.17.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agotvheadend: fix conffiles section
Josef Schlehofer [Mon, 24 Jan 2022 22:04:13 +0000 (23:04 +0100)]
tvheadend: fix conffiles section

The previous one was wrong, and it did not work. It could be checked
inside compiled package in control.tar.gz that there was missing
``conffiles`` file with content `/etc/config/tvheadend`

It is also possible to verify that the config is not overwritten on the router
by running ``opkg install tvheadend --force-reinstall``

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agostress-ng: fix build on macos
Sergey V. Lobanov [Mon, 24 Jan 2022 22:41:09 +0000 (01:41 +0300)]
stress-ng: fix build on macos

This patch adds KERNEL=Linux to MAKE_FLAGS to avod Darwin detection.
If Makefile detects Darwin, it removes -lbsd from build flags, but
this flag is required due to target is always Linux, not bsd-like.

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agotvheadend: fix typo in uriparser
Josef Schlehofer [Mon, 24 Jan 2022 11:25:00 +0000 (12:25 +0100)]
tvheadend: fix typo in uriparser

Fixes: 0449c109e78d4e5b998fc26415ecaa5bb5c274c3 ("tvheadend: disable
uriparser")

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agowg-installer: fix multiple namespaces
Nick Hainke [Sat, 22 Jan 2022 22:27:02 +0000 (23:27 +0100)]
wg-installer: fix multiple namespaces

Add flag "--lookup-default-namespace" to signal that wg-installer should
look already established wireguard sessions in the default namespace.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agophp8: update to 8.1.2
Michael Heimpold [Sat, 22 Jan 2022 20:23:44 +0000 (21:23 +0100)]
php8: update to 8.1.2

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agoMerge pull request #17543 from stintel/vallumd
Stijn Tintel [Sat, 22 Jan 2022 14:59:25 +0000 (16:59 +0200)]
Merge pull request #17543 from stintel/vallumd

vallumd: bump to 0.2.0

2 years agoMerge pull request #17665 from BKPepe/tvheadend-uriparser
Josef Schlehofer [Sat, 22 Jan 2022 13:37:30 +0000 (14:37 +0100)]
Merge pull request #17665 from BKPepe/tvheadend-uriparser

tvheadend: disable uriparser

2 years agojool: remove iptables support and update templates
Tiago Gaspar [Sat, 22 Jan 2022 01:49:31 +0000 (01:49 +0000)]
jool: remove iptables support and update templates

This commit removes iptables backend support and leaves only the
netfilter backend support. This means that:
-  iptables and nftables firewall based systems (firewall3 and firewall
4) are supported trough the netfilter instance mode
-  the iptables/xtables mode support is disabled

For more information on the modes and how to use the new netfilter
instance checkout https://www.jool.mx/en/intro-jool.html

This move is made out of the commit upstream that sets firewall4 as the
default for new default buils and based on the conversation in #16818
and was decided that the netfilter interface is the priority since
iptables support will be dropped in the foreseeable future.

While at it update the templates provided.

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
2 years agotvheadend: disable uriparser
Josef Schlehofer [Fri, 21 Jan 2022 10:01:29 +0000 (11:01 +0100)]
tvheadend: disable uriparser

This avoids to add liburiparser as dependency.

Package tvheadend is missing dependencies for the following libraries:
liburiparser.so.1

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agolibreswan: fix build on macos
Sergey V. Lobanov [Thu, 20 Jan 2022 20:57:23 +0000 (23:57 +0300)]
libreswan: fix build on macos

libreswan makefile detects macos (darwin) and changes build logic
but OpenWrt is always Linux so it is required to specify linux as
target platfrom

This patch specifies Linux as a target platfrom

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agocrowdsec-firewall-bouncer: fix name in initd to start the process
Kerma Gérald [Sat, 15 Jan 2022 07:33:46 +0000 (08:33 +0100)]
crowdsec-firewall-bouncer: fix name in initd to start the process

crowdsec rename the binary from crowdsec-firewall-bouncer to cs-firewall-bouncer
the initd need the correct binary name to start the process
the link for github source need also to be fixed (only the information one)
fix the BuildDate
updated copyright

