Commit Graph

42345 Commits

Author SHA1 Message Date
DENG Qingfang
96a87b90ef libpcap: update to 1.9.1
Fixed CVEs:
	CVE-2018-16301
	CVE-2019-15161
	CVE-2019-15162
	CVE-2019-15163
	CVE-2019-15164
	CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 44f11353de)
2019-10-19 15:26:19 +02:00
Syrone Wong
a857fc2ded libpcap: update to 1.9.0
001-Fix-compiler_state_t.ai-usage-when-INET6-is-not-defi.patch dropped due to upstream
002-Add-missing-compiler_state_t-parameter.patch dropped due to upstream

202-protocol_api.patch dropped due to implemented upstream by another way
upstream commit: 55c690f6f8
and renamed via: 697b1f7e9b

ead is the only user who use the protocol api, we have to use the new api since libpcap 1.9.0

Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
2019-10-19 15:25:45 +02:00
Koen Vandeputte
31181fa062 kernel: bump 4.14 to 4.14.149
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:14:13 +02:00
Koen Vandeputte
9628612abe kernel: bump 4.14 to 4.14.148
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 15:53:15 +02:00
Koen Vandeputte
1737131c9d kernel: bump 4.9 to 4.9.196
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 15:53:15 +02:00
Koen Vandeputte
778243b3b4 kernel: bump 4.14 to 4.14.147
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Compile-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 12:46:02 +02:00
Koen Vandeputte
d513f28351 kernel: bump 4.9 to 4.9.195
Refreshed all patches.

Altered patches:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch

Compile-tested on: ar71xx
Compile-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 12:46:02 +02:00
Christian Lamparter
6f1a71c2d0 apm821xx: fix fan control on highest step
This patch removes a typo (extra "0") so that the 'cpu-alert6'
step is triggered once the system reaches 85°C.

Note: Unless the WNDR4700 is placed in an hot oven, the
hardware-monitor will never reach this value.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-09-28 14:36:00 +02:00
Rafał Miłecki
491e839262 brcm47xx: sysupgrade: fix device model detection
$(board_name) was providing content on "boardtype" (and optionally
"boardnum") NVRAM values. That function requires & expects more specific
and detailed model name extracted from the /proc/cpuinfo.

Fixes: f12a32630f ("treewide: use the generic board_name function")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-26 06:54:31 +02:00
Koen Vandeputte
4acc0db480 kernel: bump 4.14 to 4.14.146
Refreshed all patches.

Fixes:
- CVE-2019-14814
- CVE-2019-14815
- CVE-2019-14816
- CVE-2019-14821

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-24 12:53:40 +02:00
Koen Vandeputte
3699327da3 kernel: bump 4.9 to 4.9.194
Refreshed all patches.

Fixes:
- CVE-2019-14814
- CVE-2019-14815
- CVE-2019-14816
- CVE-2019-14821

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-24 12:53:40 +02:00
Hauke Mehrtens
45a2c0f309 hostapd: Fix AP mode PMF disconnection protection bypass
This fixes
* CVE-2019-16275 AP mode PMF disconnection protection bypass
https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a6981604b3)
2019-09-21 21:16:22 +02:00
Hauke Mehrtens
e289a4133c hostapd: SAE/EAP-pwd side-channel attack update
Fixes this security problem:
* SAE/EAP-pwd side-channel attack update
https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7bed9bf10f)
2019-09-21 21:16:07 +02:00
Magnus Kroken
a63edb4691 mbedtls: update to 2.16.3
Remove 300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch,
the issue has been fixed upstream.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit 49d96ffc5c)
2019-09-21 21:11:21 +02:00
Josef Schlehofer
2698157d54 mbedtls: Update to version 2.16.2
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
(cherry picked from commit a2f54f6d5d)
2019-09-21 21:10:44 +02:00
Eneas U de Queiroz
952bafa03c openssl: bump to 1.0.2t, add maintainer
This version fixes 3 low-severity vulnerabilities:

- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
                 CMS_decrypt_set1_pkey

Patches were refreshed, and Eneas U de Queiroz added as maintainer.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-09-20 20:50:07 +02:00
Koen Vandeputte
7e1db8f27c kernel: bump 4.14 to 4.14.145
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-20 15:52:54 +02:00
Koen Vandeputte
d32cf52674 kernel: bump 4.14 to 4.14.144
Refreshed all patches.

Fixes:
- CVE-2019-15030

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-20 13:17:20 +02:00
Koen Vandeputte
745292ba10 kernel: bump 4.9 to 4.9.193
Refreshed all patches.

