Commit graph

4268 commits

Author SHA1 Message Date
Chen Minqiang
8ae2889674 mwan3: rtmon: filter out linkdown routing table
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2018-10-10 07:30:47 +08:00
Saverio Proto
a3e495e367
Merge pull request #7156 from pacien/181008-pkg-tinc
tinc: update to 1.0.35 (security update)
2018-10-09 17:26:50 -04:00
Thomas Heil
a557766870
Merge pull request #7161 from Ansuel/nginxup
nginx: update to latest release
2018-10-09 11:14:18 +02:00
Ansuel Smith
5dadb1f350
nginx: update to latest release
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2018-10-09 10:41:46 +02:00
Pacien TRAN-GIRARD
62ee62682e tinc: update to 1.0.35
Critical security update for:
* CVE-2018-16737,
* CVE-2018-16738,
* CVE-2018-16758

Announcement:
https://www.tinc-vpn.org/pipermail/tinc/2018-October/005311.html

Signed-off-by: Pacien TRAN-GIRARD <pacien.trangirard@pacien.net>
2018-10-08 20:54:36 +02:00
Stijn Tintel
ffa1012131 keepalived: disable libnl
When libnl is enabled and libnl-genl is disabled, libnl-genl-3.so.200 is
installed by InstallDev, and keepalived picks it up anyway.
This causes build to fail with the following error:

Package keepalived is missing dependencies for the following libraries:
libnl-genl-3.so.200

Instead of having a conditional dependency it is better to have a
consistent build. Disable libnl to enforce this.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-10-07 14:40:52 +03:00
Stijn Tintel
172ae80bc1 strongswan: bump to 5.7.0
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-10-07 14:39:04 +03:00
Peter Wagner
2e0cb11fe0 git: update to 2.19.1
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2018-10-06 11:50:32 +02:00
Magnus Kroken
fe973d181b strongswan: backport upstream fixes for CVEs in gmp plugin
This fixes:
* CVE-2018-16151
* CVE-2018-16152
* CVE-2018-17540

Details:
https://strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html
https://strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2018-10-06 01:31:10 +02:00
Dirk Brenken
d3b239d523
Merge pull request #7140 from dibdot/travelmate
travelmate: update 1.2.4
2018-10-05 12:31:04 +02:00
Dirk Brenken
6baea8155b travelmate: update 1.2.4
* with the config option 'trm_radio' you can now restrict travelmate
  to a single radio (e.g. 'radio1') or change the overall
  scanning order (e.g. 'radio1 radio2 radio0')
* LuCI: show QR codes now inline on the overview page
  (collapsed by default)

Signed-off-by: Dirk Brenken <dev@brenken.org>
2018-10-05 10:37:41 +02:00
Hannu Nyman
c4ab18d58e
Merge pull request #7121 from Ansuel/nginxup
nginx: update to latest release
2018-10-02 00:07:56 +03:00
Daniel Golle
7cdbb75699 gnurl: build without libpsl
Make sure gnURL doesn't link against libpsl.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-10-01 02:18:15 +02:00
Daniel Golle
ad66447b4e ola: depend on libftdi1
Building against libftdi1 can't be avoided in the presence of libftdi1
headers apparently. As it might be useful for some DMX adapters and
such, depend on libftdi1 from now on.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-09-30 23:08:05 +02:00
Daniel Golle
af06f6fd52 gnurl: update to version 7.61.1
No release tarball has been published yet, use v7.61.1 git tag instead.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-09-30 23:02:44 +02:00
Eneas U de Queiroz
9f76fe1445 openssh: add openssl 1.1.0 compatibility
Five commits from upstream were applied to v. 7.8-p1:

482d23bc upstream: hold our collective noses and use the openssl-1.1.x
         API in
48f54b9d adapt -portable to OpenSSL 1.1x API
86e0a9f3 upstream: use only openssl-1.1.x API here too
a3fd8074 upstream: missed a bit of openssl-1.0.x API in this unittest
d64e7852 add compat header

