aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* libevent2: Update to 2.1.11Daniel Engberg2019-11-015-81/+94
| | | | | | | | | | | | | | | Update libevent to 2.1.11 Use CMake instead GNU Autotools Backport following commits: https://github.com/libevent/libevent/commit/f05ba671931e2b4e38459899f6f63f79f99869fe ..and partially https://github.com/libevent/libevent/commit/7201062f3ef505a77baa6ccaf1cf73812462308a to fix compilation Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> (cherry picked from commit f351beedfd47766e5e44a04af50e3724bec54dbc) (resolves FS#2435) Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-11-011-3/+3
| | | | | | | | | | | | | | | | d442d62 plugin: fix double free in finish callback ee26d83 main: exec_self: make clang analyzer happy 90e40bd file: exec: properly free memory on error 9ecfada uci: free configs list memory on return 32fba36 exec: always call finish_cb to allow plugin to free up memory ca3e2d5 plugin: do not free method name separately 02c6e1d exec: properly free memory on rpc_exec() error cc50263 plugin: exec: properly free memory on parse error bd0ed25 uci: reset uci_ptr flags when merging set operations 37aa919 plugin: fix leaking invoked method name for exec plugins Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit c2675bb0cef373ff59fcc2dbd77471d244bbc774)
* kernel: mark kmod-usb-serial-wwan as hiddenYousong Zhou2019-10-301-2/+2
| | | | | | | | | | The kconfig symbol is an invisible one since its introduction. It is not supposed to be enabled on its own. Resolves FS#1821 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (cherry picked from commit 4bf9bec361699e1c033460964158531adf15d7ee)
* mac80211: add an improved moving average algorithm to minstrelFelix Fietkau2019-10-303-0/+733
| | | | | | | | Improves rate control responsiveness and performance Signed-off-by: Felix Fietkau <nbd@nbd.name> [reworked to apply on 4.19.79 mac80211 + renumbered + refreshed] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047David Bauer2019-10-271-5/+5
| | | | | | | | | This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt master and 19.07. 18.06 seems not affected from our testing. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 641a93f0f226aa1b4e27bc6f1fc36f9fe63a11a0) Signed-off-by: David Bauer <mail@david-bauer.net>
* ath10k-firmware: retrieve wave 1 firmware from kvaloDavid Bauer2019-10-272-4/+4
| | | | | | | | | | | | | | | This commit changes the source of the Wave 1 ath10k-firmware from linux-firmware to Kall Valos ath10k-firmware repository. This is necessary as the firmware selected in linux-firmware produces frequent crashes in some circumstances. This patch can be removed as soon as linux-firmware carries 10.2.4-1.0-00047 firmware. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit a3914783a32d4fe3612383391cd72638931f1cea) Signed-off-by: David Bauer <mail@david-bauer.net>
* openssl: Add engine configuration to openssl.cnfEneas U de Queiroz2019-10-202-1/+57
| | | | | | | | | | | | | This adds engine configuration sections to openssl.cnf, with a commented list of engines. To enable an engine, all you have to do is uncomment the engine line. It also adds some useful comments to the devcrypto engine configuration section. Other engines currently don't have configuration commands. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit cebf024c4d9fd761e55383a582f7e29ac7cc921c) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* tcpdump: update to 4.9.3DENG Qingfang2019-10-194-19/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixed CVEs: CVE-2017-16808 CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16301 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166 CVE-2019-15167 Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn> (cherry picked from commit 394273c066b8f4317b77f3ede216cfcdd45250c1)
* libpcap: update to 1.9.1DENG Qingfang2019-10-196-38/+19
| | | | | | | | | | | | | Fixed CVEs: CVE-2018-16301 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn> (cherry picked from commit 44f11353de044834a442d3192b66579b99305720)
* kernel: fix typos in video KernelPackage descriptionSungbo Eo2019-10-191-2/+2
| | | | | | | | Fixes: 4b3d17b709a5 ("kernel: add kmod-fb-sys-ram") Fixes: b774acb47912 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (cherry picked from commit 9f73fad359663fef4decc7440796ec7d3b2b70f7)
* uClibc++: Fix three bugsRosen Penev2019-10-196-20/+221
