libSML implements the Smart Message Language protocol used by German smart
meters (FNN specification). It is used by projects like volkszaehler for
reading smart meter data.
Signed-off-by: Andy Voigt <a.voigt@mailbox.org>
Update from 0.26.5 to 1.0.4 (major version jump 0.x -> 1.x).
Changes:
- Add +libcurl to DEPENDS: libupnpp 1.0.4 introduced a new mandatory
dependency on libcurl (used for HTTP/SOAP communications)
- Build system remains meson (already in use)
- No patches needed
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Replace the four stub udev_hwdb_*() functions with a working
implementation that looks up vendor and product names from
/usr/share/hwdata/usb.ids, so callers using the standard libudev
hwdb API benefit without needing package-specific patches.
The patch is a clean backport of upstream commit 2bebebc9e0444
("udev: implement hwdb USB ID lookup from usb.ids (#80)") merged
to illiliti/libudev-zero master on 2026-05-19, post-1.0.3. Drop
when the package is bumped to the next libudev-zero release.
Upstream now defaults USB_IDS_PATH to ${SHAREDIR}/hwdata/usb.ids
with SHAREDIR=${PREFIX}/share, so the explicit
USB_IDS_PATH=/usr/share/hwdata/usb.ids in MAKE_FLAGS is no longer
needed and is dropped.
Fixes: https://github.com/openwrt/packages/issues/29386
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Minor version bump on the GnuPG X.509 library. Highlights from
upstream's NEWS:
1.8.0 (2026-05-13)
* New function ksba_cms_get_attribute.
* Support building of unsigned attributes with
ksba_cms_add_attribute.
1.7.0 (2026-05-07)
* Add support for building AuthEnvelopedData.
* New function ksba_cms_add_attribute.
* Fix silent truncation of 64 bit length fields.
* Fix incorrect overflow guard condition in _ksba_ber_read_tl.
The added interfaces (ksba_cms_add_attribute, _get_attribute) are
required by GnuPG >= 2.5.20 to expose gpgsm's --attribute option.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
PostgreSQL 18.4 is a quarterly bug-fix release of the 18.x major
series. No security advisories listed against this release.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
captest, filecap, netcap and pscap (libcap-ng-bin) do not print the
package version string (0.8.4), causing generic version check failures
in CI.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Move existing protobuf package to protobuf-compat to support packages that
don't work with modern version of Protobuf.
Install headers and libraries into /usr/protobuf-compat so as not to
confuse other packages with duplicate headers, and to prevent paths
conflicts with non-compat Protobuf.
Install link protoc as protoc-compat.
Signed-off-by: George Sapkin <george@sapk.in>
Major version update from 1.24.2 to 2.0.1.
Major change: the C++ bindings (libgpgmepp), Qt bindings, and
Python bindings have been split off into separate packages
upstream. The libgpgmepp subpackage is dropped here too; consumers
that need C++ bindings will have to be ported once gpgme++ is
packaged separately.
Changes from 1.24.x -> 2.0.x:
* New gpgme_op_random_bytes / gpgme_op_random_value functions
to get cryptographically strong random data from gpg.
* New decrypt flag to skip actual decryption so that
information about recipients can be retrieved.
* New flag for key generation to mark a (sub)key as group owned.
* gpgme_signers_add: when key was retrieved with fingerprint!'!'
suffix, the requested subkey is used for signing.
* timestamp/expires fields changed from signed long to unsigned
long for better 32bit time_t support.
* Removed long-deprecated gpgme_attr_t enums and functions.
* Removed never-implemented GPGME_EXPORT_MODE_NOUID flag.
* Removed entire trustlist feature.
2.0.1:
* Adjust for changes to the posix test(1) command.
* Extend internal gpgsm_assuan_simple_command to consume diag
output (fixes possible lockup).
Drop --enable-languages=cpp from configure args (no longer
supported), Build/InstallDev no longer copies the C++ headers,
cmake bits or libgpgmepp shared library, and remove the
libgpgmepp Package definition.
Link: https://dev.gnupg.org/source/gpgme/browse/master/NEWS
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Changes since 1.6.7:
* Fix double increment in DN parser while counting hexdigits.
* Fix a memory leak in the BER decoder's error handling.
* Fix an assertion failure in the OCSP code.
* Support SHA256 based CertIDs in OCSP.
* Use nonstring attribute for gcc-15.
* Remove remaining WindowsCE support.
