aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
...
* hostapd: declare struct wpa_bss earlyLeon M. George2019-11-141-0/+19
| | | | | | | | | | | | | | | | | wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if CONFIG_WPS is not defined. With the later inclusion of 600-ubus_support, the issue manifests in warnings like these: wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration struct wpa_bss *bss) ^~~~~~~ This patch forward declares 'struct wpa_bss' regardless. Signed-off-by: Leon M. George <leon@georgemail.eu> [commit message facelift] Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit f974f8213b94578581b35e6b3f8fb1fd5a35f753)
* hostapd: revert signature change in patchLeon M. George2019-11-141-1/+1
| | | | | | | | | | | | | The original wpa_hexdump uses a 'void *' for the payload. With patch 410-limit_debug_messages, the signature changes and compiler warnings occur at various places. One such warning is: wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *' Signed-off-by: Leon M. George <leon@georgemail.eu> [commit message facelift] Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit a123df275846b1b83aaf3d7488a1544f7c0e09aa)
* hostapd: adjust removed wolfssl optionsEneas U de Queiroz2019-11-141-4/+0
| | | | | | | | | | This edjusts the selection of recently removed wolfssl options which have always been built into the library even in their abscence. Also remove the selection of libwolfssl itself, allowing the library to be built as a module. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 94d131332b5adbcf885a92608c40a22b79b3c708)
* base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2Russell Senior2019-11-141-1/+1
| | | | | | | | Discovered recent changes had broken sysupgrade for ar71xx mikrotik rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after switching to tmpfs. Signed-off-by: Russell Senior <russell@personaltelco.net>
* ath79: update uboot-envtools for Netgear WNR routersMichal Cieslakiewicz2019-11-121-0/+4
| | | | | | | | | Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700. Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl> (cherry picked from commit d47b68700644f37084b82845e9557b1e9954f533) [removed WNR1000v2/WNR2000v3 since not supported in 19.07] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ar71xx: update uboot-envtools for Netgear WNR routersMichal Cieslakiewicz2019-11-121-1/+10
| | | | | | | | Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300. Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1). Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl> (cherry picked from commit 11052900494ec8216b9b39ba0b24d5e036f4d323)
* firmware: intel-microcode: bump to 20190918Zoltan HERPAI2019-11-111-2/+2
| | | | | | | | | | | | | | | | | | | | * New upstream microcode datafile 20190918 *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given the set of processors being updated. * Updated Microcodes: sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456 sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432 sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336 sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720 sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200 sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768 sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576 sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576 sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456 Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* firmware: intel-microcode: bump to 20190618Zoltan HERPAI2019-11-111-2/+2
| | | | | | | | | | * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223 CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 * Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432 sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456 Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* firmware: intel-microcode: bump to 20190514Zoltan HERPAI2019-11-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * New Microcodes: sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224 sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224 sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224 sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632 sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608 sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104 sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304 sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328 sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304 sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304 sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280 * Updated Microcodes: sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288 sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336 sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456 sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384 sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408 sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816 sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432 sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504 sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600 sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336 sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352 sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720 sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768 sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768 sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576 sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552 sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456 sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408 sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360 sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352 sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264 sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728 sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304 sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328 sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328 sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304 sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280 sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328 sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304 sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328 sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304 sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280 * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223 CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-11-101-3/+3
| | | | | | | 77ad0de plugin: avoid truncating numeric values Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit aa89bdcd04676b21cbe3e8a7b8df3545a86d947a)
* wolfssl: update to v4.2.0-stableEneas U de Queiroz2019-11-103-142/+4
| | | | | | | | | | | | | | | | Many bugs were fixed--2 patches removed here. This release of wolfSSL includes fixes for 5 security vulnerabilities, including two CVEs with high/critical base scores: - potential invalid read with TLS 1.3 PSK, including session tickets - potential hang with ocspstaping2 (always enabled in openwrt) - CVE-2019-15651: 1-byte overread when decoding certificate extensions - CVE-2019-16748: 1-byte overread when checking certificate signatures - DSA attack to recover DSA private keys Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit f4853f7cca816214cd6e64cffe2b73d0b8c16def)
* wolfssl: allow building with hw-crytpo and AES-CCMEneas U de Queiroz2019-11-104-21/+160
| | | | | | | | | Hardware acceleration was disabled when AES-CCM was selected as a workaround for a build failure. This applies a couple of upstream patches fixing this. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit ab19627ecc3923687fd339f4f23dc45572d00ce0)
* ustream-ssl: update to latest Git HEADJo-Philipp Wich2019-11-102-59/+3
| | | | | | | | c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect Fixes: CVE-2019-5101, CVE-2019-5102 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 6f9157e6bdea91507af84acdf53da7c0e6879bc1)
* ustream-ssl: Update to latest git HEADHauke Mehrtens2019-11-101-5/+5
| | | | | | | | | | | 465f8dc wolfssl: adjust to new API in v4.2.0 3b06c65 Update example certificate & key, fix typo 1c38fd8 wolfssl: enable CN validation 33308ee ustream-io-cyassl.c: fix client-mode connections 79d91aa Remove CyaSSL, WolfSSL < 3.10.4 support Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 57ff06405e09ebce705c01178143c3ce907993b2)
* mac80211: Fix dependencies of kmod-rsi91x-usbHauke Mehrtens2019-11-091-2/+2
| | | | | | | | | | | Instead of depending on kmod-usb2 make it depend on the normal USB dependencies. This should hopefully fix some problems seen in the build bot builds for powerpc_8540. In addition also activate DRIVER_11N_SUPPORT support. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 3ff3b044c01949cd7280978b17d0348ee9e7f4ae)
* strace: Fix build on PowerPCHauke Mehrtens2019-11-091-17/+0
| | | | | | | | | This patch breaks building on PowerPC, like the mpc85xx_generic target for me. Fixes: FS#2585 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit b01305c8d26d8eb3525cf79591075601b04736cc)
* uboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELROHauke Mehrtens2019-11-092-11/+9
| | | | | | | | | | Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool. In addition also use the more standard make invocation script. With this change the fw_printenv tool is built with PIE and Full RELRO support when activated globally in OpenWrt. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com> (cherry picked from commit b7b2be0b268ced260ca8df84be1b0d469aaf6e38)
* xfsprogs: Fix compilation with newer muslRosen Penev2019-11-093-6/+49
| | | | | | | Backported upstream patch. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 39035df71c37d474be2cb2a0fad8d70da095c68b)
* curl: bump to 7.66.0Hans Dedecker2019-11-072-4/+4
| | | | | | | | | | | Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0 Fixes CVEs: CVE-2019-5481 CVE-2019-5482 Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (cherry picked from commit 71cf4a272c9cf7d6e604e6327d0c94aeceac26e7)
* mac80211 ath9k: force QCA953x clock to 25MHzDavid Bauer2019-11-061-6/+13
| | | | | | | | | | | | The QCA953x only supports 25 MHz refclk, however some OEMs set an invalid bootstrap value for the REF_CLK option, which would break the clock detection in ath9k. Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the datasheet) the only valid frequency. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 4c6fe32468bc60cc25a8c298498c0be3c73e7378)
