cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-06-22 21:30:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,926 Commits 8 Branches 1 Tag
3abe9d0aef088cc8e1620c9a36d41dfc60cdea09
Commit Graph

16926 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stan Grishin 3abe9d0aef vpn-policy-routing: bugfix: netflix user file missing redirect 
Signed-off-by: Stan Grishin <stangri@melmac.net>
 2021-02-26 22:03:41 +00:00
Rosen Penev a4372ab6fb Merge pull request #14903 from stangri/19.07-vpn-policy-routing 
[19.07] vpn-policy-routing: update user netflix file
 2021-02-25 21:12:28 -08:00
Stan Grishin 904d911c55 vpn-policy-routing: update user netflix file 
Signed-off-by: Stan Grishin <stangri@melmac.net>
 2021-02-26 02:16:44 +00:00
Hannu Nyman 2666b3d00d nano: update to version 5.6 
Upgrade nano to version 5.6

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit dffdfe4ac8)
 2021-02-25 16:58:50 +02:00
Rosen Penev 4ed9be1987 Merge pull request #14888 from stangri/19.07-vpn-policy-routing 
[19.07] vpn-policy-routing: custom user scripts improvements
 2021-02-24 16:53:41 -08:00
Stan Grishin 7d26130b33 vpn-policy-routing: custom user scripts improvements 
Signed-off-by: Stan Grishin <stangri@melmac.net>
 2021-02-24 19:44:10 +00:00
Jan Hak 7d9d8616cf libedit: update to version 20210216-3.1 
Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit fd7f43ae46)
 2021-02-24 10:20:48 +01:00
Jan Hák ca01f389de libedit: update to version 20193112-3.1 
Signed-off-by: Jan Hák <jhak@jhak.nic.cz>
(cherry picked from commit 58a5c548eb)
 2021-02-24 10:20:41 +01:00
Dirk Brenken 8550232147 adblock: update blocklist sources 
* change adguard url
* remove malwaredomains (discontinued)

Signed-off-by: Dirk Brenken <dev@brenken.org>
 2021-02-23 15:46:43 +01:00
Rosen Penev 04f8ded56d Merge pull request #14869 from stangri/19.07-vpn-policy-routing 
[19.07] vpn-policy-routing: update to version 0.3
 2021-02-23 05:12:03 -08:00
Jan Hak 39f3941cd4 knot: update to version 3.0.4 
Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit 341fffb8dd)
 2021-02-23 12:25:02 +01:00
Jan Hak 1662ca26ba knot: update to 3.0.3 
Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit 5cd9378653)
 2021-02-23 12:24:57 +01:00
Jan Hák 9389a5dd1f knot: disable embedded xdp 
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit 1f9d6fbb26)
 2021-02-23 12:24:52 +01:00
Jan Hák 7619ff0dfc knot: update to 3.0.2 
Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit a54828926d)
 2021-02-23 12:24:47 +01:00
Daniel Salzman 5ddcc2e050 knot: disable libnghttp2 autodetection 
Signed-off-by: Daniel Salzman <daniel.salzman@nic.cz>
(cherry picked from commit 67e3c594de)
 2021-02-23 12:24:43 +01:00
Jan Hak fb103be86b knot: update to version 3.0.1 
definition of PSELECT_COMPAT could be removed many years ago, is no longer needed

Signed-off-by: Jan Hak <jan.hak@nic.cz>
(cherry picked from commit 4069bb1e72)
 2021-02-23 12:24:38 +01:00
Josef Schlehofer 523011bf49 screen: backport fix for CVE-2021-26937 
Security reports:
- https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html
This issue can be reproduced even on OpenWrt
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982435

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit c250298fa3)
 2021-02-23 06:11:38 -05:00
Josef Schlehofer 8e1b62d4bb openvswitch: update to version 2.11.6 (security fix) 
Fixes CVEs:
- CVE-2020-35498
- In DPDK: CVE-2015-8011 and CVE-2020-27827
- In LLDP: CVE-2019-14818, CVE-2020-10722, CVE-2020-10723 and CVE-2020-10724

Removed patches:
- 0001-compat-Include-confirm_neigh-parameter-if-needed.patch because they
are included in this release as it was backported
- 0010-acinclude-Fix-build-with-kernels-with-prandom-moved-.patch
included in this release as it was backported

