aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* BB: openssl: update to 1.0.2f (fixes CVE-2016-0701, CVE-2015-3197)barrier_breakerJo-Philipp Wich2016-01-296-20/+20
| | | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r48531. git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@48549 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: samba36: add three CVE patches from 2015-12-16Jo-Philipp Wich2016-01-114-1/+253
| | | | | | | | | | | This is a patch for CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299. A patchset for these vulnerabilities was published on 16th December 2015. Signed-off-by: Jan Čermák <jan.cermak@nic.cz> Backport of r48133 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@48199 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: openssl: update to v1.0.2e (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195)Jo-Philipp Wich2015-12-076-15/+15
| | | | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r47726. git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@47804 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: check for banned client on association eventRafał Miłecki2015-09-281-0/+26
| | | | | | | | | | | | | When using FullMAC drivers (e.g. brcmfmac) we don't get mgmt frames so check for banned client in probe request handler won't ever be used. Since cfg80211 provides us info about STA associating let's put a check there. Signed-off-by: Rafał Miłecki <zajec5@gmail.com> Backport of r47064 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@47068 3c298f89-4303-0410-b956-a3cf2f4a3e73
* dnsmasq: backport CVE-2015-3294 security fixRafał Miłecki2015-09-082-1/+38
| | | | | | | | | | | Upstream release 2.73 included CVE-2015-3294 fix, let's backport patch fixing this security issue. This avoids bumping version to 2.73 which introduced many new features. This way we keep dnsmasq safe and don't risk new problems. Signed-off-by: Rafał Miłecki <zajec5@gmail.com> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46817 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: hostapd: Fix RADIUS connection recovery after initial failure (#18197)Jo-Philipp Wich2015-07-272-2/+43
| | | | | | | | | | | | | | | | If the initial attempt at opening the socket connection to the RADIUS server failed due to missing IP connectivity during startup, e.g., with "connect[radius]: Network is unreachable", hostapd did not try to reconnect when RADIUS messages were sent. Instead, it only reported "No authentication server configured" even if the configuration did have a server entry. Backport of upstream commit 94b39e5927e570e6b0fe41d455dde0a361c71c36 ("RADIUS client: Fix server connection recovery after initial failure") Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46512 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: openssl: update to v1.0.2d (CVE-2015-1793)Jo-Philipp Wich2015-07-095-30/+25
| | | | | | | | | | | | | | | | | | During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and "issue" an invalid certificate. This issue will impact any application that verifies certificates including SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r46285 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46287 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: kernel: kmod-scsi-core: fix load on installJonas Gorski2015-07-041-2/+2
| | | | | | | | | | | | | | sd_mod depends on scsi_mod, but due to it being an AutoLoad and not AutoProbe module, it was not loading when installing the package, causing unknown symbol errors for sd_mod and anything depending on it. Closes #14927, #18293, #19351. Backport of r46176. Signed-off-by: Jonas Gorski <jogo@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46178 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: uclibc++: make g++-uc* wrappers relocatableJo-Philipp Wich2015-07-031-2/+3
| | | | | | | | | | | | | | | | | | The g++-uc wrapper hardcodes $(STAGING_DIR) and $(TOOLCHAIN_DIR) paths which will not work outside of the original build environment. Replace the hardcoded staging_dir occurences with paths relative to the $STAGING_DIR environment variable to make the g++-uc* wrappers usable in an SDK environment. Fixes the libdb47 build failure reported at https://lists.openwrt.org/pipermail/openwrt-devel/2015-April/032455.html Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r46162 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@46164 3c298f89-4303-0410-b956-a3cf2f4a3e73
* openssl: bump to 1.0.2cSteven Barth2015-06-127-32/+18
| | | | | | | | fixes CVE-2015-4000 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1792 CVE-2015-1791 Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@45951 3c298f89-4303-0410-b956-a3cf2f4a3e73
* hostapd: fix remote denial of service vulnerability in WMM action frame parsingFelix Fietkau2015-05-062-1/+37
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r45619 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@45620 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: openssl: update to v1.0.2a (14 CVEs)Jo-Philipp Wich2015-03-235-174/+20
| | | | | | | | | | Fixes CVE-2015-0204, CVE-2015-0207, CVE-2015-0208, CVE-2015-0209, CVE-2015-0285, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0290, CVE-2015-0291, CVE-2015-0292, CVE-2015-0293, CVE-2015-1787. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44952 3c298f89-4303-0410-b956-a3cf2f4a3e73
* kernel: remove the netfilter optimization that skips the filter table, it ↵Felix Fietkau2015-03-171-1/+0
| | | | | | | | | | has caused too many issues Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r44873 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44874 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ath9k: fix a beacon enable handling bugFelix Fietkau2015-03-121-0/+85