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agodnsproxy: Update to 0.40.5
Tianling Shen [Fri, 21 Jan 2022 03:34:14 +0000 (11:34 +0800)]
dnsproxy: Update to 0.40.5

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2 years agolighttpd: update to lighttpd 1.4.64 release hash
Glenn Strauss [Fri, 29 Oct 2021 03:16:03 +0000 (23:16 -0400)]
lighttpd: update to lighttpd 1.4.64 release hash

remove long-deprecated modules

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2 years agowg-installer: remove unused dependency
Nick Hainke [Thu, 20 Jan 2022 14:24:05 +0000 (15:24 +0100)]
wg-installer: remove unused dependency

Remove the dependency "coreutils-realpath" from
wg-installer-server-hotplug-olsrd.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agowg-installer: create wireguard key if it does not exist
Nick Hainke [Thu, 20 Jan 2022 13:10:12 +0000 (14:10 +0100)]
wg-installer: create wireguard key if it does not exist

Check if the key exists which is given by
    option wg_key '/etc/wgserver/wg.key'

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agowg-installer: install cronjob
Nick Hainke [Thu, 20 Jan 2022 08:06:24 +0000 (09:06 +0100)]
wg-installer: install cronjob

Install a cronjob that removes unused wireguard interfaces every 10
minutes.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agowg-installer: check if a key is already inserted
Nick Hainke [Tue, 18 Jan 2022 17:31:46 +0000 (18:31 +0100)]
wg-installer: check if a key is already inserted

Check if a peer is already existing with a given public key. Introduce a
response code for signaling why the server rejected the request.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agowg-installer: rework code
Nick Hainke [Wed, 19 Jan 2022 17:40:16 +0000 (18:40 +0100)]
wg-installer: rework code

Use shellcheck to rework the code. Use "export" to return variables from
a function call. Further, fix typos.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agodnsdist: update to 1.7.0
Peter van Dijk [Thu, 23 Sep 2021 12:19:37 +0000 (14:19 +0200)]
dnsdist: update to 1.7.0

* bump to 1.7.0
* add outgoing DNS over HTTPS support, using new dependency nghttp2

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
2 years agopdns-recursor: update to 4.6.0
Peter van Dijk [Wed, 19 Jan 2022 13:01:40 +0000 (14:01 +0100)]
pdns-recursor: update to 4.6.0

* bump to 4.7.0
* enable DNS over TLS (uses libssl which was already a dependency)
* add libcurl dependency for new zone-to-cache feature.

Co-Authored-By: wout@wbnet.eu
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
2 years agoola: fix build on macos
Sergey V. Lobanov [Sat, 15 Jan 2022 15:32:57 +0000 (18:32 +0300)]
ola: fix build on macos

Latest Apple clang (v13) defines __cplusplus=199711 by default, but
protobuf requires at least 201103 (c++11)

Backported patch to fix c++ detection:
https://github.com/OpenLightingProject/ola/commit/30fe936a885c8a364bdda507a692c8e259576621

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agofrr: update to latest
Lucian Cristian [Tue, 18 Jan 2022 21:08:25 +0000 (23:08 +0200)]
frr: update to latest

also fix mips compile

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2 years agotcsh: fix build on macos
Sergey V. Lobanov [Thu, 13 Jan 2022 22:29:08 +0000 (01:29 +0300)]
tcsh: fix build on macos

tcsh requires host-tool (gethost) to generate tc.defs.c file.
To build this tool on macos, it is required to run ./configure
script wihout target vars/flags, but this package is not
splitted to host and target build.

This patch splits build to host and target builds to compile
host-tool(gethost) first, then compile tsch.

