aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* lighttpd: remove deprecated modulesGlenn Strauss2022-10-05
| | | | Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
* Merge pull request #19520 from dyarkovoy/masterFlorian Eckert2022-10-05
|\ | | | | mwan3: support offload routing modifier
| * mwan3: support offload routing modifierDenys Yarkovyi2022-10-05
| | | | | | | | Signed-off-by: Denys Yarkovyi <dyarkovoy@gmail.com>
* | Merge pull request #19527 from stangri/master-https-dns-proxyStan Grishin2022-10-04
|\ \ | | | | | | https-dns-proxy: add settings for canary domains
| * | https-dns-proxy: add settings for canary domainsStan Grishin2022-10-04
|/ / | | | | | | | | | | | | | | * add setting to enable/disable blocking access to iCloud Private Relay resolvers * add setting to enable/disable blocking access to Mozilla resolvers * rename variables loaded from config in the init script Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | Merge pull request #19525 from stangri/master-https-dns-proxyStan Grishin2022-10-04
|\ \ | | | | | | https-dns-proxy: bugfix: prevent canary domains duplicates
| * | https-dns-proxy: bugfix: prevent canary domains duplicatesStan Grishin2022-10-04
|/ / | | | | | | Signed-off-by: Stan Grishin <stangri@melmac.ca>
* / treewide: fix security issues by bumping all packages using libwolfsslPetr Štetiar2022-10-04
|/ | | | | | | | | | | | | | | | | | | | As wolfSSL is having hard time maintaining ABI compatibility between releases, we need to manually force rebuild of packages depending on libwolfssl and thus force their upgrade. Otherwise due to the ABI handling we would endup with possibly two libwolfssl libraries in the system, including the patched libwolfssl-5.5.1, but still have vulnerable services running using the vulnerable libwolfssl-5.4.0. So in order to propagate update of libwolfssl to latest stable release done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages using wolfSSL library. Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide: fix security issues by bumping all packages using libwolfssl"). Signed-off-by: Petr Štetiar <ynezz@true.cz>
* Merge pull request #19512 from mhei/php8-update-8.1.11Michael Heimpold2022-10-04
|\ | | | | php8: update to 8.1.11
| * php8: update to 8.1.11Michael Heimpold2022-10-03
| | | | | | | | | | | | | | | | This fixes: - CVE-2022-31628 - CVE-2022-31629 Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | Merge pull request #19501 from stangri/master-simple-adblockStan Grishin2022-10-03
|\ \ | | | | | | simple-adblock: allow domains bugfix & canary domains support
| * | simple-adblock: allow domains bugfix & canary domains supportStan Grishin2022-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fix bug in download_lists and adb_allow to prevent unintended exclisions from the block-lists of domains containing allowed domain. Fixes issue: https://github.com/stangri/source.openwrt.melmac.net/issues/160 * add support for returning NXDOMAIN/blocking iCloud & Mozilla canary domains, disabled by default Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | expat: update to 2.4.9Nick Hainke2022-10-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes CVE-2022-40674. Release Notes: - https://github.com/libexpat/libexpat/blob/R_2_4_8/expat/Changes - https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes Signed-off-by: Nick Hainke <vincent@systemli.org>
* | | samba4: update waf-cross-answersAndrew Sim2022-10-03
| | | | | | | | | | | | | | | | | | * update waf-cross-answers for 4.14.x Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* | | samba4: update to 4.14.14Andrew Sim2022-10-03
| | | | | | | | | | | | | | | | | | | | | * update to 4.14.14 * fixes: CVE-2022-2031, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746, CVE-2022-32742 Signed-off-by: Andrew Sim <andrewsimz@gmail.com>
* | | python-stem: update to v1.8.1Javier Marcet2022-10-03
| |/ |/| | | | | Signed-off-by: Javier Marcet <javier@marcet.info>
* | Merge pull request #19478 from mhei/libmodbus-update-3.1.8Michael Heimpold2022-10-03
|\ \ | | | | | | libmodbus: update to 3.1.8
| * | libmodbus: update to 3.1.8Michael Heimpold2022-09-28
| | | | | | | | | | | | | | | | | | | | | - drop obsolete configure argument - update download url Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | | Merge pull request #19497 from mhei/php8-ext-sodiumMichael Heimpold2022-10-03
|\ \ \ | | | | | | | | php8: php8-pecl-sodium with php8-mod-sodium (refs #18997)
| * | | php8-pecl-sodium: drop package, replaced by php8-mod-sodium (refs #18997)Michael Heimpold2022-09-30
| | | | | | | | | | | | | | | | Signed-off-by: Michael Heimpold <mhei@heimpold.de>
| * | | php8: add sodium extensions (refs #18997)Michael Heimpold2022-09-30
| | | | | | | | | | | | | | | | Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | | | zoneinfo: updated to the latest releaseVladimir Ulrich2022-10-03
| | | | | | | | | | | | | | | | Signed-off-by: Vladimir Ulrich <admin@evl.su>
* | | | gg: Update to 0.2.13Tianling Shen2022-10-02
| | | | | | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | dnsproxy: Update to 0.45.2Tianling Shen2022-10-02
| | | | | | | | | | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | | cloudflared: Update to 2022.9.1Tianling Shen2022-10-02
| |_|/ |/| | | | | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | Merge pull request #19489 from stangri/master-https-dns-proxyStan Grishin2022-10-01
|\ \ \ | |/ / |/| | https-dns-proxy: uci wrappers & iCloud canary domains
| * | https-dns-proxy: uci wrappers & iCloud canary domainsStan Grishin2022-09-30
|/ / | | | | | | | | | | | | | | * switch to using uci wrappers instead of direct uci calls * add support for iCloud canary domains https://developer.apple.com/support/prepare-your-network-for-icloud-private-relay Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | bandwidthd: fix format warningsRosen Penev2022-09-29
