a2673dc53 fastd: fix buffer leak when receiving invalid packets
51bf00834 logrotate: update to version 3.17.0
8715cef64 logrotate: update to 3.16.0
acb77d5be python3: Update to 3.7.9, refresh/remove backported patches
4af889f20 travelmate: bugfix single radio mode
cb3bab180 netdata: update to version 1.26.0
70bb0b4c8 bind: update to version 9.16.7
d05698fae freeradius3: move "release_" from PKG_VERSION
93360e625 freeradius3: add meta-package for default modules
2f7338b62 python-urllib3: update to version 1.25.10 (security fix)
50a67ed74 nextdns: Update to version 1.8.6
b48575ef4 chrony: update to 3.5.1
35e6986a0 nextdns: mark /etc/config/nextdns as configuration file
418e3b294 simple-adblock: config update file fix
9ac587ca8 libuv: update to 1.40.0
613d21085 nano: update to 5.3
992746571 btrfs-progs: update to version 5.7
cedba1ca2 btrfs-progs: update to version 5.6
25b2751f8 python-pytz: update to 2019.03
f3b424139 adblock: refresh blocklist sources
ec628b10d syslog-ng: bump version in config file
d0a74afad syslog-ng: tweak shell code of network_localhost little bit
f705a5a93 python-sentry-sdk: Update to version 0.12.3
2976a5a0e haproxy: Update HAProxy to v2.0.18
eec7bd646 tor: update to version 0.4.4.5
91af4cf72 mariadb: Update to the latest version from 10.2 branch
9461ae47a Werkzeug: Update to version 0.16.0
f9d9ae8c8 Flask: update to version 1.1.2
4a833e3a8 Flask: Update to version 1.1.1
a4534f160 gstreamer1: enable build options necessary for most applications
8a71cdd6a python-ifaddr: update to version 0.1.7
05ea7dfc6 nextdns: Update to version 1.8.5
9069ad925 ipmitool: fix CVE-2020-5208
826fc8921 nextdns: Update to version 1.8.4
ac7f78285 openconnect: updated to 8.10 to address CVE-2020-12823
3f0e26637 python-zeroconf: update to version 0.28.0
fe7ceaa65 python-zeroconf: update to version 0.24.4
49459505e mwan3: fix typo in mwan3_set_sticky_iptables
cae961784 ocserv: include ocserv-worker
2af61c9a4 vpnbypass: README update, code cleanup
b00feac4b ocserv: updated to 1.1.1
c614914da miniupnpd: add miniupnpd ipv6_disable option, #11971 close
70e57317b simple-adblock: add config auto-update feature
94866d76a collectd: update to 5.12.0
b60fa2de9 collectd: update PKG_RELEASE
aeefbbe34 collectd: remove quotation on interval this is an number
b0ad32a3e collectd: move include line
fbe7abcd5 collectd: update PKG_RELEASE
f53b79ced collectd: fix ubi data source type
67a403bfe collectd: add ubi uci and plugin info
37335cf65 collectd: enable ubi plugin
Some newer MT7628 based routers (notably the TP-Link Archer C50 v4) are
shipped with a chip-id of 0x7600 in the on-flash EEPROM. Add this as a
possible valid ID.
This fixes unstable WiFi on some units of the TP-Link Archer C50 v4.
Implement a configurable MLD Querier wake-up calls "feature" which
works around a widely spread Android bug in connection with IGMP/MLD
snooping.
Currently there are mobile devices (e.g. Android) which are not able
to receive and respond to MLD Queries reliably because the Wifi driver
filters a lot of ICMPv6 when the device is asleep - including
MLD. This in turn breaks IPv6 communication when MLD Snooping is
enabled. However there is one ICMPv6 type which is allowed to pass and
which can be used to wake up the mobile device: ICMPv6 Echo Requests.
If this bridge is the selected MLD Querier then setting
"multicast_wakeupcall" to a number n greater than 0 will send n
ICMPv6 Echo Requests to each host behind this port to wake
them up with each MLD Query. Upon receiving a matching ICMPv6 Echo
Reply an MLD Query with a unicast ethernet destination will be sent
to the specific host(s).
