aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* OpenWrt v19.07.8: revert to branch defaultsHauke Mehrtens2021-08-011-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v19.07.8: adjust config defaultsv19.07.8Hauke Mehrtens2021-08-011-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ubus: update to version 2021-07-01Petr Štetiar2021-07-291-3/+3
| | | | | | | | This update cherry picks following fix: * ubusd: fix tx_queue linked list usage Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ubus: update to version 2021-06-03Petr Štetiar2021-07-291-4/+4
| | | | | | | | | | | | | This update cherry picks following changes: * cmake: add a possibility to set library version * ubusd: protect against too-short messages * ubusd: add per-client tx queue limit * ubusd: convert tx_queue to linked list * lua: avoid truncation of large numeric values Fixes: FS#1525 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ubus: backport SOVERSION supportPetr Štetiar2021-07-291-3/+5
| | | | | | | | | | | Add a support for setting of new `ABIVERSION` CMake define which allows to control the SOVERSION used for the built shared library. This is needed for downstream packaging to properly track breaking ABI changes when updating to newer versions of the library. Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Petr Štetiar <ynezz@true.cz> (backported from commit 8edb1797d55d259c6eda18c89784f152328436fc)
* ath10k-ct: add security fixesMichael Yartys2021-07-028-74/+35
| | | | | | | | | | | | This rebases -ct changes on top of upstream stable kernel's latest code. Including the wifi security fixes that recently went in. Removed upstreamed 203-ath10k-Limit-available-channels-via-DT-ieee80211-fre.patch and refreshed patches. Signed-off-by: Michael Yartys <michael.yartys@protonmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> [backport] (backported from commit 2e10ed925e1e07c28570731a429efa5e7de3b826)
* base-files: fix /tmp/TZ when zoneinfo not installedPaul Spooren2021-06-251-7/+4
| | | | | | | | | | | | | The zoneinfo packages are not installed per default so neither /tmp/localtime nor /tmp/TZ is generated. This patch mostly reverts the previous fix and instead incooperates a solution suggested by Jo. Fixes "base-files: fix zoneinfo support " 8af62ed Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 56bdb6bb9781f8a0bbec5fc3075b9d2b8d12f9a8)
* base-files: fix zoneinfo supportRosen Penev2021-06-231-7/+9
| | | | | | | | | | | | | | | | | The system init script currently sets /tmp/localinfo when zoneinfo is populated. However, zoneinfo has spaces in it whereas the actual files have _ instead of spaces. This made the if condition never return true. Example failure when removing the if condition: /tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles This file does not exist. America/Los_Angeles does. Ran through shfmt -w -ci -bn -sr -s Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 8af62ede189aa504135db05474d34c9f8a1ed35d)
* mac80211: distance config: allow "auto" as a valueAli MJ Al-Nasrawy2021-06-231-1/+2
| | | | | | | | | | The user can now enable the ACK timeout estimation algorithm (dynack) for drivers that support it. It is also expected that the distance config accepts the same values as: $ iw phyX set distance XXX Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com> (cherry picked from commit a8a1ef856871dc8403ea9c0a3bb347c7120b0e65)
* mac80211: Update to backports version 4.19.193-test1Hauke Mehrtens2021-06-0616-58/+58
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ubox: fix init script validation of log_ip optionJo-Philipp Wich2021-05-282-2/+2
| | | | | | | | | The underlying logread process uses usock() to handle remote connections which is able to handle both hostnames and IP addresses. Ref: https://github.com/openwrt/luci/issues/5077 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit ec83fb9ced138b7945135adffb9ff0ba63b695ec)
* openwrt-keyring: Only copy sign key for 19.07 and 21.02Hauke Mehrtens2021-05-161-2/+5
| | | | | | | | | | | Instead of adding all public signature keys from the openwrt-keyring repository only add the key which is used to sign the OpenWrt 19.07 feeds and the 21.02 feeds to allow checking the next release. If one of the other keys would be compromised this would not affect users of 19.07 release builds. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openwrt-keyring: add OpenWrt 21.02 GPG/usign keysPetr Štetiar2021-05-161-3/+3
