Merge pull request #2670 from blocktrron/v2022.1.1-rn

docs, readme: Gluon 2022.1.1
docs: add Gluon 2022.1.1 release notes
2022-10-18 10:39:01 +02:00 · 2022-10-18 10:36:15 +02:00 · 2022-10-18 10:36:15 +02:00 · 2022-10-17 18:18:03 +02:00 · 2022-10-17 18:17:30 +02:00 · 2022-10-17 16:06:33 +00:00
16 changed files with 144 additions and 17 deletions
--- a/README.md
+++ b/README.md
@ -30,7 +30,7 @@ the future development of Gluon.

 Please refrain from using the `master` branch for anything else but development purposes!
 Use the most recent release instead. You can list all releases by running `git tag`
-and switch to one by running `git checkout v2022.1 && make update`.
+and switch to one by running `git checkout v2022.1.1 && make update`.

 If you're using the autoupdater, do not autoupdate nodes with anything but releases.
 If you upgrade using random master commits the nodes *might break* eventually.
--- a/docs/conf.py
+++ b/docs/conf.py
@ -24,7 +24,7 @@ copyright = '2015-2022, Project Gluon'
 author = 'Project Gluon'

 # The short X.Y version
-version = '2022.1'
+version = '2022.1.1'
 # The full version, including alpha/beta/rc tags
 release = version

--- a/docs/releases/index.rst
+++ b/docs/releases/index.rst
@ -5,6 +5,7 @@ Release Notes
   :caption: Gluon 2022.1
   :maxdepth: 2

+   v2022.1.1
   v2022.1

 .. toctree::
--- a/docs/releases/v2022.1.1.rst
+++ b/docs/releases/v2022.1.1.rst
@ -0,0 +1,84 @@
+Gluon 2022.1.1
+==============
+
+Important notes
+---------------
+
+This release mitigates multiple flaws in the Linux wireless stack fixing RCE and DoS vulnerabilities.
+
+
+Added hardware support
+----------------------
+
+ipq40xx-generic
+~~~~~~~~~~~~~~~
+
+- GL.iNet
+
+  - GL-AP1300
+
+mpc85xx-p1010
+~~~~~~~~~~~~~
+
+- TP-Link
+
+  - TL-WDR4900 (v1)
+
+ramips-mt7621
+~~~~~~~~~~~~~
+
+- ZyXEL
+
+  - NWA50AX
+
+rockchip-armv8
+~~~~~~~~~~~~~~
+
+-  FriendlyElec
+
+   -  NanoPi R4S (4GB LPDDR4)
+
+Bugfixes
+--------
+
+ * Multiple mitigations for (`critical vulnerabilities <https://seclists.org/oss-sec/2022/q4/20>`_) in the Linux kernel WLAN stack. This only concerns Gluon v2022.1, older Gluon versions are unaffected.
+
+   * CVE-2022-41674
+   * CVE-2022-42719
+   * CVE-2022-42720
+   * CVE-2022-42721
+   * CVE-2022-42722
+ * Fixes `security issues in WolfSSL <https://openwrt.org/releases/22.03/notes-22.03.1#security_fixes>`_. People who have installed additional, non-Gluon packages which rely on WolfSSL's TLS 1.3 implementation might be affected. Firmwares using either gluon-mesh-wireless-sae or gluon-wireless-encryption-wpa3 are unaffected by these issues, since only WPA-Enterprise relies on the affected TLS functionality.
+
+   * CVE-2022-38152
+   * CVE-2022-39173
+
+ * Fixes the update path for GL-AR300M and NanoStation Loco M2/M5 (XW) devices.
+
+Known issues
+------------
+
+* A workaround for Android devices not waking up to their MLD subscriptions was removed,
+  potentially breaking IPv6 connectivity for these devices after extended sleep periods
+
+* Upgrading EdgeRouter-X from versions before v2020.1.x may lead to a soft-bricked state due to bad blocks on the NAND flash which the NAND driver before this release does not handle well.
+  (`#1937 <https://github.com/freifunk-gluon/gluon/issues/1937>`_)
+
+* The integration of the BATMAN_V routing algorithm is incomplete.
+
+  - Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
+    Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
+    metric.
+  - Throughput values are not correctly acquired for different interface types.
+    (`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
+    This affects virtual interface types like bridges and VXLAN.
+
+* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
+  (`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
+
+  Reducing the TX power in the Advanced Settings is recommended.
+
+* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
+  (`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
+
+  This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
--- a/docs/site-example/site.conf
+++ b/docs/site-example/site.conf
@ -1,4 +1,4 @@
-- This is an example site configuration for Gluon v2022.1
+-- This is an example site configuration for Gluon v2022.1.1
 --
 -- Take a look at the documentation located at
 -- https://gluon.readthedocs.io/ for details.
--- a/docs/user/getting_started.rst
+++ b/docs/user/getting_started.rst
@ -8,7 +8,7 @@ Gluon's releases are managed using `Git tags`_. If you are just getting
 started with Gluon we recommend to use the latest stable release of Gluon.

