aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* nextdns: Update to version 1.41.0Olivier Poitrey2023-10-08
| | | | Signed-off-by: Olivier Poitrey <rs@nextdns.io>
* sshtunnel: update version to 5.1Sergey Ponomarev2023-10-08
| | | | | | Make it depends on ether Dropbear dbclient or OpenSSH client Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* sshtunnel: allow empty port and userSergey Ponomarev2023-10-08
| | | | | | | | A user may have some host configured in the .ssh/config with user and port. But we anyway have to specify them in the sshtunnel. The change fixes this Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* sshtunnel: add enabled optionSergey Ponomarev2023-10-08
| | | | Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* sshtunnel: allow empty remoteaddressSergey Ponomarev2023-10-08
| | | | | | Just empty or * may have some semantic difference on a server Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* sshtunnel: StrictHostKeyChecking for DropbearSergey Ponomarev2023-10-08
| | | | | | | | | | | | | | | | | The dbclient doesn't support the -o StrictHostKeyChecking but it has it's own -y option: -y Always accept remote host key if unknown -y -y Don't perform any remote host key checking (caution) So we can add these options to make the StrictHostKeyChecking working. The dbclient will ignore -o StrictHostKeyChecking but use the -y or -yy instead. The only problem is that the -y flag is also used by the openssh-client: -y Send log information using the syslog(3) system module. By default this information is sent to stderr. This is not critical and once the dbclient start to support the StrictHostKeyChecking we can remove the -y flag. Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* sshtunnel: Use -i $IdentityFile instead of -o IdentityFile=$IdentityFileSergey Ponomarev2023-10-08
| | | | | | This makes the sshtunnel compatible with Dropbear. Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* sshtunnel: set StrictHostKeyChecking=accept-new by defaultSergey Ponomarev2023-10-08
| | | | | | | | | | Without the option the ssh will propt a user to accept the host key. So a user should perform a connection manualy and accept before useing the sshtunnel. The accept-new is a reasonable trade off. Also the LogLevel is INFO by default. Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* sshtunnel: uci_sshtunnel use example.comSergey Ponomarev2023-10-08
| | | | Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* sshtunnel: uci_sshtunnel simplifySergey Ponomarev2023-10-08
| | | | | | | | Simplify comment and make it shorter. Remove triling tab after retrydelay. Use a full path for IdentityFile because otherwise the uci validation fails with the relative path ~/.ssh Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
* exim: update to version 4.96.1Daniel Golle2023-10-08
| | | | | | | | | | | | | | | | | | This is a security release. JH/01 Bug 2999: Fix a possible OOB write in the external authenticator, which could be triggered by externally-supplied input. Found by Trend Micro. CVE-2023-42115 JH/02 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could be triggered by externally-controlled input. Found by Trend Micro. CVE-2023-42116 JH/03 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could be triggered by externally-controlled input. Found by Trend Micro. CVE-2023-42114 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libvpx: update to 1.13.1Luiz Angelo Daros de Luca2023-10-07
| | | | | | | | | | | | | | | | | | | v1.13.0 This release includes more Neon and AVX2 optimizations, adds a new codec control to set per frame QP, upgrades GoogleTest to v1.12.1, and includes numerous bug fixes. v1.13.1 This release contains two security related fixes. One each for VP8 and VP9. - https://crbug.com/1486441 (CVE-2023-5217) - Fix bug with smaller width bigger size (CVE-2023-44488) Fixes #22318 Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* Merge pull request #22329 from jefferyto/golang-1.21.2Josef Schlehofer2023-10-07
|\ | | | | golang: Update to 1.21.2
| * golang: Update to 1.21.2Jeffery To2023-10-07
|/ | | | | | | Includes fix for CVE-2023-39323 (cmd/go: line directives allows arbitrary execution during build). Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* Merge pull request #22306 from cotequeiroz/python3-rebuildJeffery To2023-10-07
|\ | | | | python3: avoid unnecessary rebuilds
| * python3: avoid unnecessary rebuildsEneas U de Queiroz2023-10-04
| | | | | | | | | | | | | | | | | | | | | | | | | | Move the order in which BuildPackage is called, so that the libpython package is built ahead of the module packages, to avoid forcing a clean-build of the package when 'make package/python3/compile' is called a second time without changes. The library must be built first, so that when the buildsystem checks for ABI version changes using libpython3.version, its timestamp should be older than the dependent package's STAMP_PREPARED file. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* | Merge pull request #22309 from BKPepe/tor-fw-helperJeffery To2023-10-07