| | | | | | | | 49283916005d usign: add 21.02 release build pubkey bc4d80f064f2 gpg: add OpenWrt 21.02 signing key Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 1bf6d70e60fdb45d81a8f10b90904cef38c73f70)
* mac80211: Update to backports version 4.19.189-1Hauke Mehrtens2021-05-0444-499/+146
| | | | | | The removed patches were applied upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* dropbear: Fix CVE-2020-36254Hauke Mehrtens2021-05-031-0/+21
| | | | | | | | This backports a fix from dropbear 2020.81. CVE-2020-36254 description: scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openvpn: update to 2.4.11Magnus Kroken2021-05-022-3/+3
| | | | | | | | | | | | Fixes two related security vulnerabilities (CVE-2020-15078) which under very specific circumstances allow tricking a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. This release also includes other bug fixes and improvements. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openvpn: update to 2.4.9Magnus Kroken2021-05-023-4/+4
| | | | | | | | | | | | | | | | This is primarily a maintenance release with bugfixes and improvements. This release also fixes a security issue (CVE-2020-11810) which allows disrupting service of a freshly connected client that has not yet negotiated session keys. The vulnerability cannot be used to inject or steal VPN traffic. Release announcement: https://openvpn.net/community-downloads/#heading-13812 Full list of changes: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.9 Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry-picked from commit d7e98bd7c5316f95cc11635371a39c6c0e18b9a7)
* openvpn: update to 2.4.8Magnus Kroken2021-05-025-6/+129
| | | | | | | | | | | Backport two upstream commits that allow building openvpn-openssl without OpenSSLs deprecated APIs. Full changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.8 Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry-picked from commit bf43e5bbf91ca1a90df8dae3e2cce6bbb61d5cd9)
* ppp/pppoe-discovery: fix -W optionMartin Schiller2021-05-021-0/+60
| | | | | | | | | This patch is already included in ppp-2.4.9 which is used in openwrt master. Backport this patch to openwrt-19.07. Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* mac80211: backport upstream fixesKoen Vandeputte2021-04-098-1/+354
| | | | | | | Refreshed all patches. Includes all fixes up to 4.19.184 Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
* openssl: bump to 1.1.1kEneas U de Queiroz2021-03-272-24/+23
| | | | | | | | | | | | | This version fixes 2 security vulnerabilities, among other changes: - CVE-2021-3450: problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. - CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 0bd0de7d43b3846ad0d7006294e1daaadfa7b532)
* openssl: sync package download URLs with masterPetr Štetiar2021-03-271-3/+5
| | | | | | | Apparently it fixes some broken URLs and as a bonus it makes cherry-picking of fixes easier. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* mbedtls: update to 2.16.10Magnus Kroken2021-03-272-13/+13
| | | | | | | | | | | | | | | | | | | | This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for security issues. Security fixes: * Fix a buffer overflow in mbedtls_mpi_sub_abs() * Fix an errorneous estimation for an internal buffer in mbedtls_pk_write_key_pem() * Fix a stack buffer overflow with mbedtls_net_poll() and mbedtls_net_recv_timeout() * Guard against strong local side channel attack against base64 tables by making access aceess to them use constant flow code Full release announcement: https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10 Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry picked from commit dbde2bcf60b5d5f54501a4b440f25fe7d02fbe5d)
* mwlwifi: add PKG_FLAGS:=nonsharedDaniel Golle2021-03-241-0/+1
| | | | | | | | | This should fix the problem of mwlwifi-firmware-* not being found when using the ImageBuilder. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 9b3aaf1cdb873cc2a7b2f2ef4e72ddb716afba38) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* wolfssl: bump to v4.7.0-stableEneas U de Queiroz2021-03-065-92/+4
