Commit Graph

45117 Commits

Author SHA1 Message Date
Hans Dedecker
569bec190c curl: bump to 7.66.0
Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0

Fixes CVEs:
    CVE-2019-5481
    CVE-2019-5482

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 71cf4a272c)
2019-11-07 19:42:42 +01:00
Adrian Schmutzler
5fc63ec8a4 ath79: disable building future NAND images for GL-AR300M/GL-AR750S
To simplify the upgrade process and ensure easier identification of
device partitioning, the following devices are disabled on ath79
target in openwrt-19.07 branch:

- glinet,gl-ar300m-nor
- glinet,gl-ar300m-nand
- glinet,gl-ar750s

Proper ath79 (NAND) support for the devices is expected to be
introduced based on kernel 4.19 (see GitHub PR #2184).

In openwrt-19.07, ar71xx should be used for those devices.

With this, we ensure that the new ath79 image names (at least for
releases) refer to the updated partitioning.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-07 19:06:57 +01:00
David Bauer
2b4d9b6850 mac80211 ath9k: force QCA953x clock to 25MHz
The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.

Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4c6fe32468)
2019-11-06 16:13:57 +01:00
Adrian Schmutzler
b3514e3569 ar71xx: improve support for TP-Link CPE510 v2
This fixes commit bae927c551 ("ar71xx: add support for TP-LINK CPE510
V2.0") where the support for this device wasn't optimal.

Device support for the CPE510v2 so far has been a hack to enable
flashing with CPE510v1 images. Those even have different hardware (e.g.
additional ethernet port).

With this patch, we provide proper support for this device in ar71xx.

Installation:
- Flash factory image through stock firmware WEB UI or through TFTP
- To get to TFTP recovery just hold reset button while powering on
  for around 4-5 seconds and release.
- Rename factory image to recovery.bin
- Stock TFTP server IP: 192.168.0.100
- Stock device TFTP address: 192.168.0.254

Fixes: bae927c551 ("ar71xx: add support for TP-LINK CPE510 V2.0")
Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[Rebased onto revert commit, changed comments in mach-cpe510.c,
changed commit title and description, fixed eth0 MAC address,
removed eth1 initialization]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[squashed revert, added fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c79b796280)
[added CPE510V2 entry to tplink-safeloader.c]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-06 13:13:27 +01:00
Adrian Schmutzler
0c9be4f76b gitignore: ignore patches in OpenWrt root directory
This will have GIT ignore patches in root directory, as created
when using "git format-patch".

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 2c54135598)
2019-11-06 13:12:54 +01:00
Jo-Philipp Wich
112df2ac56 OpenWrt v19.07.0-rc1: revert to branch defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-06 09:08:44 +01:00
Jo-Philipp Wich
88bff692a5 OpenWrt v19.07.0-rc1: adjust config defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-06 09:08:44 +01:00
Petr Štetiar
c4fdb377a2 Revert "ipq806x: fix EA8500 switch control"
There is a problem with the EA8500, the switch will not work after soft
reboot, the only way to get it working again is to power cycle it
manually.

There are probably several issues in the play, it's quite hard to fix it
without having access to the actual device, so I don't see any other
option now, then revert the offending commit.

Ref: PR#2047
Fixes: FS#2168 ("Switch no longer work after restart on Linksys EA8500")
Reported-by: Adam <424778940z@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 04d6753d03)
2019-11-06 00:26:40 +01:00
Koen Vandeputte
d7ea380363 ath10k-firmware: update Candela Tech firmware images
The release notes since last time for wave-1:

  *  October 5,  2019:  Fix too-short msg caused by invalid use of PayloadLen in receive path.
                        This appears to resolve the issue of getting (and ignoring) too-short commands
                        when we detect loss of CE interrupts and go into polling mode.

  *  October 12, 2019:  Fix regression in IBSS mode that caused SWBA overrun issues.  Related to
                        regression added during the ct-station logic, specifically TSF allocation.
                        Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on CT_STATS_OK flag being set).  This should help CT firmware work
                        better on stock driver.

The release notes since last time for wave-2:

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set).
                        This should help CT firmware work better on stock driver.

  *  October 31, 2019:  Compile out peer-ratecode-list-event.  ath10k driver ignores the event.