 Take a look at the `list of gluon releases`_ and notice the latest release,
-e.g. *v2022.1*. Always get Gluon using git and don't try to download it
+e.g. *v2022.1.1*. Always get Gluon using git and don't try to download it
 as a Zip archive as the archive will be missing version information.

 Please keep in mind that there is no "default Gluon" build; a site configuration
@ -50,7 +50,7 @@ Building the images
 -------------------

 To build Gluon, first check out the repository. Replace *RELEASE* with the
-version you'd like to checkout, e.g. *v2022.1*.
+version you'd like to checkout, e.g. *v2022.1.1*.

 ::

--- a/docs/user/supported_devices.rst
+++ b/docs/user/supported_devices.rst
@ -185,6 +185,7 @@ ipq40xx-generic

 * GL.iNet

+  - GL-AP1300
  - GL-B1300

 * Linksys
@ -269,6 +270,10 @@ mpc85xx-p1010

  - RED 15w Rev.1

+* TP-Link
+
+  - TL-WDR4900 (v1)
+
 mpc85xx-p1020
 ---------------

@ -360,6 +365,10 @@ ramips-mt7621
  - WG3526-16M
  - WG3526-32M

+* ZyXEL
+
+  - NWA50AX
+
 * Xiaomi

  - Xiaomi Mi Router 4A (Gigabit Edition)
@ -416,6 +425,7 @@ rockchip-armv8
 * FriendlyElec

  - NanoPi R2S
+  - NanoPi R4S (4GB LPDDR4)

 sunxi-cortexa7
 --------------
--- a/6
+++ b/6
@ -2,15 +2,15 @@ GLUON_FEEDS='packages routing gluon'

 OPENWRT_REPO=https://github.com/openwrt/openwrt.git
 OPENWRT_BRANCH=openwrt-22.03
-OPENWRT_COMMIT=d1f14d17aaa1866eee1fe2d0d074b2a003c2a210
+OPENWRT_COMMIT=a7fb589e8a9df06bd0e36c91d05806f1e8aeb9e8

 PACKAGES_PACKAGES_REPO=https://github.com/openwrt/packages.git
 PACKAGES_PACKAGES_BRANCH=openwrt-22.03
-PACKAGES_PACKAGES_COMMIT=bcafba4320e5942f2ca8c1ad63b3a8a84ca0c3d1
+PACKAGES_PACKAGES_COMMIT=dba8a0102e5965cad58a871335002e9c964b6719

 PACKAGES_ROUTING_REPO=https://github.com/openwrt/routing.git
 PACKAGES_ROUTING_BRANCH=openwrt-22.03
-PACKAGES_ROUTING_COMMIT=8872359011eee64981804f7ed42d5d6b54add6d8
+PACKAGES_ROUTING_COMMIT=85028704f688a6768d3f10d5d3c10a799a121e0d

 PACKAGES_GLUON_REPO=https://github.com/freifunk-gluon/packages.git
 PACKAGES_GLUON_COMMIT=04d2b6ffbb6ee02012f2733b7752d8db0d12eaff
--- a/package/gluon-core/luasrc/lib/gluon/upgrade/010-primary-mac
+++ b/package/gluon-core/luasrc/lib/gluon/upgrade/010-primary-mac
@ -102,6 +102,7 @@ local primary_addrs = {
 		}},
 		{'rockchip', 'armv8', {
 			'friendlyarm,nanopi-r2s',
+			'friendlyarm,nanopi-r4s',
 		}},
 		{'x86'},
 	}},
--- a/patches/openwrt/0004-ramips-mt7621-make-DSA-images-swconfig-upgradable.patch
+++ b/patches/openwrt/0004-ramips-mt7621-make-DSA-images-swconfig-upgradable.patch
@ -3,10 +3,10 @@ Date: Sun, 5 Jun 2022 23:43:38 +0200
 Subject: ramips-mt7621: make DSA images swconfig upgradable

 diff --git a/target/linux/ramips/image/mt7621.mk b/target/linux/ramips/image/mt7621.mk
-index 7f903485aa9e3055ae0bb490bb8e6d5aab565b45..5b502710b7959825bc2e079d0ffcbbe9c1b063ae 100644
+index a3bdacb32a1657c15cba29512466b34a97af2e9a..b5ca3438de9fe20112110e653b016f13cb7f55ea 100644
 --- a/target/linux/ramips/image/mt7621.mk
 +++ b/target/linux/ramips/image/mt7621.mk
-@@ -172,7 +172,6 @@ endef
+@@ -179,7 +179,6 @@ endef
 TARGET_DEVICES += asiarf_ap7621-nv1
 
