Hirokazu MORIKAWA
aaa46eb44e
libuv: fix CVE-2021-22918
idna: fix OOB read in punycode decoder
libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii()
function which is used to convert strings to ASCII. This is called by
the DNS resolution function and can lead to information disclosures or
crashes.
b7466e31e4
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990561
https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
3 years ago
Daniel Golle
194e7f0286
uvol: fix units with lvm backend
Free and total bytes are now properly returned as bytes by LVM2 as
requested. No longer multiply values.
Fix parameter order of 'create' command in usage output while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years ago
Michael Heimpold
42aa15b653
Merge pull request #16038 from mhei/php7-update
php7: update to 7.4.21
3 years ago
Michael Heimpold
7984c71bdd
Merge pull request #16037 from mhei/php8-update
php8: update to 8.0.8
3 years ago
Rosen Penev
6dee6ce5a6
Merge pull request #16043 from commodo/pillow
pillow: bump to version 8.3.0
3 years ago
Rosen Penev
1315dc6fa7
Merge pull request #16041 from commodo/django-bump
django: bump to version 3.2.5
3 years ago
Alexandru Ardelean
4361d88892
pillow: bump to version 8.3.0
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years ago
Alexandru Ardelean
d3a64a36e9
django: bump to version 3.2.5
Several bug-fixes.
Fix CVE-2021-35042
Release notes:
https://docs.djangoproject.com/en/3.2/releases/3.2.5/
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years ago
Michael Heimpold
7ddd5280d4
php8: update to 8.0.8
This fixes:
- CVE-2021-21704
- CVE-2021-21705
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
3 years ago
Michael Heimpold
f15aba89f7
php7: update to 7.4.21
This fixes:
- CVE-2021-21704
- CVE-2021-21705
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
3 years ago
Rosen Penev
f39a2bc32f
Merge pull request #16012 from commodo/python-dateutil
python-dateutil: add setuptools-scm build dep
3 years ago
Rosen Penev
4b6ad9fd0f
Merge pull request #16025 from rs/nextdns-1.34.2-master
nextdns: Update to version 1.34.2
3 years ago
Michael Heimpold
20c884bbd5
libzip: fix typo in patch ( fixes #15992 )
This prevented expansion of libdir in pkgconfig.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
3 years ago
Olivier Poitrey
687b9b4917
nextdns: Update to version 1.34.2
Signed-off-by: Olivier Poitrey <rs@nextdns.io>
3 years ago
Alexandru Ardelean
e2026346cc
python-dateutil: add setuptools-scm build dep
Following:
https://github.com/openwrt/packages/pull/16004
https://github.com/openwrt/packages/pull/15995
https://github.com/openwrt/packages/issues/15988
It seems that dateutil requires setuptools-scm to be installed.
As such, this is being added as a dependency.
Also, bump setuptools-scm to version 6.0.1
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3 years ago
Philip Prindeville
57a23bfde3
Merge pull request #16010 from pprindeville/strongswan-simplify-stroke-install
strongswan: trivial improvement in 'stroke' packaging
3 years ago
Michael Heimpold
d452429a56
Merge pull request #14716 from mhei/libgpiod-update
libgpiod: update to 1.6.3
3 years ago
Philip Prindeville
40d30f123d
strongswan: trivial improvement in 'stroke' packaging
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years ago
Rosen Penev
af9a4036c0
Merge pull request #16003 from zorun/tessdata_speed_build
tessdata: uncompress tarball only once to speed up builds
3 years ago
Baptiste Jonglez
7fe513971f
tessdata: uncompress tarball only once to speed up builds
The previous approach was to uncompress N times a big tarball (638 MB)
where N=130 is the number of supported languages. Each iteration would
only extract a single file, but it still needs to uncompress the whole
tarball. This is of course completely inefficient.
Now, we uncompress the tarball only once to extract all relevant files,
and then iterate N times to copy the file needed for each language.