Due to lack of support of separate building host and target,
OpenWrt Makefile is modified to do it in the order below:
1. build host-tool (gethost)
2. build sh.err.h header for target
3. build tc.const.h header for target
4. copy gethost tool from host staging dir to target build dir
5. touch (make -t) gethost to protect it from recompiling
6. build tsch for target

It is required to do step 2 and 3 because 'make -t' generates
empty files but these files required to build tcsh

Patch 020-cross.patch has been removed due to not required
anymore (gethost build is separated and not affected by
target configure flags and vars)

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agoperl-device-serialport: fix build on macos
Sergey V. Lobanov [Wed, 12 Jan 2022 23:51:30 +0000 (02:51 +0300)]
perl-device-serialport: fix build on macos

./configure script detects macos specific system headers
(IOKit/serial/ioss.h and sys/ttycom.h) that are not available
during compile time. There is no way to pass ac_cv_* vars to
./configure script due to perl wrappers

To fix this issue, fake(empty) headers provided during compile
time if build host is MacOS

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agopython-curl: fix build on macos
Sergey V. Lobanov [Fri, 14 Jan 2022 17:45:31 +0000 (20:45 +0300)]
python-curl: fix build on macos

setup.py detects macos (darwin) and adds -flat_namespace flag. This
flag is not compatible with GCC that is used to compile target.

This patch patch disables darwin detection

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agogit: update to version 2.34.1
Josef Schlehofer [Thu, 30 Dec 2021 17:24:39 +0000 (18:24 +0100)]
git: update to version 2.34.1

- Refreshed patches

- Release notes 2.34.0:
https://github.com/git/git/blob/2ae0a9cb8298185a94e5998086f380a355dd8907/Documentation/RelNotes/2.34.0.txt

- Release notes 2.34.1:
https://github.com/git/git/blob/2ae0a9cb8298185a94e5998086f380a355dd8907/Documentation/RelNotes/2.34.1.txt

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agomdio-tools: update to version 1.0.1
Robert Marko [Sun, 9 Jan 2022 20:30:27 +0000 (21:30 +0100)]
mdio-tools: update to version 1.0.1

Version 1.0.1 brought the following changes:
[v1.0.1] - 2021-11-26

Primarily fixes a few issues in the kernel module that were found
during a quick review from Russell King:

https://lore.kernel.org/netdev/YYPThd7aX+TBWslz@shell.armlinux.org.uk/
https://lore.kernel.org/netdev/YYPU1gOvUPa00JWg@shell.armlinux.org.uk/

- mdio: The mvls subcommand now supports flushing the ATU

- mdio-netlink: Plug some glaring holes around integer overflows of
  the PC.
- mdio-netlink: Release reference to MDIO bus after a transaction
  completes.

So, update to the latest version and switch the kernel module back
to fetching tarballs like the userspace tool does.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2 years agolibunistring: update to 1.0
Espen Jürgensen [Tue, 18 Jan 2022 15:54:27 +0000 (16:54 +0100)]
libunistring: update to 1.0

Signed-off-by: Espen Jürgensen <espenjurgensen+openwrt@gmail.com>
2 years agolpc21isp: fix build on macos
Sergey V. Lobanov [Tue, 18 Jan 2022 13:36:20 +0000 (16:36 +0300)]
lpc21isp: fix build on macos

lpc21isp Makefile detects Darwin and defines __APPLE__ that is not
required for cross-compile build for OpenWrt

This patch sets OSTYPE="Linux" due to OpenWrt is always Linux

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agocryptsetup: update to version 2.4.3
Josef Schlehofer [Tue, 18 Jan 2022 15:24:52 +0000 (16:24 +0100)]
cryptsetup: update to version 2.4.3

Fixes: CVE-2021-4122
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2 years agowg-installer: cosmetic changes
Nick Hainke [Tue, 18 Jan 2022 16:39:53 +0000 (17:39 +0100)]
wg-installer: cosmetic changes

Use "ip addr" instead of "ip addres" or "ip a".