 define Device/asus_rt-ac57u
@ -14,7 +14,7 @@ index 7f903485aa9e3055ae0bb490bb8e6d5aab565b45..5b502710b7959825bc2e079d0ffcbbe9
   DEVICE_VENDOR := ASUS
   DEVICE_MODEL := RT-AC57U
   DEVICE_ALT0_VENDOR := ASUS
-@@ -418,7 +417,6 @@ endef
+@@ -425,7 +424,6 @@ endef
 TARGET_DEVICES += dlink_dir-853-r1
 
 define Device/dlink_dir-860l-b1
@ -22,7 +22,7 @@ index 7f903485aa9e3055ae0bb490bb8e6d5aab565b45..5b502710b7959825bc2e079d0ffcbbe9
   $(Device/seama)
   SEAMA_SIGNATURE := wrgac13_dlink.2013gui_dir860lb
   LOADER_TYPE := bin
-@@ -1226,7 +1224,6 @@ endef
+@@ -1234,7 +1232,6 @@ endef
 TARGET_DEVICES += mts_wg430223
 
 define Device/netgear_ex6150
@ -30,7 +30,7 @@ index 7f903485aa9e3055ae0bb490bb8e6d5aab565b45..5b502710b7959825bc2e079d0ffcbbe9
   DEVICE_VENDOR := NETGEAR
   DEVICE_MODEL := EX6150
   DEVICE_PACKAGES := kmod-mt76x2
-@@ -1238,7 +1235,6 @@ endef
+@@ -1246,7 +1243,6 @@ endef
 TARGET_DEVICES += netgear_ex6150
 
 define Device/netgear_sercomm_nand
@ -38,7 +38,7 @@ index 7f903485aa9e3055ae0bb490bb8e6d5aab565b45..5b502710b7959825bc2e079d0ffcbbe9
   $(Device/uimage-lzma-loader)
   BLOCKSIZE := 128k
   PAGESIZE := 2048
-@@ -1421,7 +1417,6 @@ endef
+@@ -1429,7 +1425,6 @@ endef
 TARGET_DEVICES += netgear_wax202
 
 define Device/netgear_wndr3700-v5
@ -46,7 +46,7 @@ index 7f903485aa9e3055ae0bb490bb8e6d5aab565b45..5b502710b7959825bc2e079d0ffcbbe9
   $(Device/netgear_sercomm_nor)
   $(Device/uimage-lzma-loader)
   IMAGE_SIZE := 15232k
-@@ -1745,7 +1740,6 @@ endef
+@@ -1753,7 +1748,6 @@ endef
 TARGET_DEVICES += tplink_tl-wpa8631p-v3
 
 define Device/ubnt_edgerouter_common
@ -54,7 +54,7 @@ index 7f903485aa9e3055ae0bb490bb8e6d5aab565b45..5b502710b7959825bc2e079d0ffcbbe9
   $(Device/uimage-lzma-loader)
   DEVICE_VENDOR := Ubiquiti
   IMAGE_SIZE := 256768k
-@@ -2131,7 +2125,6 @@ endef
+@@ -2150,7 +2144,6 @@ endef
 TARGET_DEVICES += zbtlink_zbt-wg2626
 
 define Device/zbtlink_zbt-wg3526-16m
@ -62,7 +62,7 @@ index 7f903485aa9e3055ae0bb490bb8e6d5aab565b45..5b502710b7959825bc2e079d0ffcbbe9
   $(Device/uimage-lzma-loader)
   IMAGE_SIZE := 16064k
   DEVICE_VENDOR := Zbtlink
-@@ -2144,7 +2137,6 @@ endef
+@@ -2163,7 +2156,6 @@ endef
 TARGET_DEVICES += zbtlink_zbt-wg3526-16m
 
 define Device/zbtlink_zbt-wg3526-32m
--- a/targets/ath79-generic
+++ b/targets/ath79-generic
@ -503,6 +503,7 @@ device('tp-link-wbs510-v1', 'tplink_wbs510-v1', {

 device('ubiquiti-nanostation-loco-m-xw', 'ubnt_nanostation-loco-m-xw', {
 	manifest_aliases = {
+		'ubiquiti-loco-m-xw', -- upgrade from OpenWrt 19.07
 		'ubiquiti-nanostation-loco-m2-xw', -- upgrade from OpenWrt 19.07
 		'ubiquiti-nanostation-loco-m5-xw', -- upgrade from OpenWrt 19.07
 	},
--- a/targets/ath79-nand
+++ b/targets/ath79-nand
@ -6,11 +6,16 @@ local ATH10K_PACKAGES_QCA9887 = {
 	'-ath10k-firmware-qca9887-ct',
 }