Link: https://dev.gnupg.org/source/libksba/browse/master/NEWS
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
GCE-Math (Generalized Constant Expression Math) is a templated C++
library enabling compile-time computation of mathematical functions.
It is a header-only library, so this package is BUILDONLY:=1; the
headers and CMake config files land in staging_dir for consumers to
pick up via find_package(GCEM).
Needed as a build dependency for fluidsynth >= 2.5, whose upstream
build expects gcem at configure time and (absent a system copy)
falls back to a CMake-time download from GitHub - which breaks in
offline / restricted-network build environments such as the OpenWrt
CI.
Pinned to commit 012ae73c (2024-04-28), the revision referenced by
fluidsynth 2.5.x's bundled FindGCEM.cmake / git submodule.
CMAKE_POLICY_VERSION_MINIMUM=3.5 is set because upstream's
CMakeLists.txt declares cmake_minimum_required(VERSION 3.1), which
trips current CMake's deprecated-policy guard.
Link: https://github.com/kthohr/gcem
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update from 1.28.1, spanning the 1.29.x, 1.30.x and 1.31.x release
series.
Highlights:
* 1.31.0: New 'high-resolution scroll' API and per-device button
debouncing improvements; tablet pad mode support reworked.
* 1.30.0: Added support for new touchpad and tablet device quirks;
improved gesture detection on multi-touch devices.
* 1.29.0: New configuration knobs for trackpoint acceleration and
improved palm detection.
* Continuous bug fixes and updated device quirks throughout.
Link: https://gitlab.freedesktop.org/libinput/libinput/-/tags/1.31.1
Link: https://wayland.freedesktop.org/libinput/doc/latest/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
jsoncpp 1.9.7 added std::string_view overloads for Value::get() and
Value::operator[], but these are only compiled when C++17 is active.
Building with the default C++11 standard leaves those symbols out of
the library, causing link failures for consumers that include the
headers with C++17 enabled (e.g. upmpdcli 1.9.17, domoticz 2025.2).
Add -Dcpp_std=c++17 to the meson args so the string_view API is
available in the installed library.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Commit 537c2a631 ("treewide: avoid deref symlinks when installing .so")
intended to avoid duplicating .so* files, but this package actually
relies on install dereferencing the file that matches the SONAME
version, to avoid installing unnecessary symlinks.
Fixes: https://github.com/openwrt/packages/issues/29387
Fixes: 537c2a631 ("treewide: avoid deref symlinks when installing .so")
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Patch release fixing build system issues with the 2.0.0 release.
2.0.0 introduced API changes including:
* Version macros for detection of incompatible API / version
* size_t as argument to allow longer base64 encoded strings
* Configurable line break functionality
* Flags field for encoder
* Helpers to calculate required output buffer maximum lengths
* Switched in-/out-pointers to void*
Link: https://github.com/libb64/libb64/blob/v2.0.0.1/CHANGELOG.md
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Bump from 2.82.0 to the current upstream stable. Required by GTK
4.22 and other recent GNOME-stack consumers (gtk 4.22 requires
glib >= 2.84).
Refresh 006-c99.patch for upstream context shift; the patch
forces HAVE_C99_SNPRINTF/VSNPRINTF and HAVE_UNIX98_PRINTF to
true when cross-compiling, since upstream now only does that
implicitly for the darwin/iOS/tvOS triplet.
Link: https://gitlab.gnome.org/GNOME/glib/-/tags/2.88.1
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update from 2.13.9 to 2.15.0 (skips 2.14.x stable series).
Highlights of the 2.14/2.15 series:
- C++ header compatibility improvements (tracepoint API usable from C++)
- liblttng-ust-tracepoint split into its own shared library
- Add liblttng-ust-fd, liblttng-ust-fork helper libraries
- Ring buffer API cleanup and modernisation
- Drop internal libcompat layer
Patch update:
- 100-no-tests.patch: adjust hunk offset from line 7 to line 9; the
tests/ entry in SUBDIRS moved down two lines in Makefile.am
Reference: https://lttng.org/files/lttng-ust/
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 0.4.16:
0.4.18 (2026-02-16):
* Support for RSA-PSS and RSA-OAEP using keys retrieved using the
PKCS11_get_private_key() libp11 API and the PKCS#11 provider.
* Improved test coverage.
0.4.17 (2026-02-01):
* Ed25519 and Ed448 support (PKCS#11 v3.2).
