Commit Graph

4026 Commits

Author SHA1 Message Date
Josef Schlehofer 8b23a429bb unbound: update to version 1.10.1
Fixes:
CVE-2020-12662
CVE-2020-12663

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-05-19 11:50:58 +02:00
Eric Luehrsen eab86cd2ce unbound: update to 1.10.0
cherry-pick: f779ef48cd
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
2020-05-10 23:55:28 -04:00
Stan Grishin 1c2ac45a22 vpnbypass: bugfix: remove non-ASCII from system log; update README
Signed-off-by: Stan Grishin <stangri@melmac.net>
2020-05-02 22:35:55 +00:00
yurtesen baacda1b4a mwan3: Fix json_load fails with some data
Sometimes the return value of `ubus -S call network.interface.wan status`
cause `json_load` to return `Failed to parse message data` error.

To avoid this, the JSON data always should be quoted with double quotes.

Signed-off-by: Evren Yurtesen <eyurtese@abo.fi>
Removed quoatation marks from commit heading
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 94e0c78826)
2020-04-28 10:21:14 +02:00
Stan Grishin 7ed5c9364b simple-adblock: bugfix: start downloads on cold boot
Signed-off-by: Stan Grishin <stangri@melmac.net>
2020-04-22 17:46:23 +00:00
Josef Schlehofer fc93a4f126 git: update to version 2.20.4
Fixes CVE-2020-11008

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-04-21 08:11:54 +02:00
Josef Schlehofer 3b55acda90 Merge pull request #11857 from BKPepe/18.06-git
[18.06] git: update to version 2.20.3
2020-04-21 07:22:14 +02:00
Yousong Zhou a62e54af3e acme: depends on wget-ssl
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit d917d662ae)
2020-04-18 23:46:09 +08:00
Yousong Zhou 7d1f138c23 wget: make the ssl variant provides wget-ssl
This is to address the need for specifying dependency on a wget
implementation with ssl support.

Now we have a game of names for opkg

 1. uclient-fetch: minimal version by openwrt project
 2. wget-nossl: gnu wget w/o ssl support
 3. wget-ssl: for the moment since this commit, gnu wget w/ ssl support
 4. wget: uclient-fetch, wget-nossl, or wget-ssl
 5. gnu-wget: wget-nossl or wget-ssl

By the time we provide some dummy package like uclient-fetch-ssl and
make it also provide wget-ssl, I guess by then we will also need
gnu-wget-ssl...

Ref: https://github.com/openwrt/packages/issues/11534
Ref: https://github.com/openwrt/packages/pull/9941
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 585e4a38fe &
resolved conflict)
2020-04-18 23:45:35 +08:00
Karel Kočí b075784431 wget: do not provide itself
The package wget should not say that it provides itself.

This also make gnu-wget provide general so it is not written in Makefile
twice.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 75f2be7d50 &
resolved conflict)
2020-04-18 23:44:20 +08:00
Josef Schlehofer 4a4c793272 git: update to version 2.20.3
Fixes CVE-2020-5260

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-04-15 17:18:25 +02:00
Jo-Philipp Wich a0fe9eeab1 nlbwmon: update to latest Git HEAD
34a1887 nfnetlink: disable sequence number checking

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 53c48fae15)
2020-04-11 23:24:42 +02:00
Stan Grishin a0a779faf6 https-dns-proxy: bugfix: memory leak
Signed-off-by: Stan Grishin <stangri@melmac.net>
2020-04-11 00:25:39 +00:00
Jo-Philipp Wich e8cf2e60ae nlbwmon: update to latest Git HEAD
e757e06 nfnetlink: allow specifying the socket buffer size
33c77cb nfnetlink: properly handle nl_recvmsgs() failures
95cced5 protocol: Include whitespace when reading names

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d81d777a0f)
2020-04-11 00:33:10 +02:00
DENG Qingfang 8696b34992 nlbwmon: bump to latest git
e921ca0a Add further commonly used protocols to the protocol file.

