git.openwrt.org Git - feed/packages.git/log

netbird: update to 0.27.3

Signed-off-by: Wesley Gimenes <wehagy@proton.me>

macremapper: drop VERSION definition in Makefile

By default Kernel modules follow the version schema from openwrt.git,
which happens to be APK compatible. Instead of defining a entirely
custom format, use what's already out there.

This patch drops the individual VERSION definition.

Right now, the version becomes 6.1.82.1.1.0-r2

Signed-off-by: Paul Spooren <mail@aparcar.org>

gptfdisk: update to 1.0.10

- Delete upstreamed patch

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

socat: update to 1.8.0.0

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

stress-ng: update to 0.17.07

- Refresh the patch

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

moreutils: update to 0.69

- Refresh patch

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

mc: update to 4.8.31

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

mpg123: update to 1.32.6

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

wget: update to 1.24.5

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

snort3: fix issue caused by ucode semantics change

A recent change in the ucode interpeter caused a failure when using
the 'in' operator.
https://github.com/jow-/ucode/commit/be767ae197babd656d4f5d9c2d5013e39ddbe656

Reported in a forum post by @graysky2.
https://forum.openwrt.org/t/194218/28

Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>

nghttp2: fix CVE-2024-28182

update to v1.61.0
CVE-2024-28182: Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

lighttpd: update to lighttpd 1.4.76 release hash

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>

Merge pull request #23880 from stangri/master-pbr

pbr: update to 1.1.4-r15

pbr: update to 1.1.4-r15

* delete obsolete files/etc/init.d/pbr.init
* add files/etc/uci-defaults/91-pbr-iptables to help update from older OpenWrt
* add files/etc/uci-defaults/91-pbr-nft to help update from older OpenWrt
* update files/etc/uci-defaults/91-pbr-netifd to only add tables to supported ifaces
* re-organize variants in the Makefile so that they hopefull work this time
* update prerm for all variants for better user experience
* update the -netifd prerm to remove leftofver entries from network and rt_tables file

In the init script:
* add decorations for netifd-interfaces related operations (blue ticks)
* add rtTablesFile variables instead of hard-coding the rt_tables file
* add function to check if the table is netifd-derived
* add error messages/hints for failed interface setup and failed WAN discovery
* make cleanup_rt_tables the netifd-compatible
* streamline interface_process function with a clearer case statement
* rename the interface_process `pre-init` option to `pre_init` to conform to the other
functions options naming style

Signed-off-by: Stan Grishin <stangri@melmac.ca>

Merge pull request #23872 from stangri/master-adblock-fast

adblock-fast: improve Makefile's prerm

nebula: Use APK style release number

Maintainer: Stan Grishin <stangri@melmac.ca>

Run tested: aarch64, Dynalink DL-WRX36, Master Branch

Signed-off-by: Sean Khan <datapronix@protonmail.com>

nghttp3: Use APK style release number

Maintainer: Stan Grishin <stangri@melmac.ca>

Run tested: aarch64, Dynalink DL-WRX36, Master Branch

Signed-off-by: Sean Khan <datapronix@protonmail.com>

ngtcp2: Use APK style release number

Maintainer: Stan Grishin <stangri@melmac.ca>

Run tested: aarch64, Dynalink DL-WRX36, Master Branch

Signed-off-by: Sean Khan <datapronix@protonmail.com>

minicom: update to 2.9

- Refresh the patch

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

Merge pull request #23832 from chommik/softflowd_add_b_option

softflowd: add '-b' option to config

whois: update to 5.5.22

- Don't override PKG_BUILD_DIR since tarball is now properly constructed

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

libevdev: update to 1.13.1

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

libdeflate: update to 1.20

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

softflowd: add '-b' option to config

- add '-b' option to enable bidirectional flow probing

Signed-off-by: Rafal Macyszyn <rafal@v92.pl>

devel: gcc: refresh patches

Refresh patches with make package/gcc/refresh by tweaking the
GCC_VERSION to refresh every supported version.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

devel: gcc: add support for GCC 13

Add support for GCC 13 and take patches from openwrt main repo.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

devel: gcc: add missing RISCV patches for GCC 12

Add missing RISCV patches for GCC 12 from openwrt toolchain GCC.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

devel: gcc: align patches structure to openwrt toolchain GCC

Align patches structure to openwrt toolchain GCC to make it easier to
maintain them and reduce patch delta on GCC update.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

pppossh: add option peer_pppd_options

This can be useful for things like making the interface on the peer side
fixed with value like `ifname xx`

