| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
The dep for the nftables support was wrong, if someone actually enable
that option gain a compilation error. This fix this problem.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
Switch to git repo
Removed musl patch
Refreshed existing patch
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
|
|
|
|
|
|
|
|
| |
Commit f4e312ddf855375667f43c842c7187934b8aca92 adds libnetlink to
staging dir but did not add the header files libgenl.h and ll_map.h
which define functions belonging to libnetlink lib
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
| |
Make scan output useful for 802.11s meshes. The common print_ssid function
is used, so this doesn't add any additional code.
Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
|
|
|
|
|
| |
Add actual mirror and use main site as last resport
Source: http://www.tcpdump.org/mirrors.html
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
|
|
|
|
|
| |
Update iperf3 to 3.1.7
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
|
|
|
|
|
|
|
| |
The bug appeared in v4.1.0 and was fixed since v4.8.0
Fixes FS#620
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
|
| |
Update mirror list, add main site as last resort
Source: https://github.com/curl/curl-www/blob/master/latest.pl
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
|
|
|
|
|
| |
Do not run another loop iteration before checking the stop flag
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
This fixes the following security problem:
* CVE-2017-2629 SSL_VERIFYSTATUS ignored
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
| |
The kernel unconditionally pulls in a header file that defines
'current', which conflicts with the lua extension code.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
| |
Pass down TARGET_CPPFLAGS for path to header files, and append the
libraries we depend on in TARGET_LDFLAGS. Put TARGET_LDFLAGS at the end
of the command line as is required by modern GCC/binutils.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
|
|
|
|
| |
Signed-off-by: Hsing-Wang Liao <kuoruan@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Drops a LEDE carried patch now upstream.
Convert to autotools.
A number of nits fixed upstream (dns & short packet handling most
notable)
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Refreshed patches
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Update to 3.1.6
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following 41 security problems:
+ CVE-2016-7922: buffer overflow in print-ah.c:ah_print().
+ CVE-2016-7923: buffer overflow in print-arp.c:arp_print().
+ CVE-2016-7924: buffer overflow in print-atm.c:oam_print().
+ CVE-2016-7925: buffer overflow in print-sl.c:sl_if_print().
+ CVE-2016-7926: buffer overflow in print-ether.c:ethertype_print().
+ CVE-2016-7927: buffer overflow in print-802_11.c:ieee802_11_radio_print().
+ CVE-2016-7928: buffer overflow in print-ipcomp.c:ipcomp_print().
+ CVE-2016-7929: buffer overflow in print-juniper.c:juniper_parse_header().
+ CVE-2016-7930: buffer overflow in print-llc.c:llc_print().
+ CVE-2016-7931: buffer overflow in print-mpls.c:mpls_print().
+ CVE-2016-7932: buffer overflow in print-pim.c:pimv2_check_checksum().
+ CVE-2016-7933: buffer overflow in print-ppp.c:ppp_hdlc_if_print().
+ CVE-2016-7934: buffer overflow in print-udp.c:rtcp_print().
+ CVE-2016-7935: buffer overflow in print-udp.c:rtp_print().
+ CVE-2016-7936: buffer overflow in print-udp.c:udp_print().
+ CVE-2016-7937: buffer overflow in print-udp.c:vat_print().
+ CVE-2016-7938: integer overflow in print-zeromq.c:zmtp1_print_frame().
+ CVE-2016-7939: buffer overflow in print-gre.c, multiple functions.
+ CVE-2016-7940: buffer overflow in print-stp.c, multiple functions.
+ CVE-2016-7973: buffer overflow in print-atalk.c, multiple functions.
+ CVE-2016-7974: buffer overflow in print-ip.c, multiple functions.
+ CVE-2016-7975: buffer overflow in print-tcp.c:tcp_print().
+ CVE-2016-7983: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2016-7984: buffer overflow in print-tftp.c:tftp_print().
+ CVE-2016-7985: buffer overflow in print-calm-fast.c:calm_fast_print().
+ CVE-2016-7986: buffer overflow in print-geonet.c, multiple functions.
+ CVE-2016-7992: buffer overflow in print-cip.c:cip_if_print().
+ CVE-2016-7993: a bug in util-print.c:relts_print() could cause a
buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,
lightweight resolver protocol, PIM).
+ CVE-2016-8574: buffer overflow in print-fr.c:frf15_print().
+ CVE-2016-8575: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5202: buffer overflow in print-isoclns.c:clnp_print().
+ CVE-2017-5203: buffer overflow in print-bootp.c:bootp_print().
+ CVE-2017-5204: buffer overflow in print-ip6.c:ip6_print().