This massively speeds up builds, at the expense of temporarily requiring
more build space (about 1 GB more)
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
3 years ago
Dirk Brenken
ab0881b0dc
Merge pull request #16000 from dibdot/adblock
adblock: update 4.1.3-2
3 years ago
Daniel Golle
1204cb82f9
auc: update to version 0.1.8
This fixes support for x86, auc now selects the right combined image
depending on the system being booted in EFI mode or not.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
3 years ago
Rosen Penev
dfee9d005d
Merge pull request #15979 from G-M0N3Y-2503/cache-domains-fix-wildcard
cache-domains: Fixed missing wildcard entries
3 years ago
Rosen Penev
ea8083639d
Merge pull request #15950 from rsalvaterra/lolcat
lolcat: add package
3 years ago
Rosen Penev
c61eb3ed98
Merge pull request #15797 from lnslbrty/update/libulfius-2.7.3
libulfius: update to 2.7.3
3 years ago
Rosen Penev
789a4e2a9a
Merge pull request #15877 from neheb/exfatp
exfatprogs: update to 1.1.2
3 years ago
Rosen Penev
e49cb15788
Merge pull request #15996 from PowerDNS/dnsdist-recursor-option-checking
dnsdist, pdns-recursor: remove --enable-option-checking=fatal
3 years ago
Michael Heimpold
4db1fba5a1
libgpiod: update to 1.6.3
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
4 years ago
Dirk Brenken
e5fd19d2e0
adblock: update 4.1.3-2
* add a tcpdump option to resolve IPs in adblock reporting,
set 'adb_represolve' accordingly (disabled by default). If enabled
tcpdump will perform a reverse DNS (PTR) lookup for each IP address
* add 'stalkerware' source (provided by @astryzia )
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
3 years ago
David Bauer
5f73d18eb1
Merge pull request #15998 from blocktrron/pr-udhcpsnoop
udhcpsnoop: import package from TIP
3 years ago
David Bauer
b24ff2e1e0
udhcpsnoop: import package from TIP
Import the udhcpsnoop package from the TIP feed.
The original Makefile in TIP repo spcifies GPL-2.0 as the PKG_LICENSE.
However this is a mistake, as the SPDX headers of the repos source files
all specify BSD-3-Clause as their license.
See https://github.com/Telecominfraproject/wlan-ap/blob/uCentral-trunk/feeds/ucentral/udhcpsnoop/Makefile
Signed-off-by: David Bauer <mail@david-bauer.net>
3 years ago
Michael Heimpold
7ce9c89988
Merge pull request #15992 from mhei/libzip-fix-pkgconfig
libzip: fix pkgconfig paths (fixes #15943 )
3 years ago
Peter van Dijk
d39c517f84
pdns-recursor: remove --enable-option-checking=fatal
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
3 years ago
Peter van Dijk
da9aab57ed
dnsdist: remove --enable-option-checking=fatal
Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>
3 years ago
Josef Schlehofer
39dedfee16
Revert "uci2: update revision"
I'm reverting this commit, because it is pulling newer source code, but
without doing a new version bump. This results that users who already
installed this library on their router will have different package
content than users who installed it after the commit.
The another small reason is that commit subject - update revision is cryptic itself and should be more bulletproof like saying update to version 1.1
More details: https://github.com/openwrt/packages/pull/15990#issuecomment-870333695
This reverts commit e779323481
.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
3 years ago
Michael Heimpold
851c7a1e0a
libzip: fix pkgconfig paths ( fixes #15943 )
We should use upstream patch here, which can be removed later,
instead of maintaining our own one.
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
3 years ago
Rosen Penev
0c025e503c
Merge pull request #15889 from flyn-org/podman
podman: change permissions on /usr/share/containers/seccomp.json
3 years ago
Rosen Penev
b09863963c
Merge pull request #15851 from brvphoenix/ariang
ariang: update to 1.2.2
3 years ago
Rosen Penev
ccb9e4d083
Merge pull request #15991 from Andy2244/wsdd2-1.8.5
wsdd2: update to git 2021-06-28 (v1.8.5)
3 years ago
Rosen Penev
c78dc1743b
Merge pull request #15990 from sartura/uci2-bump
uci2: update revision
3 years ago
Rosen Penev
81d2c660ef
Merge pull request #15982 from Andy2244/samba-4.14.5
samba4: update to 4.14.5
3 years ago
Rosen Penev
84f42d6b9e
Merge pull request #15981 from Andy2244/rpcbind-1.2.6
rpcbind: update to 1.2.6
3 years ago
Rosen Penev
59a1901e3b
Merge pull request #15980 from Andy2244/libtirpc-1.3.2
libtirpc: update to 1.3.2
3 years ago
Andy Walsh
584d37fb0c
wsdd2: update to git 2021-06-28 (v1.8.5)
* update to git 2021-06-28 (v1.8.5)
* add extra startup delay
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
3 years ago
Jakov Petrina
e779323481
uci2: update revision
Pull in new API function from upstream.
Signed-off-by: Jakov Petrina <jakov.petrina@sartura.hr>
3 years ago
Rui Salvaterra
d2582939ad
lolcat: add package
A pure C implementation of lolcat, probably the lightest out there.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
3 years ago
Philip Prindeville
b609c35513
Merge pull request #15973 from pprindeville/strongswan-more-config-cleanup
strongswan: miscellaneous cleanup of config file, etc
3 years ago
Philip Prindeville
d279a64df8
strongswan: add priority option
Also from Vincent Wiemann <vincent.wiemann@ironai.com>.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years ago
Philip Prindeville
6c79715676
strongswan: add ipcomp support
Also from Vincent Wiemann <vincent.wiemann@ironai.com>.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years ago
Philip Prindeville
11ff072672
strongswan: add interface option for children
This option sets the interface of the policy.
Also from Vincent Wiemann <vincent.wiemann@ironai.com>.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
3 years ago