* Fixed OPENSSL_NO_EC builds.
* Reverted RSA public exponent change from PR #474.
* Fixed crash on module initialization failures.
* Ignoring trailing newlines in pin-source files.
* Initial build fixes for the upcoming OpenSSL 4.x.
Drop the now obsolete 001-fix-install.patch which has been merged
upstream.
Link: https://github.com/OpenSC/libp11/blob/libp11-0.4.18/NEWS
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Major version jump from 1.17.1 to 3.3.2.
libjwt 3.x is a substantial rewrite:
* New backend abstraction supporting OpenSSL, GnuTLS and MbedTLS
crypto libraries (selected at build time).
* New JWK and JWKS APIs for key handling with full RFC 7517 support.
* Improved error handling and reporting.
* EdDSA signature support (Ed25519, Ed448).
* Optional libcurl integration for fetching JWKS from a URL.
* Many API additions while keeping backwards-compatible semantics
for the most common HMAC/RSA/ECDSA operations.
Force OpenSSL backend (-DWITH_GNUTLS=OFF -DWITH_MBEDTLS=OFF) since
libopenssl is already a dependency, avoiding pulling in libgnutls.
Disable -DWITH_TESTS=OFF since the testsuite is not relevant for
embedded targets.
Link: https://github.com/benmcollins/libjwt/releases/tag/v3.3.2
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Major version update from 17.5 to 18.3.
PostgreSQL 18 (released September 2025) brings:
* Asynchronous I/O (AIO) for shared buffers, sequential scans,
bitmap heap scans and pg_prewarm.
* Skip scans for B-tree indexes.
* Performance improvements for partition pruning.
* Logical replication: improved replication of generated columns,
protocol version 5.
* Native UUIDv7 support.
* Larger I/O for sequential and parallel scans.
* Concurrent reindex of partitioned tables.
* pg_dump: --filter for selective dumps.
* Numerous SQL/JSON improvements.
* New built-in role pg_signal_autovacuum_worker.
18.3 is the third maintenance release with bug fixes since 18.0.
Drop the now obsolete pg_config_ext.h copy in Build/InstallDev: this
header has been removed upstream in PostgreSQL 18.
Link: https://www.postgresql.org/docs/release/18.0/
Link: https://www.postgresql.org/docs/release/18.3/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Bump from 2.4.123 to current upstream stable. Required by recent
Mesa, weston, wlroots and other graphics-stack consumers
(wlroots 0.20+ explicitly requires libdrm >= 2.4.129).
Link: https://dri.freedesktop.org/libdrm/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Changelog:
- Fix MMDB_open incorrectly rejecting databases with 0-element
map/array fields at the end of metadata (v1.13.3)
- Fix compilation conflict with bswap32/bswap64 macros on macOS 26
Tahoe (v1.13.2)
- Fix validation and edge-case handling in database open path (v1.12.x)
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changelog:
- Security: reject unescaped control characters in JSON strings
- Security: fix use-after-free in Reader::parse()
- Add std::string_view support in the Value API
- Fix string_view ABI mismatch between library and consumers
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
aserver does not implement --version so the generic CI version check
fails for it. Add a test.sh case that verifies it is present and
executable instead.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 6.2.1:
- Build without expat by default (switch to picoxml)
- Fix build errors with -Dipv6=false option (issue #142)
- Check size of POST upload data and response data against
g_maxContentLength; change default from 16k to 2MB
- Use IPv6 socket when looking for an available port with IPv6 enabled
- Fix MHD start error handling to not delete minisocket array prematurely
- Remove code assuming different v4/v6 listening ports
- Add per-subsystem debug logging control via environment variable
- SSDP code cleanups and header removal
- Fix win32 compile issue (setsockopt args)
- Avoid leaking private headers to consumers via meson build
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
The test only checked for .so file existence, which is already
verified by the generic tests (symlink validity + linked libraries).
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Update from 17.00.0004 (2024-12-09) to 18.00.0001 (2026-03-23).
This is a major version bump to the 18.x series, aligning with
PostgreSQL 18 support. Switch from a fixed git commit to the
18.00.0001 tagged release.