Fixes:
- CVE-2019-15030

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-20 13:17:20 +02:00
Rafał Miłecki
5880dd48d5 mac80211: brcmfmac: backport the last 5.4 changes
This makes brcmfmac use the same wiphy after PCIe reset to help user
space handle corner cases (e.g. firmware crash).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f39f4b2f6d)
2019-09-16 09:25:29 +02:00
Koen Vandeputte
90f6af5108 ar71xx: fix potential IRQ misses during dispatch for qca953x
If both interrupts are set in the current implementation
only the 1st will be handled and the 2nd will be skipped
due to the "if else" condition.

Fix this by using the same approach as done for QCA955x
just below it.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-13 16:04:00 +02:00
Koen Vandeputte
e545808e89 ar71xx: Fix potentially missed IRQ handling during dispatch
If both interrupts are set in the current implementation
only the 1st will be handled and the 2nd will be skipped
due to the "if else" condition.

Fix this by using the same approach as done for QCA955x
just below it.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-13 16:04:00 +02:00
Koen Vandeputte
59e42f9e3e kernel: bump 4.14 to 4.14.143
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-13 16:04:00 +02:00
Koen Vandeputte
418cf097e7 kernel: bump 4.9 to 4.9.192
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-13 16:04:00 +02:00
Yousong Zhou
6f677d6848 tools: mkimage: fix __u64 typedef conflict with new glibc
Including "sys/stat.h" from newer glibc will cause __u64 from linux uapi
header to be included, causing compilation failure for u-boot tools
USE_HOSTCC

Remove typedef for __u64 in include/compiler.h to fix the issue.  It should be
safe because as of u-boot-2018.03, no ref to __u64 is found under u-boot tools/
directory

Error message snippet follows

	  HOSTCC  tools/mkenvimage.o
	In file included from /usr/include/asm-generic/types.h:7,
			 from /usr/include/asm/types.h:5,
			 from /usr/include/linux/types.h:5,
			 from /usr/include/linux/stat.h:5,
			 from /usr/include/bits/statx.h:30,
			 from /usr/include/sys/stat.h:446,
			 from tools/mkenvimage.c:21:
	/usr/include/asm-generic/int-ll64.h:31:42: error: conflicting types for '__u64'
	   31 | __extension__ typedef unsigned long long __u64;
	      |                                          ^~~~~
	In file included from <command-line>:
	././include/compiler.h:69:18: note: previous declaration of '__u64' was here
	   69 | typedef uint64_t __u64;
	      |                  ^~~~~
	make[5]: *** [scripts/Makefile.host:116: tools/mkenvimage.o] Error 1

Ref: https://forum.openwrt.org/t/compile-error-19-07/44423
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1699194
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-09-12 06:07:18 +00:00
Koen Vandeputte
c5ed9f4344 kernel: bump 4.14 to 4.14.142
Refreshed all patches.

Remove upstreamed:
- 0032-usb-host-fotg2-restart-hcd-after-port-reset.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-11 10:01:24 +02:00
Koen Vandeputte
556f86bbfd kernel: bump 4.9 to 4.9.191
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-11 10:01:23 +02:00
Adrian Schmutzler
2d257351f3 ramips: fix duplicate network setup for dlink, dir-615-h1
In 555ca422d1 ("ramips: fix D-Link DIR-615 H1 switch port
mapping"), port setup for dir-615-h1 was changed without removing
the old one. This was working as the new one was triggered earlier
than the old one.

(In the meantine, changed sorting during ramips rename patches
actually inversed that order.)

Anyway, just remove the wrong case now.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit e35e4a996e)
2019-09-09 21:11:18 +08:00
Mirko Parthey
2a22e41fe4 ramips: fix D-Link DIR-615 H1 switch port mapping
Reuse a device-specific switch port mapping which also applies to the
D-Link DIR-615 H1.

Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
[cherry-pick/rebase]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 555ca422d1)
2019-09-09 21:11:18 +08:00
Adrian Schmutzler
f9dec32be7 ramips: remove duplicate case for MAC setup of freestation5
ARC FreeStation5 is present twice in MAC address setup.

>From older commits/changes, it is not possible to reconstruct
the correct choice only by reading the annotations.

Thus, remove the second case and keep the first one, so behavior
stays the same (as nobody seems to have complained about it).

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit ad4eb2241b)
2019-09-09 21:11:18 +08:00
Rafał Miłecki
7393ce8d87 mac80211: brcmfmac: backport more kernel 5.4 changes
Patch getting RAM info got upstreamed. A debugging fs entry for testing
reset feature was added.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 681acdcc54)
2019-09-09 12:57:56 +02:00
Josef Schlehofer
f6de1fa6c6 bzip2: Fix CVE-2019-12900
More details about this CVE:
https://nvd.nist.gov/vuln/detail/CVE-2019-12900

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-09-03 12:55:00 +02:00
Michal Cieslakiewicz
7ac6044632 ar71xx: WNR2200: remove redundant GPIO for WLAN LED
Without this patch, an extra entry appears for AR9287 GPIO
that duplicates WLAN LED but in fact drives nothing:

gpiochip1: GPIOs 502-511, ath9k-phy0:
 gpio-502 (                    |netgear:blue:wlan   ) out hi
 gpio-503 (                    |netgear:amber:test  ) out hi
 gpio-504 (                    |netgear:green:power ) out lo
 gpio-505 (                    |rfkill              ) in  hi
 gpio-507 (                    |wps                 ) in  hi
 gpio-508 (                    |reset               ) in  hi
 gpio-510 (                    |ath9k-phy0          ) out hi <===!