* OpenWrt v19.07.0-rc1: revert to branch defaultsJo-Philipp Wich2019-11-061-2/+2
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* OpenWrt v19.07.0-rc1: adjust config defaultsv19.07.0-rc1Jo-Philipp Wich2019-11-061-2/+2
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ath10k-firmware: update Candela Tech firmware imagesKoen Vandeputte2019-11-051-24/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The release notes since last time for wave-1: * October 5, 2019: Fix too-short msg caused by invalid use of PayloadLen in receive path. This appears to resolve the issue of getting (and ignoring) too-short commands when we detect loss of CE interrupts and go into polling mode. * October 12, 2019: Fix regression in IBSS mode that caused SWBA overrun issues. Related to regression added during the ct-station logic, specifically TSF allocation. Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test. * October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being used (based on CT_STATS_OK flag being set). This should help CT firmware work better on stock driver. The release notes since last time for wave-2: * October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set). This should help CT firmware work better on stock driver. * October 31, 2019: Compile out peer-ratecode-list-event. ath10k driver ignores the event. * November 1, 2019: Fix rate-ctrl related crash when nss and other things were changed while station stays associated. See bug: https://github.com/greearb/ath10k-ct/issues/96 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> (cherry picked from commit e716e93a2f7290086f49992c9980773c88100c3a)
* ustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102Jo-Philipp Wich2019-11-052-1/+57
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: rt2x00: backport upstream patchesDaniel Golle2019-11-0529-35/+1494
| | | | | | | | | | | | | | | | | | | | | | Import patches from upstream to sync 19.07 with master: 9f3e3323e996 rt2x00: allow to specify watchdog interval 2034afe4db4a rt2800: add helpers for reading dma done index 759c5b599cf4 rt2800: initial watchdog implementation 09db3b000619 rt2800: add pre_reset_hw callback 710e6cc1595e rt2800: do not nullify initialization vector data e403fa31ed71 rt2x00: add restart hw 0f47aeeada2a rt2800: do not enable watchdog by default 41a531ffa4c5 rt2x00usb: fix rx queue hang 3b902fa811cf rt2x00usb: remove unnecessary rx flag checks 1dc244064c47 rt2x00: no need to check return value of debugfs_create functions 706f0182b1ad rt2800usb: Add new rt2800usb device PLANEX GW-USMicroN 95844124385e rt2x00: clear IV's on start to fix AP mode regression 567a9b766b47 rt2x00: do not set IEEE80211_TX_STAT_AMPDU_NO_BACK on tx status 14d5e14c8a6c rt2x00: clear up IV's on key removal 13fa451568ab Revert "rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band" --pending-- rt2800: remove errornous duplicate condition Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: enable PMKSA and OK caching for WPA3-PersonalDavid Bauer2019-11-051-1/+8
| | | | | | | | | | | | | | | This enables PMKSA and opportunistic key caching by default for WPA2/WPA3-Personal, WPA3-Personal and OWE auth types. Otherwise, Apple devices won't connect to the WPA3 network. This should not degrade security, as there's no external authentication provider. Tested with OCEDO Koala and iPhone 7 (iOS 13.1). Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 3034f8c3b85e70b1dd9b4cd5cd33e9d2cd8be3b8) Signed-off-by: David Bauer <mail@david-bauer.net>
* uboot-fritz4040: build with ipq40xx "generic" subtargetYousong Zhou2019-11-031-0/+1
| | | | | | | Fixes: 853e4dd3 ("ipqx0xx: add Generic subtarget") Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (cherry picked from commit 40e3f660c1c0f400092cce09feb8c13bec97caeb)
* libevent2: Update to 2.1.11Daniel Engberg2019-11-015-81/+94
| | | | | | | | | | | | | | | Update libevent to 2.1.11 Use CMake instead GNU Autotools Backport following commits: https://github.com/libevent/libevent/commit/f05ba671931e2b4e38459899f6f63f79f99869fe ..and partially https://github.com/libevent/libevent/commit/7201062f3ef505a77baa6ccaf1cf73812462308a to fix compilation Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> (cherry picked from commit f351beedfd47766e5e44a04af50e3724bec54dbc) (resolves FS#2435) Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-11-011-3/+3
| | | | | | | | | | | | | | | | d442d62 plugin: fix double free in finish callback ee26d83 main: exec_self: make clang analyzer happy 90e40bd file: exec: properly free memory on error 9ecfada uci: free configs list memory on return 32fba36 exec: always call finish_cb to allow plugin to free up memory ca3e2d5 plugin: do not free method name separately 02c6e1d exec: properly free memory on rpc_exec() error cc50263 plugin: exec: properly free memory on parse error bd0ed25 uci: reset uci_ptr flags when merging set operations 37aa919 plugin: fix leaking invoked method name for exec plugins Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit c2675bb0cef373ff59fcc2dbd77471d244bbc774)
* kernel: mark kmod-usb-serial-wwan as hiddenYousong Zhou2019-10-301-2/+2
| | | | | | | | | | The kconfig symbol is an invisible one since its introduction. It is not supposed to be enabled on its own. Resolves FS#1821 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (cherry picked from commit 4bf9bec361699e1c033460964158531adf15d7ee)