  *  November 1, 2019:  Fix rate-ctrl related crash when nss and other things were changed while
                        station stays associated.  See bug: https://github.com/greearb/ath10k-ct/issues/96

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit e716e93a2f7290086f49992c9980773c88100c3a)
2019-11-05 15:44:12 +01:00
Jo-Philipp Wich
c5d5cdb759 ustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-05 15:09:47 +01:00
Daniel Golle
439ac8104b mac80211: rt2x00: backport upstream patches
Import patches from upstream to sync 19.07 with master:
 9f3e3323e996 rt2x00: allow to specify watchdog interval
 2034afe4db4a rt2800: add helpers for reading dma done index
 759c5b599cf4 rt2800: initial watchdog implementation
 09db3b000619 rt2800: add pre_reset_hw callback
 710e6cc1595e rt2800: do not nullify initialization vector data
 e403fa31ed71 rt2x00: add restart hw
 0f47aeeada2a rt2800: do not enable watchdog by default
 41a531ffa4c5 rt2x00usb: fix rx queue hang
 3b902fa811cf rt2x00usb: remove unnecessary rx flag checks
 1dc244064c47 rt2x00: no need to check return value of debugfs_create functions
 706f0182b1ad rt2800usb: Add new rt2800usb device PLANEX GW-USMicroN
 95844124385e rt2x00: clear IV's on start to fix AP mode regression
 567a9b766b47 rt2x00: do not set IEEE80211_TX_STAT_AMPDU_NO_BACK on tx status
 14d5e14c8a6c rt2x00: clear up IV's on key removal
 13fa451568ab Revert "rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band"
 --pending--  rt2800: remove errornous duplicate condition

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-05 10:54:05 +01:00
David Bauer
d6d9f58290 ipq806x: use switch trigger for WAN LED on NETGEAR boards
With this commit, the WAN LED is triggered by the switch port state
instead of the eth0 netdev.
Otherwise, the LED is always illuminated, regardless of the WAN port
link state.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 70d5989c9c)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-05 08:55:08 +01:00
David Bauer
bee28adf6e hostapd: enable PMKSA and OK caching for WPA3-Personal
This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.

This should not degrade security, as there's no external authentication
provider.

Tested with OCEDO Koala and iPhone 7 (iOS 13.1).

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3034f8c3b8)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-05 08:54:39 +01:00
Yousong Zhou
5d6308ecae scripts/dl_github_archive.py: fix python3 str, bytes confusion
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit d26738bc76)
2019-11-04 11:12:23 +00:00
Yousong Zhou
22c443c20c uboot-fritz4040: build with ipq40xx "generic" subtarget
Fixes: 853e4dd3 ("ipqx0xx: add Generic subtarget")
Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 40e3f660c1)
2019-11-03 22:26:07 +01:00
Paul Spooren
7407e72399 ipqx0xx: add Generic subtarget
Both targets miss a subtarget causing an image naming style which is
different from other all othe targets, even tho it already uses
`x/generic/` as subfolder as if the subtarget would exist.

This commit adds the Generic subtarget resulting in consistent naming.

    ~/src/openwrt/openwrt/bin/targets/ipq806x/generic$ ls
    openwrt-ipq806x-generic-netgear_d7800-initramfs-uImage
    openwrt-ipq806x-generic-netgear-d7800.manifest
    openwrt-ipq806x-generic-netgear_d7800-squashfs-factory.img
    openwrt-ipq806x-generic-netgear_d7800-squashfs-sysupgrade.bin

CC: John Crispin <john@phrozen.org>

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 853e4dd306)
2019-11-03 22:26:07 +01:00
Roger Pueyo Centelles
9b2a147cfe ramips: enable external amplifier for D-Link DIR-810L
The 2.4 GHz radio had very poor signal reception (-89 dBm for an AP
sitting 5 m away). By enabling the external amplifier, received signal
has improved to -50 dBm for the same AP.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit e667d6f46b)
2019-11-03 14:02:38 +01:00
Jeff Kletsky
e539dc2daa ath79: Clean up GL-AR300M DTS/DTSI inclusions
Modify GL-AR300M-Lite and GL-AR300M (NOR):

* Include qca9531_glinet_gl-ar300m.dtsi directly
  rather than qca9531_glinet_gl-ar300m-nor.dts

* Remove redundant inclusion of gpio.h and input.h

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f5c7fe2ff0)
2019-11-03 14:02:25 +01:00
Adrian Schmutzler
8f0deedc11 ramips: fix WiFi MAC addresses for D-Link DIR-810L
So far, WiFi MAC addresses for this device have been set up from
caldata. However, this returns values which do not look like MAC
addresses. They also do not match stock firmware:

wlan0 (5.0): 00:11:22:00:17:D0 from 0x8004
wlan1 (2.4): 00:11:22:00:17:CD from 0x4 (and 0x2e)

It looks like the only valid MAC address on this device is at 0x28.