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

adblock-fast: improve Makefile's prerm

* improve output of Makefile's prerm routines

Signed-off-by: Stan Grishin <stangri@melmac.ca>

libdrm: update to 2.4.120

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

pixman: update to 0.43.4

- Use HTTPS for project URL
- Drop obsolete patch

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

qemu: update to 8.2.2

- Use HTTPS for URLs

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

imagemagick: update to 7.1.1.30

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

libpciaccess: update to 0.18.1

- Use Meson build system
- Drop upstreamed patch
- Update project URL

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

pciutils: update to 3.12.0

- Refresh patch

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

c-ares: update to 1.28.1

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

libarchive: update to 3.7.3

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

mosquitto: support anonymous user per listener

Signed-off-by: David Andreoletti <david@andreoletti.net>

dnsdist: update to 1.9.3

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>

Merge pull request #23838 from krant/openblas

openblas: update to 0.3.27

Merge pull request #23837 from krant/numpy

numpy: update to 1.26.4

graphicsmagick: update to 1.3.43

- Set project URL to HTTP since HTTPS one is broken

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

Merge pull request #23824 from JiaY-shi/go

golang: update to 1.22.2

Merge pull request #23723 from findlayfeng/fix_proto-bonding

proto-bonding: Modify ipaddr as optional

acpica-unix: update to 20240321

Remove PKG_CAT. No need for it.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

ola: update to 0.10.9

Use local tarballs instead of codeload. Smaller size.

Patch ola.m4 to support statically linked protobuf. Avoids rpath hacks.

Remove upstream backport.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

protobuf: don't use shared libraries for host

Avoids needing to handle rpath.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

treewide: refresh missed hashes after move to use ZSTD as default

This is a follow-up on the previous treewide refresh of hashes after move
to ZSTD by default for compressing tarballs, as it seems that somehow
CHECK_ALL missed couple of packages.

Fixes: 272f55e87f07 ("treewide: refresh hashes after move to use ZSTD as default")
Signed-off-by: Robert Marko <robimarko@gmail.com>

ovpn-dco: bump version to 0.2.20240320

Fixes builds against kernel 6.6

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>

exim: update to 4.97.1

IPv6 has accidentally been disabled in all Exim builds since the
package was introduced in OpenWrt due to a faulty `sed` script. This
has now been fixed, so beware that IPv6 is now enabled when updating
from previous releases.

Upstream changes since version 4.96.2 (bottom up):

JH/s1 Refuse to accept a line "dot, LF" as end-of-DATA unless operating in
      LF-only mode (as detected from the first header line).  Previously we did
      accept that in (normal) CRLF mode; this has been raised as a possible
      attack scenario (under the name "smtp smuggling", CVE-2023-51766).

JH/01 The hosts_connection_nolog main option now also controls "no MAIL in
      SMTP connection" log lines.

JH/02 Option default value updates:
        - queue_fast_ramp (main)        true (was false)
        - remote_max_parallel (main)    4 (was 2)

JH/03 Cache static regex pattern compilations, for use by ACLs.

JH/04 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
      Make the rewrite never match and keep the logging.  Trust the
      admin to be using verify=header-syntax (to actually reject the message).

JH/05 Follow symlinks for placing a watch on TLS creds files.  This means
      (under Linux) we watch the dir containing the final file; previously
      it would be the dir with the first symlink.  We still do not monitor
      the entire path.

JH/06 Check for bad chars in rDNS for sender_host_name.  The OpenBSD (at least)
      dn_expand() is happy to pass them through.

JH/07 OpenSSL Fix auto-reload of changed server OCSP proof.  Previously, if
      the file with the proof had an unchanged name, the new proof(s) were
      loaded on top of the old ones (and nover used; the old ones were stapled).

JH/08 Bug 2915: Fix use-after-free for $regex<n> variables. Previously when
      more than one message arrived in a single connection a reference from
      the earlier message could be re-used.  Often a sigsegv resulted.
      These variables were introduced in Exim 4.87.
      Debug help from Graeme Fowler.

JH/09 Fix ${filter } for conditions that modify $value.  Previously the
      modified version would be used in construction the result, and a memory
      error would occur.

JH/10 GnuTLS: fix for (IOT?) clients offering no TLS extensions at all.
      Find and fix by Jasen Betts.