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agoMerge pull request #17624 from jefferyto/python-3.10.2
Josef Schlehofer [Tue, 18 Jan 2022 16:24:26 +0000 (17:24 +0100)]
Merge pull request #17624 from jefferyto/python-3.10.2

python3: Update to 3.10.2, refresh patches

2 years agocrowdsec: update from upstream latest release 1.2.3
Kerma Gérald [Sat, 15 Jan 2022 09:59:49 +0000 (10:59 +0100)]
crowdsec: update from upstream latest release 1.2.3

update from latest upstream release 1.2.3
updated copyright

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
2 years agoMerge pull request #17497 from corna/dockerd_log_driver
Florian Eckert [Tue, 18 Jan 2022 09:46:38 +0000 (10:46 +0100)]
Merge pull request #17497 from corna/dockerd_log_driver

dockerd: Add "log-driver" option

2 years agoMerge pull request #17586 from clayface/davfs2-secrets
Florian Eckert [Tue, 18 Jan 2022 08:28:56 +0000 (09:28 +0100)]
Merge pull request #17586 from clayface/davfs2-secrets

davfs2: add secrets file to conffiles definition

2 years agoluaossl: fix build on macos
Sergey V. Lobanov [Fri, 7 Jan 2022 20:15:47 +0000 (23:15 +0300)]
luaossl: fix build on macos

luaossl detects OS and changes compilation flags depends on OS.
If Darwin is detected then it adds GCC non-compatible flags.
OpenWrt is always Linux so build OS detection is disabled

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agodiffutils: update to 3.8
Rosen Penev [Sun, 9 Jan 2022 04:25:33 +0000 (20:25 -0800)]
diffutils: update to 3.8

Fixes compilation with newer glibc.

Ported gnulib patch from m4.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2 years agohwinfo: fix build on macos
Sergey V. Lobanov [Mon, 17 Jan 2022 23:34:12 +0000 (02:34 +0300)]
hwinfo: fix build on macos

hwinfo host-compile builds hwinfo entirely that is not really
required. It is required to build only some host tools to
generate ids and isdn related C-code

This patch changes host build to build only required host tools

Added patch to remove malloc.h using as deprecated, not required
and not supported on macos system (stdlib.h has required functions
on Linux and MacOS systems)

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agoneon: fix build on macos
Sergey V. Lobanov [Sun, 9 Jan 2022 20:37:45 +0000 (23:37 +0300)]
neon: fix build on macos

neon detects Darwin on target build and fails due to darwin-specific
build behaviour. OS detection is disable (as non required) via
ne_cv_os_uname=Linux as a part of CONFIGURE_VARS

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agoredsocks: fix build on macos
Sergey V. Lobanov [Tue, 11 Jan 2022 20:11:48 +0000 (23:11 +0300)]
redsocks: fix build on macos

fix cross-compile issues (on macos)
use $CC -dumpmachine instead of `uname`
use $CC instead of CC

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agolibreswan: update to 4.6
Lucian Cristian [Tue, 18 Jan 2022 03:20:34 +0000 (05:20 +0200)]
libreswan: update to 4.6

this update also fixes a CVE

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2 years agoexpat: bump to version 2.4.3
Sebastian Kemper [Mon, 17 Jan 2022 21:37:32 +0000 (22:37 +0100)]
expat: bump to version 2.4.3

CVE-2021-45960
CVE-2021-46143
CVE-2022-22822
CVE-2022-22823
CVE-2022-22824
CVE-2022-22825
CVE-2022-22826
CVE-2022-22827

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
2 years agoqemu: add seccomp feature
Vladimir Ermakov [Thu, 13 Jan 2022 01:20:15 +0000 (04:20 +0300)]
qemu: add seccomp feature

Patch add an option to enable seccomp support,
adds dependency on libseccomp.

Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
2 years agoqemu: update to 6.2.0
Vladimir Ermakov [Wed, 12 Jan 2022 21:41:31 +0000 (00:41 +0300)]
qemu: update to 6.2.0

Qemu version updated to 6.2.0, patch set refreshed for it.

Options --disable-jemalloc --disable-tcmalloc was replaced
by --enable-malloc=CHOICE, defaults to system.

Libudev search was moved from configure to meson.build, and now it's
not so easy to disable it. Even though --disable-mpath present.

Delete patches 0008-falloc and 0009-fs - they're already in 6.2.0.

Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
2 years agoknxd: bump to new upstream version 0.14.53
Othmar Truniger [Mon, 17 Jan 2022 17:49:24 +0000 (18:49 +0100)]
knxd: bump to new upstream version 0.14.53

Signed-off-by: Othmar Truniger <github@truniger.ch>
2 years agodawn: update to 2022-01-17
Nick Hainke [Mon, 17 Jan 2022 09:16:59 +0000 (10:16 +0100)]
dawn: update to 2022-01-17

877e2dc iwinfo: fix get_bandwidth_iwinfo
9ce01ec datastorage: fix multi-SSID
9187665 treewide: improve maintaince
6bf9b6d memory: Tighten up some memory handling to help spot errors
4df0c98 treewide: improve logging

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agoMerge pull request #17623 from mhei/mmc-utils
Michael Heimpold [Mon, 17 Jan 2022 07:16:37 +0000 (08:16 +0100)]
Merge pull request #17623 from mhei/mmc-utils

mmc-utils: update to latest git head

2 years agopython3: Update to 3.10.2, refresh patches
Jeffery To [Sun, 16 Jan 2022 20:29:10 +0000 (04:29 +0800)]
python3: Update to 3.10.2, refresh patches

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2 years agoMerge pull request #17534 from neheb/4
Michael Heimpold [Sun, 16 Jan 2022 14:39:17 +0000 (15:39 +0100)]
Merge pull request #17534 from neheb/4

knxd: fix compilation with newer glibc

2 years agommc-utils: update to latest git head
Michael Heimpold [Sun, 16 Jan 2022 14:30:18 +0000 (15:30 +0100)]
mmc-utils: update to latest git head

While at, update project's reference URL.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2 years agowg-installer: switch to ubus call for olsrd hotplug
Nick Hainke [Sun, 16 Jan 2022 09:21:53 +0000 (10:21 +0100)]
wg-installer: switch to ubus call for olsrd hotplug

Use ubus ipc calls to add and remove interfaces.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agowg-installer: rework iproute2 commands
Nick Hainke [Sun, 16 Jan 2022 09:04:36 +0000 (10:04 +0100)]
wg-installer: rework iproute2 commands

- Use ip address add instead of ip a a
- Directly add broadcast address

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agoMerge pull request #17617 from hgl/ddns-cloudflare
Florian Eckert [Sat, 15 Jan 2022 15:03:37 +0000 (16:03 +0100)]
Merge pull request #17617 from hgl/ddns-cloudflare

ddns-scripts-cloudflare: fix shell conditional

2 years agoddns-scripts-cloudflare: fix shell conditional
Glen Huang [Sat, 15 Jan 2022 14:33:07 +0000 (22:33 +0800)]
ddns-scripts-cloudflare: fix shell conditional

Signed-off-by: Glen Huang <heyhgl@gmail.com>
2 years agoMerge pull request #17600 from camarel/feature/ddns-scripts-wget-user-agent
Florian Eckert [Sat, 15 Jan 2022 14:24:43 +0000 (15:24 +0100)]
Merge pull request #17600 from camarel/feature/ddns-scripts-wget-user-agent

ddns-scripts: pass user agent string

2 years agoddns-scripts: pass user agent string
Claudio Marelli [Sat, 15 Jan 2022 09:07:30 +0000 (10:07 +0100)]
ddns-scripts: pass user agent string

This adds a user agent string to the wget request.

