| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
e2fsprogs: Fix setting of host compiler
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The variable is actually called BUILD_CC, not
BUILDCC. This didn't cause a lot of problems
since the default for HOSTCC in OpenWRT is the
same as the default for BUILD_CC (gcc).
Signed-off-by: Frank Lichtenheld <frank.lichtenheld@sophos.com>
|
|\ \
| | |
| | | |
arptables: bump to 2015-05-20
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes building with musl and drops the dependency on the OpenWrt
kernel-header patches:
270-uapi-kernel.h-glibc-specific-inclusion-of-sysinfo.h.patch
271-uapi-libc-compat.h-do-not-rely-on-__GLIBC__.patch
272-uapi-if_ether.h-prevent-redefinition-of-struct-ethhd.patch
Use the new upstream location at netfilter.org and use a define instead
of a patch to "optimize".
See also: https://git.netfilter.org/arptables/log/
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
|\ \ \
| |/ /
|/| | |
update to 3.3 and enable fat build
|
| |/
| |
| |
| |
| |
| |
| | |
This allows to include optimizations such as ARM neon which
are detected on run-time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
| |
| |
| | |
Signed-off-by: Stanislav Izmalkov <izstas@live.ru>
|
|\ \
| | |
| | | |
nftables: version bump to 0.6
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use release tarball instead of fetching the sources from git and drop
disable-doc-generation patch as running autoreconf is more expensive
than generating the docs should the required tools be found on the build
host.
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
| |/
| |
| |
| |
| |
| | |
Also use release tarballs instead of fetching the sources from git.
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
|\ \
| | |
| | | |
firewall version bump to 2016-11-06 and xt_id removal
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This extension was added specifically for use by firewall3. Since
firewall-2016-11-06 no longer uses it remove it before it finds other
creative uses.
Should there already be such a use-case outside of OpenWrt I suggest to
package this extension properly a la xtables-addons instead.
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This version fixes loading of extensions for users of musl as it no
longer relies on undefined behaviour wrt dlclose. There is also a fix
which allows to build firewall without patched kernel headers when using
musl.
Another major feature is support for iptables-1.6.0 and vanilla iptables
in general.
Last but not least firewall no longer depends on the "in-house" iptables
extension xt_id and uses xt_comment instead for tracking its own rules.
For other changes consult the commit log.
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
| |
| |
| |
| |
| |
| | |
Commit 3a01d0ee2b991c8c267620e63a4ab47cd8c30cc4 upstream
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
|/
|
|
|
|
|
|
| |
There is a separate package kmod-crypto-echainiv for echainiv.ko. Selecting
both packages led to a conflict, so remove the file from kmod-crypto-iv.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
|\
| |
| | |
add tpm support
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds kernel support for tpm's providing:
* kmod-tpm - tpm framework
* kmod-tpm-i2c-infineon - infineon i2c 1.2 spec tpm
* kmod-random-tpm - tpm backed rng
Signed-off-by: Ian Pozella <Ian.Pozella@imgtec.com>
Signed-off-by: Abhijit Mahajani <Abhijit.Mahajani@imgtec.com>
|
| |
| |
| |
| | |
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
|
| |
| |
| |
| | |
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
|
| |
| |
| |
| | |
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
|
|/
|
|
| |
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
|
|
|
|
|
|
|
| |
This change also reflect relocation of upstream project which has been
moved to OpenWrt GitHub organization.
Signed-off-by: Hrvoje Varga <hrvoje.varga@sartura.hr>
|
|
|
|
|
|
|
| |
This change also reflect relocation of upstream project which has been
moved to OpenWrt GitHub organization.
Signed-off-by: Hrvoje Varga <hrvoje.varga@sartura.hr>
|
|
|
|
|
|
|
| |
This change also reflect relocation of upstream project which has been
moved to OpenWrt GitHub organization.