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 5e140462e4)
2020-04-11 00:33:10 +02:00
Richard Yu c66a3cf7ce nlbwmon: add procd reload trigger for nlbwmon config
Signed-off-by: Richard Yu <yurichard3839@gmail.com>
(cherry picked from commit d551758310)
2020-04-11 00:33:09 +02:00
Kevin Darbyshire-Bryant 28d6dc944e nlbwmon: receive dhcp interface triggers
Not all interfaces may have been allocated address at nlbwmon startup so
it may not collect statistics as expected/configured.

Add interface triggers to catch dhcp events and restart as required.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 662d3f16d2)
2020-04-11 00:33:09 +02:00
Marc Benoit 6a642a6073 net/nlbwmon: run with lower priority
Even on a powerful platform a nlbwmon process'
activities are sometimes affecting throoughput and
latency. This is a backgroud process, that should not
be running with default priority.
Even if it is a little deplayed, that is not a worry in
this case. The routing should be the main priority,
bandwidth stats collection can wait a bit.

Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
(cherry picked from commit 9b3ecbd64a)
2020-04-11 00:33:09 +02:00
Stan Grishin 6787a9bfd2 simple-adblock: bugfixes: remove escape chars from log, restore from cache on boot
Signed-off-by: Stan Grishin <stangri@melmac.net>
2020-04-07 21:55:51 +00:00
Christian Lachner 0db9f894de haproxy: Update HAProxy to v1.8.25
- Update haproxy download URL and hash
- This fixes CVE-2020-11100 (http://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=525fbbe388ba033d638ff2a4efb83ae6526db5ab)

Signed-off-by: Christian Lachner <gladiac@gmail.com>
2020-04-03 09:24:53 +02:00
Stan Grishin 2c1a3aaf5a simple-adblock: support multiple dnsmasq instances; rework communication between principal package and luci app
Signed-off-by: Stan Grishin <stangri@melmac.net>
2020-03-29 05:13:29 +00:00
Stan Grishin 6b290744db https-dns-proxy: support for dnsmasq noresolv option
Signed-off-by: Stan Grishin <stangri@melmac.net>
2020-03-20 21:22:49 +00:00
Yousong Zhou f5ae75cf0b openvswitch: fix PIE build against 4.14 kernel
Reported-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/pull/11567
(cherry picked from commit e9d6414437)
2020-03-16 15:32:11 +08:00
Yousong Zhou f3df27f6f6 xl2tpd: fix building failure caused by pfc
Fixes openwrt/packages#10270

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 0412c20f1b)
2020-02-25 11:57:26 +08:00
Yousong Zhou a0f2911918 xl2tpd: bump to version 1.3.15
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Ref: https://github.com/openwrt/packages/issues/11418
(cherry picked from commit 620ba386b4)
2020-02-25 11:57:26 +08:00
Rosen Penev ddfa4cddca i2pd: move chmod command
Similar change to upstream.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-02-04 18:50:35 -08:00
David Yang 87a7ec7257 i2pd: Move DATADIR to /var/lib/i2pd, fix #5693
Original author: dartraiden <wowemuh@gmail.com>

Signed-off-by: David Yang <mmyangfl@gmail.com>
2020-02-04 18:44:34 -08:00
Kwonjin Jeong 925068d4f8 ddns-scripts: Change protocols of afraid.org urls to HTTPS.
- Use HTTPS protocol for updating urls for afraid.org to protect the password.
- Bump/align package version number.

Signed-off-by: Kwonjin Jeong <gram25gwh@gmail.com>
(cherry-picked from e25b558999)
2020-01-27 21:44:34 -08:00
Stan Grishin 8da1c41104 https-dns-proxy: fix deleting server items, configurable dnsmasq settings change
Signed-off-by: Stan Grishin <stangri@melmac.net>
2020-01-25 21:15:13 -07:00
Rosen Penev 9e1fcfa6eb Merge pull request #9795 from LoEE/jpc/git-macos-cross
[18.06]git: fix cross compilation on macOS
2020-01-25 15:25:00 -08:00
Josef Schlehofer ba934d1fbd zerotier: add /etc/config/zerotier as configuration file
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-01-22 12:46:54 +01:00
Rosen Penev 36611df05c transmission: sync with master
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-10 18:11:03 -08:00
Josef Schlehofer 7f96b4e2c2 git: Update to version 2.16.6 (security fix)
Fixes CVEs:
CVE-2018-17456
CVE-2019-1348
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1353
CVE-2019-1354
CVE-2019-1387