Link: https://issuetracker.google.com/issues/149630944
Link: https://github.com/freifunk-gluon/gluon/issues/1832
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
* ar71xx-generic: only create manifest alias for Rocket M5
This follow up the discussion done in #2070 by not creating a symlink
for the Rocket M5. Images for the Rocket M2 can still be flashed on a
Rocket M5.
This change will prevent the Rocket M5 from appearing in Firmware
selectors. Existing devices will still receive updates, as the device
name is still referenced for the device name expected by the M5.
Closes#2070
* docs: remove Rocket M5 from supported devices
Specifications:
* SoC: MT7620A
* RAM: 64 MB DDR
* Flash: 8MB NOR SPI flash
* WiFi: MT7612E (5Ghz) and builtin MT7620A (2.4GHz)
* LAN: 1x100M
The -factory images can be flashed from the device's web
interface or via nmrpflash.
Both devices differ by a additional power outlet for the EX3800.
This patch has been tested on a EX3800 device.
03425a0d2 zmq: fix compilation when libbsd is present
8bb1d13a9 pigeonhole: update to 0.5.11
86da3bbeb zmq: update to version 4.3.3 (security fix)
e72b47469 zmq: fix the installed files
48339ba10 zmq: fix pkgconfig file
ef30f8bf8 zmq: update to 4.3.2
a7d129fc2 zmq: switch to building with CMake
a4cbd04df libxml2: patch security issues
207660987 net/u2pnpd: convert init to procd
2d410422c freeradius3: fix hostname invocation in radtest
066ac0392 freeradius3: enable radtest utility
338fa663c samba4: update to 4.11.12
399e1a0bf youtube-dl: update to version 2020.9.6
7825df65f msmtp: update to version 1.8.12
eb8130508 dovecot: disable zstd
538647a26 syslog-ng: update to version 3.29.1
473ca554f php7: update to 7.2.33
62171036b nextdns: Update to version 1.8.3
953de3ca8 gnutls: update to version 3.6.15 (security fix)
d515d9c35 dovecot: update to version 2.3.11.3 (security fix)
a2634c264 nextdns: Update to version 1.8.2
1cf41a88c python-rsa: downgrade to version 4.5 for python2
54847cc7c unbound: improve odhcpd rapid update robustness
d17720f04 htop: update to 3.0.1-1
d953d80bf htop: update to 3.0.0-1
af4cd94a2 htop: fix compilation with GCC10
7af8eaad1 python-rsa: update to version 4.6 (security fix)
8b0457c55 knot: update to version 2.9.6
f2edf8c53 git: update to version 2.26.2 (security fix)
99d0878d0 python,python3: Use locked for host pip
791e0bc76 nano: update to 5.2
3c6b45ab3 clamav: update to version 0.102.4 (security fix)
0202fdc27 clamav: update to version 0.102.3 (security fix)
c5c0e2e33 clamav: update to 0.102.2
9700cea70 bind: New upstream version 9.16.6
256a631d9 bind: update to 9.16.4
ac79fde24 simple-adblock: bugfix: update config; use command -v
4e1bfa748 nspr: update to version 4.27
120ff2c63 nspr: nspr add -flto to compile
847ed6e0f nspr: fix compilation with newer musl
2f58b610d nspr: update to 4.25
fab10b8df nss: update to version 3.55 (security fix)
7c3b05d33 nss: update to 3.53
46d315d31 nss: fix build for mips64 disable arm32_neon on unsupported target
638b1642e nss: revert -flto change it seems that it can lead to segfault in libfreebl3.so
be95fcb78 nss: add -flto and makefile cleanup
f0e6ceff3 nss: update to 3.52
e5d732722 nss: update to 3.51.1
e713f74b7 nss: update to 3.51
d2efcd926 nss: update to 3.50
6a3d05272 nss: update to 3.49.2
5e371c2d5 libffi: fix build failure on powerpc platforms
0413252f3 libffi: update to 3.3
70faa62f3 libffi: do not build in a special directory
9ec9bea25 net/mosquitto: Update to 1.6.12
2f7867074 python3: fix rebasing error
769d51fa9 python: fix host compilation with clang
37857a3f2 python3: fix host compilation with clang
b28c614d3 lvm2: fix CE in mac
The performance benefit the cache brought was due to a broken sources
CDN mirror handling in OpenWrt.
