v0.19.4:
- No changes
v0.19.3:
- We now detect MySQL's strange, version-dependent my_bool type on configure.
- Add pkg-config definitions for gnunet messenger.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit bef5da553f)
- Missing --without-nghttp3 was leaking host includes and breaking the build
- Remove or rename deprecated configure options
- Add --disable-libcurl-option to reduce package size
- Use .xz instead of .bz2 for PKG_SOURCE
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
(cherry picked from commit 30fe2d99ab)
https://curl.se/changes.html#8_5_0
Pick upstream patch to fix build with gnuTLS and verbose strings removed.
The patch should be removed with the next version bump.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit cbdd619c23)
go1.21.9 (released 2024-04-03) includes a security fix to the net/http
package, as well as bug fixes to the linker, and the go/types and
net/http packages.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
1. Update it to version 3.16.3
Release notes: https://github.com/LuaLanes/lanes/releases/tag/v3.16.3
2. Change to download tarball instead of checking out Git sources
In the previous commit (in the Fixes tag), it was changed to Git sources without any reason. Let's revert it back. Let's use again tagged release.
Fixes: b93e5b45b1 ("lualanes: Version bump to v3.16.2")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 8b7040b6de)
Update the PKG_VERSION and PKG_SOURCE_VERSION to pull version 3.16.2
from upstream. The upstream version includes fixes for the
`pthread_yield: symbol not found` issue.
Removed patches 100-musl-compat.patch and 200-fix-redef-error.patch
as fixes were implemented upstream.
Build tested on aarch64, arm_cortex_a15/a9, i386, mips[el]_24kc,
powerpc_464fp/8548, riscv64, x86_64. Confirmed on x86_64.
Signed-off-by: Mark Baker <mark@vpost.net>
(cherry picked from commit 08e51ab50a)
Notable Changes
* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
* llhttp version 9.2.1
* undici version 5.28.4
Changed to use gz according to main-snapshot
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Update irqbalance to version 1.9.4.
* refresh version in meson patch
* remove EINVAL handling patch as upstream seems to have silenced
the log spam for unmanageable IRQs
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit b8d0049e7c)
I have some strange issues with irqbalance sometimes overwritin
smp_affinity values for banned/ignored IRQs. The issue is reproduceable
and is mitigated when I change theway how the irqbalance command line is
built. The only difference between the resulting command is that there
is only one space between the -t parameter and the first -i parameter
value.
Also see https://github.com/Irqbalance/irqbalance/issues/297
Signed-off-by: Carsten Schuette <schuettecarsten@googlemail.com>
(cherry picked from commit 41e5b979f5)
Text between interpreter line and start of first directive should only
highlighted as uninterpreted when running in template mode, so adjust
the match rule accordingly.
Fixes: #23761
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 8f9564387d)
Introduce local syntax highlighting support for ucode scripts, like
it is done already for uci configuration files.
Ref: https://github.com/jow-/ucode/issues/178
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d8a574f7f0)
* update to 8.7.1: https://curl.se/changes.html#8_7_1
* use the new --disable-docs flag for configure
* update 200-no_docs_tests.patch
* switch to APK-compatible revision
Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 227c8daa15)
Instead of checking Git sources, we will use now tagged releases.
This solve the strange version 0~3.5.1-r1, now will be 3.5.2-r2
Signed-off-by: Andrea Pesaresi <andreapesaresi82@gmail.com>
(cherry picked from commit f8a7ee7f47)
Various fixes for ksmbd, most notably a visibility fix for the latest
ksmbd code.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit e9e1ae2386)
Before this change, the tarball was downloaded as vVERSION.tar.gz.
For example, it was v2.26.1.tar.gz and that file was put into the dl folder
within the OpenWrt build system.
After this change, the tarball is properly downloaded as NAME-vVERSION.tar.gz.
In this case, it will look like this: docker-compose-v.2.26.1.tar.gz
The advantages of using this:
- Users, developers will know that what they downloaded (it has name and version)
- The tarball will not be overwritten by another package with the same version.
Signed-off-by: Javier Marcet <javier@marcet.info>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[added commit message]
(cherry picked from commit 261b38c14b)
keylength, being an acme.sh value type, uses pure numbers for rsa keys.