+local ATH10K_PACKAGES_QCA9888 = {}
+

 -- GL.iNet

 device('gl.inet-gl-ar300m-nor', 'glinet_gl-ar300m-nor', {
 	factory = false,
+	manifest_aliases = {
+		'gl.inet-gl-ar300m', -- Upgrade from OpenWrt 19.07
+	},
 })

 device('gl.inet-gl-ar750s-nor', 'glinet_gl-ar750s-nor', {
@ -27,3 +32,11 @@ device('netgear-wndr3700-v4', 'netgear_wndr3700-v4', {
 		'netgear-wndr3700v4', -- Upgrade from OpenWrt 19.07
 	},
 })
+
+
+-- ZTE
+
+device('zte-mf281', 'zte_mf281', {
+	broken = true,
+	packages = ATH10K_PACKAGES_QCA9888,
+})
--- a/targets/ipq40xx-generic
+++ b/targets/ipq40xx-generic
@ -56,6 +56,13 @@ device('engenius-ens620ext', 'engenius_ens620ext', {

 -- GL.iNet

+device('gl.inet-gl-ap1300', 'glinet_gl-ap1300', {
+	factory = '-squashfs-nand-factory',
+	factory_ext = '.ubi',
+	sysupgrade = '-squashfs-nand-sysupgrade',
+	sysupgrade_ext = '.bin',
+})
+
 device('gl.inet-gl-b1300', 'glinet_gl-b1300', {
 	factory = false,
 })
--- a/targets/mpc85xx-p1010
+++ b/targets/mpc85xx-p1010
@ -5,3 +5,7 @@ device('sophos-red-15w-rev.1', 'sophos_red-15w-rev1', {
 })


+-- TP-Link
+
+device('tp-link-tl-wdr4900-v1', 'tplink_tl-wdr4900-v1')
+
--- a/targets/ramips-mt7621
+++ b/targets/ramips-mt7621
@ -90,6 +90,11 @@ device('zbtlink-zbt-wg3526-32m', 'zbtlink_zbt-wg3526-32m', {
 })


+-- ZyXEL
+
+device('zyxel-nwa50ax', 'zyxel_nwa50ax')
+
+
 -- Devices without WLAN

 -- Ubiquiti
--- a/targets/rockchip-armv8
+++ b/targets/rockchip-armv8
@ -4,3 +4,4 @@ defaults {
 }

