aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
| * | | | | | docker-ce: set proto for docker bridge device to noneFlorian Eckert2020-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set proto from `static` to `none`. This makes it clear that this interface is not handled by the netifd. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | docker-ce: make docker-ce firewall handling configurableFlorian Eckert2020-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Openwrt has a own firewall service called fw3, that supports firewall zones. Docker can bypass the handling of the zone rules in openwrt via custom tables. These are "always" processed before the openwrt firewall. Which is prone to errors! Since not everyone is aware that the firewall of openwrt will not be passed. And this is a security problem because a mapped port is visible on all interfaces and so also on the WAN side. If the firewall handling in docker is switched off, then the port in fw3 must be explicitly released and it cannot happen that the port is accidentally exported to the outside world via the interfaces on the WAN zone. So all rules for the containers should and so must be made in fw3. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | | | | docker-ce: add arguments call to uciadd and ucidelFlorian Eckert2020-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Up to now only the docker0 interface and bridge is created by default. In order to create other interfaces and to integrate them into the openwrt these functions can now be called with arguments. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* | | | | | | Merge pull request #13955 from flyn-org/luafilesystemRosen Penev2020-11-22
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | luafilesystem: update to 1.8.0
| * | | | | | | luafilesystem: clean up MakefileW. Michael Petullo2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: W. Michael Petullo <mike@flyn.org>
| * | | | | | | luafilesystem: update to 1.8.0W. Michael Petullo2020-11-22
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | Signed-off-by: W. Michael Petullo <mike@flyn.org>
* | | | | | | Merge pull request #13974 from bobafetthotmail/patch-3Rosen Penev2020-11-22
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | hwinfo: update to version 21.71
| * | | | | | | hwinfo: update to version 21.71Alberto Bursi2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | update to upstream version 21.71 Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
* | | | | | | | Merge pull request #13975 from flyn-org/nfdumpRosen Penev2020-11-22
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | nfdump: update to 1.6.22
| * | | | | | | | nfdump: update to 1.6.22W. Michael Petullo2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: W. Michael Petullo <mike@flyn.org>
* | | | | | | | | Merge pull request #13968 from flyn-org/daqRosen Penev2020-11-22
|\ \ \ \ \ \ \ \ \ | |/ / / / / / / / |/| | | | | | | | Provide both libdaq 2.2.2 and 3.0.0-beta1 to satisfy Snort 2 and 3.
| * | | | | | | | snort3: require new libdaq3 packageW. Michael Petullo2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Snort 3.0.3-1 requires libdaq 3.0.0-beta1, but this version is no longer compatible with Snort 2. Thus OpenWrt now provides both a libdaq and libdaq3 package. This modifies the snort3 package to require the latter. Signed-off-by: W. Michael Petullo <mike@flyn.org>
| * | | | | | | | libdaq3: add new packageW. Michael Petullo2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: W. Michael Petullo <mike@flyn.org>
| * | | | | | | | libdaq: revert back to 2.2.2 in anticipation of libdaq3 packageW. Michael Petullo2020-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Snort 3.0.3-1 requires libdaq 3.0.0-beta1, but this version is no longer compatible with Snort 2. This reverts libdaq to 2.2.2 so that Snort 2 can compile. A separate libdaq3 package with allow Snort 3 to compile. Signed-off-by: W. Michael Petullo <mike@flyn.org>
* | | | | | | | | libksba: update to version 1.5.0Daniel Golle2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | | | libevdev: update to version 1.10.0Daniel Golle2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | | | runc: remove unneeded MENU:=1Daniel Golle2020-11-22