Fixes #17507

Signed-off-by: Claudio Marelli <camarelli@gmx.net>
2 years agoMerge pull request #17432 from r4sas/i2pd-2.40.0
Josef Schlehofer [Fri, 14 Jan 2022 15:27:24 +0000 (16:27 +0100)]
Merge pull request #17432 from r4sas/i2pd-2.40.0

i2pd: Update to 2.40.0, update init.rc script, UCI config and Makefile

2 years agoMerge pull request #17608 from miska/mariadb-owner-fix
Josef Schlehofer [Fri, 14 Jan 2022 15:26:54 +0000 (16:26 +0100)]
Merge pull request #17608 from miska/mariadb-owner-fix

Mariadb owner fix & sudo dependency

2 years agomariadb: Add sudo dependency
Michal Hrusecky [Thu, 13 Jan 2022 14:11:01 +0000 (15:11 +0100)]
mariadb: Add sudo dependency

During update we use sudo to start an instance. It probably could be
workarounded, but given the MariaDB size, dependency on sudo shouldn't
be an issue.

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
2 years agomariadb: Check and fix datadir owner issues during upgrade
Michal Hrusecky [Thu, 13 Jan 2022 14:04:57 +0000 (15:04 +0100)]
mariadb: Check and fix datadir owner issues during upgrade

If you are migrating to MariaDB package, you might have old datadir
stored somewhere using different setup with different users. If you
trust us enough to enable autoupgrade, you probably trust us enough to
chown your datadir as well. This can prevent some potential issues.

Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
2 years agoCI: fix runtime testing for non master branch
Paul Spooren [Thu, 13 Jan 2022 23:55:36 +0000 (00:55 +0100)]
CI: fix runtime testing for non master branch

The runtime testing always ran on master branch aka snapshots since the
branch wasn't passed over to the container execution!

Signed-off-by: Paul Spooren <mail@aparcar.org>
2 years agoi2pd: Update to 2.40.0 and update package sources
R4SAS I2P [Sun, 26 Dec 2021 04:29:58 +0000 (04:29 +0000)]
i2pd: Update to 2.40.0 and update package sources

* Updating i2pd package to 2.40.0
* Rewrite Makefile
* Remove usage of PKG_INSTALL (package's make install)
* Rewrite init.rc configuration and script
* Remove '--service' option from init, which only sets datadir to /var/lib/i2pd
* Use '--datadir' option in init, otherwise datadir changing via uci is not works
* Update patch for i2pd.conf

Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
2 years agoMerge pull request #16389 from paper42/apparmor-3.0.3
Jeffery To [Fri, 14 Jan 2022 07:18:47 +0000 (15:18 +0800)]
Merge pull request #16389 from paper42/apparmor-3.0.3

apparmor: cleanup

2 years agomodemmanager: remove 2s timeout before reporting cached events
Aleksander Morgado [Wed, 12 Jan 2022 14:41:55 +0000 (15:41 +0100)]
modemmanager: remove 2s timeout before reporting cached events

When ModemManager is started on boot we may end up with hotplug events
reported directly to the daemon, plus some others already cached in
the cache file before the daemon was started.

If the cached events correspond to the same device that is still
notifying ports directly, we may end up with a modem object created
before the cached events have been emitted, so the modem may not
handle all control/data ports it should.

E.g.:

  - modem detected
  - hotplug event for wwan0 port, cached as MM not running
  - hotplug event for cdc-wdm0 port, cached as MM not running
  - hotplug event for ttyUSB0, cached as MM not running
  - MM starts
  - hotplug event for ttyUSB1, directly processed as MM is running
  - hotplug event for ttyUSB2, directly processed as MM is running
  - modem object created with ttyUSB1 and ttyUSB2
  - 2s after MM starts, cached events for wwan0, cdc-wdm0 and ttyUSB0
    happen, but are ignored because the modem object has already been
    created

MM expects that ports of the same device are reported with less than
1500ms in between ports. In other words, if ports are reported more
than 1500ms after the last reported port, they may get ignored.