This can be disorienting for other acme clients. This change introduces
a new option "key_type" that aims to remove this ambiguity, and makes
all key type names follow the same pattern, making acme-common more
client agnostic.
Signed-off-by: Glen Huang <me@glenhuang.com>
(cherry picked from commit 6d61014e51)
Backport config changes from commit 04ac8c177d ("acme-common: simplify config
example") from master, and apply the subsequent fixup. This should fix the issue
with ACME not working in Luci (resolving #23756).
Keep the version number bump as a bugfix (1.0.4) since we have not backported
all the ACME changes to 23.05.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
56eebdad085e uspot: wrap spotfilter device under tip_mode
1a96d57e5fe0 uspot: client_enable() wrap spotfilter data in tip_mode
fe12f9a7abde uspot: clear ratelimit state on startup/shutdown
976badc4d0b6 update README
53b8cb88a94a Makefile: require minimum ucode version
ff6163190d5a uspot/portal: report client_enable() failure
8601d9199233 include sample radcli dictionaries
c670f6c4b48f update README
094f0df88150 uspot: work around ucode#191 missing in 23.05
Update the package Makefile to reflect the changes from the following
above-listed commit:
53b8cb88a94a Makefile: require minimum ucode version
Fixes: https://github.com/f00b4r0/uspot/issues/4
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit bc33522715)
Compile tested: (ramips, rb760igs, 23.05 snapshot)
Run tested: (ramips, rb760igs, 23.05 snapshot, tests done)
Description:
In case we have multiple device defined in /etc/config/p910nd then init script will try to start multiple instance with same instance name
drop instance name as resolution
tested on 23.05 snapshot with 2 USB printers
Signed-off-by: Peca Nesovanovic <peca.nesovanovic@sattrakt.com>
(cherry picked from commit 152d80ce13)
go1.21.8 (released 2024-03-05) includes security fixes to the crypto/x509,
html/template, net/http, net/http/cookiejar, and net/mail packages,
as well as bug fixes to the go command and the runtime.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Since version 4.4.0, syslog-ng added compression to http() destination
using zlib from curl. [1] However, zlib is currently disabled in curl [2]
and it prevented syslog-ng to start.
This commit changes the configuration opinion to enable http module only if
zlib support is enabled for curl and as well it adds dependency for zlib (in that case).
If the zlib is disabled, then it disables http module, so syslog-ng can start
and thus zlib dependency is not required.
[1] https://gitlab.nic.cz/turris/os/packages/-/issues/932
[2] 93cbaacbfb/net/curl/Config.in (L134)
Fixes: 4dd49d7c3c ("syslog-ng: update to version 4.4.0")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 1e14d95d78)
With the commit 01e5cfc "CI: Add target/arch tags (no suffix) for
snapshot images"[1] the os/platform is set for all images, which is usually
different from what the GitHub action runner uses (x86). The Docker
deamon still tries to fetch the x86 version and fails.
This commit explicitly sets the fitting arch.
[1]: 01e5cfccd7
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit d359fa04ed)
- Fixes CVE-2023-50868 and CVE-2023-50387
- Also, the resolver has not been called 'Knot DNS Resolver' for quite
some time, so fix that, too.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 1131acf57f)
'dnstap' module will be built but not loaded by default at runtime
(configuration must be provided for it to be loaded). It is still possible to
disable dnstap build manually using menuconfig.
"The dnstap module supports logging DNS requests and responses to a unix socket
in dnstap format using fstrm framing library. This logging is useful if you need
effectively log all DNS traffic."[^1]
Adds dependency on 'protobuf', 'protobuf-c', 'libfstrm'. Listed packages are
available from OpenWrt packages, have uncomplicated manifests and
while 'protobuf-c' doesn't have a maintainer since spring 2020, all the
packages (including 'protobuf-c') seem to be maintained - the last
updates of all of them in autumn 2021.
As stated by Vladimír Čunát from Knot Resolver team they build dnstap
while packaging for majority of standard Linux distributions.
Therefore this change brings us closer to expected default.
[^1]: https://knot-resolver.readthedocs.io/en/stable/modules-dnstap.html
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
(cherry picked from commit a68397ff77)
It was possible to enable dnstap in menuconfig, but the configuration
only added dependencies while leaving dnstap module build disabled.
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
(cherry picked from commit af521478f8)