| | | | | | | | | | | | | | | | | | | | | | | | The first allows usage of several functions in the std namespace, which broke compilation of gddrescue specifically with uClibc-ng and uClibc++. The second allows usage of long long with normal C++11, which is part of the standard. Before, std=gnu++11 needed to be passsed to work around it. As a result of the second patch, the pedantic patch can safely be removed. Both patches are upstream backports. Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long. Added another patch that fixes a typo with the long long support. Sent to upstream. Fixed up license information according to SPDX. Small cleanups for consistency. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 6ab386c9bc23420816fbcefc84b62cf5438b2c66)
* hostapd: adjust to removal of WOLFSSL_HAS_AES_GCMEneas U de Queiroz2019-10-191-1/+0
| | | | | | | WolfSSL is always built with AES-GCM support now. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit ee5a3f6d605602bbff57cde337235088cf9c3ffa)
* trelay: fix deadlock on removeAli MJ Al-Nasrawy2019-10-191-7/+21
| | | | | | | | | | | | Upon writing to "remove" file, debugfs_remove_recursive() blocks while holding rtnl_lock. This is because debugfs' file_ops callbacks are executed in debugfs_use_file_*() context which prevents file removal. Fix this by only flagging the device for removal and then do the cleanup in file_ops.release callback which is executed out of that context. Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com> (cherry picked from commit c2635b871d1dd03a6608a9255222672decd49e09)
* trelay: handle netdevice events correctlyAli MJ Al-Nasrawy2019-10-191-1/+1
| | | | | | | | | | | | | | Since v3.11, netdevice notification data are of type "struct netdev_notifier_info". Handle it as such! This should fix a critical bug in which devices are unable get released because trelay does not release resources in response to UNREGISTER event spamming the log with something like: unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1 Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com> (cherry picked from commit 77cfc0739d30c1282f7de24d2ec086d244e34bb7)
* bzip2: add linker option LDFLAGSleo chung2019-10-191-0/+11
| | | | | | | | | | | if gcc not linker whith this LDFLAGS, "file libbz2.so.1.0.8" will recognize as pie executable ELF file ( which should be shared object). this because the file command version before 5.36 not recognize correctly. Signed-off-by: leo chung <gewalalb@gmail.com> (cherry picked from commit 56ab58fb6ce29329963619d5a4fffa9d5828176e)
* mac80211: Update to version 4.19.79Hauke Mehrtens2019-10-199-46/+27
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* lantiq: Fix fw_cutter LzmaWrapperChristian Franke2019-10-181-1/+1
| | | | | | | | | The destination buffer size `d_len` is passed to `lzma_inflate` as a pointer. Therefore, it needs to be dereferenced to compare its content. Signed-off-by: Christian Franke <nobody@nowhere.ws> (cherry picked from commit d544bc84a07f299ac1e513715301cae5fbd30923) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-10-181-3/+3
| | | | | | | 95f0973 file: increase minimum read buffer size to 4096 bytes Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 2a603cfcfccc4b20b10b7992bc07be0945345ed9)
* rpcd: update to latest Git HEADJo-Philipp Wich2019-10-181-3/+3
| | | | | | | e2a7bc4 iwinfo: add WPA3 support Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit d6a405280f0156a2dad7d9cfa96695d53ed87dab)
* rpcd: update to latest Git HEADJo-Philipp Wich2019-10-181-4/+4
| | | | | | | | | | | | 69eeb1b file: refactor message parsing and permission checking f65527a iwinfo: expose all rate info fields in assoclist reply 7fec636 sys: fix symbol redeclaration 27c24c7 rpcd: sys: actually move timespec declaration 345363b file: add remove operation 604db20 rpcd: Switch to nanosleep Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 2f9f8769e334d2e8d0bac4edadbcf6bcdd229519)
* fwtool: do not omit final 16 byte when image does not contain signatureJo-Philipp Wich2019-10-172-2/+4
| | | | | | | | | | | | | | | | | | | The fwutil command will interpret the final 16 byte of a given firmware image files as "struct fwimage_trailer". In case these bytes do look like a valid trailer, we must ensure that we print them out along with the remainder of the image to not accidentally truncate non-trailer-images by 16 bytes when they're piped through fwtool, e.g. as part of an image verification command sequence. Some command sequences pipe images through fwtool in order to strip any possible metadata, certificate or signature trailers and do not expect bare images without any of that metadata to get truncated as other non- fwtool specific metadata is expected at the end of the file, e.g. an information block with an md5sum in case of the combined image format. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 889b841048c5eb7f975135cab363f1fdd9b6cfa1)