So, this patch changes setup to calculate addresses based on the
value at 0x28:

lan: *:0A (flash, label)
wan: *:0B (flash + 1)
wifi2: *:0A (flash)
wifi5: *:0C (flash + 2)

Thanks to Roger Pueyo Centelles <roger.pueyo@guifi.net> for
investigating this on his devices.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit d1072096f4)
2019-11-03 14:02:02 +01:00
Daniel Engberg
f051a967b8 libevent2: Update to 2.1.11
Update libevent to 2.1.11
Use CMake instead GNU Autotools
Backport following commits:
f05ba67193
..and partially
7201062f3e
to fix compilation

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit f351beedfd)
(resolves FS#2435)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-01 14:22:37 +00:00
Jo-Philipp Wich
466d499d03 rpcd: update to latest Git HEAD
d442d62 plugin: fix double free in finish callback
ee26d83 main: exec_self: make clang analyzer happy
90e40bd file: exec: properly free memory on error
9ecfada uci: free configs list memory on return
32fba36 exec: always call finish_cb to allow plugin to free up memory
ca3e2d5 plugin: do not free method name separately
02c6e1d exec: properly free memory on rpc_exec() error
cc50263 plugin: exec: properly free memory on parse error
bd0ed25 uci: reset uci_ptr flags when merging set operations
37aa919 plugin: fix leaking invoked method name for exec plugins

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit c2675bb0ce)
2019-11-01 13:27:50 +01:00
Koen Vandeputte
7f29dc0fda kernel: bump 4.14 to 4.14.151
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-31 09:17:56 +01:00
Yousong Zhou
2436e521b4 kernel: mark kmod-usb-serial-wwan as hidden
The kconfig symbol is an invisible one since its introduction.  It is
not supposed to be enabled on its own.

Resolves FS#1821

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 4bf9bec361)
2019-10-30 12:46:44 +00:00
Koen Vandeputte
79e6391600 kernel: bump 4.14 to 4.14.150
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-30 11:17:40 +01:00
Felix Fietkau
c51a39d4a5 mac80211: add an improved moving average algorithm to minstrel
Improves rate control responsiveness and performance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
[reworked to apply on 4.19.79 mac80211 + renumbered + refreshed]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-30 11:17:40 +01:00
Andreas Ziegler
8cf67728d3 ath79: add support for UniFi AC-LR
The Unifi AC-LR has identical hardware to the Unifi AC-Lite.
The antenna setup is different according to the vendor,
which explains the thicker enclosure.

Therefore, it is helpful to know the exact device variant,
instead of having "Ubiquiti UniFi-AC-LITE/LR".

Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
[fix legacy name in commit message; add old boardname to
SUPPORTED_DEVICES]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 07c1ddf522)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 18:31:53 +01:00
Andreas Ziegler
b7ee43ecac ar71xx: add model detection for UniFi AC-LR
This commit adds correct model detection for UniFi
AC-LR. Previously, said device was incorrectly detected
as UniFi-AC-LITE/MESH.

The Information about the device is stored at 0xC in the EEPROM
partition. It corresponds to the sysid in /etc/board.info of the
Ubiquiti stock firmware.

Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
[adjust naming style of target to existing ones]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 2bc7c519dc)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 18:13:33 +01:00
David Bauer
0e7113e6ec ath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047
This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt
master and 19.07. 18.06 seems not affected from our testing.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 641a93f0f2)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 18:13:33 +01:00
David Bauer
98da3c8cdb ath10k-firmware: retrieve wave 1 firmware from kvalo
This commit changes the source of the Wave 1 ath10k-firmware
from linux-firmware to Kall Valos ath10k-firmware repository.

This is necessary as the firmware selected in linux-firmware produces
frequent crashes in some circumstances.

This patch can be removed as soon as linux-firmware carries
10.2.4-1.0-00047 firmware.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit a3914783a3)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 18:13:33 +01:00
Adrian Schmutzler
8385d121d0 ath79: add LED migration for several Archer Cxx devices
Several Archer Cxx devices were using board-specific LED names in
ar71xx, which were changed to "tp-link:*" in ath79.

This patch adds migration for them.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 53e6cc7a81)
2019-10-22 11:41:53 +02:00
Adrian Schmutzler
144379e149 ath79: use board name in LED migrations
Several devices added to LED migration script will just have their
(old) board name converted to tp-link.

By using a variable for this, the amount of code in the migration
script can be reduced and the chance for typos is reduced.

This patch also introduces the marker for beginning of a pattern
"^" to the regex, so the match is more specific.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6b0eb84336)
2019-10-22 11:41:37 +02:00
Adrian Schmutzler
77d8efe80e ath79: fix patching ath9k MAC address for MyNet WiFi Range Extender
The code line patching ath9k MAC address for this device contains
a wrong number of arguments including an unset "$mac", which
looks like a typo or copy/paste mistake.