* mac80211: add an improved moving average algorithm to minstrelFelix Fietkau2019-10-303-0/+733
| | | | | | | | Improves rate control responsiveness and performance Signed-off-by: Felix Fietkau <nbd@nbd.name> [reworked to apply on 4.19.79 mac80211 + renumbered + refreshed] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047David Bauer2019-10-271-5/+5
| | | | | | | | | This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt master and 19.07. 18.06 seems not affected from our testing. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 641a93f0f226aa1b4e27bc6f1fc36f9fe63a11a0) Signed-off-by: David Bauer <mail@david-bauer.net>
* ath10k-firmware: retrieve wave 1 firmware from kvaloDavid Bauer2019-10-272-4/+4
| | | | | | | | | | | | | | | This commit changes the source of the Wave 1 ath10k-firmware from linux-firmware to Kall Valos ath10k-firmware repository. This is necessary as the firmware selected in linux-firmware produces frequent crashes in some circumstances. This patch can be removed as soon as linux-firmware carries 10.2.4-1.0-00047 firmware. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit a3914783a32d4fe3612383391cd72638931f1cea) Signed-off-by: David Bauer <mail@david-bauer.net>
* openssl: Add engine configuration to openssl.cnfEneas U de Queiroz2019-10-202-1/+57
| | | | | | | | | | | | | This adds engine configuration sections to openssl.cnf, with a commented list of engines. To enable an engine, all you have to do is uncomment the engine line. It also adds some useful comments to the devcrypto engine configuration section. Other engines currently don't have configuration commands. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit cebf024c4d9fd761e55383a582f7e29ac7cc921c) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* tcpdump: update to 4.9.3DENG Qingfang2019-10-194-19/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixed CVEs: CVE-2017-16808 CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16301 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166 CVE-2019-15167 Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn> (cherry picked from commit 394273c066b8f4317b77f3ede216cfcdd45250c1)
* libpcap: update to 1.9.1DENG Qingfang2019-10-196-38/+19
| | | | | | | | | | | | | Fixed CVEs: CVE-2018-16301 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn> (cherry picked from commit 44f11353de044834a442d3192b66579b99305720)
* kernel: fix typos in video KernelPackage descriptionSungbo Eo2019-10-191-2/+2
| | | | | | | | Fixes: 4b3d17b709a5 ("kernel: add kmod-fb-sys-ram") Fixes: b774acb47912 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (cherry picked from commit 9f73fad359663fef4decc7440796ec7d3b2b70f7)
* uClibc++: Fix three bugsRosen Penev2019-10-196-20/+221
| | | | | | | | | | | | | | | | | | | | | | | | The first allows usage of several functions in the std namespace, which broke compilation of gddrescue specifically with uClibc-ng and uClibc++. The second allows usage of long long with normal C++11, which is part of the standard. Before, std=gnu++11 needed to be passsed to work around it. As a result of the second patch, the pedantic patch can safely be removed. Both patches are upstream backports. Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long. Added another patch that fixes a typo with the long long support. Sent to upstream. Fixed up license information according to SPDX. Small cleanups for consistency. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 6ab386c9bc23420816fbcefc84b62cf5438b2c66)
* hostapd: adjust to removal of WOLFSSL_HAS_AES_GCMEneas U de Queiroz2019-10-191-1/+0
| | | | | | | WolfSSL is always built with AES-GCM support now. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit ee5a3f6d605602bbff57cde337235088cf9c3ffa)
* trelay: fix deadlock on removeAli MJ Al-Nasrawy2019-10-191-7/+21
| | | | | | | | | | | | Upon writing to "remove" file, debugfs_remove_recursive() blocks while holding rtnl_lock. This is because debugfs' file_ops callbacks are executed in debugfs_use_file_*() context which prevents file removal. Fix this by only flagging the device for removal and then do the cleanup in file_ops.release callback which is executed out of that context. Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com> (cherry picked from commit c2635b871d1dd03a6608a9255222672decd49e09)
* trelay: handle netdevice events correctlyAli MJ Al-Nasrawy2019-10-191-1/+1
| | | | | | | | | | | | | | Since v3.11, netdevice notification data are of type "struct netdev_notifier_info". Handle it as such! This should fix a critical bug in which devices are unable get released because trelay does not release resources in response to UNREGISTER event spamming the log with something like: unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1 Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com> (cherry picked from commit 77cfc0739d30c1282f7de24d2ec086d244e34bb7)
* bzip2: add linker option LDFLAGSleo chung2019-10-191-0/+11
| | | | | | | | | | | if gcc not linker whith this LDFLAGS, "file libbz2.so.1.0.8" will recognize as pie executable ELF file ( which should be shared object). this because the file command version before 5.36 not recognize correctly. Signed-off-by: leo chung <gewalalb@gmail.com> (cherry picked from commit 56ab58fb6ce29329963619d5a4fffa9d5828176e)