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
2018-09-30 18:59:04 +02:00
Daniel Golle
b5b271a396 gnunet: update to gnunet 0.11 release candidate source as of 20180929
* break-out basic TCP and UDP transports
 * add xt and xu experimental transports
 * add zoneimport tool
 * add abe, credential and reclaim components to gnunet-social package
 * add new REST plugins

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-09-30 17:56:43 +02:00
Ansuel Smith
ce9a8bc96e
nginx: update to latest release
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2018-09-30 16:11:51 +02:00
W. Michael Petullo
95db98bd7d nfs-kernel-server: add support for NFSv4
Signed-off-by: W. Michael Petullo <mike@flyn.org>
2018-09-29 20:34:33 +02:00
Dirk Brenken
241e7a34f6
Merge pull request #7115 from dibdot/ddns-fix
ddns-scripts: multiple fixes
2018-09-29 18:19:48 +02:00
Andy Walsh
c5e0c3822a samba4: fix missing busybox 'hostname -f' command
* busybox does not have 'hostname' by default so replaced it with uci calls

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
2018-09-29 11:06:09 +08:00
Dirk Brenken
750a8b1659
Merge pull request #7111 from Andy2244/wsdd2-fix-triggers
wsdd2: fix missing triggers
2018-09-28 08:11:17 +02:00
Dirk Brenken
f334bc7181
Merge pull request #7110 from Andy2244/samba4-fix-netbiosname
samba4: fix netbios_name
2018-09-28 08:10:45 +02:00
Dirk Brenken
e2f73cbd58 ddns-scripts: multiple fixes
* replace shell based urlencoder with an awk variant
* fix write_log function/syslog output in case of an error
* protect answer string with double quotes in update_route53
* remove bogus set/IFS options in update_route53
* clean-up update_route53 a little bit

This patchset finally fix #6977

Many thanks to @mark0n & @a-bali for testing & debugging

Signed-off-by: Dirk Brenken <dev@brenken.org>
2018-09-28 07:41:52 +02:00
Dirk Brenken
7f9dfaae85
Merge pull request #7112 from EricLuehrsen/unbound_leak
unbound: add patches for leaks during TLS query
2018-09-28 07:24:32 +02:00
Yousong Zhou
e38c100612 treewide: remove obsolete references to avr32
This is a long overdue followup commit to openwrt/openwrt@5d9eeab
("build: remove obsolete references to cris and avr32")

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-09-28 12:03:20 +08:00
Eric Luehrsen
10665f5ce9 unbound: add patches for leaks during TLS query
Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
2018-09-27 23:21:58 -04:00
Andy Walsh
32fe219d6f wsdd2: fix missing triggers
* add triggers so changes can be picked up

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
2018-09-27 17:08:33 +02:00
Andy Walsh
32328835df samba4: fix netbios_name
* fixes: error 0x80070035
* add triggers to catch hostname changes

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
2018-09-27 17:03:28 +02:00
Karl Palsson
4b309aefd6 mosquitto: bump to 1.5.3
Full changelog at https://github.com/eclipse/mosquitto/blob/v1.5.3/ChangeLog.txt

Primary change:
CVE fix for CVE-2018-12543 - prevent crash on topics that begin with $
but are not $SYS

Selected other fixes relevant to OpenWrt since 1.5.1:
- Fix retained messages not sent by bridges on outgoing topics at the first
  connection. Closes #701.
- Fix duplicate clients being added to by_id hash before the old client was
  removed. Closes #645.
- Fix excessive CPU usage when the number of sockets exceeds the system limit.
  Closes #948.
- Fix for bridge connections when using WITH_ADNS=yes.
- Fix round_robin false behaviour. Closes #481.
- Fix segfault on HUP when bridges and security options are configured.
  Closes #965.

Signed-off-by: Karl Palsson <karlp@etactica.com>
2018-09-26 10:48:51 +00:00
Hannu Nyman
811089d05f
Merge pull request #7094 from Andy2244/master
samba4: update to 4.9.1
2018-09-24 22:14:45 +03:00
Andy Walsh
68270c787d samba4: update to 4.9.1
fixes: nmbd: Stop nmbd network announce storm (bug #13620).

