Commit Graph

5388 Commits

Author SHA1 Message Date
Rosen Penev 0ff43a37a3 apache: Update to 2.4.37
Fixes at least:

CVE-2017-15710
CVE-2017-15715
CVE-2018-1283
CVE-2018-1312

Added CPE ID for proper CVE tracking.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-11-06 09:36:54 -08:00
Marko Ratkaj 262eaa45c8 net: squid: bump version to 4.4
Simple bump from 4.3 to 4.4

Changelog since 4.3:
netdb not saving to disk (#311)
Fix memory leak when parsing SNMP packet (#313)
Fix several windows build issues (#309)
Certificate fields injection via %D in ERR_SECURE_CONNECT_FAIL (#306)
Allow compilation with minimal OpenSSL (#281)
Fixed %USER_CA_CERT_xx and %USER_CERT_xx crashes (#301)
Improve const correctness for hash_link (#300)
Bug #4893: Malformed %>ru URIs for CONNECT requests (#299)

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2018-11-06 18:23:57 +01:00
Hannu Nyman 7681c108af Merge pull request #7315 from diizzyy/patch-16
fping: Update to 4.1
2018-11-06 18:03:58 +02:00
Hannu Nyman f9117262f0 Merge pull request #7316 from diizzyy/patch-17
stunnel: Update to 5.49
2018-11-06 18:03:23 +02:00
Hannu Nyman a2ce8bf07f Merge pull request #6193 from rosysong/nqos
nft-qos: add new package
2018-11-06 17:58:19 +02:00
Jeffery To 3e84e30ba2 tor-fw-helper: new package
tor-fw-helper is a helper to automatically configuring port forwarding
for tor, using UPnP or NAT-PMP NAT traversal.

This is a tor-fw-helper rewrite in Go that functions as a drop in
replacement for the original C code.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2018-11-06 20:33:55 +08:00
Rosy Song 6649ac91e9 nft-qos: add new package
This is the nftables implementation for qos on OpenWrt,
Currently, it has below features:

* Static QoS : setting limit rate for devices or global network.

* Dynamic/Auto QoS : setting limit rate according to the network
  bandwidth and adjust itself automatically (hotplug event).

* Traffic Priority : this feature is like traffic shaping under tc,
  it uses ingress hook to handle to packets here.

Signed-off-by: Rosy Song <rosysong@rosinson.com>
2018-11-06 16:13:28 +08:00
Rosen Penev 1ce197c73f tgt: Update to 1.0.74
Remove KERNEL_AIO dependency to avoid recursive dependency with libaio in
a future commit.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-11-05 20:31:49 -08:00
Rosen Penev 1200c508fb unbound: Remove deprecated OpenSSL API
This will become pointless once OpenSSL 1.1.1 enters the tree.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-11-05 16:32:11 -08:00
Daniel Engberg 31e27e9d82 stunnel: Update to 5.49
Update stunnel to 5.49

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-11-05 20:41:01 +01:00
Daniel Engberg 95bde85468 fping: Update to 4.1
Update fping to 4.1

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-11-05 20:37:14 +01:00
Hannu Nyman 81c9ff735d Merge pull request #5781 from jefferyto/obfs4proxy
obfs4proxy: new packages (including dependencies)
2018-11-04 20:34:36 +02:00
Peter Wagner 555e3ff88b tor:update to 0.3.4.9
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2018-11-04 18:07:31 +01:00
Dirk Brenken 4e70f1c949 Merge pull request #7258 from jonathanunderwood/stubby_documentation
stubby: add reload_config to documentation
2018-11-04 13:36:48 +01:00
Dirk Brenken 8e00bab166 Merge pull request #7257 from jonathanunderwood/stubby_fix_init
stubby: fix loading of config file
2018-11-04 13:36:29 +01:00
jonathanunderwood 35a377dbfc stubby: add Jonathan Underwood as co-maintainer (#7307)
Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
2018-11-04 10:49:52 +00:00
Hannu Nyman ea8f30cf65 Merge pull request #7278 from neheb/seafile
seafile-ccnet: Update to 6.3.4
2018-11-03 09:23:27 +02:00
Hannu Nyman effc00e24a Merge pull request #6811 from Robby-/master-freeradius3-eap-pwd
freeradius3: Enable the EAP-PWD module.
2018-11-03 09:11:34 +02:00
Christian Lachner ca39a1b787 haproxy: Update all patches for HAProxy v1.8.14
- Add new patches (see https://www.haproxy.org/bugs/bugs-1.8.14.html)
- Raise PKG_RELEASE to 4

Signed-off-by: Christian Lachner <gladiac@gmail.com>
2018-11-02 10:35:38 +01:00
Hannu Nyman b0a54383c9 Merge pull request #7267 from neheb/hap
haproxy: Remove unnecessary OpenSSL depends
2018-11-02 08:08:19 +02:00
W. van den Akker 9a4cd1ecba Shorewall6: Bump to version 5.2.1.1
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
2018-11-01 14:06:45 +01:00
W. van den Akker a4220dd385 Shorewall: Bump to version 5.2.1.1
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
2018-11-01 14:06:29 +01:00
W. van den Akker ed15a9d06c Shorewall6-lite: Bump to version 5.2.1.1
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
2018-11-01 14:06:07 +01:00
W. van den Akker b644b8230e Shorewall-lite: Bump to version 5.2.1.1
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
2018-11-01 14:05:48 +01:00
W. van den Akker c82c3613cd Shorewall-core: Bump to version 5.2.1.1
Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>
2018-11-01 14:05:29 +01:00
Albert Lopez 46d6c1093a oor: Add OpenOverlayRouter (oor) package
lispmob: OOR is a rename of LISPmob and replace the package

Signed-off-by: Albert Lopez <alopez@ac.upc.edu>
2018-10-31 15:15:15 +00:00
Rosen Penev 5c950bd726 haproxy: Remove unnecessary OpenSSL depends
All of these are either not needed or not valid.

