Commit Graph

11013 Commits

Author SHA1 Message Date
Rosen Penev b60caa4940 Merge pull request #10120 from BKPepe/youtubedl-1806
[OpenWrt 18.06] youtube-dl: Update to version 2019.9.28
2019-10-02 12:05:53 -07:00
Hannu Nyman 2d822fb624 haveged: convert to procd
Convert haveged init script to use procd

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 4f717a6f65)
2019-10-01 23:18:46 +03:00
Hannu Nyman 4fe703393b haveged: update to 1.9.8
Update haveged to 1.9.8

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit e5b308308b)
2019-10-01 22:11:11 +03:00
Josef Schlehofer 36919e51f4 youtube-dl: Update to version 2019.9.28
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-30 23:23:16 +02:00
Rosen Penev 00133e1e07 Merge pull request #10118 from BKPepe/libgcrypt-1806
[OpenWrt 18.06] libgcrypt: backport fix for CVE-2019-13627
2019-09-30 13:30:46 -07:00
Josef Schlehofer 126cdd7c6b python3: fix CVE-2019-16056 and delete two patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-30 17:23:40 +02:00
Josef Schlehofer 0d9eeca453 python3: backport three security patches
Fixes: CVE-2019-16935

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from commit 80def9e)
2019-09-30 10:03:35 +02:00
Josef Schlehofer c64a4e86c3 Merge pull request #9893 from BKPepe/bind-18.06
[OpenWrt 18.06] bind: update to version 9.11.10
2019-09-28 11:52:27 +02:00
Rosen Penev d98310a3fb Merge pull request #9798 from ja-pa/zmq-security-fix-18.06
[OpenWrt 18.06] zeromq: update to version 4.1.7 (security fix)
2019-09-27 12:24:47 -07:00
Karl Palsson 03fb174ec7 net/mosquitto: bump to 1.5.9 for CVE
Fixes CVE-2019-11779
Release notes at https://mosquitto.org/blog/2019/09/version-1-6-6-released/

Signed-off-by: Karl Palsson <karlp@etactica.com>
2019-09-27 13:31:27 +00:00
Rosen Penev 8eca9c9164 python-crypto: Fix two CVEs
CVE-2013-7459 and CVE-2018-6594. Both patches taken from Fedora.

Also took the liberty to update the PKG_SOURCE_URL to a standard one.

Updated the home URL as well.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 32b23e28ad)
2019-09-26 19:42:54 -07:00
Josef Schlehofer 7ec22baf1e libgcrypt: backport fix for CVE-2019-13627
Refresh patches due to offsets

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-26 20:27:57 +02:00
Hannu Nyman 6305d09b1a Merge pull request #10063 from stangri/18.06-simple-adblock
[18.06] simple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README
2019-09-25 19:13:10 +03:00
Stan Grishin fb43709a64 simple-adblock: dnsmasq.ipset option support, better handling of IDNs, updated README
Signed-off-by: Stan Grishin <stangri@melmac.net>
2019-09-24 09:11:57 -07:00
Josef Schlehofer 9265be5448 zmq: fix CVE-2019-13132
- Use HTTPS in their website
- Remove unnecessary space between PKG_SOURCE_URL

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
2019-09-24 14:18:05 +02:00
Rosen Penev 29cd578d62 Merge pull request #10041 from neheb/djj
[18.06]django: Update to 1.8.19
2019-09-20 13:07:47 -07:00
Rosen Penev f292062517 django: Update to 1.8.19
Fixes:

CVE-2018-7536
CVE-2018-7537

Switches to pypi, as in upstream. Updated maintainer as well.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-09-20 11:45:45 -07:00
W. Michael Petullo f587f31ad5 lighttpd: mark module configuration files
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry-picked from 9cf412c0cb)
2019-09-11 10:50:45 +02:00
Josef Schlehofer 19879284af dovecot: Update to version 2.2.36.4
- Fix CVE-2019-11500
- Download tarball from HTTPS instead of HTTP

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-09 08:10:47 +02:00
Josef Schlehofer 8f42d4b714 wget: fix CVE-2018-20483
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-06 19:58:33 +02:00
Matthias Schiffer f6e7b56a58 fastd: fix init script for multiple VPN instances
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit b7ff8b8087)
2019-09-04 22:51:10 +02:00
Hannu Nyman 06cc48c49b haveged: update to 1.9.6
Update haveged to 1.9.6

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit c933ac5dcb)
2019-09-02 21:02:17 +03:00
Florian Eckert 6014389c55 Merge pull request #9894 from BKPepe/keepalived-18.06
[OpenWrt 18.06] keepalived: Update to version 1.4.5
2019-09-02 09:27:24 +02:00
Rosen Penev 7a7820fb15 Merge pull request #9904 from RussellSenior/my-18.06
patch: cherry pick CVE fixes to 18.06 branch
2019-09-02 00:13:59 -07:00
Russell Senior 18f9e437ce patch: rename CVE-2019-13638 patch to mollify uscan
Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-09-01 23:39:22 -07:00
Russell Senior abe523c579 patch: apply upstream patch for CVE-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style
diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-09-01 23:39:22 -07:00
Russell Senior a3d8698e35 tools/patch: apply upstream patch for CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

https://nvd.nist.gov/vuln/detail/CVE-2019-13636

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-09-01 23:39:22 -07:00
DENG Qingfang ebb9b3f172 exfat-nofuse: drop BUILD_PATENTED
Microsoft has published technical specification for exFAT [1]
and the driver has been added to Linux staging tree [2].