| | | | | | | | Backport of r44696 Signed-off-by: Felix Fietkau <nbd@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44697 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: ubox: fix segmentation fault in insmodJo-Philipp Wich2015-02-262-1/+13
| | | | | | | | | | | | Fix segfault in kmodloader insmod mode due to uninitialized module directory list. Apply the required fix as patch for now since we don't have the ulog infrastructure in BB (yet) required for the git head of ubox. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44550 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: fstools: fix build with enabled ubifs extroot supportJo-Philipp Wich2015-02-251-2/+2
| | | | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r44538 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44539 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: fstools: cumulative backportJo-Philipp Wich2015-02-252-3/+16
| | | | | | | | | | | | | | | | | | | | | | - Adds support for /dev/vd* virtual io - Adds support for overlayfs v23 - Fixes overlayfs mount on 3.18 - Make the block tool ignore case when comparing uuid strings - Fixes sysupgrade on linux 3.18 - Support extroot/ubi - Allows using UBIFS volume as overlay and adds support for Btrfs - Fix exit code of uci-defaults script - Support external overlays on non-MTD systems again - Account for new directory structure of overlayfs partitions (additional upper/ component) - Support executing block from either overlay or rom - Support loading fstab from either overlay or rom - Log extroot failures to dmesg Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r42812, r42890, r43090, r43368, r43480, r43485, r43717, r43868, r44180, r44535 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44537 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: ubox: kmodloader: support loading kmods from multiple directoriesJo-Philipp Wich2015-02-251-2/+2
| | | | | | | | | | | | | | This is required during early boot in the extroot setup phase to support loading kmods from the overlay that depend on kmods on the rom partition. The subsequent mount_root updates will use the LD_LIBRARY_PATH env variable to pass kmod directories to kmodloader. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r42813, r44533 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44536 3c298f89-4303-0410-b956-a3cf2f4a3e73
* samba36: update to 3.6.25, fixes remote code execution bug (CVE-2015-0240)Felix Fietkau2015-02-241-2/+2
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r44515 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44516 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: build: improve feed handling for opkg.confJo-Philipp Wich2015-02-132-3/+10
| | | | | | | | | | | - Consider not installed feeds as well - Add option to decide whether to comment disabled feeds Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r42931 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44441 3c298f89-4303-0410-b956-a3cf2f4a3e73
* openssl: fix upstream regression for non-ec buildsSteven Barth2015-02-092-1/+15
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44365 3c298f89-4303-0410-b956-a3cf2f4a3e73
* openssl: bump to 1.0.2Steven Barth2015-02-099-29/+29
| | | | | | | | Fixes CVE-2014-3513, CVE-2014-3567, CVE-2014-3568, CVE-2014-3566 Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44347 3c298f89-4303-0410-b956-a3cf2f4a3e73
* kernel: add support for NFSv4John Crispin2015-01-283-17/+62
| | | | | | | | | | | | To: openwrt-devel@lists.openwrt.org This work is based on Daniel Colascione's submission to the OpenWrt devel mailing list on January 15th, 2014. I modified his patch so that it applied to the current OpenWrt Barrier Breaker tree. Signed-off-by: W. Michael Petullo <mike@flyn.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44162 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ca-certificates: update to 20141019John Crispin2015-01-281-3/+12
| | | | | | | | | update to version 20141019 and create symbolic link for certificate hashes during installation Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44161 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: fix subject in generated certificatesJo-Philipp Wich2015-01-252-5/+4
| | | | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r44149 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44152 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: px5g: generate unique serial numbersJo-Philipp Wich2015-01-252-4/+8
| | | | | | | | | | | Generate a random serial from /dev/urandom when creating selfsigned certs. Fixes "sec_error_reused_issuer_and_serial" with Firefox. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r43168 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44151 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: gmp: use http instead of ftp download (#18805)Jo-Philipp Wich2015-01-241-1/+1
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r44082 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44095 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: polarssl: update to v1.3.9 and patch CVE-2015-1182Jo-Philipp Wich2015-01-203-41/+15
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@44061 3c298f89-4303-0410-b956-a3cf2f4a3e73
* map: backport fixes from trunkSteven Barth2015-01-133-5/+11
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43962 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: openssl: update to v1.0.1k (8 CVEs)Jo-Philipp Wich2015-01-093-16/+16