| | | | | | | | | | | | | | | Biggest fix for this version is CVE-2021-3336, which has already been applied here. There are a couple of low severity security bug fixes as well. Three patches are no longer needed, and were removed; the one remaining was refreshed. This tool shows no ABI changes: https://abi-laboratory.pro/index.php?view=objects_report&l=wolfssl&v1=4.6.0&v2=4.7.0 Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit d1dfb577f1c0d5b1f1fa35000c9ad7abdb7d10ed)
* hostapd: P2P: Fix a corner case in peer addition based on PD RequestStefan Lippers-Hollmann2021-03-062-1/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | p2p_add_device() may remove the oldest entry if there is no room in the peer table for a new peer. This would result in any pointer to that removed entry becoming stale. A corner case with an invalid PD Request frame could result in such a case ending up using (read+write) freed memory. This could only by triggered when the peer table has reached its maximum size and the PD Request frame is received from the P2P Device Address of the oldest remaining entry and the frame has incorrect P2P Device Address in the payload. Fix this by fetching the dev pointer again after having called p2p_add_device() so that the stale pointer cannot be used. This fixes the following security vulnerabilities/bugs: - CVE-2021-27803 - A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range. Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery Request") Signed-off-by: Jouni Malinen <jouni@codeaurora.org> Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> (cherry picked from commit 1ca5de13a153061feae260864d73d96f7c463785)
* Revert "base-files: source functions.sh in /lib/functions/system.sh"Adrian Schmutzler2021-03-012-3/+1
| | | | | | | | | | | | | | | | This reverts commit 86aeac4fc98f42ac0ce7e0dcf1cb240e16b28f8f. The reverted commit introduced a cyclic dependency between /lib/functions.sh and /lib/functions/system.sh. Further details are found in 282e8173509a ("base-files: do not source system.sh in functions.sh"), which was applied to master some time ago and is included in 21.02. With the current age of 19.07 branch, it seems safer to revert this mostly cosmetic feature than investing further time into disentangling the dependencies. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: source functions.sh in /lib/functions/system.shAdrian Schmutzler2021-02-242-1/+3
| | | | | | | | | The file /lib/functions/system.sh depends on find_mtd_index() and find_mtd_part() located in /lib/function.sh, so let's source that file. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (backported from commit ae636effd24a7637cefca58a143063f395c82d05)
* hostapd: backport ignoring 4addr mode enabling errorRaphaël Mélotte2021-02-202-1/+79
| | | | | | | | | | | | | | | | | | | This is a backport of the upstream commit 58bbbb598144 ("nl80211: Ignore 4addr mode enabling error if it was already enabled"). nl80211_set_4addr_mode() could fail when trying to enable 4addr mode on an interface that is in a bridge and has 4addr mode already enabled. This operation would not have been necessary in the first place and this failure results in disconnecting, e.g., when roaming from one backhaul BSS to another BSS with Multi AP. Avoid this issue by ignoring the nl80211 command failure in the case where 4addr mode is being enabled while it has already been enabled. Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be> [bump PKG_RELEASE, more verbose commit description] Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit fb860b4e418c28a0f388f215e5acce103dcee1bf)
* openssl: bump to 1.1.1jEneas U de Queiroz2021-02-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes 4 security vulnerabilities/bugs: - CVE-2021-2839 - SSLv2 vulnerability. Openssl 1.1.1 does not support SSLv2, but the affected functions still exist. Considered just a bug. - CVE-2021-2840 - calls EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. - CVE-2021-2841 - The X509_issuer_and_serial_hash() function attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it was failing to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. - Fixed SRP_Calc_client_key so that it runs in constant time. This could be exploited in a side channel attack to recover the password. The 3 CVEs above are currently awaiting analysis. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 482c9ff289c65480c8e7340e1740db24c62f91df)