 device('friendlyelec-nanopi-r2s', 'friendlyarm_nanopi-r2s')
+device('friendlyelec-nanopi-r4s', 'friendlyarm_nanopi-r4s') -- 4GB LPDDR4
Author	SHA1	Message	Date
Martin Weinelt	ab1fb054f6	Merge pull request #2670 from blocktrron/v2022.1.1-rn	2022-10-18 10:39:01 +02:00
David Bauer	30e97e8d6d	docs, readme: Gluon 2022.1.1	2022-10-18 10:36:15 +02:00
David Bauer	59c5eb6866	docs: add Gluon 2022.1.1 release notes	2022-10-18 10:36:15 +02:00
Jan-Niklas Burfeind	7ca56084bc	Merge pull request #2677 from freifunk-gluon/backport-2673-to-v2022.1.x [Backport v2022.1.x] ramips-mt7621: add support for ZyXEL NWA50AX	2022-10-17 18:18:03 +02:00
Jan-Niklas Burfeind	5d088754f0	Merge pull request #2676 from freifunk-gluon/backport-2674-to-v2022.1.x [Backport v2022.1.x] supported_devices: specify revision of wdr4900 v1	2022-10-17 18:17:30 +02:00
David Bauer	1b547f9181	ramips-mt7621: add support for ZyXEL NWA50AX (cherry picked from commit `33fa77a760`)	2022-10-17 16:06:33 +00:00
Jan-Niklas Burfeind	f03ada1816	supported_devices: specify revision of wdr4900 v1 (cherry picked from commit `267124b520`)	2022-10-17 16:04:57 +00:00
Martin Weinelt	5942f2925c	Merge pull request #2675 from freifunk-gluon/backport-2671-to-v2022.1.x	2022-10-17 15:48:03 +02:00
David Bauer	81a643476b	mpc85xx-p1010: re-enable TP-Link WDR4900 Upstream added a standalone SPI kernel-loader which fixes the unbootable image for the WDR4900. Thus, we can re-introduce this device to Gluon. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit `301443da02`)	2022-10-17 12:26:12 +00:00
David Bauer	10a126e117	modules: update packages dba8a0102 gnunnet: halt build if any command fails c1700e3a3 gnunnet: don't copy non-existing files 9c68da83e gnunet: gnunet-rest: add libjose dependency e1d799255 opendoas: avoid libpam dependency 53c0a2767 Revert "wget: update to 1.21.3" e0502e477 zabbix: add variants for SSL support opkg does not offer ssl varients: zabbix-agentd zabbix-sender zabbix-get zabbix-proxy zabbix-server f9bbda2e4 wget: update to 1.21.3 0f48935ab auc: update to 0.3.1 62a7ef57d auc: update to version 0.3.0 427008a2a snowflake: update to version 2.3.1 d57a6a35b perl-net-dns: update to version 1.35 b4be6d6b1 pcsc-lite: update to verion 1.9.9 37de51dba gawk: update to version 5.2.0 5ca1c82f8 libksba: update to version 1.6.1 c033edcca gnunet: update to version 0.17.5 30b493619 libp11: update to version 0.4.12 f8f768f90 libinput: update to version 1.19.4 19874c3a7 libevdev: update to version 1.13.0 7dc69e306 postgresql: update to version 14.5 4493098f6 pcsc-lite: update to version 1.9.8 5d5348bc5 exim: update to version 4.96 8013e8929 gpgme: update to version 1.18.0 d0dd2a730 cryptsetup: update to version 2.5.0 c2296d930 lvm2: update to release 2.03.16 (cherry picked from commit `95385f6de7`)	2022-10-17 12:26:12 +00:00
David Bauer	f69be80ac3	modules: update openwrt a7fb589e8a image: always rebuild kernel loaders 5db6914f7c mpc85xx: p1010: make TP-Link WDR4900 v1 build again f7a43e4606 mpc85xx: add SPI kernel loader for TP-Link TL-WDR4900 v1 c1fcca50ba ramips: fix ZyXEL NWA55AXE model name 2050bc4f64 ramips: add support for ZyXEL NWA50AX / NWA55AXE bc8e24c654 busybox: nslookup: ensure unique transaction IDs for the DNS queries (cherry picked from commit `c5e297e9c8`)	2022-10-17 12:26:12 +00:00
David Bauer	183f345979	Merge pull request #2669 from herbetom/v2022.1.x-updates [v2022.1.x] modules: update to latest HEAD	2022-10-14 03:01:39 +02:00
Tom Herbers	7838e68c20	modules: update routing 8502870 opennds: Release v9.9.0	2022-10-13 18:28:19 +02:00
Tom Herbers	34383285b1	modules: update packages 33d0a7adc python3: update to 3.10.7 bb4943d55 curl: error out if wolfSSL is not usable 4d900b2a1 v2ray-geodata: split from xray-geodata 9bdab0d79 v2ray-core: add new package bda5d8e3b yq: Update to 4.28.1 0e4e3743f cloudflared: Update to 2022.10.0 f5d5326c0 cloudflared: Update to 2022.9.1 972fb7861 gg: Update to 0.2.13 c243509b6 dnsproxy: Update to 0.45.2 44034384a dnsproxy: Update to 0.45.0 a1d8cd172 python3-pytz: bump to version 2022.4 d3a4c41a5 bind: bump to 9.18.7 47e5343d5 https-dns-proxy: update to 2022-08-12-1	2022-10-13 18:28:18 +02:00