* mac80211: Update to version 4.19.79Hauke Mehrtens2019-10-199-46/+27
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* lantiq: Fix fw_cutter LzmaWrapperChristian Franke2019-10-181-1/+1
| | | | | | | | | The destination buffer size `d_len` is passed to `lzma_inflate` as a pointer. Therefore, it needs to be dereferenced to compare its content. Signed-off-by: Christian Franke <nobody@nowhere.ws> (cherry picked from commit d544bc84a07f299ac1e513715301cae5fbd30923) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-10-181-3/+3
| | | | | | | 95f0973 file: increase minimum read buffer size to 4096 bytes Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 2a603cfcfccc4b20b10b7992bc07be0945345ed9)
* rpcd: update to latest Git HEADJo-Philipp Wich2019-10-181-3/+3
| | | | | | | e2a7bc4 iwinfo: add WPA3 support Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit d6a405280f0156a2dad7d9cfa96695d53ed87dab)
* rpcd: update to latest Git HEADJo-Philipp Wich2019-10-181-4/+4
| | | | | | | | | | | | 69eeb1b file: refactor message parsing and permission checking f65527a iwinfo: expose all rate info fields in assoclist reply 7fec636 sys: fix symbol redeclaration 27c24c7 rpcd: sys: actually move timespec declaration 345363b file: add remove operation 604db20 rpcd: Switch to nanosleep Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 2f9f8769e334d2e8d0bac4edadbcf6bcdd229519)
* fwtool: do not omit final 16 byte when image does not contain signatureJo-Philipp Wich2019-10-172-2/+4
| | | | | | | | | | | | | | | | | | | The fwutil command will interpret the final 16 byte of a given firmware image files as "struct fwimage_trailer". In case these bytes do look like a valid trailer, we must ensure that we print them out along with the remainder of the image to not accidentally truncate non-trailer-images by 16 bytes when they're piped through fwtool, e.g. as part of an image verification command sequence. Some command sequences pipe images through fwtool in order to strip any possible metadata, certificate or signature trailers and do not expect bare images without any of that metadata to get truncated as other non- fwtool specific metadata is expected at the end of the file, e.g. an information block with an md5sum in case of the combined image format. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 889b841048c5eb7f975135cab363f1fdd9b6cfa1)
* iwinfo: update to latest Git HEADJo-Philipp Wich2019-10-161-3/+3
| | | | | | | | 07315b6 nl80211: handle hidden SSIDs in wpa_supplicant scan results 3ac846e lua: fix string description of mixed WPA3 modes Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit bc61458b73c04f900c358be8b7ed37c84298472a)
* gdb: bump to 8.3.1Koen Vandeputte2019-10-155-29/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3: PR c++/20020 (GDB segfault on printing objects) PR gdb/24454 (nat/x86-linux-dregs.c failed assertion) PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned) PR symtab/24545 (Symbol loading performance regression with cc1) PR gdb/24592 (amd64->i386 linux syscall restart problem) PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException') PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background) PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries) This corrective release also brings the following testsuite fixes and enhancements: PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests) PR testsuite/25016 (Test-case failures for -pie) GDB 8.3 includes the following changes and enhancements: * Support for new native configurations (also available as a target configuration): - RISC-V GNU/Linux (riscv*-*-linux*) - RISC-V FreeBSD (riscv*-*-freebsd*) * Support for new target configurations: - CSKY ELF (csky*-*-elf) - CSKY GNU/Linux (csky*-*-linux) - NXP S12Z ELF (s12z-*-elf) - OpenRISC GNU/Linux (or1k*-*-linux*) * Native Windows debugging is only supported on Windows XP or later. * The Python API in GDB now requires Python 2.6 or later. * GDB now supports terminal styling for the CLI and TUI. Source highlighting is also supported by building GDB with GNU Highlight. * Experimental support for compilation and injection of C++ source code into the inferior (requires GCC 7.1 or higher, built with libcp1.so). * GDB and GDBserver now support IPv6 connections. * Target description support on RISC-V targets. * Various enhancements to several commands: - "frame", "select-frame" and "info frame" commands - "info functions", "info types", "info variables" - "info thread" - "info proc" - System call alias catchpoint support on FreeBSD - "target remote" support for Unix Domain sockets. * Support for displaying all files opened by a process * DWARF index cache: GDB can now automatically save indices of DWARF symbols on disk to speed up further loading of the same binaries. * Various GDB/MI enhancements. * GDBserver on PowerPC GNU/Linux now supports access to the PPR, DSCR, TAR, EBB/PMU, and HTM registers. * Ada task switching support when debugging programs built with the Ravenscar profile added to aarch64-elf. * GDB in batch mode now exits with status 1 if the last executed command failed. * Support for building GDB with GCC's Undefined Behavior Sanitizer. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 21:39:05 +0000