ksmbd 3.4.0 reworks its dependencies as a result of upstream feedback.
Unfortunately, this means that it now relies on CONFIG_FS_POSIX_ACL,
which is not easy to direcly enable in OpenWrt.
Revert in order to fix multiple build failures that people experience.
Hans Dedecker [Sun, 8 Aug 2021 19:38:24 +0000 (21:38 +0200)]
nghttp2: update to 1.44
368014b8 Bump version number to v1.44.0, LT revision to 34:2:20 fa16e66a nghttpx: Fix max distance in weight group/address cycle comparison 40af31da nghttpx: Set connect_blocker and live_check after shuffling addresses 9e6c0685 Fix build failure ebad3d47 Port new ngtcp2 map implementation d4fd0681 Bump llhttp to 6.0.2 43a47aa0 Do not return HPE_USER from where it is prohibited 20079b4c Update bash_completions 2aeec770 Update manual pages cef458c3 Replace black-list with block-list 617a5766 Replace master with main f1d67335 Initialize Config rps field 5f3bcb1f Add precious variables for libev and jemalloc and use JEMALLOC_CFLAGS b419bfd9 Remove unused field e406a2c1 Update doc 962a75c4 Merge pull request #1559 from nghttp2/h2load-rps 6cdc13d6 h2load: Add --rps option 92944f78 h2load: Allow unit in -D option 276792a8 Remove unnecessary function 579fa6ea Add more --with-* configure flags 2f2b2117 Add LIBTOOL_LDFLAGS configure variable 88a3cb51 Bump llhttp to 4.0.0 40679cf6 Merge pull request #1553 from nghttp2/nghttpx-fix-accesslog-method 5b587e85 Merge pull request #1550 from jktjkt/docs-asio-fix-typos 50a1121d nghttpx: Remove trailing white space after $method log variable 3239c5ef Bump up version number to v1.44.0-DEV
Stijn Tintel [Sat, 7 Aug 2021 10:08:52 +0000 (13:08 +0300)]
libffi: bump to 3.4.2
Remove both patches as they have been upstreamed.
This new release is only available on Github and does not ship configure
or Makefile, so autoreconf is needed.
Karl Palsson [Tue, 3 Aug 2021 15:26:26 +0000 (15:26 +0000)]
libwebsockets: enable built in uloop support
uloop is always available on OpenWrt, so build in LWS's uloop support by
default. Size difference of .ipk is 683 bytes, or about 0.5%.
No known applications use this at present, but it seems better to
proactively offer it.
Javier Marcet [Mon, 2 Aug 2021 07:36:36 +0000 (09:36 +0200)]
python3-distro: update to version 1.6.0
- BACKWARDS COMPATIBILITY:
- Deprecated the distro.linux_distribution() function. Use
distro.id(), distro.version() and distro.name() instead [#296]
- Deprecated Python 2.7, 3.4 and 3.5 support. Further releases will
only support Python 3.6+
- ENHANCEMENTS:
- Added type hints to distro module [#269]
- Added __version__ for checking distro version [#292]
- Added support for arbitrary rootfs via the root_dir parameter
[#247]
- Added the --root-dir option to CLI [#161]
- Added fallback to /usr/lib/os-release when /etc/os-release isn't
available [#262]
- BUG FIXES:
- Fixed subprocess.CalledProcessError when running lsb_release
[#261]
- Ignore /etc/iredmail-release file while parsing distribution
[#268]
- Use a binary file for /dev/null to avoid TextIOWrapper overhead
[#271]
- RELEASE:
- Moved repository from nir0s/distro to python-distro/distro on
GitHub.
TARGET_CXX is added, because PowerDNS now uses C++17.
pdns.conf-dist is updated to the latest version shipped by PowerDNS.
010-time_t-check.patch, which is also used in pdns-recursor and dnsdist,
is added to patch out the check for 64-bit time_t,
because OpenWrt still supports 32-bit devices.
100-pdns-disable-pdns.conf-dist.patch is refreshed.
Stan Grishin [Mon, 2 Aug 2021 06:34:08 +0000 (06:34 +0000)]
simple-adblock: update to 1.8.7-6
* supports newer shellcheck
* restore EXTRA_COMMANDS compatibility with 19.07
* move status display from various functions to status_service
* bugfix: status_service line break after output
* minor arythmetic fix in status_service
Use after free on close http2 on stream canceling (High) (CVE-2021-22930)
Node.js is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
Stan Grishin [Fri, 30 Jul 2021 13:34:04 +0000 (13:34 +0000)]
curl: enable HTTP/2 support by default
Description: Lack of support of HTTP/2 by default starts to hurt,
for example with https-dns-proxy package, some DoH resolvers (like mullvad)
no longer support HTTP/1 and are not usable.
This enables HTTP/2 support by default (which would bring ~68Kb libnghttp).
Stan Grishin [Fri, 30 Jul 2021 00:02:33 +0000 (00:02 +0000)]
https-dns-proxy: update to 2021-07-29-01
* update binary to the latest commit (2021-07-29) to fix #16222 and #16239
* add hotplug.d/iface file and update Makefile to install it
* use Cloudflare's and Google's bootstrap DNS if bootstrap DNS is missing
* minor improvements in append_bool function
* add append_counter function for verbosity setting
* add append_bootstrap function (and supporting functions) to parse/sanitize bootstrap setting
* move firewall array from 'main' instance to the first proxy instance
* delete useless 'main' instace
Daniel Golle [Fri, 30 Jul 2021 01:14:39 +0000 (02:14 +0100)]
uvol: lvm: make 'up' call reliable
Changing a volume right after activation doesn't work well due to some
caching or race-condition issue.
Perform activation as last lvchange operation as a work-around.
Open vSwitch supports SSL to connect to an OpenFlow controller. This is
recommended for security. Expand the UCI ovs config section to allow
configuring SSL CA, certificate and private key.