Backported upstream pending pull request to fix following error:
CMake Error at /foo/staging_dir/host/share/cmake-3.19/Modules/FindPackageHandleStandardArgs.cmake:218 (message):
Could NOT find CURSES (missing: CURSES_LIBRARY)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit eddbb64bc9)
Update to v14.18.3
January 10th 2022 Security Releases:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Prototype pollution via console.table properties (Low)(CVE-2022-21824)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
(cherry picked from commit 8278998e48)
The previous one was wrong, and it did not work. It could be checked
inside compiled package in control.tar.gz that there was missing
``conffiles`` file with content `/etc/config/tvheadend`
It is also possible to verify that the config is not overwritten on the router
by running ``opkg install tvheadend --force-reinstall``
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 752d1ffc28)
depend on libpcre2 instead of libpcre
also remove patches incorporated upstream into lighttpd 1.4.62
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
(cherry picked from commit ddecac45c8)
Add flag "--lookup-default-namespace" to signal that wg-installer should
look already established wireguard sessions in the default namespace.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 94efdcf02a)
This avoids to add liburiparser as dependency.
Package tvheadend is missing dependencies for the following libraries:
liburiparser.so.1
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 0449c109e7)
Remove the dependency "coreutils-realpath" from
wg-installer-server-hotplug-olsrd.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit fab86eb626)
Check if the key exists which is given by
option wg_key '/etc/wgserver/wg.key'
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 324fa79d7c)
Install a cronjob that removes unused wireguard interfaces every 10
minutes.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 432a965689)
Check if a peer is already existing with a given public key. Introduce a
response code for signaling why the server rejected the request.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit da48bc3792)
Use shellcheck to rework the code. Use "export" to return variables from
a function call. Further, fix typos.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 69c81790d1)
- Use ip address add instead of ip a a
- Directly add broadcast address
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit fea27cec05)
2to3 is a Python program that reads Python 2.x source code and applies a
series of fixers to transform it into valid Python 3.x code. The standard
library contains a rich set of fixers that will handle almost all code. 2to3
supporting library lib2to3 is, however, a flexible and generic library, so it
is possible to write your own fixers for 2to3. lib2to3 could also be adapted
to custom applications in which Python code needs to be edited automatically.
This tool is necessary for fail2ban package because of issue
https://github.com/openwrt/packages/issues/17311https://github.com/openwrt/packages/pull/17341
Simple 2to3.py script from Debian, thanks to Matthias Klose <doko@ubuntu.com>
From: https://salsa.debian.org/cpython-team/python3-defaults
(cherry picked from commit 2f91e1c9c5)
Co-authored-by: Jeffery To <jeffery.to@gmail.com>
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
The runtime testing always ran on master branch aka snapshots since the
branch wasn't passed over to the container execution!
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit f535d77090)
* Updating i2pd package to 2.40.0
* Rewrite Makefile
* Remove usage of PKG_INSTALL (package's make install)
* Rewrite init.rc configuration and script
* Remove '--service' option from init, which only sets datadir to /var/lib/i2pd
* Use '--datadir' option in init, otherwise datadir changing via uci is not works
* Update patch for i2pd.conf
Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
(cherry picked from commit ac27fffff9)
Remove USE_AVX and USE_AESNI make options as it is correclty handled by
internal code.
Signed-off-by: R4SAS I2P <r4sas@i2pmail.org>
(cherry picked from commit 1025dd7c76)
remove AVX patches as upstream has integrated and closed
all AVX issues
compiled on : x86-64, i386 generic
tested on : x86-64 VM, i386 VM
Signed-off-by: Dirk Neukirchen <plntyk.lede@plntyk.name>
(cherry picked from commit fc7d710e62)
During update we use sudo to start an instance. It probably could be
workarounded, but given the MariaDB size, dependency on sudo shouldn't
be an issue.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit 0ffec9bd4b)
If you are migrating to MariaDB package, you might have old datadir
stored somewhere using different setup with different users. If you
trust us enough to enable autoupgrade, you probably trust us enough to
chown your datadir as well. This can prevent some potential issues.
Signed-off-by: Michal Hrusecky <michal.hrusecky@turris.com>
(cherry picked from commit b41525cef4)
Ensure that the zerotier service is automatically restarted when the uci
configuration is modified.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 04d0e45da1)
The current init script is using the deprecated -nd flag. This updates netdata to be started with -D.
Signed-off-by: James White <james@jmwhite.co.uk>
(cherry picked from commit cf9d5a8870)
Removed patches:
001-fix-stime-glibc-remove.patch - it is included in upstream
003-Fix-compilation-with-gcc11.patch - no longer necessary
Updated patches:
002-Avoid-problems-with-64-bit-time_t.patch
Refreshed patches:
004-Comment-out-librt-testing.patch
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit cf65ca2db0)
Update crowdsec-firewall-bouncer to latest upstream release version 0.0.21
Makefile rework
- use tagged version for download
Fixes
- set API_KEY in firewall bouncer config file
(cherry picked from commit b4f48b5c23)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
Update crowdsec to latest upstream release version 1.2.2
Makefile rework
- use tagged version for download
(cherry picked from commit 2a34e4987b)
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
apxs is used to get information about the apache installation when
building external modules. Currently there are issues:
1.
./staging_dir/target-mips_24kc_musl/usr/bin/apxs -q TARGET
apache2
apxs:Error: ./staging_dir/target-mips_24kc_musl/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/bin/apr-1-config not found!.
This error is fixed by sed script #2.
2.
./staging_dir/target-mips_24kc_musl/usr/bin/apxs -q TARGET
cannot open ./staging_dir/target-mips_24kc_musl/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/share/apache2/build/config_vars.mk: No such file or directory at ./staging_dir/target-mips_24kc_musl/usr/bin/apxs line 213.
This error is fixed by sed scipt #1.
Both sed scripts taken from buildroot (see [1]).
[1] https://github.com/buildroot/buildroot/blob/master/package/apache/apache.mk
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 83d1cdaf3f)