Other patches were refreshed.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
 2021-02-23 17:14:37 +08:00
Stan Grishin 5e24f6db6d vpn-policy-routing: update to version 0.3 
Signed-off-by: Stan Grishin <stangri@melmac.net>
 2021-02-23 01:20:14 +00:00
Rosen Penev 3be5d565cf Merge pull request #14710 from stangri/19.07-https-dns-proxy 
[19.07] https-dns-proxy: support for force DNS/DNS hijacking
 2021-02-22 16:27:00 -08:00
Josef Schlehofer 0d0e4b96b4 netdata: update to version 1.29.2 
Release notes:
https://github.com/netdata/netdata/releases/tag/v1.29.2

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit e8021bf14d)
 2021-02-22 19:53:46 +01:00
Josef Schlehofer 2980cb8dbb netdata: update to version 1.29.1 
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit d0736d5e73)
 2021-02-22 19:53:41 +01:00
Josef Schlehofer da74b6448f Merge pull request #14845 from jefferyto/python-3.7.10-openwrt-19.07 
[openwrt-19.07] python3: Update to 3.7.10, refresh patches
 2021-02-22 18:46:34 +01:00
Jeffery To f05ba1bbca python3: Update to 3.7.10, refresh patches 
Includes fixes for:
* CVE-2021-3177 - ctypes: Buffer overflow in PyCArg_repr
* CVE-2021-23336 - urllib parse_qsl(): Web cache poisoning - semicolon
  as a query args separator

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2021-02-22 21:05:28 +08:00
Moritz Warning 7be89f1f34 zerotier: bump to 1.6.4 
Signed-off-by: Moritz Warning <moritzwarning@web.de>
 2021-02-21 08:48:36 +01:00
Rosen Penev d5e0fd68d9 Merge pull request #14785 from nmeyerhans/openwrt-19.07+bind-9.16.12 
bind: bump to 9.16.12
 2021-02-18 17:10:31 -08:00
Noah Meyerhans fcf72948ae bind: bump to 9.16.12 
Includes fix for security issues:

* CVE-2020-8625: BIND servers are vulnerable if they are running an
  affected version and are configured to use GSS-TSIG features.

Disable backtrace functionality, as it is unreliable across
architectures and generally only supported by upstream on amd64

Remove a patch that has been incorporated upstream

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
 2021-02-18 15:46:39 -08:00
Rosen Penev 9395507160 Merge pull request #14778 from BKPepe/ksmbd-19.07-drop-arc4-dependency 
ksmbd: remove kmod-crypto-arc4 dependency
 2021-02-17 12:58:29 -08:00
Josef Schlehofer feb1a188e5 ksmbd: remove kmod-crypto-arc4 dependency 
This kernel module is already set for target/linux/generic/config-4.14
in OpenWrt 19.07 branch. This solves a problem that this package can not
be installed on the router:

 * satisfy_dependencies_for: Cannot satisfy the following dependencies for kmod-fs-ksmbd:
 * 	kmod-crypto-arc4
 * opkg_install_cmd: Cannot install package kmod-fs-ksmbd.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
 2021-02-17 20:32:55 +01:00
Hauke Mehrtens 90af10d015 Merge pull request #14647 from neheb/k9 
[19.07] ksmbd(-tools): update to 3.3.4
 2021-02-16 22:26:50 +00:00
Rosen Penev f1459a2856 Merge pull request #14714 from 1715173329/ttyd-bp 
[19.07] ttyd: force enable authentication for login
 2021-02-14 16:06:57 -08:00
John Audia 2f7026e65c htop: update to 3.0.5-1 
Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit 476f70e9a0)
 2021-02-14 20:05:44 +02:00
Josef Schlehofer ad186135ac python-paho-mqtt: Update to version 1.5.0 
Try to fix license according to SPDX.
Add PKG_LICENSE_FILES.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit f8e36f9fd6)
[use pypi.mk for Python package]
 2021-02-12 16:12:19 +01:00
Philip Prindeville 9b248e0448 Merge pull request #14715 from pprindeville/isc-dhcp-stable-fix-coredump 
isc-dhcp: seeing crashes when attempting to update dynamic dns
 2021-02-10 12:34:19 -07:00
Philip Prindeville 3f0dbcdae1 isc-dhcp: seeing crashes when attempting to update dynamic dns 
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
 2021-02-10 12:00:53 -07:00
Tianling Shen 95fa96bda2 ttyd: force enable authentication for login 
Currently, we called `/usr/libexec/login.sh` as login command, but unfortunately the auth
is disabled by default in it[1], and this is really serious as it could be a free "backdoor"
for any spoiler who has conntectd to the router via LAN or wireless.

