| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
Remove libressl specific patches. With commit
("tools/libressl: update to 3.7.0") they are no longer needed,
rather they cause python3 to be compiled without working ssl-support.
Fixes: #20107
Suggested-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
| |
Apache SpamAssassin -- Version 4.0.0
See https://lwn.net/Articles/918145/ for details
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |\
| |
| | |
flent: fixup flent package
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update the Flent package and move it to net/, renaming it to just 'flent'
instead of python3-flent (it's not a library, having the python3- prefix
makes no sense). Also add python3-defusedxml as a dependency to protect
against XML bombs if using the one of the backends that use XML-RPC, and
trim the dependencies to those used directly by Flent.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
|
| |\ \
| |/
|/| |
php8: update to 8.2.0
|
| | |
| |
| |
| |
| |
| |
| | |
We need to bump the package release number to force a rebuild
against new PHP ABI version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| |
| |
| |
| | |
We need to bump the package release number to force a rebuild
against new PHP ABI version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| |
| |
| |
| | |
We need to bump the package release number to force a rebuild
against new PHP ABI version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| |
| |
| |
| | |
We need to bump the package release number to force a rebuild
against new PHP ABI version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| |
| |
| |
| | |
We need to bump the package release number to force a rebuild
against new PHP ABI version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| |
| |
| |
| | |
We need to bump the package release number to force a rebuild
against new PHP ABI version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| | |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| |
| |
| | |
This update brings support for PHP 8.2.0.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| | |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| | |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Perl threads seem to be supported and working for aarch64, and
including aarch64 here would allow packages like freeswitch-mod-perl
to become available from the standard OpwnWrt package repository for
popular routers such as the Linksys E8450 and Belkin RT3200.
Signed-off-by: Doug Thomson <dwt62f+github@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
|
| |/
|
|
| |
Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This release includes a security fix.
- CVE-2021-33621: HTTP response splitting in CGI
For more details:
- https://www.ruby-lang.org/en/news/2022/11/24/ruby-3-1-3-released/
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |\
| |
| | |
golang: Update to 1.19.4
|
| | |
| |
| |
| |
| |
| |
| |
| | |
go1.19.4 (released 2022-12-06) includes security fixes to the net/http
and os packages, as well as bug fixes to the compiler, the runtime,
and the crypto/x509, os/exec, and sync/atomic packages.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |/
|
|
|
|
| |
fix CVE-2022-41323
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
|
| |\
| |
| | |
borgbackup: initial commit
|
| | |
| |
| |
| | |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| | |
| |
| |
| | |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| | |
| |
| |
| | |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| | |
| |
| |
| | |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| | |
| |
| |
| | |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| | |
| |
| |
| | |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| | |
| |
| |
| | |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| | |
| |
| |
| | |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| |/
|
|
| |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |\
| |
| | |
golang: update to v1.19.2
|
| | |
| |
| |
| | |
Signed-off-by: Stanislav Petrashov <s@petrashov.ru>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Includes fixes for security vulnerabilities:
* [CVE-2022-27664](https://github.com/advisories/GHSA-69cg-p879-7622) net/http: handle server errors after sending GOAWAY
* [CVE-2022-32190](https://github.com/golang/go/issues/54385) net/url: JoinPath does not strip relative path components in all circumstances
* [CVE-2022-2879](https://github.com/golang/go/issues/54853) archive/tar: unbounded memory consumption when reading headers
* [CVE-2022-2880](https://github.com/golang/go/issues/54663) net/http/httputil: ReverseProxy should not forward unparseable query parameters
* [CVE-2022-41715](https://github.com/golang/go/issues/55949) regexp/syntax: limit memory used by parsing regexps
Addresses the build failure:
* https://github.com/openwrt/packages/pull/19613
Signed-off-by: Stanislav Petrashov <s@petrashov.ru>
|
| |/
|
|
| |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes following CVEs:
- CVE-2022-32189 (version 1.18.5 [1]]
- CVE-2022-27664 (version 1.18.6 [2])
- CVE-2022-32190 (version 1.18.6 [2])
- CVE-2022-2879 (version 1.18.7 [3])
- CVE-2022-2880 (version 1.18.7 [3])
- CVE-2022-41715 (version 1.18.7 [3])
- CVE-2022-41716 (version 1.18.8 [4])
and refreshed patch
[1] https://groups.google.com/g/golang-announce/c/YqYYG87xB10
[2] https://groups.google.com/g/golang-announce/c/x49AQzIVX-s
[3] https://groups.google.com/g/golang-announce/c/xtuG5faxtaU
[4] https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
| |
Found with modified Kconfiglib.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
| |
|
|
|
|
|
|
| |
This fixes:
- CVE-2022-31630
- CVE-2022-37454
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
|
|
| |
Update to v16.18.0
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|
| |
|
|
|
|
| |
This version updates the CA bundle, and needs urllib as dependency.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
| |
Package does not currently build because of distutil dependency. Fix
this by updating to the latest version.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
|
|
|
|
| |
* fixes CVE-2021-28861
* adjust pip and setuptools versions
* refresh patches
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
|
| |\
| |
| | |
numpy: bump to version 1.23.3
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also bump Cython version to 0.29.32
And yeeeey: zip -> tar.gz
And they fixed the Intel AVX extension stuff/detection.
Which is why I deferred updating it until now.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |\ \
| | |
| | | |
python3-pytz: bump to version 2022.4
|
| | |/
| |
| |
| | |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|