JH/11 OpenSSL: fix for ancient clients needing TLS support for versions earlier
      than TLSv1,2,  Previously, more-recent versions of OpenSSL were permitting
      the systemwide configuration to override the Exim config.

HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
      API changes in libopendmarc.

JH/12 Bug 2930: Fix daemon startup.  When started from any process apart from
      pid 1, in the normal "background daemon" mode, having to drop process-
      group leadership also lost track of needing to create listener sockets.

JH/13 Bug 2929: Fix using $recipients after ${run...}.  A change made for 4.96
      resulted in the variable appearing empty.  Find and fix by Ruben Jenster.

JH/14 Bug 2933: Fix regex substring match variables for null matches. Since 4.96
      a capture group which obtained no text (eg. "(abc)*" matching zero
      occurrences) could cause a segfault if the corresponding $<n> was
      expanded.

JH/15 Fix argument parsing for ${run } expansion. Previously, when an argument
      included a close-brace character (eg. it itself used an expansion) an
      error occurred.

JH/16 Move running the smtp connect ACL to before, for TLS-on-connect ports,
      starting TLS.  Previously it was after, meaning that attackers on such
      ports had to be screened using the host_reject_connection main config
      option. The new sequence aligns better with the STARTTLS behaviour, and
      permits defences against crypto-processing load attacks, even though it
      is strictly an incompatible change.
      Also, avoid sending any SMTP fail response for either the connect ACL
      or host_reject_connection, for TLS-on-connect ports.

JH/17 Permit the ACL "encrypted" condition to be used in a HELO/EHLO ACL,
      Previously this was not permitted, but it makes reasonable sense.
      While there, restore a restriction on using it from a connect ACL; given
      the change JH/16 it could only return false (and before 4.91 was not
      permitted).

JH/18 Fix a fencepost error in logging.  Previously (since 4.92) when a log line
      was exactly sized compared to the log buffer, a crash occurred with the
      misleading message "bad memory reference; pool not found".
      Found and traced by Jasen Betts.

JH/19 Bug 2911: Fix a recursion in DNS lookups.  Previously, if the main option
      dns_again_means_nonexist included an element causing a DNS lookup which
      itself returned DNS_AGAIN, unbounded recursion occurred.  Possible results
      included (though probably not limited to) a process crash from stack
      memory limit, or from excessive open files.  Replace this with a paniclog
      whine (as this is likely a configuration error), and returning
      DNS_NOMATCH.

JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group.  Previously
      this always failed, probably leading to the usual downgrade to in-clear
      connections.

JH/21 Fix TLSA lookups.  Previously dns_again_means_nonexist would affect
      SERVFAIL results, which breaks the downgrade resistance of DANE.  Change
      to not checking that list for these lookups.

JH/22 Bug 2434: Add connection-elapsed "D=" element to more connection
      closure log lines.

JH/23 Fix crash in string expansions. Previously, if an empty variable was
      immediately followed by an expansion operator, a null-indirection read
      was done, killing the process.

JH/24 Bug 2997: When built with EXPERIMENTAL_DSN_INFO, bounce messages can
      include an SMTP response string which is longer than that supported
      by the delivering transport.  Alleviate by wrapping such lines before
      column 80.

JH/25 Bug 2827: Restrict size of References: header in bounce messages to 998
      chars (RFC limit).  Previously a limit of 12 items was made, which with
      a not-impossible References: in the message being bounced could still
      be over-large and get stopped in the transport.

JH/26 For a ${readsocket } in TLS mode, send a TLS Close Alert before the TCP
      close.  Previously a bare socket close was done.

JH/27 Fix ${srs_encode ..}.  Previously it would give a bad result for one day
      every 1024 days.

JH/28 Bug 2996: Fix a crash in the smtp transport.  When finding that the
      message being considered for delivery was already being handled by
      another process, and having an SMTP connection already open, the function
      to close it tried to use an uninitialized variable.  This would afftect
      high-volume sites more, especially when running mailing-list-style loads.
      Pollution of logs was the major effect, as the other process delivered
      the message.  Found and partly investigated by Graeme Fowler.