| |/ / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that runc builds according to available kernel features and there is no longer a sub-menu to select them manually, also drop the MENU:=1 statement from the package Makefile. Fixes: 3a06ce559 ("runc: Updated to v1.0.0-rc92 for dockerd") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | | runc: remove garbage (fix 3a06ce5595)Hannu Nyman2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove garbage files introduced with 3a06ce5595 Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* | | | | | | | hplip: bump to 3.20.9Luiz Angelo Daros de Luca2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* | | | | | | | sabe-backends: update to 1.0.31Luiz Angelo Daros de Luca2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * adds the canon_lide70 backend * avision: adds support for the KODAK i1120, fixes thread cancellation issues, disables exposure option for non-filmscanners * canon_dr: improves error reporting * dmc: fixes compiler warnings on the scan area options * epsonds: rewrites the network I/O following changes made to the * epson2 backend in 1.0.30 to fix security issues. Network support is still unsupported. * fujitsu: adds support for the fi-800R and a card scanning slot, fixes a bug when reading hardware sensors on the first invocation. Adds USB IDs for fi-7800 and fi-7900. * genesys: adds support for the Canon 5600F, Canon LiDE 90, Plustek OpticFilm 7200 and 7200 (v2), 7400, 7600i, 8100 and 8200i. Fixes several issues with the Canon 8600F. Adds 4800dpi support for the Canon LiDE 210 and fixes 3200dpi flatbed support on the Canon 8400F. Adds an option to fill dark calibration with a constant. Adds transparency support for gl847 chipset based devices. Fixes CIS scanner support for gl842 chipset based devices. Removes lineart and image enhancement emulation support. * gphoto: supports the PLANon DocuPen RC800 (with a recent enough version of gphoto2) * gt68xx: modifies scan cancellation behaviour * hp5400: adds button support, fixes a scan cancellation crash issue * pixma: add supports for the i-SENSYS MF440 Series and untested support for the PIXMMA G7000 Series and GM4000 Series as well as the i-SENSYS MF720 Series. * plustek: fixes a potential buffer overrun * test: adds gamma options Patches: - ADD: 102-pixma_Restore_old_behaviour_in_case_XML_support_is_missing.patch: pixma was failing to detect libxml2, even when it exists (https://gitlab.com/sane-project/backends/-/issues/345) - DROP: 100-fix-bigendian.patch: fix in release Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* | | | | | | | ruby: update to version 2.7.2Luiz Angelo Daros de Luca2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This release contains intentional incompatibility. Deprecation warnings are off by default on 2.7.2 and later. You can turn on deprecation warnings by specifying the -w or -W:deprecated option at the command-line. Please check the topics below for details. * Feature #17000 2.7.2 turns off deprecation warnings by default * Feature #16345 Don’t emit deprecation warnings by default. This release contains the new version of webrick with a security fix described in the article. * CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* | | | | | | | podman: improve packagingDaniel Golle2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * keep /etc/containers accross sysupgrade * make 'runc' the default run-time for now Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | | runc: Updated to v1.0.0-rc92 for dockerdGerard Ryan2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SELinux and Seccomp are now enabled via the kernel options themselves Signed-off-by: Gerard Ryan <G.M0N3Y.2503@gmail.com>
* | | | | | | | gnunet-secushare: remove packageDaniel Golle2020-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It stopped building against current gnunet a while ago. Drop it for now. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | | runc: enable seccomp support by defaultDaniel Golle2020-11-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's nice to have seccomp support which is enabled in OpenWrt on supported platforms on targets which are not marked as SMALL_FLASH. (and it's kinda obvious that you wouldn't want to install runc on a SMALL_FLASH target to begin with) So let's enable seccomp by default. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | | Merge pull request #13972 from dibdot/trmDirk Brenken2020-11-21
|\ \ \ \ \ \ \ \ | |_|_|_|_|_|/ / |/| | | | | | | travelmate: handle invalid wireless sections
| * | | | | | | travelmate: handle invalid wireless sectionsDirk Brenken2020-11-21
|/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ignore invalid wireless sections Signed-off-by: Dirk Brenken <dev@brenken.org>
* | | | | | | Merge pull request #13962 from neheb/mucRosen Penev2020-11-20
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | miniupnpc: update to 2.2.0