| | | | | | | | | | | | Should fix crashing errors under musl 1.2 Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | docker-compose: Update to version 2.11.2Javier Marcet2022-09-29
| | | | | | | | Signed-off-by: Javier Marcet <javier@marcet.info>
* | Merge pull request #19447 from turris-cz/unboundJosef Schlehofer2022-09-29
|\ \ | |/ |/| unbound: update to version 1.16.3
| * unbound: update to version 1.16.3Josef Schlehofer2022-09-25
| | | | | | | | | | | | | | | | | | Changelog: https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-16-3 - Fixes: CVE-2022-3204 Refreshed one patch Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
* | python3: use tools/expat for host buildRosen Penev2022-09-28
| | | | | | | | | | | | Oversight from when the expat host build was removed. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* | Merge pull request #19470 from rmilecki/ddns-scripts-code-cleanupRafał Miłecki2022-09-28
|\ \ | | | | | | ddns-scripts: clean up code a bit to make it easier to understand
| * | ddns-scripts: add explicit "-d" switch for Dry RunRafał Miłecki2022-09-28
| | | | | | | | | | | | | | | | | | | | | | | | It was a bit confusing to use *verbosity* level for Dry Run mode. Add explicity switch for it and designed DRY_RUN variable to make code easier to understand. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
| * | ddns-scripts: rename variable: s/ERR_UPDATE/RETRY_COUNT/Rafał Miłecki2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rename variable to make code easier to understand. This variable specifies how many times in row ddns script tried to update IP without a success. Previous name ("ERR_UPDATE") didn't suggest it was for counting anything. It also didn't specify was error was it related to. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
| * | ddns-scripts: replace IP type (name) "local" with "current"Rafał Miłecki2022-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | Local suggests something related to the local network or available locally only. All that code related to the "local" IP was actually dealing with *current* device external IP address. Using name "current" should make code a bit easier to understand. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
| * | ddns-scripts: rename variable: s/retry_count/retry_max_count/Rafał Miłecki2022-09-27
|/ / | | | | | | | | | | | | | | | | Rename variable to make code easier to understand. This variable specifies how many times ddns script should try to send a request. Previous name ("retry_count") suggested it was for *counting* attempts. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* | Merge pull request #19448 from stangri/master-simple-adblockStan Grishin2022-09-27
|\ \ | | | | | | simple-adblock: update to 1.9.1-1
| * | simple-adblock: update to 1.9.1-1Stan Grishin2022-09-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * remove obsolete block-lists from config * add removal of obsolete lists to config-update * add AdGuard team's block-list to config * improve allow command * improve nftset support * move config load to uci_load_validate, which required some code refactoring which looks dramatic, but isn't * always use dnsmasq_restart instead of dnsmasq_hup for all dns resolution options for dnsmasq Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | Merge pull request #19465 from TELUS-BBA/zabbix6.2Etienne Champetier2022-09-26
|\ \ \ | | | | | | | | zabbix: update to 6.2.3
| * | | zabbix: update to 6.2.3Scott Roberts2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | Refreshed patches. Signed-off-by: Scott Roberts <ttocsr@gmail.com>
* | | | Merge pull request #19460 from stangri/master-curlStan Grishin2022-09-26
|\ \ \ \ | | | | | | | | | | curl: bugfix: github source url
| * | | | curl: bugfix: github source urlStan Grishin2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * fixes https://github.com/openwrt/packages/issues/19456 Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | | | | lua-eco: adapt SSL choice to libwolfsslcpu-cryptoEneas U de Queiroz2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | libwolfsslcpu-crypto has to be taken into consideration when selecting the default SSL backend. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* | | | | Merge pull request #19446 from jamesmacwhite/mwan3-config-replace-google-dnsFlorian Eckert2022-09-26
|\ \ \ \ \ | | | | | | | | | | | | mwan3: Switch default track_ip targets from Google DNS to Cloudflare DNS
| * | | | | mwan3: Switch default track_ip targets from Google DNS to Cloudflare DNSJames White2022-09-25
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: James White <james@jmwhite.co.uk>
* | | | | | libs/libwebsockets: Update to 4.3.xKarl Palsson2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes since 4.2 are extensive, as always. https://libwebsockets.org/git/libwebsockets/tree/changelog?h=v4.3-stable#n4 Eg, Adds CBOR, support for reduced memory CA verification, cookie jars, mqtt client gains qos2, mbedtls v3, fault injection apis, better support for event loops. Signed-off-by: Karl Palsson <karlp@etactica.com>
* | | | | | lang: lua-penlight: update to 1.13.1Karl Palsson2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These are bugfix and feature releases. Changes from 1.11->1.12: https://github.com/lunarmodules/Penlight/blob/master/CHANGELOG.md#1120-2022-jan-10 Changes from 1.12->1.13: https://github.com/lunarmodules/Penlight/blob/master/CHANGELOG.md#1130-2022-jul-22 Signed-off-by: Karl Palsson <karlp@etactica.com>
* | | | | | libs/cjson: bump to 1.7.15Karl Palsson2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a bugfix release. Full release notes available at: https://github.com/DaveGamble/cJSON/releases/tag/v1.7.15 Signed-off-by: Karl Palsson <karlp@etactica.com>
* | | | | | pagekite: add patchs for 64bit timeKarl Palsson2022-09-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: https://github.com/pagekite/libpagekite/pull/78 Signed-off-by: Karl Palsson <karlp@etactica.com>
Powered by cgit, Themed by Ted Yin.