|\ \ | | | | | | tor-fw-helper: remove it
| * | tor-fw-helper: remove itJosef Schlehofer2023-10-05
| |/ | | | | | | | | | | | | | | | | This package does not receive any update since 2015. [1] It seems unmaintained and most likely not used at all. [1] https://gitweb.torproject.org/tor-fw-helper.git/ Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | Merge pull request #22311 from stangri/master-adblock-fastStan Grishin2023-10-06
|\ \ | | | | | | adblock-fast: bugfix: properly identify hosts-files
| * | adblock-fast: bugfix: properly identify hosts-filesStan Grishin2023-10-05
| | | | | | | | | | | | | | | | | | * escape dots in grep command to properly identify hosts files Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | Merge pull request #22298 from TDT-AG/pr/20231004-keepalivedFlorian Eckert2023-10-06
|\ \ \ | | | | | | | | keepalived: update to version 2.2.8
| * | | keepalived: add notify_up and notify_down for virtual serverFlorian Eckert2023-10-04
| | | | | | | | | | | | | | | | Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | keepalived: add PING_CHECK to real_serverFlorian Eckert2023-10-04
| | | | | | | | | | | | | | | | Signed-off-by: Florian Eckert <fe@dev.tdt.de>
| * | | keepalived: update to version 2.2.8Florian Eckert2023-10-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | See release-notes: https://www.keepalived.org/release-notes/Release-2.2.8.html Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* | | | Merge pull request #22301 from cotequeiroz/pymysql_sha256Alexandru Ardelean2023-10-06
|\ \ \ \ | | | | | | | | | | pymysql: add meta-package for sha256 support
| * | | | pymysql: add meta-package for sha256 supportEneas U de Queiroz2023-10-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replace the PYTHON3_PYMYSQL_SHA_PASSWORD_SUPPORT option, which is causing circular dependencies, with a meta-package that installs both python3-pymysql and python3-cryptography. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* | | | | Merge pull request #22273 from ne20002/crowdsec-firewall-bouncerTianling Shen2023-10-06
|\ \ \ \ \ | | | | | | | | | | | | crowdsec-firewall-bouncer: new upstream release version 0.0.28
| * | | | | crowdsec-firewall-bouncer: new upstream release version 0.0.28S. Brusch2023-10-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: S. Brusch <ne20002@gmx.ch> Maintainer: Kerma GĂ©rald <gandalf@gk2.net> Run tested: mediatek/filogic, BPI-R3, Openwrt 23.05.0-rc3 Description: Update crowdsec-firewall-bouncer to latest upstream release version 0.0.28
* | | | | | openssh: bump to 9.5p1John Audia2023-10-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: https://www.openssh.com/txt/release-9.5 Build system: x86/64 Build-tested: x86/64/AMD Cezanne Run-tested: x86/64/AMD Cezanne Signed-off-by: John Audia <therealgraysky@proton.me>
* | | | | | python-twisted: Update to 23.8.0, rework patchesJeffery To2023-10-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The package changed to the hatchling build backend. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* | | | | | ffmpeg: fix compilation error of ffmpeg-customJan Kratochvil2023-10-05
| |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: #12320 After plain enable of libffmpeg-custom and ffmpeg-custom which adds: - CONFIG_PACKAGE_libbz2=m - CONFIG_PACKAGE_libffmpeg-custom=m - CONFIG_FFMPEG_CUSTOM_GPL=y - CONFIG_PACKAGE_zlib=m - CONFIG_PACKAGE_ffmpeg-custom=m I get on v22.03.5 compilation error: ``` cp -fpR /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-install/usr/bin/ffmpeg /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-mips_24kc/ffmpeg-custom/usr/bin/ cp: cannot stat '/.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1/ipkg-install/usr/bin/ffmpeg': No such file or directory make[2]: *** [Makefile:756: /.../openwrt-git/bin/packages/mips_24kc/packages/ffmpeg-custom_5.1-1_mips_24kc.ipk] Error 1 ``` It is because configure is missing `ffmpeg` in its `Programs:` section: ``` ( cd /.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1; CFLAGS="-Os -pipe -mno-branch-likely -mips32r2 -mtune=24kc -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -msoft-float -mips16 -minterlink-mips16 -fmacro-prefix-map=/.../openwrt-git/build_dir/target-mips_24kc_musl/ffmpeg-custom/ffmpeg-5.1=ffmpeg-5.1 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/usr/include -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/include/fortify -I/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/include -DPIC -fpic" LDFLAGS="-L/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/usr/lib -L/.../openwrt-git/staging_dir/toolchain-mips_24kc_gcc-11.2.0_musl/lib -znow -zrelro" ./configure --enable-cross-compile --cross-prefix="mips-openwrt-linux-musl-" --arch="mips" --cpu=24kc --target-os=linux --prefix="/usr" --pkg-config="pkg-config" --enable-shared --enable-static --enable-pthreads --enable-zlib --disable-doc --disable-debug --disable-lzma --disable-vaapi --disable-vdpau --disable-outdevs --disable-altivec --disable-vsx --disable-power8 --disable-armv5te --disable-armv6 --disable-armv6t2 --disable-fast-unaligned --disable-runtime-cpudetect --disable-x86asm --enable-small --enable-gpl --disable-programs --disable-avfilter --disable-swresample --disable-swscale --disable-everything --disable-postproc ) install prefix /usr source path . C compiler mips-openwrt-linux-musl-gcc C library host C compiler gcc host C library glibc ARCH mips (24kc) big-endian yes runtime cpu detection no MIPS FPU enabled no MIPS DSP R1 enabled no MIPS DSP R2 enabled no MIPS MSA enabled no LOONGSON MMI enabled no debug symbols no strip symbols yes optimize for size yes optimizations yes static yes shared yes postprocessing support no network support yes threading support pthreads safe bitstream reader yes texi2html enabled no perl enabled yes pod2man enabled yes makeinfo enabled yes makeinfo supports HTML no xmllint enabled yes External libraries: alsa iconv bzlib zlib External libraries providing hardware acceleration: cuda_llvm v4l2_m2m Libraries: avcodec avformat avdevice avutil Programs: Enabled decoders: Enabled encoders: Enabled hwaccels: Enabled parsers: Enabled demuxers: Enabled muxers: Enabled protocols: Enabled filters: Enabled bsfs: Enabled indevs: Enabled outdevs: License: GPL version 2 or later ``` Signed-off-by: Jan Kratochvil <jan@jankratochvil.net>
* | | | | Merge pull request #22289 from mhei/mmc-utils-updateMichael Heimpold2023-10-05
|\ \ \ \ \ | | | | | | | | | | | | mmc-utils: update to latest upstream revision
| * | | | | mmc-utils: update to latest upstream revisionMichael Heimpold2023-10-03
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This also requires updating our patch for fortify-ing. We now also pass the version as define during compilation. Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | | | | Merge pull request #22290 from mhei/php8-update-to-8.2.11Michael Heimpold2023-10-05
|\ \ \ \ \ | |_|_|_|/ |/| | | | php8: update to 8.2.11
| * | | | php8: update to 8.2.11Michael Heimpold2023-10-03
| |/ / / | | | | | | | | | | | | Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | / / syslog-ng: update to version 4.4.0Josef Schlehofer2023-10-04
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | - Release notes: https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.4.0 - Bump version in config file Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | | Merge pull request #22295 from 1715173329/wgetHannu Nyman2023-10-04
|\ \ \ | | |/ | |/| wget: Update to 1.21.4
| * | wget: Update to 1.21.4Tianling Shen2023-10-04
|/ / | | | | | | | | | | Removed upstreamed patches and unneeded autoreconf. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | ffmpeg: bump PKG_RELEASEJan Kratochvil2023-10-03
| | | | | | | | | | | | Suggested by @neheb. Signed-off-by: Jan Kratochvil <jan@jankratochvil.net>
* | ffmpeg: Add avi muxerJan Kratochvil2023-10-03
| | | | | | | | | | | | | | Otherwise one cannot produce *.avi containers needed for some H.264 camera codecs. Signed-off-by: Jan Kratochvil <jan@jankratochvil.net>
* | lua-openssl: Update to version 0.8.5-1Amnon Paz2023-10-03
| | | | | | | | Signed-off-by: Amnon Paz <pazamnon@gmail.com>
* | ncdu: update to 1.19John Audia2023-10-03
| | | | | | | | | | | | | | | | | | | | Upstream bump Build system: x86_64 Build-tested: x86/64/AMD Cezanne Run-tested: x86/64/AMD Cezanne Signed-off-by: John Audia <therealgraysky@proton.me>
* | python-packaging: Update to 23.2Jeffery To2023-10-03
| | | | | | | | Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* | banip: release 0.9.1-1Dirk Brenken2023-10-03
| | | | | | | | | | | | | | | | | | * drop packets silently on input and forwardwan chains or actively reject the traffic, set 'ban_blocktype' accordingly * optimized banIP boot/reload handling * removed pppoe quirk in device detection * small fixes and optimizations Signed-off-by: Dirk Brenken <dev@brenken.org>
* | Merge pull request #22280 from dynasticorpheus/irssi-1.4.5Alexandru Ardelean2023-10-03
|\ \ | | | | | | irssi: update to 1.4.5
| * | irssi: update to 1.4.5Fabian Lipken2023-10-03
| |/ | | | | | | Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
* | Merge pull request #22268 from stangri/master-adblock-fastAlexandru Ardelean2023-10-03
|\ \ | | | | | | adblock-fast: update to 1.0.0-5
| * | adblock-fast: update to 1.0.0-5Stan Grishin2023-10-02
| | | | | | | | | | | | | | | | | | | | | * improve processing of dnsmasq config files * do not run sed/show error if allow_filter is empty Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | Merge pull request #22284 from jefferyto/python-charset-normalizer-3.3.0Alexandru Ardelean2023-10-03
|\ \ \ | | | | | | | | python-charset-normalizer: Update to 3.3.0
| * | | python-charset-normalizer: Update to 3.3.0Jeffery To2023-10-03
| | | | | | | | | | | | | | | | Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Powered by cgit, Themed by Ted Yin.