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-01-01 13:03:34 +01:00
tripolar 8304a768cb Merge pull request #10858 from BKPepe/wget-18.06
[OpenWrt 18.06] wget: fix CVE-2019-5953
2019-12-30 14:03:47 +01:00
Eric Luehrsen c791ba8f5b unbound: update to 1.9.6
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
2019-12-28 09:22:48 -05:00
Rosen Penev 6e079e91ce Merge pull request #10763 from leonghui/wiki-link-update-18.06
[18.06] treewide: replace old wiki links
2019-12-22 21:44:56 -08:00
Josef Schlehofer 49b5fc001f bind: Update to version 9.11.14
Add patch to fix compile issue:
stats.c: In function 'setcounter':
stats.c:300:29: error: 'val' undeclared (first use in this function); did you mean 'value'?
  stats->counters[counter] = val;
                             ^~~
                             value

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-12-21 15:56:20 -08:00
Josef Schlehofer 8fe26c9855 wget: fix CVE-2019-5953
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-12-21 19:57:41 +01:00
Rosen Penev 102c621fc7 Merge pull request #10846 from cshoredaniel/pr-18.06-fix-nut-cgi-initscript
nut: Fix NUT CGI startup script
2019-12-21 07:02:17 -08:00
Daniel F. Dickinson 45c95e8629 nut: Fix NUT CGI startup script
Commit c1aa1f784c which backported
a number of fixes from master, missed one fix for nut-cgi.  If
nut-cgi is installed standalone or nut-cgi starts before nut-server
(the default in 18.04.5) then the configuration file directory does
not get create and therefore there is no CGI configuration file.
This commit fixes that.

Closes: #10687

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-12-21 05:30:40 -05:00
Stan Grishin 0369174652 https-dns-proxy: switch to https-dns-proxy package name
Signed-off-by: Stan Grishin <stangri@melmac.net>
2019-12-17 14:48:56 -07:00
Leong Hui Wong 0a3b6465f6 treewide: update wiki links
Signed-off-by: Leong Hui Wong <wong.leonghui@gmail.com>
2019-12-14 15:31:54 +08:00
Christian Lachner bc37a31b16 haproxy: Update HAProxy to v1.8.23
- Update haproxy download URL and hash
- This fixes CVE-2019-19330 (See: https://nvd.nist.gov/vuln/detail/CVE-2019-19330)

Signed-off-by: Christian Lachner <gladiac@gmail.com>
2019-11-29 14:01:50 +01:00
Daniel Golle fff2e26a9b transmission: sync with master branch
Fixes to init-script were not cherry-picked properly, sync it with
version found in master branch.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry-picked from a79d6df674)
2019-11-28 16:16:21 -08:00
Jan Pavlinec 2986916b81 tor: update to version 4.1.6
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
2019-11-28 22:27:56 +01:00
Rosen Penev 8ef82e9621 transmission: Disable webseeding
It causes 100% CPU usage in certain situations. Just disable it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 6d9ee2ec86)
2019-11-24 19:15:04 -08:00
Rosen Penev bd8b4df19d transmission: Fix tracker issue with some firewalls
Some firewalls mandate a minimum size of 4k for SYN packets, which
transmission does not do by default. Upstream issue here:

https://github.com/transmission/transmission/issues/964

Cleanup:

Fixed license info.

Removed two unnecessary patches.

Ran shell script through shellcheck.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 730a1697fe)
2019-11-24 19:14:28 -08:00
Jan Pavlinec d0726f1f2b bind: update to version 9.11.13 (security fix)
Fixes CVE-2019-6477

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
2019-11-21 16:14:05 +01:00
Josef Schlehofer 04a8496b7f unbound: Update to version 1.9.5
Fixes CVE-2019-18934

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-11-20 00:09:04 +01:00
Rosen Penev f496ed58d3 Merge pull request #9671 from BKPepe/clamav1806
[OpenWrt 18.06] clamav: update to version 0.100.3
2019-11-09 18:52:17 -08:00