Tom Herbers	17a6e1d8d7	modules: update openwrt f1de43d0a0 mac80211: backport security fixes a077c6da98 mac80211: merge upstream fixes b6487c3ccc ramips: skip bbt scan on mt7621 33457ebf0b ramips: enable support for mtk_bmt in the nand flash driver cc8326443d ramips: mt7621_nand: initialize ECC_FDMADDR 1918404b1d ramips: mt7621_nand: reduce log verbosity 07ea71c7b7 ramips: move mt7621_nand driver to files fb31038e1f kernel: mtdsplit: support UBI after FIT images 329b1543f3 kernel: mtk_bmt: skip bitflip check if threshold isn't set 42c8610efc kernel: mtk_bmt: add debugfs file to attempt repair of remapped sectors bb5d415b19 kernel: add support for mediatek NMBM flash mapping support 737ee934d2 kernel: mtk_bmt: on error, do not attempt to remap out-of-range blocks a78fd5bbb6 kernel: mtk_bmt: fix block copying on remap with bmt v2 0c21f06ef7 kernel: mtk_bmt: allow get_mapping_block to return an error a2ce32579f kernel: split up mtk_bmt driver code c2d55b73d9 OpenWrt v22.03.1: revert to branch defaults eca6fc6ea0 OpenWrt v22.03.1: adjust config defaults 2853b6d652 ath79: fix model name of Extreme Networks WS-AP3805i	2022-10-13 18:28:16 +02:00
github-actions[bot]	9667075b54	ath79-generic: Fix autoupdater for Loco M XW from v2021.1.x to v2022.1.x (#2667 ) Ubiquiti Nanostation Loco M XW was renamed in v2022.1.x, but the alias to the old name was missing, so devices running the old release did not update. (cherry picked from commit `dc8055682e`) Co-authored-by: goligo <ich@malte.de>	2022-10-12 01:50:40 +02:00
David Bauer	da41247139	Merge pull request #2658 from herbetom/v2022.1.x-updates [v2022.1.x] modules: update to latest HEAD	2022-10-08 01:19:23 +02:00
Tom Herbers	73df762ec1	modules: update packages 5df363db7 libgd: avoid recursive and redundant dependencies 24ad5359f tor: update to 0.4.7.10 1a070a289 expat: update to 2.4.9 2f2989e3e lighttpd: remove deprecated modules f9515613f node: bump to v16.17.1 7869127db https-dns-proxy: add settings for canary domains a4a6411e1 https-dns-proxy: bugfix: prevent canary domains duplicates f624e41f3 treewide: fix security issues by bumping all packages using libwolfssl ea8108a31 Revert "treewide: fix security issues by bumping all packages using libwolfssl" 0ddec62e6 treewide: fix security issues by bumping all packages using libwolfssl 2d061d1cb openvpn: explicitly disable engine parameter for openssl variant 0c670f870 openvpn: update to 2.5.7 50ae0353a openvpn: update to 2.5.6 8377e516e rtty: update to 8.0.1 7acb46001 php8: update to 8.1.11 52ddf2f0b nextdns: initialize nextdns from /etc/uci-defaults eddc92a17 dnslookup: Update to 1.8.0 356534dd4 simple-adblock: allow domains bugfix & canary domains support de00aad59 https-dns-proxy: uci wrappers & iCloud canary domains b0e693092 bandwidthd: fix format warnings a9423d894 unbound: update to version 1.16.3 d053da000 simple-adblock: update to 1.9.1-1 bc1598892 curl: bugfix: github source url eed717e6e pdns-recursor: update to 4.7.3 8df44cb6e libs/cjson: bump to 1.7.15 44f898f98 pagekite: add patchs for 64bit time d5aa9d76e mosquitto: bump to 2.0.15 4419a76ba mosquitto: add missing 'persistence' section in config 376f1afdd poemgr: update to latest HEAD 1eea84cca poemgr: fix conffiles path 5092dbd14 adblock: update 4.1.4-5 3f9a88d21 adblock: add lightswitch05 blocklist source 0247d720e hping3: add new package be7e4f8e3 snowflake: run snowflake-proxy with procd-ujail 8c028f4fd snowflake: add package aaedc165d squid: fix compilation with libxml (fixes #19099) e563fe383 gatling: add package gatling 81c068840 gg: Update to 0.2.11 40106c7dc yq: Update to 4.27.5 05d1265cb xray-core: Update to 1.6.0 8a2bd2754 lighttpd: update to lighttpd 1.4.67 release hash 4df5d1348 tang: update directory f50dc54f2 Revert "jose: remove libjose" 9550d45fd Revert "jose: fix static library usage" 5a02ae2fe knot-resolver: update to 5.5.3 88257a87a libtorrent-rasterbar: Update to 2.0.7 954dd3b90 dockerd: Update to v20.10.18 a2defb8a6 docker: Update to v20.10.18 78949c659 libnetwork: Update to 0dde5c8 for Docker v20.10.18 3ffff095c containerd: Update to v1.6.8 for Docker v20.10.18 3ef01e4dd runc: Update to v1.1.4 for Docker v20.10.18 1e329ed5e libxml2: update to 2.10.2 74d181312 php8: update to 8.1.10 d86df0df5 jose: fix static library usage fd5ba6154 adblock: update 4.1.4-3 dfaa4bad5 uacme: add libev dependency to uacme-ualpn ed56ca2aa nextdns: Update to version 1.37.11 c4d8769c8 curl: update to 7.85.0	2022-10-06 16:21:35 +02:00