* OpenWrt v19.07.7: revert to branch defaultsHauke Mehrtens2021-02-161-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v19.07.7: adjust config defaultsv19.07.7Hauke Mehrtens2021-02-161-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mt76: update to the latest versionDavid Bauer2021-02-151-3/+3
| | | | | | 5c768de mt76: mt76x0: disable GTK offloading Signed-off-by: David Bauer <mail@david-bauer.net>
* mac80211: Remove 357-mac80211-optimize-skb-resizing.patchHauke Mehrtens2021-02-144-221/+6
| | | | | | | | | This patch was adapted to apply on top of some stable changes, but we are not sure if this is working correctly. Felix suggested to remove this patch for now. Fixes: 0a59e2a76e6d ("mac80211: Update to version 4.19.161-1") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* wolfssl: Backport fix for CVE-2021-3336Hauke Mehrtens2021-02-102-1/+54
| | | | | | | | | | | | | This should fix CVE-2021-3336: DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). The patch is backported from the upstream wolfssl development branch. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 1f559cafe5cc1193a5962d40a2d938c66c783171)
* hostapd: fix P2P group information processing vulnerabilityDaniel Golle2021-02-042-1/+39
| | | | | | | | | | | | | | A vulnerability was discovered in how wpa_supplicant processing P2P (Wi-Fi Direct) group information from active group owners. This issue was discovered by fuzz testing of wpa_supplicant by Google's OSS-Fuzz. https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt Signed-off-by: Daniel Golle <daniel@makrotopia.org> [added the missing patch] Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry-picked from commit 7c8c4f1be648aff9f1072ee27a2cc8f6a4a788ef)
* opkg: update to latest git HEAD of branch openwrt-19.07Baptiste Jonglez2021-02-031-3/+3
| | | | | | | | | | | | | c5dccea libopkg: fix md5sum calculation 7cad0c0 opkg_verify_integrity: better logging and error conditions 14d6480 download: purge cached packages that have incorrect checksum 456efac download: factor out the logic for building cache filenames b145030 libopkg: factor out checksum and size verification 74bac7a download: remove compatibility with old cache naming scheme Fixes: FS#2690 Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
* wolfssl: enable HAVE_SECRET_CALLBACKFelix Fietkau2021-02-021-0/+10
| | | | | | | Fixes wpad-wolfssl build Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 55e23f2c02ae95e84613ed7d1cbf8aba557b8682)
* wolfssl: Fix hostapd build with wolfssl 4.6.0Hauke Mehrtens2021-02-021-0/+25
| | | | | | | | | | | | | This fixes the following build problem in hostapd: mipsel-openwrt-linux-musl/bin/ld: /builder/shared-workdir/build/tmp/ccN4Wwer.ltrans7.ltrans.o: in function `crypto_ec_point_add': <artificial>:(.text.crypto_ec_point_add+0x170): undefined reference to `ecc_projective_add_point' mipsel-openwrt-linux-musl/bin/ld: <artificial>:(.text.crypto_ec_point_add+0x18c): undefined reference to `ecc_map' mipsel-openwrt-linux-musl/bin/ld: /builder/shared-workdir/build/tmp/ccN4Wwer.ltrans7.ltrans.o: in function `crypto_ec_point_to_bin': <artificial>:(.text.crypto_ec_point_to_bin+0x40): undefined reference to `ecc_map' Fixes: ba40da9045f7 ("wolfssl: Update to v4.6.0-stable") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit e7d0d2e9dcaa0ff1197fb7beee139b6a5bd35c79)
* wolfssl: Update to v4.6.0-stableEneas U de Queiroz2021-02-023-30/+3
| | | | | | | | | | | | | | | | | | | This version fixes a large number of bugs and fixes CVE-2020-36177. Full changelog at: https://www.wolfssl.com/docs/wolfssl-changelog/ or, as part of the version's README.md: https://github.com/wolfSSL/wolfssl/blob/v4.6.0-stable/README.md Due a number of API additions, size increases from 374.7K to 408.8K for arm_cortex_a9_vfpv3-d16. The ABI does not change from previous version. Backported patches were removed; remaining patch was refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> [added reference to CVE] Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit ba40da9045f77feb04abe63eb8a92f13f9efe471)
* mt76: update to the latest versionDavid Bauer2021-02-011-3/+3
| | | | | | 4ba1709 mt76: mt7603: add additional EEPROM chip ID Signed-off-by: David Bauer <mail@david-bauer.net>