This has been introduced already in the device support commit
745dee11ac ("ath79: add support for WD My Net Wi-Fi Range
Extender").

This patch just removes the "$mac" argument, leaving a formally
valid line. (No on-device test has been performed.)

Cc: Christian Lamparter <chunkeey@gmail.com>

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6b53033783)
2019-10-22 11:41:14 +02:00
Adrian Schmutzler
081d96bece ath79: fix SUPPORTED_DEVICES for ubnt_nanostation-m
The ar71xx images for the Ubiquiti NanoStation M (XM) devices use
"nanostation-m" as board name, but the ath79 images are only
compatible with the "nano-m" board name, so sysupgrade complains.

By changing this additional supported device, sysupgrade smoothly
upgrades from ar71xx to ath79.

Ref: openwrt#2418

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f473ce6f23)
2019-10-22 11:40:56 +02:00
Roger Pueyo Centelles
77b96c5068 ath79: add SUPPORTED_DEVICES to ubnt_nanostation-m-xw
The ar71xx images for the Ubiquiti NanoStation M (XW) devices use
"nanostation-m-xw" as the board name, but the ath79 images are only
compatible with the "nano-m-xw" board name, so sysupgrade complains.

By adding this additional supported device, sysuspgrade smoothly
upgrades from ar71xx to ath79.

Tested on a NanoStation M (XW) running OpenWrt ar71xx r10250-016d1eb.

Ref: https://github.com/openwrt/openwrt/pull/2418
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
[removed duplicate DEVICE_VARIANT, removed uneeded nano-m-xw support]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 6dda2ea6ad)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-21 13:35:38 +02:00
Daniel Gimpelevich
24fddfa1be ath79: fix gigabit link pll-data for EX7300
The device did not appear to be reachable unless the connection were
forced to 100Mb or lower. Revert to previously working pll-data.

Also fix the phy-mode to represent the actual state needed for ethernet
to function.

Reported-by: Moritz Schreiber <moritz@mosos.de>
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
[add remark about phy-mode property]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ee41b602a2)
2019-10-21 09:08:58 +02:00
Masafumi UTSUGI
bf800022b2 ipq40xx: essedma: Fix dead lock
edma_read_append_stats() gets called from two places in the driver.
The first place is the kernel timer that periodically updates
the statistics, so nothing gets lost due to overflows.
The second one it's part of the userspace ethtool ioctl handler
to provide up-to-date values.

For this configuration, the use of spin_lock() is not sufficient
and as per:
<https://mirrors.edge.kernel.org/pub/linux/kernel/people/rusty/kernel-locking/c214.html>
the locking has to be upgraded to spin_lock_bh().

Signed-off-by: Masafumi UTSUGI <mutsugi@allied-telesis.co.jp>
[folded patch into 710-, rewrote message]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit f1d761f95e)
2019-10-20 15:16:31 +02:00
Eneas U de Queiroz
cd1136e550 openssl: Add engine configuration to openssl.cnf
This adds engine configuration sections to openssl.cnf, with a commented
list of engines.  To enable an engine, all you have to do is uncomment
the engine line.

It also adds some useful comments to the devcrypto engine configuration
section.  Other engines currently don't have configuration commands.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit cebf024c4d)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-10-20 15:16:30 +02:00
David Bauer
b058da3a7b ath79: correct ar71xx boardname for UniFi AC Lite
This corrects the additional boardname for the image metadata to the one
used in ar71xx. The previously present additional entry was never used
on a running system.

Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 1a256470e7)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-19 23:07:22 +02:00
David Bauer
bcb0fd1fa1 mpc85xx: correct TP-LINK TL-WDR4900 MAC addresses
This commit fixes TP-Link TL-WDR4900 v1 MAC address assignment.
Previously, the MAC addrss was read for the ethernet from the "config"
partition. However, the content of this partition is dependent on the
firmware which was previously installed on the device.

Switch the MAC address source to the U-Boot partition, where the MAC
address is always present at a fixed partition. The partition was
previously already used for the WiFi MAC-addresses.

Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 07e555d873)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-19 23:05:27 +02:00
DENG Qingfang
e5ab602c69 tcpdump: update to 4.9.3
Fixed CVEs:
	CVE-2017-16808
	CVE-2018-10103
	CVE-2018-10105
	CVE-2018-14461
	CVE-2018-14462
	CVE-2018-14463
	CVE-2018-14464
	CVE-2018-14465
	CVE-2018-14466
	CVE-2018-14467
	CVE-2018-14468
	CVE-2018-14469
	CVE-2018-14470
	CVE-2018-14879
	CVE-2018-14880
	CVE-2018-14881
	CVE-2018-14882
	CVE-2018-16227
	CVE-2018-16228
	CVE-2018-16229
	CVE-2018-16230
	CVE-2018-16300
	CVE-2018-16301
	CVE-2018-16451
	CVE-2018-16452
	CVE-2019-15166
	CVE-2019-15167

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 394273c066)
2019-10-19 14:30:05 +02:00
DENG Qingfang
8e78bbb7bb libpcap: update to 1.9.1
Fixed CVEs:
	CVE-2018-16301
	CVE-2019-15161
	CVE-2019-15162
	CVE-2019-15163
	CVE-2019-15164
	CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 44f11353de)
2019-10-19 14:30:05 +02:00
Sungbo Eo
0f3c06b0a5 kernel: fix typos in video KernelPackage description
Fixes: 4b3d17b709 ("kernel: add kmod-fb-sys-ram")
Fixes: b774acb479 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 9f73fad359)
2019-10-19 14:30:05 +02:00
Eubert Bao
69586db84b kirkwood: Fix FS#505 - Can't install LEDE on Linksys EA3500
The default sizes render Device/linksys_audi mage un-flashable.
Restore the pagesize, subpagesize, and blocksize for linksys_audi
from https://github.com/openwrt/archive.

Signed-off-by: Eubert Bao <bunnier@gmail.com>
(cherry picked from commit e11fc8439c)
2019-10-19 14:30:05 +02:00
Rosen Penev
5ad47b1ed8 uClibc++: Fix three bugs
The first allows usage of several functions in the std namespace, which
broke compilation of gddrescue specifically with uClibc-ng and uClibc++.

The second allows usage of long long with normal C++11, which is part of
the standard. Before, std=gnu++11 needed to be passsed to work around it.

As a result of the second patch, the pedantic patch can safely be removed.

Both patches are upstream backports.

Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long.

Added another patch that fixes a typo with the long long support. Sent to
upstream.

Fixed up license information according to SPDX.

Small cleanups for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 6ab386c9bc)
2019-10-19 14:30:00 +02:00
Eneas U de Queiroz
82a3beac9d hostapd: adjust to removal of WOLFSSL_HAS_AES_GCM
WolfSSL is always built with AES-GCM support now.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ee5a3f6d60)
2019-10-19 14:29:44 +02:00
Ali MJ Al-Nasrawy
b17c95bbdc trelay: fix deadlock on remove
Upon writing to "remove" file, debugfs_remove_recursive() blocks while
holding rtnl_lock. This is because debugfs' file_ops callbacks are
executed in debugfs_use_file_*() context which prevents file removal.

Fix this by only flagging the device for removal and then do the cleanup
in file_ops.release callback which is executed out of that context.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit c2635b871d)
2019-10-19 14:29:44 +02:00
Ali MJ Al-Nasrawy
9784a470bb trelay: handle netdevice events correctly
Since v3.11, netdevice notification data are of type
"struct netdev_notifier_info". Handle it as such!

This should fix a critical bug in which devices are unable get released
because trelay does not release resources in response to UNREGISTER
event spamming the log with something like:

unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit 77cfc0739d)
2019-10-19 14:29:44 +02:00
leo chung
3b1d71ffd8 bzip2: add linker option LDFLAGS
if gcc not linker whith this LDFLAGS, "file libbz2.so.1.0.8" will
recognize as pie executable ELF file ( which should be shared object).

this because the file command version before 5.36 not recognize
correctly.

Signed-off-by: leo chung <gewalalb@gmail.com>
(cherry picked from commit 56ab58fb6c)
2019-10-19 14:29:44 +02:00
Biwen Li
ddff739d15 kernel: layerscape: fix compilation error
This fixes a compilation error as follows:
drivers/staging/fsl_qbman/qman_config.c:815:29: error: bitwise comparison
always evaluates to false [-Werror=tautological-compare]
  if ((qman_ip_rev & 0xFF00) == QMAN_REV31) {

Signed-off-by: Biwen Li <biwen.li@nxp.com>
(cherry picked from commit 53b73131e9)
2019-10-19 14:29:38 +02:00
Ilya Gordeev
8c8212c680 tplink-safeloader: fix compilation warnings
Signed-off-by: Ilya Gordeev <Mirraz@users.noreply.github.com>
(cherry picked from commit 5daf094353)
2019-10-19 14:27:34 +02:00