openwrt/upstream - upstream openwrt

	Commit message (Collapse)	Author	Age	Files	Lines
*	curl: fix security problems	Hauke Mehrtens	2017-09-30	1	-1/+1
\| \| \| \| \| \| \| \|	This fixes the following security problems: * CVE-2017-1000100 TFTP sends more than buffer size * CVE-2017-1000101 URL globbing out of bounds read Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
*	curl: fix CVE-2017-7407 and CVE-2017-7468	Hauke Mehrtens	2017-07-28	1	-1/+1
\| \| \| \| \| \| \| \|	This fixes the following security problems: * CVE-2017-7407: https://curl.haxx.se/docs/adv_20170403.html * CVE-2017-7468: https://curl.haxx.se/docs/adv_20170419.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
*	curl: fix CVE-2017-2629 SSL_VERIFYSTATUS ignored	Hauke Mehrtens	2017-03-13	1	-1/+1
\| \| \| \| \| \| \|	This fixes the following security problem: https://curl.haxx.se/docs/adv_20170222.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
*	curl: Remove PolarSSL and adjust default to mbedTLS	Rosen Penev	2017-01-03	1	-4/+2
\| \| \| \| \| \| \|	luci-ssl has already made the switch since mainline support for PolarSSL is almost over (2016). Signed-off-by: Rosen Penev <rosenp@gmail.com>
*	curl: update to version 7.52.1	Hauke Mehrtens	2017-01-02	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \|	This fixes the folowing security problems: CVE-2016-9586: printf floating point buffer overflow CVE-2016-9952: Win CE schannel cert wildcard matches too much CVE-2016-9953: Win CE schannel cert name out of buffer read CVE-2016-9594: unititialized random Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
*	treewide: clean up download hashes	Felix Fietkau	2016-12-16	1	-1/+1
\| \| \| \| \| \|	Replace MD5SUM with HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
*	curl: update to version 7.51.0	Hauke Mehrtens	2016-12-03	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This fixes the following security problems: CVE-2016-8615: cookie injection for other servers CVE-2016-8616: case insensitive password comparison CVE-2016-8617: OOB write via unchecked multiplication CVE-2016-8618: double-free in curl_maprintf CVE-2016-8619: double-free in krb5 code CVE-2016-8620: glob parser write/read out of bounds CVE-2016-8621: curl_getdate read out of bounds CVE-2016-8622: URL unescape heap overflow via integer truncation CVE-2016-8623: Use-after-free via shared cookies CVE-2016-8624: invalid URL parsing with '#' CVE-2016-8625: IDNA 2003 makes curl use wrong host Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
*	curl: update to version 7.50.3	Hauke Mehrtens	2016-09-24	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	This fixes the following security problems: 7.50.1: CVE-2016-5419 TLS session resumption client cert bypass CVE-2016-5420 Re-using connections with wrong client cert CVE-2016-5421 use of connection struct after free 7.50.2: CVE-2016-7141 Incorrect reuse of client certificates 7.50.3: CVE-2016-7167 curl escape and unescape integer overflows Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
*	curl: update to version 7.50.0	Hauke Mehrtens	2016-07-24	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Changelog: https://curl.haxx.se/changes.html old sizes: libcurl_7.49.0-1_mips_34kc_dsp.ipk 97569 curl_7.49.0-1_mips_34kc_dsp.ipk 37925 new sizes: libcurl_7.50.0-1_mips_34kc_dsp.ipk 97578 curl_7.50.0-1_mips_34kc_dsp.ipk 38017 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
*	curl: remove axtls config option, the library does not exist in our tree	Felix Fietkau	2016-05-19	1	-3/+1
\| \| \| \|	Signed-off-by: Felix Fietkau <nbd@nbd.name>
*	curl: update to 7.49	Dirk Neukirchen	2016-05-19	1	-8/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	fixes: CVE-2016-3739: TLS certificate check bypass with mbedTLS/PolarSSL - remove crypto auth compile fix curl changelog of 7.46 states its fixed - fix mbedtls and cyassl usability #19621 : add path to certificate file (from Mozilla via curl) and provide this in a new package tested on ar71xx w. curl/mbedtls/wolfssl Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
*	curl: add flags to allow gc-sections to strip out unused code	Hauke Mehrtens	2016-04-17	1	-1/+2
\| \| \| \| \| \| \|	Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49184
*	curl: add config option for NTLM support	Hauke Mehrtens	2016-04-17	1	-1/+3
\| \| \| \| \| \| \|	Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49183
*	curl: upstep to latest version 7.48.0	Hauke Mehrtens	2016-04-17	1	-3/+3