JH/29 Change format of the internal ID used for message identification. The old
      version only supported 31 bits for a PID element; the new 64 (on systems
      which can use Base-62 encoding, which is all currently supported ones
      but not Darwin (MacOS) or Cygwin, which have case-insensitive filesystems
      and must use Base-36).  The new ID is 23 characters rather than 16, and is
      visible in various places - notably logs, message headers, and spool file
      names.  Various of the ancillary utilities also have to know the format.
        As well as the expanded PID portion, the sub-second part of the time
      recorded in the ID is expanded to support finer precision.  Theoretically
      this permits a receive rate from a single comms channel of better than the
      previous 2000/sec.
        The major timestamp part of the ID is not changed; at 6 characters it is
      usable until about year 3700.
        Updating from previously releases is fully supported: old-format spool
      files are still usable, and the utilities support both formats.  New
      message will use the new format.  The one hints-DB file type which uses
      message-IDs (the transport wait- DB) will be discarded if an old-format ID
      is seen; new ones will be built with only new-format IDs.
      Optionally, a utility can be used to convert spool files from old to new,
      but this is only an efficiency measure not a requirement for operation
        Downgrading from new to old requires running a provided utility, having
      first stopped all operations.  This will convert any spool files from new
      back to old (losing time-precision and PID information) and remove any
      wait- hints databases.

JH/30 Bug 3006: Fix handling of JSON strings having embedded commas. Previously
      we treated them as item separators when parsing for a list item, but they
      need to be protected by the doublequotes.  While there, add handling for
      backslashes.

JH/31 Bug 2998: Fix ${utf8clean:...} to disallow UTF-16 surrogate codepoints.
      Found and fixed by Jasen Betts. No testcase for this as my usual text
      editor insists on emitting only valid UTF-8.

JH/32 Fix "tls_dhparam = none" under GnuTLS.  At least with 3.7.9 this gave
      a null-indirection SIGSEGV for the receive process.

JH/33 Fix free for live variable $value created by a ${run ...} expansion during
      -bh use.  Internal checking would spot this and take a panic.

JH/34 Bug 3013: Fix use of $recipients within arguments for ${run...}.
      In 4.96 this would expand to empty.

JH/35 Bug 3014: GnuTLS: fix expiry date for an auto-generated server
      certificate.  Find and fix by Andreas Metzler.

JH/36 Add ARC info to DMARC hostory records.

JH/37 Bug 3016: Avoid sending DSN when message was accepted under fakereject
      or fakedefer.  Previously the sender could discover that the message
      had in fact been accepted.

JH/38 Taint-track intermediate values from the peer in multi-stage authentation
      sequences.  Previously the input was not noted as being tainted; notably
      this resulted in behaviour of LOGIN vs. PLAIN being inconsistent under
      bad coding of authenticators.

JH/39 Bug 3023: Fix crash induced by some combinations of zero-length strings
      and ${tr...}.  Found and diagnosed by Heiko Schlichting.

JH/40 Bug 2999: Fix a possible OOB write in the external authenticator, which
      CVE-2023-42115

JH/41 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
      be triggered by externally-controlled input.  Found by Trend Micro.
      CVE-2023-42116

JH/42 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
      be triggered by externally-controlled input.  Found by Trend Micro.
      CVE-2023-42114

JH/43 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
      Make the rewrite never match and keep the logging.  Trust the
      admin to be using verify=header-syntax (to actually reject the message).

JH/44 Bug 3033: Harden dnsdb lookups against crafted DNS responses.
      CVE-2023-42219
      could be triggered by externally-supplied input.  Found by Trend Micro.
      CVE-2023-42115

JH/41 Bug 3000: Fix a possible OOB write in the SPA authenticator, which could
      be triggered by externally-controlled input.  Found by Trend Micro.
      CVE-2023-42116

JH/42 Bug 3001: Fix a possible OOB read in the SPA authenticator, which could
      be triggered by externally-controlled input.  Found by Trend Micro.
      CVE-2023-42114

JH/43 Bug 2903: avoid exit on an attempt to rewrite a malformed address.
      Make the rewrite never match and keep the logging.  Trust the
      admin to be using verify=header-syntax (to actually reject the message).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

hwdata: update to 0.381

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

base16384: bump to version 2.3.1

Signed-off-by: 源文雨 <fumiama@foxmail.com>

glib2: link libiconv when building host pkg

some compile error happens when building.
Linking to libiconv-full fixes this.
refer to: https://github.com/openwrt/openwrt/commit/63dd14b906e9eb27bc878b95ac6777a3624b1135

Signed-off-by: Tan Zien <nabsdh9@gmail.com>

libpng: update to 1.6.43

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

openblas: update to 0.3.27

- Add ONLY_CBLAS make flag to skip tests (fixes x86 builds)

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

numpy: update to 1.26.4

- Refresh patches

Signed-off-by: krant <aleksey.vasilenko@gmail.com>

treewide: refresh hashes after move to use ZSTD as default

With the recent move to using ZSTD as the default compression format
for packaging git repo clones we must refresh all of the hashes for
the packages feed as well.