* wireguard: Fix compile with kernel 4.14.217Hauke Mehrtens2021-01-292-1/+22
| | | | | | | | Backport a patch from wireguard to fix a compile problem with kernel 4.14.217. Fixes: 2ecb22dc51a5 ("kernel: bump 4.14 to 4.14.217") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* dnsmasq: backport fixesHauke Mehrtens2021-01-244-1/+97
| | | | | | | | | This should fix some error messages shown in the log like this one: dnsmasq[16020]: failed to send packet: Network unreachable dnsmasq[16020]: failed to send packet: Address family not supported by protocol Fixes: e87c0d934c54 ("dnsmasq: Update to version 2.83") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* netifd: fix IPv6 routing loop on point-to-point linksHans Dedecker2021-01-211-3/+3
| | | | | | 753c351 interface-ip: add unreachable route if address is offlink Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* odhcp6c: fix IPv6 routing loop on point-to-point linksHans Dedecker2021-01-211-3/+3
| | | | | | | 64e1b4e ra: fix routing loop on point to point links f16afb7 ra: align ifindex resolving Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* OpenWrt v19.07.6: revert to branch defaultsHauke Mehrtens2021-01-191-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v19.07.6: adjust config defaultsv19.07.6Hauke Mehrtens2021-01-191-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* dnsmasq: Backport some security updatesHauke Mehrtens2021-01-1914-3/+2280
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following security problems in dnsmasq: * CVE-2020-25681: Dnsmasq versions before 2.83 is susceptible to a heap-based buffer overflow in sort_rrset() when DNSSEC is used. This can allow a remote attacker to write arbitrary data into target device's memory that can lead to memory corruption and other unexpected behaviors on the target device. * CVE-2020-25682: Dnsmasq versions before 2.83 is susceptible to buffer overflow in extract_name() function due to missing length check, when DNSSEC is enabled. This can allow a remote attacker to cause memory corruption on the target device. * CVE-2020-25683: Dnsmasq version before 2.83 is susceptible to a heap-based buffer overflow when DNSSEC is enabled. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap- allocated memory. This flaw is caused by the lack of length checks in rtc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in Dnsmasq, resulting in a Denial of Service. * CVE-2020-25684: A lack of proper address/port check implemented in Dnsmasq version < 2.83 reply_query function makes forging replies easier to an off-path attacker. * CVE-2020-25685: A lack of query resource name (RRNAME) checks implemented in Dnsmasq's versions before 2.83 reply_query function allows remote attackers to spoof DNS traffic that can lead to DNS cache poisoning. * CVE-2020-25686: Multiple DNS query requests for the same resource name (RRNAME) by Dnsmasq versions before 2.83 allows for remote attackers to spoof DNS traffic, using a birthday attack (RFC 5452), that can lead to DNS cache poisoning. * CVE-2020-25687: Dnsmasq versions before 2.83 is vulnerable to a heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rtc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of Service. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uboot-at91: Add PKG_MIRROR_HASH to fix downloadHauke Mehrtens2021-01-181-0/+1
| | | | | | | | | | | | The referenced commit is gone, but we already have this file on our mirror, use that one by providing the correct mirror hash. I generated a tar.xz file with the given git commit hash using a random fork on github and it generated the same tar.xz file as found on our mirror so this looks correct. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 20a7c9d5c9d87595aa73ad39e95132df545a60ca)
* at91bootstrap: Add PKG_MIRROR_HASH to fix downloadHauke Mehrtens2021-01-181-0/+1
| | | | | | | | | | | | The referenced commit is gone, but we already have this file on our mirror, use that one by providing the correct mirror hash. I generated a tar.xz file with the given git commit hash using a random fork on github and it generated the same tar.xz file as found on our mirror so this looks correct. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit a141e7a00e3ad8442831ed87766451a6114afdf9)