aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* OpenAppID: add new packageJohn Audia2022-12-16
| | | | | | | | | | | | | | | | | | | | | | Traditionally, Snort rules are based upon packet analysis. OpenAppID enables detection of applications/cloud applications on the network. This package provides OpenAppID and signature files used by OpenAppID to detect network traffic from certain applications can be used to identify rogue application use, detect malicious applications and implement various application policies, such as application blacklisting, limiting application usage, and enforcing conditional controls. To use, for example, edit /etc/snort/local.lua and add the following section at a minimum: appid = { app_detector_dir = '/usr/lib/openappid', log_stats = true, app_stats_period = 60, } Signed-off-by: John Audia <therealgraysky@proton.me>
* nano: update to 7.1Hannu Nyman2022-12-15
| | | | | | | | | Update nano editor to version 7.1 * drop the backported upstream fix for 7.0 * drop AUTORELEASE * disable justify from 'plus'. Rarely needed with OpenWrt Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* pdns-recursor: update to 4.8.0Peter van Dijk2022-12-15
| | | | Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
* Merge pull request #20083 from paper42/miniflux-2.0.41Tianling Shen2022-12-15
|\ | | | | miniflux: update to 2.0.41
| * miniflux: update to 2.0.41Michal Vasilek2022-12-13
| | | | | | | | Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
* | Merge pull request #20088 from tohojo/acme-pathsToke Høiland-Jørgensen2022-12-14
|\ \ | | | | | | acme: Export the canonical paths for certificates and challenges
| * | acme-acmesh: Provide a 'combined' certificate bundle as wellToke Høiland-Jørgensen2022-12-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The haproxy hotplug script creates a 'combined' certificate bundle that contains both the certificate chain and the private key. However, having a daemon hotplug script write into CERT_DIR is not great; so let's provide the bundle as part of the main acme framework, keeping it in $domain_dir and just linking it into CERT_DIR. That way we can keep CERT_DIR as just a collection of links for everything, that no consumers should need to write into. Also make sure to set the umask correctly so the combined file is not world-readable (since it contains the private key). Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
| * | acme-acmesh: Don't hard-code certificate directoryToke Høiland-Jørgensen2022-12-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | The acme-acmesh package hardcoded the certificate path in its hook script. Now that we export it as a variable we can avoid hard-coding and use the variable version instead. Also factor out the linking of certificates into a function so it's not repeated. Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
| * | acme-common: Export canonical paths for storing certificates and challengesToke Høiland-Jørgensen2022-12-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The contract between the acme-common framework and consumers and hook scripts is that certificates can be consumed from /etc/ssl/acme and that web challenges are stored in /var/run/acme/challenge. Make this explicit by exporting $CERT_DIR and $CHALLENGE_DIR as environment variables as well, instead of having knowledge of those paths depend on out-of-band information. We already exported $challenge_dir, but let's change it to upper-case to make it clear that it's not a user configuration variable. Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
* | | perl: enable threading support for aarch64 by defaultDoug Thomson2022-12-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | Perl threads seem to be supported and working for aarch64, and including aarch64 here would allow packages like freeswitch-mod-perl to become available from the standard OpwnWrt package repository for popular routers such as the Linksys E8450 and Belkin RT3200. Signed-off-by: Doug Thomson <dwt62f+github@gmail.com>
* | | Merge pull request #20082 from paper42/yt-dlp-2022.11.11Tianling Shen2022-12-14