Signed-off-by: Robert Marko <robimarko@gmail.com>

node: April 3, 2024 Security Releases

This is a security release
Notable Changes
* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
* llhttp version 9.2.1
* undici version 5.28.4

Changed to use gz according to main-snapshot

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

Merge pull request #23831 from jonasjelonek/croc-9.6.15

croc: update to 9.6.15

libmad: fix PKG_VERSION after apk change

Signed-off-by: Rosen Penev <rosenp@gmail.com>

croc: update to 9.6.15

changelogs:
9.6.13: https://github.com/schollz/croc/releases/tag/v9.6.13
9.6.14: https://github.com/schollz/croc/releases/tag/v9.6.14
9.6.15: https://github.com/schollz/croc/releases/tag/v9.6.15

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>

ttymidi-sysex: refresh dirty patch

CI in PR #23827 noticed a dirty patch in ttymidi-sysex.
Refresh the patch.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

ksmbd-tools: update to version 3.5.2

Major changes are:
- Add durable handles parameter to ksmbd.conf.
- Add payload_sz in ksmbd_share_config_response to validate ipc
response.
- Fix UAF and cleanups.

Signed-off-by: Andrea Pesaresi <andreapesaresi82@gmail.com>

nginx: add patch to fix compilation error on mips targets

Add patch to fix compilation error on mips targets. This was triggered
after enabling LTO. It was discovered that -fPIC is enabled on building
dynamic modules in CFLAGS but was missing on linking them. This patch
adds the missing -fPIC also on linking.

Fixes: 3b13b08ad98d ("nginx: Fix compilation with LTO")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

nginx: drop redundant --with-cc-opt configure arg

Drop redundant --with-cc-opt configure arg to mute warning of
cc1: note: someone does not honour COPTS correctly, passed 2 times.

CFLAGS are already parsed and correctly applied without this option and
adding it just makes the CFLAGS appended twice.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

golang: update to 1.22.2

go1.22.2 (released 2024-04-03) includes a security fix to the
net/http package, as well as bug fixes to the compiler, the
go command, the linker, and the encoding/gob, go/types,
net/http, and runtime/trace packages.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.22.2
Find out more:
https://github.com/golang/go/issues?q=milestone%3AGo1.22.2

Signed-off-by: Shi JiaYang <shi05275@163.com>

fx: update to 34.0.0

Signed-off-by: Fabian Lipken <dynasticorpheus@gmail.com>

libs/xr_usb_serial_common: fix 6.6 kernel compile

Upstream: submitted
https://github.com/kasbert/epsolar-tracer/pull/61

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>

base16384: bump to version 2.3.0

Signed-off-by: 源文雨 <fumiama@foxmail.com>

dmx_usb_module: fix 6.6 kernel compile

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>

clixon: Update to 7.0.1

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

collectd: enable statsd plugin

Signed-off-by: Edmunt Pienkowsky <roed@onet.eu>

nano: fix syntax highlighting for raw ucode scripts

Text between interpreter line and start of first directive should only
highlighted as uninterpreted when running in template mode, so adjust
the match rule accordingly.

Fixes: #23761
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

Merge pull request #23787 from stangri/master-curl

curl: update to 8.7.1

v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

v2ray-geodata: use APK compatible version schema

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

strongswan: Backport upstream fix for RNG definition conflict

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

libcurl-gnutls: update to verison 8.7.1

See https://curl.se/changes.html#8_7_1

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

cryptsetup: update to version 2.7.1

The most notable change is the introduction of (optional) support for
hardware OPAL disk encryption. However, as this requires Linux 6.4 or
later, support for OPAL is implicitely disabled until targets used for
the package build have been updated to Linux 6.6.

See release notes for 2.7.0 and 2.7.1 for more details:

https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes
https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.1-ReleaseNotes

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

lvm2: update to LVM2 2.03.17 and libdm Version 1.02.187

LVM2 Version 2.03.17 - 10th November 2022
=========================================
  Add new options (--fs, --fsmode) for FS handling when resizing LVs.
  Fix 'lvremove -S|--select LV' to not also remove its historical LV right away.
  Fix lv_active field type to binary so --select and --binary applies properly.
  Switch to use mallinfo2 and use it only with glibc.
  Error out in lvm shell if using a cmd argument not supported in the shell.
  Fix lvm shell's lastlog command to report previous pre-command failures.
  Extend VDO and VDOPOOL without flushing and locking fs.
  Add --valuesonly option to lvmconfig to print only values without keys.
  Updates configure with recent autoconf tooling.
  Fix lvconvert --test --type vdo-pool execution.
  Add json_std output format for more JSON standard compliant version of output.
  Fix vdo_slab_size_mb value for converted VDO volume.
  Fix many corner cases in device_id, including handling of S/N duplicates.
  Fix various issues in lvmdbusd.