Added a patch to remove the OPENSSL_WITH_DEPRECATED dependency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-30 14:20:55 -07:00
Dirk Brenken 4e8da997db travelmate: update 1.3.0
* proactively scan and switch to a higher prioritized uplink,
  despite of an already existing connection,
  this is configurable via 'trm_proactive' option
  (default '1', enabled)
* fix some minor list trim issues
* optimize wlan scanning behavior
* refine debug messages

Signed-off-by: Dirk Brenken <dev@brenken.org>
2018-10-30 15:40:07 +01:00
Rosen Penev 0722916ff6 seafile-ccnet: Update to 6.3.4
Switched to codeload for easier package bumping.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-29 21:46:02 -07:00
Noah Meyerhans 6f320da526 bind: Update bind.keys
A multi-year DNSSEC root key update is in progress, as described at
https://www.isc.org/downloads/bind/bind-keys/. This change refreshes the
bind.keys file, ensuring that the new key, in place as of 2018-10-11,
will be recognized and trusted.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
2018-10-29 08:36:37 -07:00
Noah Meyerhans 13a6326cc4 bind: Include delv in the bind-tools package
delv is a tool for sending DNS queries and validating the results, using the
same internal resolver and validator logic as named.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
2018-10-29 08:36:37 -07:00
Noah Meyerhans f9fbc75557 bind: Update to 9.11.5
This includes the fix for CVE-2018-5738: When recursion is enabled but the
allow-recursion and allow-query-cache ACLs are not specified, they should be
limited to local networks, but they were inadvertently set to match the default
allow-query, thus allowing remote queries.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
2018-10-29 08:36:37 -07:00
Yousong Zhou 98d206086b openvswitch: bump to version 2.10.1
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-10-29 03:36:01 +00:00
Rosen Penev 432aa67e27 bind: Remove OpenSSL deprecated APIs dependency
It seems to not be needed anymore. Tested on mvebu and ar71xx.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-28 15:28:52 -07:00
Philip Prindeville b0e73634f7 isc-dhcp: drop .conf suffix on dhcrelay config file
Resolves issue #7235

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-10-28 14:38:56 -06:00
Thomas Heil 2f8eb41827 Merge pull request #7213 from gladiac1337/feature-haproxy-v1.8.14-updates
haproxy: Update all patches for HAProxy v1.8.14
2018-10-28 20:12:45 +01:00
Hannu Nyman 5302ac5cfc Merge pull request #7063 from neheb/patch-38
libsearpc: Update to 3.1.0
2018-10-28 18:40:41 +02:00
Hannu Nyman 78352d4b05 Merge pull request #7176 from neheb/jool
jool: Backport two fixes for newer kernels.
2018-10-28 14:27:13 +02:00
Hannu Nyman 1a1b0a8454 Merge pull request #7177 from neheb/patch-44
spoofer: Update to 1.4.0
2018-10-28 14:23:30 +02:00
Hannu Nyman a6710e82b1 Merge pull request #7215 from jsiverskog/mdnsresponder_878_70_2
mdnsresponder: bump to 878.70.2 and refresh patches
2018-10-28 14:10:20 +02:00
Jonathan G. Underwood a3de18a2c7 stubby: add reload_config to documentation
Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
2018-10-27 18:28:29 +01:00
Jonathan G. Underwood ada93c69f0 stubby: fix loading of config file
Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
2018-10-27 14:34:14 +01:00
Dirk Brenken 4b4db77c29 Merge pull request #7251 from brvphoenix/master
aria2: fixed the spelling for rpc-passwd and rpc-user.
2018-10-25 16:50:00 +02:00
Dirk Brenken 3f4cf72ae5 Merge pull request #7249 from EricLuehrsen/unbound_axfr
unbound: fix odhcpd and axfr script functions
2018-10-25 16:35:45 +02:00
Dirk Brenken fe8f32a940 Merge pull request #7247 from TDT-AG/pr/20181023-mwan3
net/mwan3: improvements
2018-10-25 16:35:17 +02:00
brv phoenix ed9514e93e aria2: fixed the spelling for rpc-passwd and rpc-user.
Signed-off-by: brv phoenix <feixuekaka1@gmail.com>
2018-10-25 21:11:43 +08:00
Eric Luehrsen 04f4ab9b92 unbound: fix odhcpd link and axfr zone scripts
- fix AXFR zones to delay a potentially large download with ntp-hotplug
- fix odhcpd link script to properly delete expired lease data from DNS

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
2018-10-24 21:11:45 -04:00
Daniel Golle 0b548cb73d gnunet: adapt uci-defaults to renamed namestore-flat -> -heap
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-10-25 00:55:18 +02:00
Florian Eckert 8b28ab282b net/mwan3: update version to 2.7.5
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-23 15:18:45 +02:00
Florian Eckert be91e71805 net/mwan3: add online_metric for local_source none
If we set the option "local_source" in the globals mwan3 section to "none",
traffic generated by the router it self will always use the default route from
the wan interface with the lowest metric. If this interface is down
the router traffic still uses the connection with the lowest metric but
this is disconnected. Load balancing and failover from the lan site is
still possible. Only router generated traffic is not load balanced and
could not use failover.

To solve this issue with router initiated traffic add the additional
option "online_metric" to the mwan3 interface section.

If the interface is connected then this lower "online metric" is set in the
default routing table.

With this change we have at least a failover with router initiated
traffic.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-23 15:00:11 +02:00