|\ \ \ | | | | | | | | yt-dlp: update to 2022.11.11
| * | | yt-dlp: update to 2022.11.11Michal Vasilek2022-12-13
| | |/ | |/| | | | | | | Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
* | | base16384: add new package源 文雨2022-12-14
| |/ |/| | | | | | | | | | | Encode binary files to printable utf16be. See more at https://github.com/fumiama/base16384. Signed-off-by: 源 文雨 <fumiama@foxmail.com>
* | Merge pull request #20059 from hgl/acmeToke Høiland-Jørgensen2022-12-14
|\ \ | | | | | | acme: deprecate state_dir
| * | acme-acmesh: use $challenge_dirGlen Huang2022-12-14
| | | | | | | | | | | | Signed-off-by: Glen Huang <i@glenhuang.com>
| * | acme: deprecate state_dirGlen Huang2022-12-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | state_dir is actually a hardcoded value in conffiles. Allowing users to customize it could result in losing certificates after upgrading if they don't also specify the dir as being preserved. We shouldn't default to this dangerous behavior. With the new ACME package, certificates live in the standard location /etc/ssl/acme, users who need to do certificate customizations should look for them in that dir instead. Signed-off-by: Glen Huang <i@glenhuang.com>
* | | Merge pull request #20067 from dynasticorpheus/masterAlexandru Ardelean2022-12-14
|\ \ \ | | | | | | | | python-pycares: bump to 4.3.0
| * | | python-pycares: PKG_RELEASE:=1Fabian Lipken2022-12-13
| | | | | | | | | | | | | | | | Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
| * | | python-pycares: bump to 4.3.0Fabian Lipken2022-12-12
| | | | | | | | | | | | | | | | Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
* | | | Merge pull request #20016 from commodo/stress-ng-updateHannu Nyman2022-12-13
|\ \ \ \ | |_|_|/ |/| | | stress-ng: bump to version 0.15.00
| * | | stress-ng: bump to version 0.15.00Alexandru Ardelean2022-12-13
| |/ / | | | | | | | | | Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* | | Merge pull request #20062 from stangri/master-pbrStan Grishin2022-12-12
|\ \ \ | | | | | | | | pbr: detect missing iptables
| * | | pbr: detect missing iptablesStan Grishin2022-12-12
| | | | | | | | | | | | | | | | Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | openssh: update to 9.1p1Sibren Vasse2022-12-13
| | | | | | | | | | | | | | | | Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
* | | | Merge pull request #20076 from stangri/master-simple-adblockStan Grishin2022-12-12
|\ \ \ \ | | | | | | | | | | simple-adblock: bugfix: add dnsmasq.nftset to uci_load_validate
| * | | | simple-adblock: bugfix: add dnsmasq.nftset to uci_load_validateStan Grishin2022-12-12
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fixes https://github.com/openwrt/openwrt/issues/11481 thanks to: * https://github.com/mistepien for reporting * https://github.com/dave14305 for diagnosing Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | Merge pull request #19982 from golddranks/masterTianling Shen2022-12-13
|\ \ \ \ | | | | | | | | | | ddns-scripts: update_gandi_net: improve logging & add timeout
| * | | | ddns-scripts: update_gandi_net: improve logging & add timeoutPyry Kontio2022-12-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Improved logging - Log the executed curl command to be able to rerun and test it manually - Log the curl exit status - Added 30 second timeout timeout for clear-cut detection of flaky connections. Signed-off-by: Pyry Kontio <pyry.kontio@drasa.eu>
* | | | | knot: update to version 3.2.4Jan Hák2022-12-13
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Jan Hák <jan.hak@nic.cz>
* | | | | syncthing: update to 1.22.2Van Waholtz2022-12-12
| |_|/ / |/| | | | | | | | | | | Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
* | | | Merge pull request #20064 from luizluca/ruby-3.1.3Josef Schlehofer2022-12-12
|\ \ \ \ | |_|/ / |/| | | ruby: update to 3.1.3
| * | | ruby: update to 3.1.3Luiz Angelo Daros de Luca2022-12-12
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This release includes a security fix. - CVE-2021-33621: HTTP response splitting in CGI For more details: - https://www.ruby-lang.org/en/news/2022/11/24/ruby-3-1-3-released/ Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* | | pdns: update to 4.7.3Peter van Dijk2022-12-12
| | | | | | | | | | | | Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
* | | wget: apply upstream fix to avoid nettle linking in nosslHannu Nyman2022-12-11
| |/ |/| | | | | | | | | | | | | | | | | | | Replace my own patch with the upstream solution, which they issued in response to my bug report. (Two patches as they overlooked something on the first try. Reference to https://savannah.gnu.org/bugs/index.php?63431 ) The nettle lib evaluation is now conditional to not having "--disable-ntlm". Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* | Merge pull request #20052 from stangri/master-https-dns-proxyStan Grishin2022-12-10
|\ \ | | | | | | https-dns-proxy: fix restart
| * | https-dns-proxy: fix restartStan Grishin2022-12-10
|/ / | | | | | | Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | Merge pull request #20040 from stangri/master-https-dns-proxyStan Grishin2022-12-09
|\ \ | | | | | | https-dns-proxy: add mdns service records
| * | https-dns-proxy: add mdns service recordsStan Grishin2022-12-07
| | | | | | | | | | | | | | | | | | | | | | | | * add mdns records for started instances * Makefile: use $(PKG_VERSION) as a value for PKG_SOURCE_DATE instead of hard-coding it Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | Merge pull request #20050 from stangri/master-simple-adblockStan Grishin2022-12-09
|\ \ \ | | | | | | | | simple-adblock: support new OISD dnsmasq config
| * | | simple-adblock: support new OISD dnsmasq configStan Grishin2022-12-10
|/ / / | | | | | | | | | | | | | | | * OISD dnsmasq config files switched from using address= to server= Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | Merge pull request #20018 from cbarrick/gcp_ddnsFlorian Eckert2022-12-09
|\ \ \ | | | | | | | | ddns-scripts: add support for Google Cloud DNS
| * | | ddns-scripts: add support for Google Cloud DNSChris Barrick2022-12-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The implementation uses a GCP service account. The user is expected to create and secure a service account and generate a private key. The "password" field can contain the key inline or be a file path pointing to the key file on the router. The GCP project name and Cloud DNS ManagedZone must also be provided. These are taken as form-urlencoded key-value pairs in param_enc. The TTL can optionally be supplied in param_opt. Signed-off-by: Chris Barrick <chrisbarrick@google.com>
* | | | Merge pull request #20037 from 1715173329/g1194Josef Schlehofer2022-12-09
|\ \ \ \ | | | | | | | | | | golang: Update to 1.19.4
| * | | | golang: Update to 1.19.4Tianling Shen2022-12-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | go1.19.4 (released 2022-12-06) includes security fixes to the net/http and os packages, as well as bug fixes to the compiler, the runtime, and the crypto/x509, os/exec, and sync/atomic packages. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | | zoneinfo: updated to the latest releaseVladimir Ulrich2022-12-09
| |/ / / |/| | | | | | | | | | | Signed-off-by: Vladimir Ulrich <admin@evl.su>
* | | | tailscale: preserve tailscaled state fileCarlo Alberto Ferraris2022-12-09
| | | | | | | | | | | | | | | | | | | | Fixes #19774 Signed-off-by: Carlo Alberto Ferraris <cafxx@strayorange.com>
* | | | modemmanager: bump to 1.20.2Kuan-Yi Li2022-12-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Drop deprecated AUTORELEASE. Disable unused tests as its compilation is optional in 1.20. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* | | | libqmi: bump to 1.32.2Kuan-Yi Li2022-12-09
| | | | | | | | | | | | | | | | | | | | | | | | Drop deprecated AUTORELEASE. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* | | | libmbim: bump to 1.28.2Kuan-Yi Li2022-12-09
| | | | | | | | | | | | | | | | | | | | | | | | Drop deprecated AUTORELEASE. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* | | | libqrtr-glib: drop deprecated AUTORELEASEKuan-Yi Li2022-12-09
| | | | | | | | | | | | | | | | Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
Powered by cgit, Themed by Ted Yin.