DM Version 1.02.187 - 10th November 2022
========================================
  Add DM_REPORT_GROUP_JSON_STD for more JSON standard compliant output format.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

python-orjson: update to version 3.10.0

Relevant changes since previous 3.9.13:
- FIXED: Fix crash serializing str introduced in 3.9.11
- FIXED: Implement recursion limit of 1024 on orjson.loads()
- FIXED: Use byte-exact read on str formatting SIMD path to avoid crash
- Build now depends on Rust 1.72 or later
- Support serializing numpy.float16 (numpy.half)
- sdist uses metadata 2.3 instead of 2.1
- Improve Windows PyPI builds

Signed-off-by: Timothy M. Ace <openwrt@timothyace.com>

apcupsd: fix gcc 13 compliation error

On GCC13 build fails:

toolchain-mipsel_24kc_gcc-13.2.0_musl/lib/libsupc++.a(eh_alloc.o): in function `std::__sv_check(unsigned int, unsigned int, char const*)':
toolchain-mipsel_24kc_gcc-13.2.0_musl/gcc-13.2.0-final/mipsel-openwrt-linux-musl/libstdc++-v3/include/string_view:73:
undefined reference to `std::__throw_out_of_range_fmt(char const*, ...)'
collect2: error: ld returned 1 exit status
make[5]: *** [Makefile:33: apcupsd] Error 1

Workaround found at https://lore.kernel.org/buildroot/87wmsbk386.fsf@48ers.dk/T/

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>

nlbwmon: Fix PKG_MIRROR_HASH after APK changes

Adjust PKG_MIRROR_HASH to the filename logic change due to
APK preparations.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

cgi-io: Fix PKG_MIRROR_HASH after APK changes

Adjust PKG_MIRROR_HASH to the filename change due to
APK preparations.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

mdio-tools: use commit hash as the source version

In light of the recent XZ events, it seems that using the tag as the
source version reference is not ideal as it can be updated by the upstream
lets switch to using the full commit hash as the source.

This also should fix the APK semantic versioning by setting PKG_VERSION as
well updating the PKG_MIRROR_HASH which got broken by recent APK changes.

Signed-off-by: Robert Marko <robimarko@gmail.com>

yggdrasil: move `yggdrasil-jumper` setup/shutdown logic to `netifd`

Signed-off-by: Remy D. Farley <one-d-wide@protonmail.com>

yggdrasil-jumper: add multiple ygg support

Signed-off-by: William Fleurant <meshnet@protonmail.com>

yggdrasil-jumper: initial commit builds

mips32/xiaomi-4c target bins
stun-tcp ............ 1.7M
yggdrasil-jumper .... 2.3M

Signed-off-by: William Fleurant <meshnet@protonmail.com>

Merge pull request #22599 from vooon/add-net-wgsd

wgsd: add package

Merge pull request #23792 from jmarcet/luajit2

luajit2: update to v2.1-20240314

luajit2: update to v2.1-20240314

Signed-off-by: Javier Marcet <javier@marcet.info>

xray-core: Update to 1.8.10

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

yq: Update to 4.43.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

alist: Update to 3.33.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>

lua-eco: update to 3.3.0

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>

Merge pull request #23789 from rsalvaterra/tor-bump

tor: update to 0.4.8.10 stable

tor: update to 0.4.8.10 stable

Bugfix release, see the changelog [1] for what's new.

[1] https://gitlab.torproject.org/tpo/core/tor/-/raw/tor-0.4.8.10/ChangeLog

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>

curl: update to 8.7.1

* update to 8.7.1: https://curl.se/changes.html#8_7_1
* use the new --disable-docs flag for configure
* update 200-no_docs_tests.patch
* switch to APK-compatible revision

Signed-off-by: Stan Grishin <stangri@melmac.ca>

Merge pull request #23704 from graysky2/htop

htop: build with CONFIG_HTOP_LMSENSORS=y