Add test.sh to verify the psqlodbca and psqlodbcw shared libraries
are present after installation.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Because AI bots are shredding through the AF_ALG code in the kernel,
upstream has decided to deprecate AF_ALG:
https://lore.kernel.org/all/20260430011544.31823-1-ebiggers@kernel.org/
Follow their lead and do the same here.
afalg_engine AFAIK is a faster version of what OpenSSL provides last
time I used it. Although I don't think it was useful for long. OpenSSH's
sandbox conflicts with AF_ALG.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixes https://github.com/openwrt/packages/issues/27952
Update avahi from 0.8 to 0.9-rc4. The 0.9 development line accumulates
four years of bug and security fixes since the 0.8 release (2020-02-18).
Notable improvements in 0.9-rc4 over 0.8:
Security (all CVEs previously backported as patches, now removed):
- CVE-2023-38469: reject TXT records whose total rdata exceeds
AVAHI_DNS_RDATA_MAX, preventing heap-buffer reads under crafted mDNS
- CVE-2023-38470: ensure each DNS label is at least one byte, preventing
an infinite loop on malformed packets
- CVE-2023-38471: extract host name via avahi_unescape_label() before
generating an alternative to avoid operating on a raw escaped string
- CVE-2023-38472: check that rdata pointer is non-NULL before passing to
avahi_rdata_parse() from dbus-entry-group
- CVE-2023-38473: derive alternative host name from its unescaped form,
fixing incorrect hostname collision resolution with escaped labels
Bug fixes (previously backported):
- Fix NULL-pointer crashes in avahi_s_*_browser_new() (#175)
- Avoid infinite loop in avahi-daemon simple-protocol by handling
AVAHI_WATCH_HUP event in client_work
- Fix potential undefined behaviour in avahi_dns_packet_consume_uint32:
cast uint8_t operands to uint32_t before shifting
- Fix memory/CPU leak in the simple event loop: cleanup_watches() was
zeroing timeout_req_cleanup instead of watch_req_cleanup, so completed
watches were never removed from the linked list
- Emit D-Bus error reply when avahi-daemon cannot resolve a hostname or
service, rather than crashing with a NULL dereference
- Increase ini-file-parser line buffer from 256 to 1024 bytes to handle
longer configuration values without silent truncation
Other changes:
- P2P tunnel support: IFF_MULTICAST is no longer required for
point-to-point interfaces when allow-point-to-point=yes
- Runtime directory: configure.ac now derives the socket path from
${runstatedir} (defaults to ${localstatedir}/run), so the
explicit patch reverting the /run hardcoding is no longer needed
- Patch 010-pkgconfig.patch (pkgconfig prefix alignment) is retained
as it has not been merged upstream
Dropped patches (all merged upstream):
020-revert-runtime-dir-systemd-change.patch
100-p2p-no-iff_multicast-required.patch
200-Fix-NULL-pointer-crashes-from-175.patch
201-Avoid-infinite-loop-in-avahi-daemon-by-handling-HUP-event.patch
202-avahi_dns_packet_consume_uint32-fix-potential-undefined-b.patch
203-Do-not-disable-timeout-cleanup-on-watch-cleanup.patch
204-Emit-error-if-requested-service-is-not-found.patch
205-conf-file-line-lengths.patch
300-CVE-2023-38469.patch through 304-CVE-2023-38473.patch
Library SONAMES unchanged: libavahi-common.so.3, libavahi-core.so.7,
libavahi-client.so.3 — no reverse dependency rebuilds required.
Disable libsystemd (not available on OpenWrt)
avahi 0.9-rc4 added --enable-libsystemd which defaults to enabled and
fails configure when libsystemd is not found via pkg-config. OpenWrt
does not provide libsystemd; disable it explicitly.
Also pass --with-systemdsystemunitdir=no to suppress the pkg-config
lookup for the systemd unit directory.
Drop po/ subdir from build
The 0.9-rc4 tarball is a raw git archive; po/Makefile.in.in is not
pre-generated as it was in the 0.8 release tarball. autopoint (from
gettext) is needed to install it, but is not available in the OpenWrt
SDK. Since OpenWrt does not use NLS translations, remove po/ from
SUBDIRS in Makefile.am to avoid the missing po/Makefile.in.in error
during configure.
In 0.9-rc4 the D-Bus system.d directory changed from
$(sysconfdir)/dbus-1/system.d to $(datadir)/dbus-1/system.d,
so avahi-dbus.conf is now installed under usr/share/dbus-1/system.d.
Update the install rule source path accordingly; keep the on-device
destination at /etc/dbus-1/system.d for compatibility.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
This reverts commit d114f46db1.
Apparently the libm does not exist as a package, so the commit is wrong.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Josef Schlehofer