| | | | | | | | | Fixes CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572, CVE-2015-0204, CVE-2015-0205, CVE-2014-8275 and CVE-2014-3570. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43889 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: qos-scripts: bump PKG_REVISION and copyright yearJo-Philipp Wich2015-01-061-2/+2
| | | | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r43860 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43862 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: openvpn: bump PKG_REVISION and copyright yearJo-Philipp Wich2015-01-061-2/+2
| | | | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r43859 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43861 3c298f89-4303-0410-b956-a3cf2f4a3e73
* openvpn: backport an upstream fix for a regression in using --cipher none ↵Felix Fietkau2015-01-041-0/+57
| | | | | | | | | | (fixes #18676) Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43823 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43824 3c298f89-4303-0410-b956-a3cf2f4a3e73
* mac80211: fix HT mode selection for ad-hocFelix Fietkau2014-12-221-3/+32
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43769 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43770 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ubi-utils: add mirror md5sumFelix Fietkau2014-12-221-0/+1
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43761 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43764 3c298f89-4303-0410-b956-a3cf2f4a3e73
* uclient: update to the latest version, fixes HTTP digest auth processingFelix Fietkau2014-12-101-2/+2
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43600 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43601 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcp6c: correctly handle renew-replies with short lease timesSteven Barth2014-12-101-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43593 3c298f89-4303-0410-b956-a3cf2f4a3e73
* qos-scripts: fix insmod commandsFelix Fietkau2014-12-081-11/+11
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43562 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43566 3c298f89-4303-0410-b956-a3cf2f4a3e73
* openvpn: update to 2.3.6, fixes CVE-2014-8104Felix Fietkau2014-12-012-25/+46
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43482 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43483 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ath9k: fix hardware tx queue allocation orderFelix Fietkau2014-11-302-2/+59
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43438 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43439 3c298f89-4303-0410-b956-a3cf2f4a3e73
* odhcp6c: backport from trunk to fix busyloopSteven Barth2014-11-281-3/+4
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43416 3c298f89-4303-0410-b956-a3cf2f4a3e73
* Revert "ath9k: fix crashes when using shared IRQs"Felix Fietkau2014-11-1511-140/+18
| | | | | | | | | This backport seems to be incomplete and causing some IRQ related issues. This reverts commit r43240 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43276 3c298f89-4303-0410-b956-a3cf2f4a3e73
* ath9k: fix crashes when using shared IRQsFelix Fietkau2014-11-1311-18/+140
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43239 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43240 3c298f89-4303-0410-b956-a3cf2f4a3e73
* netifd: fix default ORO for 6rdSteven Barth2014-11-082-2/+2
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43215 3c298f89-4303-0410-b956-a3cf2f4a3e73
* mac80211: merge a few pending upstream fixesFelix Fietkau2014-11-0710-18/+161
| | | | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> Backport of r43208 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43209 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: lantiq: vr9: - fix vmmc buildJohn Crispin2014-11-032-5/+18
| | | | | | | | (required not-distributable firmware blob - dump it by yourself from original firmware) Signed-off-by: Eddi De Pieri <eddi@depieri.net> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43161 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: lantiq: vr9: - fix tapi buildJohn Crispin2014-11-031-1/+2
| | | | | | | | (required not-distributable firmware blob - dump it by yourself from original firmware) Signed-off-by: Eddi De Pieri <eddi@depieri.net> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43160 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: lantiq: ltq-vmmc add support for ar9-vr9John Crispin2014-11-031-0/+247
| | | | | | | | (required not-distributable firmware blob - dump it by yourself from original firmware) Signed-off-by: Eddi De Pieri <eddi@depieri.net> git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43156 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: busybox: make high ASCII chars printable (#7993)Jo-Philipp Wich2014-10-272-1/+21
| | | | | | | | | | | | | | Currently busybox utils like "ls" fail to display filenames containing UTF-8 characters, replacing any special characters with "?". Change libbb's printable_string() function to allow high ASCII characters so that unicode filenames are displayed correctls. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r43084 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43085 3c298f89-4303-0410-b956-a3cf2f4a3e73
* BB: px5g-standalone: use /dev/urandom to initialize serial (#18232)Jo-Philipp Wich2014-10-272-4/+27
| | | | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> Backport of r43080 git-svn-id: svn://svn.openwrt.org/openwrt/branches/barrier_breaker@43083 3c298f89-4303-0410-b956-a3cf2f4a3e73
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 04:46:05 +0000