A compiler bug (suspiciously) blocks gnulib compilation for
mipsel_24kc_24kf. While we had this patch to disable gnulib, it was
accidentally removed by 5d27631d9f. Add it
back to fix the long broken build for mipsel_24kc_24kf.
Fixes: #19511
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
aardvark-dns v1.6.0 was released,
so instead of using git version, use release -
similarly like netavark.
Very much hasn't changed but list of changes
is in git commit log of aardvark-dns.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Bump nginx to new 1.25.0 release.
Changes:
*) Feature: experimental HTTP/3 support.
Every patch automatically refreshed.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Lot's of changes, but no online release notes
available, check ChangeLog file once extracted
if necessary
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Moved to from git to release version,
but release version does not have submodule
libocispec included, so additional download added.
Release notes: https://github.com/containers/crun/releases
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Fix some problem with migration of uci conf template and include of
module.d directive.
Fix 2 case:
- uci.conf.template not versioned but with the include module.d
resulting in double include module.d
- uci.conf.template version 1.1 with the include module.d at the end
of the config. This is problematic for nginx as modules must be
included before any http directive.
Handle this 2 case to restore a working uci.conf.template configuration
on migrated config.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Bump uci conf template version to 1.2 to sync with nginx version
handling some migration problem.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
It's not possible to configure custom Transmission web home as corresponding
env var gets overwritten by the command that sets CA bundle env var.
Signed-off-by: Leonid Bogdanov <leonidbogdanov86@gmail.com>
Imported patches included in debian and other package.
* 200-Fix-NULL-pointer-crashes-from-175.patch
CVE-2021-3502
A flaw was found in avahi 0.8-5. A reachable assertion is present in avahi_s_host_name_resolver_start function allowing a local attacker to crash the avahi service by requesting hostname resolutions through the avahi socket or dbus methods for invalid hostnames. The highest threat from this vulnerability is to the service availability.
* 201-Avoid-infinite-loop-in-avahi-daemon-by-handling-HUP-event.patch
CVE-2021-3468
A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered.
* 202-avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch
avahi_dns_packet_consume_uint32 left shifts uint8_t values by 8, 16 and 24 bits to combine them into a 32-bit value. This produces an undefined behavior warning with gcc -fsanitize when fed input values of 128 or 255 however in testing no actual unexpected behavior occurs in practice and the 32-bit uint32_t is always correctly produced as the final value is immediately stored into a uint32_t and the compiler appears to handle this "correctly".
Cast the intermediate values to uint32_t to prevent this warning and ensure the intended result is explicit.
* 203-Do-not-disable-timeout-cleanup-on-watch-cleanup.patch
This was causing timeouts to never be removed from the linked list that tracks them, resulting in both memory and CPU usage to grow larger over time.
* 204-Emit-error-if-requested-service-is-not-found.patch
It currently just crashes instead of replying with error. Check return
value and emit error instead of passing NULL pointer to reply.
* 205-conf-file-line-lengths.patch
Allow avahi-daemon.conf file to have lines longer than 256 characters (new limit 1024).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
In f8a8b71e26 openvpn introduced new hotplug events.
For server config, ipchange hotplug event produces an error.
So, make ipchange hotplug event for client only
Fixes https://github.com/openwrt/packages/issues/21200
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Update crowdsec to latest upstream release version 1.5.2
Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Run tested: ipq40xx/generic, Fritzbox 4040, Openwrt 22.03.5
Description: update to latest version of upstream
This renames the source package to python-asgiref to match other Python
packages.
This also updates the package title and URL.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This package was originally added[1] as it was a dependency of
etesync-server 0.3.0. When etesync-server was renamed to etebase and
upgraded to 0.6.1[2], this dependency was removed. No other package in
the packages feed depends on this package.
Upstream has also archived the git repo[3] and stated that the
repo/package is deprecated. It does not appear that any newer version of
etebase uses this package.
This removes the python3-django-etesync-journal package; it will be
submitted to the abandoned packages repo.
[1]: https://github.com/openwrt/packages/pull/10469
[2]: https://github.com/openwrt/packages/pull/14063
[3]: https://github.com/etesync/journal-manager
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This renames the source package from passlib to python-passlib to match
other Python packages.
This also updates the package URL and list of dependencies.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Disable mpfr detection to fix a build error due to (unncessary)
missing dependency:
```
Package gawk is missing dependencies for the following libraries:
libgmp.so.10
libmpfr.so.6
```
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* Optionally auto-add entire subnets to the blocklist Sets based on an additional RDAP request with the
monitored suspicious IP, set 'ban_autoblocksubnet' accordingly (disabled by default).
For more information regarding RDAP see
https://www.ripe.net/manage-ips-and-asns/db/registration-data-access-protocol-rdap for reference.
* small fixes & cosmetics
* update readme
Signed-off-by: Dirk Brenken <dev@brenken.org>
The buildbots failed for the mentioned platform with the following error:
(I shortened the pathnames and broke long lines a little bit for readability)
.../lib/gcc/riscv64-openwrt-linux-musl/12.3.0/../../../../
riscv64-openwrt-linux-musl/bin/ld: Zend/zend_execute_API.o: in function `.L533':
zend_execute_API.c:(.text+0x1b1c): undefined reference to `__atomic_exchange_1'
.../riscv64-openwrt-linux-musl/bin/ld: Zend/zend_atomic.o:
in function `zend_atomic_bool_exchange':
zend_atomic.c:(.text+0xc): undefined reference to `__atomic_exchange_1'
collect2: error: ld returned 1 exit status
make[4]: *** [Makefile:350: sapi/cli/php] Error 1
Inspired by the blog post[1], linking to libatomic explicitly seems to
do the trick.
[1] A RISC-V gcc pitfall revealed by a glibc update
https://blog.jiejiss.com/A-RISC-V-gcc-pitfall-revealed-by-a-glibc-update
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
In Go 1.18+ embedded files is natively supported, so this package
is useless now. It has been archived on Jun 2022 and failed to build
on the riscv64 target.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