Tom Herbers	a6d75c010e	modules: update openwrt f579b8538b ath79: add low_mem to tiny image 4b5bd15091 ath79: move ubnt-xm to tiny 977f6f36a0 kernel: fix possible mtd NULL pointer dereference 562894b39d treewide: fix security issues by bumping all packages using libwolfssl ce59843662 wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173) 3d2be75b0c wolfssl: refresh patches 0c8425bf11 wolfssl: bump to 5.5.0 2c49ad36fb kernel: bump 5.10 to 5.10.146 f04515e7bd kernel: bump 5.10 to 5.10.145 a91f391b59 kernel: bump 5.10 to 5.10.144 25747a4c04 ramips: fix switch setup for ASUS RT-AX53U 23d23038dd uboot-mvebu: backport LibreSSL patches for older version of LibreSSL 1ff2993edb uboot-mvebu: backport patch to fix compilation on non glibc system d30ddfbac4 ramips: enable LZMA loader to fix Linksys RE6500 boot ed905fce58 tools/meson: backport WSL2 fix e5ab159fbf firmware: intel-microcode: update to 20220809 938ae92675 toolchain: Include ./include/fortify for external musl toolchain 8f72f5e4c0 toolchain: Select USE_SSTRIP with external musl toolchain 4ad6925a9e scripts: ext-toolchain: add support for musl 65bd632069 scripts: ext-toolchain: add support for info.mk in probe_cc b0622d1221 scripts: ext-toolchain: actually probe libc type on config generation d1a6c35591 scripts: ext-toolchain: add option to overwrite config 24cf766dfe scripts: ext-toolchain: fix wrong prefix in print_config generation 18a88668b8 rules_mk: don't include wrapped bin with external toolchains 29927e347a rules_mk: use gcc versions for external toolchain cd117f0596 bcm53xx: backport clk driver fix for DT nodes names 9dc46d6549 ath79: fix LibreRouter-v1 watchdog and poe_pass 0cb3a616e4 build: fix warnings from grep 463fe05d9e Makefile: fix stray \ warnings with grep-3.8 25d8b9cad6 build: fix issues with targets installed via feeds 74eeee1698 build: fix including modules.mk for targets pulled in from feeds dafac183f3 mpc85xx: add patch to fix gpio mpc8xxx 7707b47c72 ramips: fix fw_setsys f3ffb04a43 kernel: add missing symbol 2a6346725a bcm4908: fix -EPROBE_DEFER support in bcm4908_enet 700f5d2990 kernel: update U-Boot NVMEM driver acc78a9cf6 bcm4908: backport mtd parser for Broadcom's U-Boot partition b472753d79 mediatek: fix Unifi 6LR network config c0b7b2049e mpc85xx: fix unset kernel symbols 7c459ac1d5 mac80211: rt2x00: experimental improvements for MT7620 wifi d004110ef7 mac80211: rt2x00: fix typo 0755c18ff1 mac80211: add patch descriptions to rt2x00 patches 7a26f40217 mediatek: fix ledbar of UniFi 6 LR when running custom U-Boot f54d4ea0bb ramips: add support for Ubiquiti UniFi FlexHD a28ccd58ed ath79: Make patches apply again 2419546cee generic: move ledbar driver from mediatek target 420a86436f mediatek: add led count 40610c5322 mediatek: add initialization after reset 26cd0c1ee9 mediatek: add support for reset gpio b5665a0045 mediatek: support reading more than one byte of response cd0283788f mediatek: cast literal value to char a2d251573b mediatek: correctly log i2c response 7366ee86ef mediatek: remove gpiod_direction_output() ba6c780acb mediatek: do not use gpiod_set_raw_value() 745d3cd4aa kernel: modules: package kmod-crypto-essiv a3f9b42789 mediatek: fix typo in bpi-r64 image recipe 29c5d5d3da mediatek: bpi-r64: make initramfs/recovery optional d10352917b ramips: fix GB-PC1 and GB-PC2 LEDs 0c9833d0e0 wireless-regdb: update to 2022-08-12 be4abbd84a kernel: bump 5.10 to 5.10.143 4e05e7dddf kernel: bump 5.10 to 5.10.142 1b0db300cb kernel: bump 5.10 to 5.10.141 bf65d2dcba kernel: bump 5.10 to 5.10.139 e7ef88ff1d kernel: build crypto md5/sha1/sha256 modules for powerpc	2022-10-06 16:21:33 +02:00
David Bauer	ecd9f8cfe8	Merge pull request #2649 from blocktrron/v2022.1.x-device-bp [v2022.1.x] Backport device support introduced in master	2022-09-19 20:31:05 +02:00
David Bauer	411f6c3859	ipq40xx-generic: add suppot for GL.iNet GL-AP1300 (#2635 ) (cherry picked from commit `3ab8007a1e`)	2022-09-19 02:27:38 +02:00
David Bauer	8a2fdc502a	rockchip-armv8: add support for NanoPi R4S (#2633 ) (cherry picked from commit `dd30a6e658`)	2022-09-19 02:27:30 +02:00
David Bauer	81cf8164d5	ath79-nand: add support for ZTE MF281 Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit `94249bfa6a`)	2022-09-19 02:27:21 +02:00
David Bauer	43b1fc99dd	Merge pull request #2647 from herbetom/v2022.1.x-updates [v2022.1.x] modules: update to latest HEAD	2022-09-18 03:08:44 +02:00