* iwinfo: update to latest Git HEADJo-Philipp Wich2019-10-161-3/+3
| | | | | | | | 07315b6 nl80211: handle hidden SSIDs in wpa_supplicant scan results 3ac846e lua: fix string description of mixed WPA3 modes Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit bc61458b73c04f900c358be8b7ed37c84298472a)
* gdb: bump to 8.3.1Koen Vandeputte2019-10-155-29/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3: PR c++/20020 (GDB segfault on printing objects) PR gdb/24454 (nat/x86-linux-dregs.c failed assertion) PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned) PR symtab/24545 (Symbol loading performance regression with cc1) PR gdb/24592 (amd64->i386 linux syscall restart problem) PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException') PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background) PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries) This corrective release also brings the following testsuite fixes and enhancements: PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests) PR testsuite/25016 (Test-case failures for -pie) GDB 8.3 includes the following changes and enhancements: * Support for new native configurations (also available as a target configuration): - RISC-V GNU/Linux (riscv*-*-linux*) - RISC-V FreeBSD (riscv*-*-freebsd*) * Support for new target configurations: - CSKY ELF (csky*-*-elf) - CSKY GNU/Linux (csky*-*-linux) - NXP S12Z ELF (s12z-*-elf) - OpenRISC GNU/Linux (or1k*-*-linux*) * Native Windows debugging is only supported on Windows XP or later. * The Python API in GDB now requires Python 2.6 or later. * GDB now supports terminal styling for the CLI and TUI. Source highlighting is also supported by building GDB with GNU Highlight. * Experimental support for compilation and injection of C++ source code into the inferior (requires GCC 7.1 or higher, built with libcp1.so). * GDB and GDBserver now support IPv6 connections. * Target description support on RISC-V targets. * Various enhancements to several commands: - "frame", "select-frame" and "info frame" commands - "info functions", "info types", "info variables" - "info thread" - "info proc" - System call alias catchpoint support on FreeBSD - "target remote" support for Unix Domain sockets. * Support for displaying all files opened by a process * DWARF index cache: GDB can now automatically save indices of DWARF symbols on disk to speed up further loading of the same binaries. * Various GDB/MI enhancements. * GDBserver on PowerPC GNU/Linux now supports access to the PPR, DSCR, TAR, EBB/PMU, and HTM registers. * Ada task switching support when debugging programs built with the Ravenscar profile added to aarch64-elf. * GDB in batch mode now exits with status 1 if the last executed command failed. * Support for building GDB with GCC's Undefined Behavior Sanitizer. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* iwinfo: update to latest Git HEADJo-Philipp Wich2019-10-151-3/+3
| | | | | | | a29b7d4 nl80211: align path to phy mapping logic with mac80211.sh Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 57b834281b586839b5e2cb00d7907de50c68ebcc)
* iwinfo: update to latest Git HEADJo-Philipp Wich2019-10-111-3/+3
| | | | | | | | | | | | | | | | Contains following updates squashed from 3 bump commits in master: 02112f9 cli: fix reporting of mixed WPA2/WPA3 versions 7faeaea nl80211: properly detect WEP encryption in wpa_supp scan results 629b5ff nl80211: do not confuse open connections with WEP ones 3d47ddd nl80211: rework hostapd and wpa_supplicant wpa suite parsing 313e827 nl80211: keep awaiting wpa_supplicant scan results on busy response a766751 nl80211: fix parsing of mixed wpa encryption in wpa_supp scan results f096bfd utils: support parsing SAE and OWE key management suites from IEs 2a95086 nl80211: recognize SAE encrypted mesh Signed-off-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* base-files: use get_mac_binary() in mtd_get_mac_binary_ubi()Adrian Schmutzler2019-09-291-6/+1
| | | | | | | | | | | | | The actual retrieval of the MAC address in mtd_get_mac_binary_ubi() is the same as in get_mac_binary(). Thus, use the latter function in the former to reduce duplicate code. This will also allow to benefit from the enhanced path check there and bring mtd_get_mac_binary_ubi() more in line with the similar mtd_get_mac_binary(). Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 45600124fcbd14ece6e289cb59b318ea44c598fe)