+ CVE-2017-5205: buffer overflow in print-isakmp.c:ikev2_e_print().
+ CVE-2017-5341: buffer overflow in print-otv.c:otv_print().
+ CVE-2017-5342: a bug in multiple protocol parsers (Geneve, GRE, NSH,
OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in
print-ether.c:ether_print().
+ CVE-2017-5482: buffer overflow in print-fr.c:q933_print().
+ CVE-2017-5483: buffer overflow in print-snmp.c:asn1_parse().
+ CVE-2017-5484: buffer overflow in print-atm.c:sig_print().
+ CVE-2017-5485: buffer overflow in addrtoname.c:lookup_nsap().
+ CVE-2017-5486: buffer overflow in print-isoclns.c:clnp_print().
The size of the package is only incread very little:
new size:
306430 tcpdump_4.9.0-1_mips_24kc.ipk
130324 tcpdump-mini_4.9.0-1_mips_24kc.ipk
old size:
302782 tcpdump_4.8.1-1_mips_24kc.ipk
129033 tcpdump-mini_4.8.1-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
Updated cake's tc patch to match the official cake repository
formatting.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
| |
Add 'mpu' minimum length packet size parameter for scheduling/bandwidth
accounting.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
|
| |
Backport an upstream change to fix HTTPS timeouts with OpenSSL.
Upstream curl bug #1174.
Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
[Jo-Philipp Wich: reword commit message, rename patch to 001-*]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts the following commits:
fbe522d1204149b6c128d55e360bfc15fa8258e1
278ad007ee03c4455c3507322e34b0e3e6ec050d
863888e44f7a1fb1675a2e7a2eaabfec3561d2a2
96daf6352f6e04bc22789466cb5409b93fbec191
cfd83555fc4f0bab18a26f6812da18e64df46ff3
This seems to trigger some mconf bugs when built with all feeds
packages, so I will try to find a less intrusive solution before the
release.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
| |
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
luci-ssl has already made the switch since mainline support for PolarSSL is
almost over (2016).
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the folowing security problems:
CVE-2016-9586: printf floating point buffer overflow
CVE-2016-9952: Win CE schannel cert wildcard matches too much
CVE-2016-9953: Win CE schannel cert name out of buffer read
CVE-2016-9594: unititialized random
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
| |
Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
uqmi has the possibility to allow the modem to start a regsitration
process only to this specified plmn
Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
|
|
|
|
|
|
| |
Wed Dec 21 09:55:54 2016 daemon.notice netifd: wan (4455): ./ncm.sh: eval: line 1: =IP: not found
Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
|
|
|
|
|
|
|
|
|
|
| |
Update tc to track upstream cake changes:
diffserv3 - a simple 3 tin classifier
Also make diffserv3 and triple-isolate default
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
| |
Add uqmi 'sync' command call to release stalled cid when preparing to
setup new connection. As a result it prevents 'POLICY MISMATCH' errors.
Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
|
|
|
|
|
|
|
| |
8ceeab6 uqmi: Change returned value to QMI_CMD_REQUEST for 'sync' command.
1dc7be1 uqmi: Add sync command to release all cids.
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
| |
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.
Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
|
|
|
|
|
|
|
| |
It's useful when using multiple usb devices that should be bound to
certain usb ports. Symlinks are created by hotplug handlers.
Signed-off-by: Nickolay Ledovskikh <nledovskikh@gmail.com>
|
|
|
|
|
|
| |
Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for specifying a call profile index instead of APN. A
specific index different from 1 must be used for some service
provider and modem combinations.
In addition, change the manufacturer detection to use the standard
AT+CGMI command, which produces more predictable output than ATI,
remove the redundant ipv6 option, since it is less ambiguous to
directly specify the PDP context type with mobile connections, and
fix missing device during teardown when using ncm through the wwan
proto.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update uqmi to latest version, which brings about support for
specifying a call profile index instead of APN. A specific index
different from 1 must be used for some service provider and modem
combinations.
Also change option dhcp to dhcpv6, since IPv4 now always uses DHCP,
replace option ipv6 with pdptype, which is less ambiguous, and
make autoconnect optional and default it to off for IPv6 due to it
not working with statically configured IPv6.
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>
|
|
|
|
|
|
|
|
| |
The xt_id match was used by the firewall3 package to track its own rules but
the approach has been changed to use xt_comment instead now, so we can drop
this nonstandard extension.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
| |
Support new packet overhead passing paradigm in cake qdisc, also restore
DSCP wash/nowash keywords.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
|
|
|
| |
This removes:
- BGP
- CDP
- SCTP
MIPS binary .ipk size is reduced from ~150k to ~130k
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Update tcpdump to upstream release 4.8.1
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
|