Signed-off-by: Hrvoje Varga <hrvoje.varga@sartura.hr>
|
|
|
|
| |
Signed-off-by: Denis Osvald <denis.osvald@sartura.hr>
|
|\
| |
| | |
openssl: update to 1.0.2j
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Security fixes:
* (Severity: High) OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
* (Severity: Moderate) SSL_peek() hang on empty record (CVE-2016-6305)
* (Severity: Moderate) Missing CRL sanity check (CVE-2016-7052)
* 10 Low severity issues
Security advisories:
https://www.openssl.org/news/secadv/20160922.txt
https://www.openssl.org/news/secadv/20160926.txt
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
|
|\|
| |
| | |
xtables-addons update, drop sched_getcpu from perf
|
| |
| |
| |
| |
| |
| | |
Fixes broken btrfs support in 4.12
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
upstream change: 8ee4646038e47d065d35703e3e343136c4cd42aa
fixes dependency w. Kernel 4.6
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
|
| |
| |
| |
| |
| |
| | |
Current musl already provides sched_getcpu
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- fix compilation w. Kernel 4.6 due to
hash->shash crypto API
- remove a patch integrated upstream
- remove unrecognized configure option
removed upstream in 2010
commit 40d0345f1ed02de183b13a6ce38847bc1f4ac48e
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
|
|/
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@49373 3c298f89-4303-0410-b956-a3cf2f4a3e73
|
|\
| |
| | |
full Netgear Nighthawk R7800 support
|
| |
| |
| |
| |
| |
| | |
It's not clear if the error is in file naming in firmware repository or in the driver, so fix it here for now.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
|
| |
| |
| |
| | |
Signed-off-by: Roman Yeryomin <roman@advem.lv>
|
| |
| |
| |
| |
| |
| | |
add kernel package to build squashfs as module when it's not the root filesystem
Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
|
| |
| |
| |
| | |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
| |
| |
| |
| |
| |
| |
| | |
tools/env/fw_env.c misses to include stdint.h.
Apparently musl doesn't mind and includes this header by default,
but glibc does not and causes the build to fail.
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
|
| |
| |
| |
| |
| |
| | |
Update libgmp to 6.1.1
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Security: Message printout was vulnerable to format string injection.
If specific usernames including "%" symbols can be created on a system
(validated by getpwnam()) then an attacker could run arbitrary code as root
when connecting to Dropbear server.
A dbclient user who can control username or host arguments could potentially
run arbitrary code as the dbclient user. This could be a problem if scripts
or webpages pass untrusted input to the dbclient program.
- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
the local dropbearconvert user when parsing malicious key files
- Security: dbclient could run arbitrary code as the local dbclient user if
particular -m or -c arguments are provided. This could be an issue where
dbclient is used in scripts.
- Security: dbclient or dropbear server could expose process memory to the
running user if compiled with DEBUG_TRACE and running with -v
The security issues were reported by an anonymous researcher working with
Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
| |
| |
| |
| |
| | |
Fixes a long standing design issue in handling of delayed triggers
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes duplicate ubiblock entries being listed and improves
find_mount_point to also match against a block device's
major:minor numbers (needed e.g. for /dev/root).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
| |
| |
| | |
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
| |
| |
| |
| |
| |
| | |
* adds support for ACL mount flags
* adds vfat fsck support
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
the recent fixes to make mount_root work during failsafe caused lots of
unwanted side effects. use the new preinit sentinel file to detect if
we are in preinit. this will also work if logged in via ssh.
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
| |
| |
| | |
Signed-off-by: John Crispin <john@phrozen.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
old size:
iperf3_3.0.11-1_mips_34kc_dsp.ipk 30147
new size:
iperf3_3.1.3-1_mips_34kc_dsp.ipk 33640
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
old size:
iperf_2.0.8-1_mips_34kc_dsp.ipk 27911
new size:
iperf_2.0.9-1_mips_34kc_dsp.ipk 28681
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|