The cache brings no measurable performance benefit. Disable it to slim
down the pipeline steps.
This renames the local_client zone to loc_client, as local_clint exceeds
the maximum zone length allowed for firewall3, which is 11 bytes.
This worked previously due to firewall3 using unsafe string operations.
Now creation of the chain fails (latest OpenWrt master).
2d7ea69dd3 mac80211: Fix potential endless loop
5a1e4a7fdb oxnas: reduce size of ATA DMA descriptor space
19b8696dd7 mbedtls: update to 2.16.7
a2a75c21bd kernel: Update kernel 4.14 to version 4.14.195
8b0278a17e ath79: add support for TP-Link TL-WR710N v2.1
33973a90dc tools/tplink-safeloader: use soft_ver 1.9.1 for archer c6 v2
fce5101469 tplink-safeloader: update soft_ver for TP-Link Archer C6 v2 (EU)
350883bb90 Revert "scripts/download: add sources CDN as first mirror"
d8ecaef409 generic: platform/mikrotik: fix incorrect test
008db6b970 ath79: enable gpio on ar933x by default
3df63fba70 ath79: fix syntax error in ar7240_tplink_tl-wa.dtsi
be09fdbf36 ath79: ar724x: make sure builtin-switch is enabled in DT
5d3e5d6ccc ath79: WNR612v2: improve device support
fba9a88821 ath79: add LAN LEDs control bits for AR724x GPIO function pinmux
This adds an important bugfix for BATMAN V users
("batman-adv: Fix own OGM check in aggregated OGMs").
b77498bd56 Merge pull request #603 from ecsv/batadv-for-19.07
6dea537c07 batman-adv: Merge bugfixes from 2020.3
0e5c75f536 Merge pull request #601 from bluewavenet/openwrt-19.07
ad8f02a4aa opennds: Backport v5.2.0
017d89d569 batctl: Enable build of mcast_flags subcommand
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
This allows running a respondd querier and map server behind a Gluon
node.
For instance at Freifunk Lübeck we now moved the map server
behind a Gluon VM and removed batman-adv and fastd from the
map server VM to reduce the maintenance work.
Increased multicast overhead should be minimal / non existent, as it is
unlikely to accidentally have respondd queriers running behind a Gluon
node.
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
All defined features need to be known at the same time, otherwise handling
a feed-provided feature definition file would add gluon-web-advanced etc.
to the package list when the corresponding feature flags appear in
GLUON_FEATURES.
Fixes: ee5ec5afe5 ("build: rewrite features.sh in Lua")
The rewrite of the feature handling introduced multiple major bugs. One
of them was caused by the way Lua's logical operators work:
An expression of the form
_'autoupdater' and _'web-advanced'
would return 'web-advanced' rather than the boolean true when _ returned
both strings unchanged (because the features are enabled).
As entries with more than a single feature name in their expressions did
not set no_default, Gluon would then attempt to add gluon-web-advanced to
the package selection, as web-advanced is a "pure" feature.
To fix this, and get rid of the annoying nodefault, separate handling of
"pure" feature and handling of logical expressions into two separate
functions, called feature() and when(). To simplify the feature
definitions, the package list is now passed directly to these functions
rather than in a table with a single field 'packages'.
Fixes: ee5ec5afe5 ("build: rewrite features.sh in Lua")
Print a proper error message, rather than just
openwrt/staging_dir/hostpkg/bin/lua: scripts/feature_lib.lua:48: bad
argument #1 to 'setfenv' (integer expected, got nil)
Forgetting to `make update` or leaving uncommitted changes in the
repositories managed by Gluon is a recurring cause of confusion, even
for experienced developers. Let's print an obvious warning message in
this case.
The new options are CONFIG_GLUON_AUTOUPDATER_BRANCH and
CONFIG_GLUON_AUTOUPDATER_ENABLED and allow to control the default branch
and default enable status separately.
The `or ''` fallback in targets/generic is removed, as GLUON_ENV will
set all variables in GLUON_VARS, making previously non-existing
variables exist with an empty value.
We already have a proper message when the creation of an alias fails
because of a name conflict. Also add a message when the primary filename
of a domain config is already occupied by another domain's alias.
Also add an 'Error:' prefix to the existing message to easier to see.