In my option, it shouldn't be exposed to anyone without auth, so I set the default login
command to `/bin/login`. And for those who really want that, they can do it themselves.

1. `login.sh` adjusts whether use authentication or not from system config named ttylogin,
which is set to disabled by default. See package/base-files/files/bin/config_generate#L243.

Signed-off-by: Tianling Shen <cnsztl@project-openwrt.eu.org>

Backported from f45bb2981d
 2021-02-10 19:20:09 +08:00
Stan Grishin 1a4184c076 https-dns-proxy: support for force DNS/DNS hijacking 
Signed-off-by: Stan Grishin <stangri@melmac.net>
 2021-02-10 05:59:24 +00:00
Karl Palsson b1fec2b7b5 mosquitto: bump to 1.6.13 
Includes various fixes: (2.0.7 + 1.6.13 dual release)
https://mosquitto.org/blog/2021/02/version-2-0-7-released/

Signed-off-by: Karl Palsson <karlp@etactica.com>
 2021-02-08 15:20:53 +00:00
Rosen Penev d2daab3d33 Merge pull request #14681 from jonathanunderwood/openwrt-19.07-getdns-no-static-linking 
[19.07] getdns: disable static linking of getdns utilities
 2021-02-07 15:19:51 -08:00
Jonathan G. Underwood 5954e5695b getdns: disable static linking of getdns utilities 
This fixes issue #13361.

Signed-off-by: Jonathan G. Underwood <jonathan.underwood@gmail.com>
 2021-02-07 14:42:38 +00:00
Rosen Penev 89d14ff29c Merge pull request #14670 from jonathanunderwood/openwrt-19.07-cherry-pick 
[19.07] getdns: cherry pick recent fixes from master
 2021-02-06 14:34:29 -08:00
Rosen Penev 63db81b46e Merge pull request #14677 from mwarning/zt2 
zerotier: update to 1.6.3
 2021-02-06 14:33:43 -08:00
Moritz Warning db69f0b57c zerotier: update to 1.6.3 
Signed-off-by: Moritz Warning <moritzwarning@web.de>
 2021-02-06 22:06:37 +01:00
Harris K Kusuma 1cec6bcfa1 getdns: Fix TLS V1.3 Ciphersuites option in Stubby 
Description :
Fix typo in CMAKE getdns included files, so Stubby can use TLS v1.3 with chipersuites options ON.

This solve issue that's written in here :
https://github.com/getdnsapi/stubby/issues/240
https://github.com/getdnsapi/stubby/issues/257

Signed-off-by: Harris K Kusuma <igharris.kk@gmail.com>
 2021-02-06 12:02:26 +00:00
Rosen Penev d7b42dcaa4 getdns: fix compilation without deprecated OpenSSL APIs 
Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2021-02-06 12:02:16 +00:00
Rosen Penev dbc66a08f3 ksmbd: update to 3.3.4 
Manually added from master.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2021-02-04 00:23:59 -08:00
Rosen Penev 86c8807120 ksmbd-tools: update to 3.3.4 
Manually updated.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2021-02-03 17:26:48 -08:00
Rosen Penev 2888560b93 Merge pull request #14632 from stangri/19.07-simple-adblock 
[19.07] simple-adblock: remove dependency on jsonfilter & old code
 2021-02-02 19:40:16 -08:00
Stan Grishin cf79695645 simple-adblock: remove dependency on jsonfilter & old code 
Signed-off-by: Stan Grishin <stangri@melmac.net>
 2021-02-02 22:11:20 +00:00
Josef Schlehofer bee91a9d88 sudo: backport patches for CVE-2021-3156 
This security vulnerability is known as Baron Samedit [1] and there is a
research by Qualys [2] and they discovered it. Unfortunately or
fortunately, there isn't present sudoedit on OpenWrt.

Two patches were applied cleanly and the other two required manual
intervention. Those were backported from version 1.9.5p2

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
[2] https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
 2021-01-28 10:09:00 -10:00