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
2018-09-24 11:02:47 +02:00
Florian Eckert
692ed62382 net/mwan3: update version to 2.7.2
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-09-24 10:21:43 +02:00
Florian Eckert
2cd5442a11 net/mwan3: fix start/stop/restart execution
Move setting global enabled flag from /etc/init.d/mwan3 to mwan3
command. So we could start mwan3 from the cmd mwan3 as well.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-09-24 10:20:35 +02:00
Florian Eckert
d338131f40 net/mwan3: mwan3track should also send disconnected action on signal USR1
Also send disconnected action on system signal USR1.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-09-24 10:20:35 +02:00
Florian Eckert
c9d8fceb63 net/mwan3: add ttl check
Add the additional optional ttl check to test the connection.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-09-24 10:20:35 +02:00
Thomas Heil
27df687034
Merge pull request #7086 from gladiac1337/feature-haproxy-v1.8.14
haproxy: Update HAProxy to v1.8.14
2018-09-23 23:28:26 +02:00
Dirk Brenken
8bbc9c7dbe
Merge pull request #7025 from Andy2244/krb5-keyutil-fix
krb5: fix keyutils dependency
2018-09-23 14:42:25 +02:00
Christian Lachner
60138d90b8 haproxy: Update HAProxy to v1.8.14
- Update haproxy download URL and hash
- Removed all obsolete patches
- This fixes CVE-2018-14645 (See: https://nvd.nist.gov/vuln/detail/CVE-2018-14645)

Signed-off-by: Christian Lachner <gladiac@gmail.com>
2018-09-22 16:54:44 +02:00
Dirk Brenken
f4cdfcf15a
Merge pull request #7079 from valdi74/update_package_aria2
aria2: handle check_certificate=false config option
2018-09-22 07:21:49 +02:00
Dirk Brenken
4560c17c60
Merge pull request #7008 from TDT-AG/pr/20180912-keepalived-enable-ipvs
net/keepalived: update to version 2.0.7 and enable ipvs support
2018-09-22 07:20:12 +02:00
Dirk Brenken
dd3f54ea0e
Merge pull request #6990 from ptpt52/mwan3-fix
mwan3: optimize the process of copying routing tables
2018-09-22 07:14:44 +02:00
Dirk Brenken
4cdbabbf82
Merge pull request #7030 from jonathanunderwood/stubby_ca_certificates_dependency
stubby: add missing dependency on ca-certificates
2018-09-22 07:05:49 +02:00
Peter Wagner
61b5d27cb9 git: simplify install code
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2018-09-22 03:15:11 +02:00
Peter Wagner
30898cc49d git: don't hard link to symlinks, to avoid ending up with a git executeable with 0777 access rights
Signed-off-by: Peter Wagner <tripolar@gmx.at>
2018-09-22 02:43:27 +02:00
Chen Minqiang
6a5836db32 mwan3: optimize the process of copying routing tables
- The original copy process is to delete all routing tables first,
   then add new routing table. This process is too slow and very dirty.
 - We use grep to identify the changes and apply them.
 - ignore ipv6 unreachable routes
 - update version number

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2018-09-21 15:35:39 +08:00
Hannu Nyman
511f39f7d0
Merge pull request #7068 from neheb/jool
jool: Update to 3.5.7 and switch to tarballs
2018-09-20 19:35:36 +03:00
Hannu Nyman
82b4496506
Merge pull request #7076 from mlichvar/chrony-update-3.4
chrony: update to 3.4
2018-09-20 19:34:33 +03:00
Waldemar Konik
7b1c25f48c aria2: handle check_certificate=false config option
Signed-off-by: Waldemar Konik <informatyk74@interia.pl>
2018-09-20 13:24:57 +02:00
Hannu Nyman
498568893d
Merge pull request #7069 from sartura/geth_1.8.15
geth: Update to 1.8.15
2018-09-19 22:25:54 +03:00