\| \| \| \| \| \| \|	Signed-off-by: Dirk Feytons <dirk.feytons@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 49182
*	curl: add support for mbedtls	Hauke Mehrtens	2016-02-01	1	-1/+3
\| \| \| \| \| \|	Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 48615
*	curl: update curl to version 7.47.0	Hauke Mehrtens	2016-02-01	1	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	This fixes the following security problems: CVE-2016-0754: remote file name path traversal in curl tool for Windows http://curl.haxx.se/docs/adv_20160127A.html CVE-2016-0755: NTLM credentials not-checked for proxy connection re-use http://curl.haxx.se/docs/adv_20160127B.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 48614
*	curl: update curl to version 7.43.0	Hauke Mehrtens	2015-07-03	1	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This brings curl to version 7.43.0 and contains fixes for the following security vulnerabilities: CVE-2015-3236: lingering HTTP credentials in connection re-use http://curl.haxx.se/docs/adv_20150617A.html CVE-2015-3237: SMB send off unrelated memory contents http://curl.haxx.se/docs/adv_20150617B.html The 100-check_long_long patch is not needed any more, because the upstream autoconf script already checks for long long when cyassl is selected. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> SVN-Revision: 46169
*	curl: fix PKG_CONFIG_DEPENDS	John Crispin	2015-03-21	1	-33/+33
\| \| \| \| \| \|	Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> SVN-Revision: 44925
*	cURL: implement new functionality with cleanup and fixes	John Crispin	2015-02-02	1	-49/+65
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	remove obsolete configuration settings --disable-thread --enable-nonblocking --without-krb4 remove SSPI support only supported on windows correct --with/without-ca-path handling only supported with OpenSSL and PolarSSL correct LDAP/LDAPS protocol add dependency libopenldap added SCP/SFTP protocol default "No" depends on libssh2 added IDN support default "No" depends on libidn added SMB protocol (new in 7.40) default "No" require 'cryptographic authentication' and either 'GnuTLS' or 'OpenSSL' selected added Unix sockets support (new in 7.40) default "No" added error verbose messages default "No" changes to Makefile Increase PKG_RELEASE PKG_CONFIG_DEPENDS and CONFIGURE_ARGS extended for new functionality use "autoconf_bool" for all --enable/--disable options restructure for easier reading changes to Config.in extended for new functionality implement dependencies restructure and grouping for easier reading build tested on XUbuntu 14.10 x86 for x86 (generic) and ar71xx (WNDR3800) Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> SVN-Revision: 44243
*	curl: fix typo in 2 config symbols	Nicolas Thill	2015-01-29	1	-4/+4
\| \| \| \| \| \|	Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 44191
*	cURL: Update to version 7.40.0	John Crispin	2015-01-28	1	-5/+3
\| \| \| \| \| \| \| \| \| \| \|	* Update to version 7.40.0 * remove non existing config options around enable/disable HTTPS protocoll * remove --with-ca-path if ssl support disabled * set proxy support as default like all versions before CC did Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> SVN-Revision: 44176
*	curl: allow enabling https protocol	John Crispin	2015-01-17	1	-0/+2
\| \| \| \| \| \| \| \|	Provide optional --enable-https flag for curl. Signed-off-by: Lars Kruse <devel@sumpfralle.de> SVN-Revision: 43997
*	package/*: replace occurences of 'ln -sf' to '$(LN)'	Nicolas Thill	2014-11-06	1	-1/+1
\| \| \| \| \| \|	Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 43205
*	curl: only set ca path for openssl	Felix Fietkau	2014-09-25	1	-1/+1
\| \| \| \| \| \|	Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 42662
*	curl: use the system certificates	Felix Fietkau	2014-09-25	1	-0/+1
\| \| \| \| \| \|	Signed-off-by: Cristian Morales Vega <cristian@samknows.com> SVN-Revision: 42661
*	curl: 7.36.0 -> 7.38.0	Hauke Mehrtens	2014-09-13	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Main changes: - URL parser: IPv6 zone identifiers are now supported - cyassl: Use error-ssl.h when available (drop local patch) - polarssl: support CURLOPT_CAPATH / --capath - mkhelp: generate code for --disable-manual as well (drop local patch) Full release notes: http://curl.haxx.se/changes.html MIPS 34kc binary size: - 7.36.0 before: 82,539 bytes - 7.38.0 after: 83,321 bytes Signed-off-by: Catalin Patulea <cat@vv.carleton.ca> SVN-Revision: 42517
*	curl: move to core packages	Jo-Philipp Wich	2014-06-11	1	-0/+161
	SVN-Revision: 41143