Tom Herbers	013d049acf	modules: update packages 219b0a1e5 python-flask-socketio: update to 5.3.1 20da9e28b adblock: update 4.1.4-2 aaf90f333 adblock: update 4.1.4 6b13e6e67 yt-dlp: update to 2022.9.1 78d60b3c0 knot: update to version 3.2.1 b3373efe5 python3: backport and fix target musl libc detection cd3d6156f aria2: Fix aria2.init start issue Re-mount '$config_file' inside the '$config_dir' will cause aria2 process unable to start. f8fec60bd ksmbd-tools: add package with hotplug.d script for auto sharing 1a0524616 ksmbd-tools: append config from /var/run/config/ for runtime shares 764ba9c09 cloudflared: Update to 2022.9.0 29fdb5086 lxc: update to 5.0.1 701278306 syslog-ng: update to version 3.38.1 1342b58f2 miniupnpd: rework firewall4 integration 7cc0a0eab miniupnpd: update and fix nftables variant 85e6f9348 dnslookup: Update to 1.7.3 529842c78 dnsproxy: Update to 0.44.0 9951bdcb9 cloudflared: Update to 2022.8.4 c3a153bdb pillow: bump to version 9.2.0 7977389b2 pillow: bump to version 9.1.1 b15b99eed pillow: bump to version 9.1.0 b0fe84ca4 gg: Update to 0.2.9 5819aa071 xray-core: Update to 1.5.10 c5619b78d yq: Update to 4.27.3 426ccd2e0 uvol: fix autopart handling double/float number 32e4d8fa5 python-pycares: add new package 5dc5c7966 node: bump to v16.17.0 4c311180d strongswan: add kernel module dependency on chapoly 8b04b607a i2pd: update to version 2.43.0 240a8db7e i2pd: Update package b519548e4 zoneinfo: updated to the latest release fc47ed5f1 zoneinfo: updated to the latest release	2022-09-16 19:08:30 +02:00
Tom Herbers	899e187f34	modules: update openwrt 81388f74b5 scripts/download.pl: fix downloads with wget b8cbca8ac8 scripts/download.pl: silence can't exec curl warning 340b138932 scripts: always check certificates b5e39355e4 tools: remove xxd package b531611f57 build: provide xxd -i with scripts/xxdi.pl 542447b93e scripts: xxdi.pl: add xxd -i compat mode 4c795af58b scripts: xxdi.pl: remove File::Slurp dependency a352e30b8f scripts: add xxdi.pl b3fa0241e2 mac80211: backport tx queueing bugfixes add a bug fix for a rare crash 94372ab6e4 bcm53xx: update NVMEM driver for NVRAM cae4d089bc kernel: backport mtd dynamic partition patch 308f0831f7 ipq40xx: add GL-AP1300 label-mac-device b317d3dbfb ipq40xx: add WAN LED mapping for GL-AP1300 fff797d26e rockchip: add system-LED aliases specific to OpenWrt 18f77ef2d6 rockchip: ensure NanoPi R4S has unique MAC address 8ff1d27e48 realtek: fix RTL839x receive tag decoding 25a041f50b ipq40xx: add LTE packages for GL-AP1300 daf1fdc6ad ath79: add support for ZTE MF281 47ba7cdfc3 realtek: fix RTL838x receive tag decoding da7b26dfb8 mt76: update to the latest version ab61232b0a hostapd: rename hostapd multicast_to_unicast option to multicast_to_unicast_all 39c115028a bcm27xx: make NVMEM driver patch apply again 03c251ac14 bcm4908: enable NVMEM U-Boot env data driver 4efa0b70d5 kernel: backport U-Boot environment data NVMEM driver 8835da4d90 kernel: backport mtd patch adding of_platform_populate() calls 510f0628c7 OpenWrt v22.03.0: revert to branch defaults 17bd6b0477 OpenWrt v22.03.0: adjust config defaults 512e76967f uboot-mediatek: mt7622: suppress unwanted pinctrl warning d691625ec4 mediatek: mt7622: fix DTS compatible of UniFi 6 LR variants 93e6581b90 uboot-mediatek: backport fix for unstable UART on MT7622 3889f90ee2 uboot-mediatek: no compression means IH_COMP_NONE 8ff8a4dc9e uboot-mediatek: fix factory reset on UBI aebb19d34b uboot-envtools: mt7622: use 4k sectors for UniFi 6 LR (ubootmod) 557e4cb169 mediatek: mt7622: use variable sector size for spi-nor f7c358c2ad uboot-mediatek: fix Ubiquiti UniFi 6 LR U-Boot mod ae1786e543 mpc85xx: Drop pci aliases to avoid domain changes ea4ec11f4e at91bootstrap: use sdmmc0 as booting media for sama5d27_som1_ek c53fea7a8a uboot-at91: use sdmmc0 as booting media for sama5d27_som1_ek 2ae0ad375b kernel: rename 5.20 patches to 6.0 d3ccf0976a bcm4908: enable & setup packet steering 30bce90d84 bcm4908: prepare for Asus GT-AX6000 support b8b5ee12cd bcm4908: backport bcmbca DT patches queued for 5.20 a79a21b509 bcm53xx: backport DT changes from 5.17 & 5.18 3abed8406b bcm53xx: drop dead upgrade code caa43f4428 firewall4: update to latest Git HEAD 26b436e2a2 ucode: update to latest Git HEAD 0588b124e4 mac80211: disable ft-over-ds by default dced5f2c95 ramips: define Yuncore AX820 switch LEDs e497818e18 ath79: add support for Extreme Networks WS-AP3805i 9703a2adcc kernel: Refresh on 5.10.138 251336639c mbedtls: update to version 2.28.1 dddf01c508 Revert "mediatek: mt7622: fix banana pi r64 wps button" 89956c6532 kernel: bump 5.10 to 5.10.138 4209c33ae2 kernel: bump 5.10 to 5.10.137 a901a13505 iptables: default to ip(6)tables-nft when using buildroot	2022-09-16 19:08:29 +02:00
github-actions[bot]	a6022475ff	ath79-nand: fix upgrade from 19.07 for GL-AR300M (#2641 ) Support for the device was (re)added in #2455 (merged as `94e04393b1`) (cherry picked from commit `cd37fe5d60`) Co-authored-by: Tom Herbers <mail@tomherbers.de>	2022-09-15 21:33:26 +02:00