Signed-off-by: William Fleurant <william@netblazr.com>

Yggdrasil builds end-to-end encrypted networks with IPv6. Beyond the
similarities with cjdns is a different routing algorithm. This
globally-agreed spanning tree uses greedy routing in a metric space.
Back-pressure routing techniques allow advanced link aggregation bonding
on per-stream basis.  In turn, a single stream will span across multiple
network interfaces simultaneously with much greater throughput.

Authored by: William Fleurant <meshnet@protonmail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>

python-qrcode: bump to 6.1, fix dependencies

tcpreplay: bump to version 4.3.2

This one contains only a few CVEs + bugfixes.

* CVE-2019-8381 memory access in do_checksum() (#538)
* CVE-2019-8376 NULL pointer dereference get_layer4_v6() (#537)
* CVE-2019-8377 NULL pointer dereference get_ipv6_l4proto() (#536)
* Rename Ethereal to Wireshark (#545)

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

Shorewall: Bump to version 5.2.3.2

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>

Fixes: https://github.com/openwrt/packages/issues/8399

These 2 patches cause some breakage for other packages.
For now, we drop them and wait for upstream to finalize a fix.
We can live with deprecated SSL APIs for a while. No need to hurry, since
this doesn't seem to help.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

trafficshaper create QoS rules to limit (or reserve) traffic used
by classes of clients.

Uplink and downlink can be controled (or not controlled) independently.

Client classes are defined by its network addresses (IPv4 or IPv6). Each
client class can define absolute or relative (to wan) bandwith, and also
the use (or not) of spare wan bandwidth when avaiable.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>

Signed-off-by: W. van den Akker <wvdakker@wilsoft.nl>

Bug fixes and a security update of the bundled RubyGems:

CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
CVE-2019-8325: Escape sequence injection vulnerability in errors

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

vpnc: fix IPv6-triggered inoperability

libv4l: avoid libelf dependency

Revert the addition of build dependency in commit 2d1694ff7
to a non-existent host build of zlib.

The host build of zlib was removed already in April 2018 by
8dcd941d8b (diff-1ed408c61d79f9c6c5d197333e94ce8d)
which made zlib a build tool defined in /tools

The newly introduced build dependency causes always a warning like:
   WARNING: Makefile 'package/feeds/packages/postgresql/Makefile'
   has a build dependency on 'zlib/host', which does not exist

Not sure what was the error that 2d1694ff7 tried to fix,
but reference to a non-existent host build is not the solution.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

torsocks: add new package

tar: update to version 1.32

gst1-libav: update to 1.15.2

gst1-plugins-ugly: update to 1.15.2

gst1-plugins-good: update to 1.15.2

gst1-plugins-bad: update to 1.15.2

gst1-plugins-base: update to 1.15.2

python-certifi: Update to 2019.3.9

gstreamer1: update to 1.15.2

lighttpd: update to 1.4.53

php7-pecl-mcrypt: update to 1.0.2

pigeonhole: update to 0.5.5

krb5: update to 1.17

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

Signed-off-by: W. Michael Petullo <mike@flyn.org>

prosody: Update package prosody to 0.11.2

python-pyopenssl,python-service-identity: Update package data

open-vm-tools: remove resolutionkms

libfreetype: update to v2.10.0

tgt: fix packaging of config and initscript

php7: Add PKG_CPE_ID for proper CVE tracking

Explicitly disable bpf support to avoid picking up libelf dependency.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>