| * | | | | | | miniupnpc: update to 2.2.0Rosen Penev2020-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove CMAKE_INSTALL. No need for it. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | | | whois: add packagePaul Spooren2020-11-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Better a separate package than enabling it via busybox. Special thanks to @neheb for the Makefile patches. Signed-off-by: Paul Spooren <mail@aparcar.org>
* | | | | | | | debian-archive-keyring: install to expected locationDaniel Golle2020-11-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | '/usr/share/keyring' -> '/usr/share/keyrings' Makes debootstrap happy. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | | debian-archive-keyring: add new packageDaniel Golle2020-11-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Grab debian-archive-keyring from debian.org to easy use of debootstrap. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | | xz: use ALTERNATIVES instead of copying symlinksDaniel Golle2020-11-20
| |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Installing the 'xz' package currently leads to file collisions: Collected errors: * check_data_file_clashes: Package xz wants to install file /usr/bin/unxz But that file is already provided by package * busybox * check_data_file_clashes: Package xz wants to install file /usr/bin/xz But that file is already provided by package * busybox * opkg_install_cmd: Cannot install package debootstrap. Fix that by switching to use ALTERNATIVES for all multicall commands instead of copying the symlinks into the package. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* | | | | | | Merge pull request #13939 from ja-pa/chrony-nts-variantRosen Penev2020-11-19
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | chrony: add package variant with NTS
| * | | | | | | chrony: add package variant with NTSJan Pavlinec2020-11-18
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* | | | | | | Merge pull request #13856 from peter-stadler/nginxRosen Penev2020-11-19
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | nginx: update to version 1.19.4
| * | | | | | | nginx: update to version 1.19.4Peter Stadler2020-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update to newest version, changelog: https://nginx.org/en/CHANGES Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
* | | | | | | | Merge pull request #13762 from neheb/domo4Rosen Penev2020-11-19
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | domoticz: fix compilation with python 3.9
| * | | | | | | | domoticz: fix compilation with python 3.9Rosen Penev2020-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added Fedora patch to fix compilation. Added python3 dependency as it seems it's needed now. Replaced custom boost 1.73 patch with upstream one. Removed CFLAG that was supposed to fix this but didn't do anything. Removed nls.mk. telldus-core was fixed to not require iconv. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | | | | Merge pull request #13967 from neheb/npupnpRosen Penev2020-11-19
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | upmpdcli updates
| * | | | | | | | | upmpdcli: update to 1.5.0Rosen Penev2020-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add missing header for musl. Signed-off-by: Rosen Penev <rosenp@gmail.com>
| * | | | | | | | | libupnpp: update to 0.20.0Rosen Penev2020-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
| * | | | | | | | | libnpupnp: update to 4.0.14Rosen Penev2020-11-19
| | |_|_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | | | | Merge pull request #13961 from neheb/sshfs2Rosen Penev2020-11-19
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | sshfs: update to 3.7.1
| * | | | | | | | | sshfs: update to 3.7.1Rosen Penev2020-11-19
| |/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove unnecessary patch. The issue was with fuse3. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | | | | Merge pull request #13964 from neheb/lxc2Rosen Penev2020-11-19
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | lxc: update to 4.0.5
| * | | | | | | | | lxc: update to 4.0.5Rosen Penev2020-11-19
| |/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refreshed patches. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | | | | Merge pull request #13963 from neheb/memcached2Rosen Penev2020-11-19
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | memcached: update to 1.6.8
| * | | | | | | | | memcached: update to 1.6.8Rosen Penev2020-11-19
| |/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | | | | | | | | gnupg2: package gnupg2-dirmngrDaniel Golle2020-11-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | dirmngr is needed to download keys from keyservers. That being a useful thing, let's package dirmngr. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Powered by cgit, Themed by Ted Yin.