* uboot-fritz4040: update to 2019-09-07David Bauer2019-09-251-3/+3
| | | | | | | | | | | | | | 572ff7f fritzcreator: actually add checksum spacer 6edce1a fritzcreator: replace obscure padding generation with something more portable 2ff189f add ASUS RT-AC58U "easy install" factory u-boot shim b91f9c2 readd spi-nand support 486ae53 improve cmd_sysupgrade b0933f1 replace sstrip with strip 882e48a do not include generated files into git 0c5aa5f fix bugs in ipq40xx_cdp.c Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit af63436d2d0dc3c07d1cb11b018e486994942c6c)
* ath10k-ct: update to version 2019-09-09Koen Vandeputte2019-09-248-17/+17
| | | | | | | | | | 5e8cd86f90da ath10k-ct: Backport ap-vlan code from 5.2 to 4.20 and 4.19 drivers. 0c518586bd7f ath10k-ct: Fix a few warning splats. Adds AP VLAN. Refreshed all patches. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ath10k-firmware: update Candela Tech firmware imagesRobert Marko2019-09-241-20/+20
| | | | | | | | This enables a feature flag in the wave-2 firmware wmi-services indicating it can send software-encrypted raw frames. This should in turn allow the AP-VLAN feature to work. Signed-off-by: Robert Marko <robimarko@gmail.com> (cherry picked from commit 7c930990af911f6634b422d7253f09df2bb164bf)
* openssl: bump to 1.1.1dEneas U de Queiroz2019-09-2312-2524/+223
| | | | | | | | | | | | | | This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit d868d0a5d7e1d76bb1a8980346d222fae55fa18b)
* hostapd: Fix AP mode PMF disconnection protection bypassHauke Mehrtens2019-09-214-6/+72
| | | | | | | | | This fixes * CVE-2019-16275 AP mode PMF disconnection protection bypass https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit a6981604b30bc1ddc1713b368fe853d89c2ba40d)
* uClibc++: Remove faulty patchRosen Penev2019-09-212-14/+1
| | | | | | | | | | | | | | | | This patch was originally added to fix compilation with v4l2rtspserver. Turns out it was v4l2rtspserver that was broken, not uClibc++. This now causes issues with a different package where the arguments are being split. Note that with this patch, shellcheck throws an error: SC2068: Double quote array expansions to avoid re-splitting elements. More: https://github.com/openwrt/packages/pull/9972#discussion_r324878373 Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 977a8fc5fc2e1be6d159b2d9e1c617826b5d9701)
* mbedtls: update to 2.16.3Magnus Kroken2019-09-213-52/+25
| | | | | | | | Remove 300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch, the issue has been fixed upstream. Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry picked from commit 49d96ffc5c47e40b7f3d99a91a42ea8a54a38bd9)
* ltq-vdsl-fw: update firmware filename and download URLDaniel Golle2019-09-213-5/+5
| | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 4fc0a61ed3da96330d30703a2a039a6a06dc0b2f)
* kernel: add module for Emulex OneConnect 10GbitAlberto Bursi2019-09-211-0/+22
| | | | | | | | | | add module to support Emulex OneConnect common in 10Gbit SFP+ cards by Dell/HP/IBM supports OneConnect OCe10xxx OCe11xxx OCe14xxx, LightPulse LPe12xxx Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it> (cherry picked from commit 827f47749b75dcc6b650297b9303c27127b15201)
* procd: fix invalid JSON filter expression in procd_running()Jo-Philipp Wich2019-09-192-2/+2
| | | | | | | | | | Since service and instance names may contain characters which are not allowed in JSON path labels, such as dashes or spaces, change the filter expression to array square bracket notation to properly match these cases as well. Fixes: 2c3dd70741 ("procd: add procd_running() helper for checking running state") Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit c933b6d22478c1113629ef549beea6337f978d62)
* firewall: update to latest Git HEADJo-Philipp Wich2019-09-181-3/+3
| | | | | | | | | | | | | | | | | | | | 383eb58 ubus: do not overwrite ipset name attribute c26f890 firewall3: fix typo that affects ICMPv6 rules with numeric icmp_type 487bd0d utils: Fix string format message 4d0c703 firewall3: Fix some format string problems 8c404ef iptables.c: lock the xtables.lock c1d3a4d utils: implement fw3_lock_path() & fw3_unlock_path() Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Petr Štetiar <ynezz@true.cz> [cherry picked and squashed from commits 7db655991443a98f84e4c39e733232d41d2d6137, 359bff605244c2cf2bff75bce0f0b16b496a6a77, 2cf209ce9166575d8259b5b4176ee91d8b48d2ff, 5ef9e4f107a94c502908403fdf56cf6bcdc08dd2] Ref: https://forum.openwrt.org/t/fw3-ipset-procd-objects/44044 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* procd: update to the latest git HEADRafał Miłecki2019-09-181-3/+3
