Switch to compiling with CMake. Faster.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Meson update makes this error now.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

strongswan: handle chacha20poly1305 as AEAD

Fix compilation without deprecated OpenSSL APIs.

Backport upstream patch to fix stdout.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Add patch fixing compilation without deprecated OpenSSL APIs.

Fix installation. This never worked as the section was misnamed.

Updated tool names.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Removed two now pointless patches as they were added as options.

Switch to AUTORELEASE for simplicity.

Update MESON_ARGS.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

ooniprobe: update to version 3.9.2

chacha20policy1305 is also an AEAD cipher, and hence does not
permit a hash algorithm.

Fixes issue #15397.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

A subshell caused by $(...) can't persistently modify globals as a
side-effect.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

ruby: update to 3.0.1

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>

Switch to AUTORELEASE for simplicity.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

bonding: accept list of slaves in uci list notation

Enable collectd-mod-cpufreq  for rockchip

Signed-off-by: Tomas Lara <tl849670@gmail.com>

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Remove upstream backport.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

Fixes two CVEs:

CVE-2021-28965: XML round-trip vulnerability in REXML
CVE-2021-28966: Path traversal in Tempfile on Windows

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

python3-bottle: update to version 0.12.19

python-babel: update to version 2.9.0

Breaking changes:

- Remove support for Python 2.7

- Make Python 3.6 the minimum version supported

Features:

- Add limit parameter to image search endpoint

Bugfixes:

- Fix KeyError exception on secret create

- Verify TLS keys loaded from docker contexts

- Update PORT_SPEC regex to allow square brackets for IPv6 addresses

- Fix containers and images documentation examples

Signed-off-by: Javier Marcet <javier@marcet.info>

Features:

- Add profile filter to docker-compose config

- Add a depends_on condition to wait for successful service completion

Miscellaneous:

- Add image scan message on build

- Update warning message for --no-ansi to mention --ansi never as alternative

- Bump docker-py to 5.0.0

- Bump PyYAML to 5.4.1

- Bump python-dotenv to 0.17.0

Signed-off-by: Javier Marcet <javier@marcet.info>

April 2021 Security Releases
- OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) (CVE-2021-3450)
- OpenSSL - NULL pointer deref in signature_algorithms processing (High) (CVE-2021-3449)
- npm upgrade - Update y18n to fix Prototype-Pollution (High) (CVE-2020-7774)

OpenSSL-related vulnerabilities do not affect the OpenWrt package. Because OpenWrt's OpenSSL shared library has been updated.

Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>

libseccomp,crun: Fix circular deps

This reverts commit b29e6097.

Adding DEPENDS+=@!arc will cause a circular dependency, because some
packages select libseccomp based on a build option.

Commit e29483d7 ("libseccomp: workaround a recursive dependency") added
a workaround that was not properly documented, so I'll explain here.

The problem arises when libseccomp is selected depending on some config
option:

define Pakcage/foo
  DEPENDS=+FOO_SECCOMP:libseccomp

Even if the condition is correctly defined, excluding arc, such as:

define Package/foo/config
  config FOO_SECCOMP
    depends on !arc

the config generator will parse libseccomp's DEPENDS variable and
generate menuconfig statements like these:

config PACKAGE_foo
   select PACKAGE_libseccomp if FOO_SECCOMP
   depends on !FOO_SECCOMP || !arc

The last condition is always true because FOO_SECCOMP will always be
be false when arc is true.  The config generator is not able to
simplify/optimize the condition.

The circular dependecy occurs because FOO_SECCOMP depends on
PACKAGE_foo, and the redundant, always true line will make PACKAGE_foo
depend on FOO_SECCOMP.

As a workaround, we can add the 'depends on !arc' line to
Package/libseccomp/config, outside of the DEPENDS variable, so that the
redundant depends line line does not get generated.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Cc: Daniel Golle <daniel@makrotopia.org>

The package needs libseccomp, which does not currently support arc.
In order to avoid a circular dependency, we must avoid arc here as well.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>

strongswan: libnttft must not select strongswan

Update copyright

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>

Signed-off-by: Robin Rainton <robin@rainton.com>

Fix log spam:
daemon.err netdata[2090]: PROCFILE: Cannot open file '/proc/sysvipc/shm'
This is caused by a non existant /proc/sysvipc/shm because of the
CONFIG_PROC_STRIPPED option that is enabled by default in the kernel
generic target config

Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>

Signed-off-by: Stan Grishin <stangri@melmac.net>

THe current CI uses both CircleCI and GitHub Action CI, but not Travis.

Signed-off-by: Paul Spooren <mail@aparcar.org>

 * use lvm --reportformat json
 * add 'list' and 'align' commands
 * add help output

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

Signed-off-by: Stan Grishin <stangri@melmac.net>

Gerbera stupidly uses taglib-config to find the paths. Fix them to avoid
adding /usr/lib

Signed-off-by: Rosen Penev <rosenp@gmail.com>