It's now safe to drop BUILD_PATENTED label.

[1] https://docs.microsoft.com/windows/win32/fileio/exfat-specification
[2] http://lkml.iu.edu/hypermail/linux/kernel/1908.3/04254.html

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry-picked from commit 4c9d0c7b56)
2019-09-02 01:49:54 +00:00
Josef Schlehofer 2d9a3eff47 keepalived: add patch for CVE-2018-19115
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-01 17:42:25 +02:00
Josef Schlehofer e4508a3518 keepalived: Update to version 1.4.5
- Use HTTPS for PKG_SOURCE_URL and as well for URL in description

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-01 17:42:25 +02:00
Josef Schlehofer e0af45ff79 bind: Update to version 9.11.10
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-01 17:01:50 +02:00
Josef Schlehofer 6d8293801e lighttpd: fix CVE-2018-19052
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-01 13:15:34 +02:00
Rosen Penev 55dcffd7fd Merge pull request #9841 from cshoredaniel/pr-18.06-nut-targetted
[18.06] Targeted fixes based on 19.07/master
2019-08-30 10:13:47 -07:00
Josef Schlehofer bdddb2127f Merge pull request #9703 from BKPepe/squid-18.06
[OpenWrt 18.06] squid: update to version 3.5.28
2019-08-29 23:40:33 +02:00
Hannu Nyman e45c2f206c Merge pull request #9814 from guidosarducci/speedtest-18.06
[18.06] speedtest-netperf: backport stable package from 19.07 and master
2019-08-29 20:41:04 +03:00
Rosen Penev f01e4171db Merge pull request #9777 from BKPepe/tar_1806
[OpenWrt 18.06] tar: update to version 1.3.2
2019-08-27 18:55:27 -07:00
Rosen Penev 85b1ca7fb1 Merge pull request #9821 from cotequeiroz/vim_host
[18.06] vim: Add host build to install xxd
2019-08-27 11:31:22 -07:00
Daniel F. Dickinson c1aa1f784c nut: Bump PKG_RELEASE
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-27 01:22:41 -04:00
Daniel F. Dickinson 361e6aaaab nut: Handle FSD properly
Make sure we force shutdown of UPS only when we should, and when
we should that shutdown happens.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-27 00:56:42 -04:00
Daniel F. Dickinson a2ab989c12 nut: Fix init actions (server/driver)
The server and driver were not starting/restarting reliably. In
addition on interface changes NUT got very confused.  So we fix
handling of restarts and add a reload trigger for interface
changes.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-27 00:53:42 -04:00
Daniel F. Dickinson ef0bd01409 nut: Fix extra diver params config
Extra parameters for the UPS driver were not being handled correctly.
Fix that (was wrong variable name).

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-27 00:49:46 -04:00
Daniel F. Dickinson 77519cd204 nut: Fix permissions with runas
Fix directory and conf file creation and owner/mode setting
for when running as non-root.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-27 00:47:16 -04:00
Daniel F. Dickinson e976846521 nut: Fix statepath handling
The statepath was getting the wrong permission and/or not created
at the right time.  This commit includes fixes for handling the
statepath (typically /var/run/nut).

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-27 00:47:16 -04:00
Daniel F. Dickinson 5f69f9a065 nut: Fix unset of runas user (ups server)
Running as non-root was failing due to misplace local keyword
causing runas to be unset from calling value.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-27 00:46:51 -04:00
Daniel F. Dickinson ccdec71b5c nut: Fix bad check for conf exists
We were `cat`ing the file instead of just checking for non-empty
existance.  Fix that.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-26 23:48:49 -04:00
Daniel F. Dickinson c963f0c297 nut: Fix upsmon init actions
1) For upsmon start and stop were at wrong position in rc.d
2) Stop needs more than just killing the procd instead but rather
needs a  stop command to be issued.
3) Interface up/down was causing not to enter a crashloop (we fix this
with procd trigger on interface changes).

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-26 23:43:16 -04:00
Daniel F. Dickinson d06bd2d7e3 nut: Fix unset of runas user (upsmon)
Running as non-root was failing due to misplace local keyword
causing runas to be unset from calling value.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-26 23:38:10 -04:00
Daniel F. Dickinson 020dfd4541 nut: Remove unecessary libwrap dependency
CONFIG_ARGS has --without-wrap so libwrap as a dependency is
extraneous as it is not actually used.

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
2019-08-26 23:18:05 -04:00
Hannu Nyman 7fe013ce7b nano: update to 4.4
Update nano editor to 4.4

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit d9347059a8)
2019-08-25 20:42:42 +03:00
Rosen Penev f50edf52d3 ttyd: Add dependency for vim
Needed to avoid error in case xxd is not installed:

[ 16%] Generating html.h from index.html
/bin/sh: 1: CMAKE_XXD-NOTFOUND: not found
CMakeFiles/ttyd.dir/build.make:61: recipe for target 'html.h' failed
make[6]: *** [html.h] Error 127

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 773c19afad)
2019-08-24 15:51:36 -03:00