If we remove the 2s timeout, the report of the cached events will
happen as soon as MM starts, which makes it much more likely to happen
in the timeslot that MM expects for ports of the same device reported.
The logic is still not perfect, and we may also need to increase that
1500ms timeout inside MM, but removing the 2s timeout right away here
makes sense.

This 2s timeout was introduced along with the new wrapper launcher for
the daemon, it didn't exist before.

Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
2 years agoapparmor: cleanup
Michal Vasilek [Fri, 12 Nov 2021 16:02:51 +0000 (17:02 +0100)]
apparmor: cleanup

* replace 020-fix-ss-path.patch with an upstream patch 020-remove-which-dep.patch
* remove 030-remove-pynotify2-dep.patch and do not install aa-notify
* simplify 060-openwrt-dnsmasq-profile.patch
* add two upstream patches for Python 3.10 compatibility
* add an upstream patch to move from deprecated distutils which broke
  the build with Python 3.10+

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
2 years agogpgme: Fix compile with glibc 2.34
Hauke Mehrtens [Sun, 9 Jan 2022 18:45:49 +0000 (18:45 +0000)]
gpgme: Fix compile with glibc 2.34

This backports a patch from upstream gpgme to fix compilation with glibc 2.34.

It fixes the following build problem:
posix-io.c: In function '_gpgme_io_spawn':
posix-io.c:577:23: error: void value not ignored as it ought to be
  577 |             while ((i = closefrom (fd)) && errno == EINTR)
      |                       ^
make[5]: *** [Makefile:947: posix-io.lo] Error 1

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2 years agonetdata: Update init script to use -D rather than -nd
James White [Fri, 31 Dec 2021 16:45:25 +0000 (16:45 +0000)]
netdata: Update init script to use -D rather than -nd

The current init script is using the deprecated -nd flag. This updates netdata to be started with -D.

Signed-off-by: James White <james@jmwhite.co.uk>
2 years agoMerge pull request #17563 from TDT-AG/pr/20220110-stunnel
Florian Eckert [Thu, 13 Jan 2022 09:32:58 +0000 (10:32 +0100)]
Merge pull request #17563 from TDT-AG/pr/20220110-stunnel

stunnel: update to 5.61

2 years agoMerge pull request #17494 from BKPepe/update-atlas
Josef Schlehofer [Thu, 13 Jan 2022 09:17:14 +0000 (10:17 +0100)]
Merge pull request #17494 from BKPepe/update-atlas

Atlas SW probe to version 5040 and its busybox version

2 years agolibfmt: bump to new upstream version 8.1.1
Othmar Truniger [Wed, 12 Jan 2022 16:54:47 +0000 (17:54 +0100)]
libfmt: bump to new upstream version 8.1.1

Signed-off-by: Othmar Truniger <github@truniger.ch>
2 years agoserdisplib: fix build on macos
Sergey V. Lobanov [Wed, 12 Jan 2022 13:25:40 +0000 (16:25 +0300)]
serdisplib: fix build on macos

./configure script detects if serdisplib is built on non-linux build
host and disables framebuffer driver. It blocks touchscreen_tool
compilation. This detection is not required on cross-compile build
so it is disabled via ac_cv_build=$(GNU_TARGET_NAME) in Makefile

Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2 years agowg-installer: fix shell typo
Nick Hainke [Wed, 12 Jan 2022 17:25:13 +0000 (18:25 +0100)]
wg-installer: fix shell typo

Signed-off-by: Nick Hainke <vincent@systemli.org>
2 years agoMerge pull request #17592 from svlobanov/lcdproc-fix-build-on-macos
Philip Prindeville [Wed, 12 Jan 2022 17:53:16 +0000 (10:53 -0700)]
Merge pull request #17592 from svlobanov/lcdproc-fix-build-on-macos

lcdproc: fix build on macos