| | | | | | | | 62dc8c0 system: sysupgrade: send reply on error 2710c65 system: refuse sysupgrade with backup if it's unsupported Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 04e912d21720b2d906d84aaf172af79a25076a41)
* mac80211: brcmfmac: backport the last 5.4 changesRafał Miłecki2019-09-164-1/+413
| | | | | | | | This makes brcmfmac use the same wiphy after PCIe reset to help user space handle corner cases (e.g. firmware crash). Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit f39f4b2f6d4300995270f635261b07197e8cf61e)
* treewide: sysupgrade: use $UPGRADE_BACKUP to check for backupRafał Miłecki2019-09-163-3/+2
| | | | | | | | Now that $UPGRADE_BACKUP is set conditionally there is no need to check the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit a858db313687ddfa6ed1ddba76bd74844a7b89dc)
* procd: update to the latest git HEADRafał Miłecki2019-09-161-3/+3
| | | | | | | | | | b8238df sysupgrade: support "backup" attribute This update requires "sysupgrade" method callers to pass "backup" attribute if $UPGRADE_BACKUP is used in the project. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 9785a9121d2d7a0a25bcd2924ee78fafada056da)
* base-files: sysupgrade: pass "backup" ubus attributeRafał Miłecki2019-09-161-0/+3
| | | | | | | | | This explicitly tells procd what backup file should be used during sysupgrade (if any). It's much more generic this way compared to the magic /tmp/sysupgrade.tgz file that had to be created before a call. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit c5223b26a40ae61fc7750bf865464048af328ab1)
* odhcpd: retry failed PD assignments on addrlist changeHans Dedecker2019-09-151-3/+3
| | | | | | 88d9ab6 dhcpv6: retry failed PD assignments on addrlist change Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* iwinfo: update to latest Git HEADDavid Bauer2019-09-151-3/+3
| | | | | | | | a88fb42 iwinfo: add device id for Qualcomm Atheros QCA9886 1b69d86 iwinfo: add device id for Qualcomm Atheros QCA9887 Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 7db2f1a71f202023154e80758079193fc47352eb)
* base-files: validate firmware for compatibility with backupRafał Miłecki2019-09-121-0/+7
| | | | | | | | | | This allows platform code to check if firmware image can be used with preserving a backup. It may be used e.g. when installing vendor firmwares that won't restore appended backup archive. Suggested-by: Luis Araneda <luaraneda@gmail.com> Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 1c510fe2980cd787602786e82f44602549d607d4)
* treewide: use new procd sysupgrade $UPGRADE_BACKUP variableRafał Miłecki2019-09-122-2/+1
| | | | | | | | | | | It's a variable set by procd that should replace hardcoded /tmp/sysupgrade.tgz. This change requires the most recent procd with the commit 0f3c136 ("sysupgrade: set UPGRADE_BACKUP env variable"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 641f6b6c26cb9ab5e1198810015e5f4b2b5b34ad)
* treewide: don't hardcode "sysupgrade.tgz" file nameRafał Miłecki2019-09-122-1/+3
| | | | | | | | | 1) Add BACKUP_FILE and use it when copying an archive to be restored after sysupgrade (on the next preinit). 2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit bf390478727ac5f4f9d6fb684de48b8150bcec67)
* hostapd: SAE/EAP-pwd side-channel attack updateHauke Mehrtens2019-09-109-1/+397
| | | | | | | | | Fixes this security problem: * SAE/EAP-pwd side-channel attack update https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 7bed9bf10fc8d05df34c7efc66e8b4ade37a1a0c)
* hostapd: Fix security problem in EAP-pwdHauke Mehrtens2019-09-103-1/+81
| | | | | | | | | | | | This fixes: CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment" https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt This should not affect OpenWrt in the default settings as we do not use EAP-pwd. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 9f34bf51d60a237696b1d4cc9b5f4835b95e7ea2)
* mac80211: brcmfmac: backport more kernel 5.4 changesRafał Miłecki2019-09-098-9/+283
| | | | | | | | Patch getting RAM info got upstreamed. A debugging fs entry for testing reset feature was added. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 681acdcc54d2e59135bb706c38bed942f74ccf74)