The pin pointed above is default LED GPIO (8) for AR9287.
For WNR2200 it is not connected anywhere - pin 0 drives blue WLAN
LED instead - but initialization code is missing that information.

This fix calls ap9x_pci_setup_wmac_led_pin() function at device
setup, forcing WLAN LED pin to be 0 and removing redundant entry.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2019-08-30 23:20:31 +02:00
Koen Vandeputte
9d1cd9d098 kernel: bump 4.14 to 4.14.141
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-30 16:47:33 +02:00
Koen Vandeputte
4b5c77ca2f ath9k: backport dynack improvements
Close cooperation with Lorenzo Bianconi resulted
in these patches which fix all remaining seen issues
when using dynack.

Fix link losses when:
- Late Ack's are not seen or not present
- switching from too low static coverage class to dynack on a live link

These are fixed by setting the Ack Timeout/Slottime to
the max possible value for the currently used channel width when
a new station has been discovered.

When traffic flows, dynack is able to adjust to optimal values
within a few packets received (typically < 1 second)

These changes have been thoroughly tested on ~60 offshore devices
all interconnected using mesh over IBSS and dynack enabled on all.

Distances between devices varied from <100m up to ~35km

[move patches to correct folder + renumber]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
(cherry picked from commit f6e8ba0238fe349b7529357793e2fb18635819ed)
2019-08-28 13:10:08 +02:00
Koen Vandeputte
73bba470a4 kernel: bump 4.14 to 4.14.140
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-28 13:10:08 +02:00
Koen Vandeputte
8bc800aa56 kernel: bump 4.9 to 4.9.190
Refreshed all patches.

Fixes:
- CVE-2019-3900

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-28 13:10:08 +02:00
Koen Vandeputte
c948a74158 kernel: bump 4.14 to 4.14.139
Refreshed all patches.

Also add a missing symbol for x86 which got used now in this bump.
- ISCSI_IBFT

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-27 10:39:49 +02:00
Hauke Mehrtens
09d63fb0a6 musl: Fix CVE-2019-14697
musl libc through 1.1.23 has an x87 floating-point stack adjustment
imbalance, related to the math/i386/ directory. In some cases, use of
this library could introduce out-of-bounds writes that are not present
in an application's source code.

This problem only affects x86 and no other architectures.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c262daf308)
2019-08-19 00:03:32 +02:00
Jan Pavlinec
564d81e944 iptables: patch CVE-2019-11360 (security fix)
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
2019-08-17 17:23:17 +02:00
Luiz Angelo Daros de Luca
5e3b21c916 musl: ldso/dlsym: fix mips returning undef dlsym
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.

Backporting upstream fix which now uses the same logic for relocation
time and dlsym.

Fixes openwrt/packages#9297

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2019-08-17 17:23:17 +02:00
Eneas U de Queiroz
2df2b75208 wolfssl: fixes for CVE-2018-16870 & CVE-2019-13628
CVE-2018-16870: medium-severity, new variant of the Bleichenbacher
attack to perform downgrade attacks against TLS, which may lead to
leakage of sensible data. Backported from 3.15.7.

CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack. Backported from 4.1.0.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-08-17 17:23:17 +02:00
Koen Vandeputte
09bdc14419 kernel: bump 4.14 to 4.14.138
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-14 18:24:41 +02:00
Koen Vandeputte
e058fb3658 kernel: bump 4.9 to 4.9.189
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-14 18:24:41 +02:00
Rosen Penev
28dc34f249 xfsprogs: Replace valloc with posix_memalign
Fixes compilation under uClibc-ng.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit e49b6bb618)
2019-08-14 09:12:52 +02:00
Rosen Penev
24967a6c42 libbsd: Fix compilation under ARC
The 8 year old file does not have any ARC definitions.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[updated content of the patch with version sent to upstream]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 395bef4bba)
2019-08-14 09:12:23 +02:00
Rosen Penev
30815d65d2 nftables: Fix compilation with uClibc-ng
Missing header for va_list.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[updated with upstream version of the patch]
(cherry picked from commit 2f97797471)
2019-08-14 09:12:23 +02:00
Russell Senior
dc2f2a16d3 tools/patch: apply upstream patch for cve-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style

diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638

Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry picked from commit bcfd1d7685)
2019-08-14 09:12:23 +02:00
Russell Senior
c99ceb7030 tools/patch: apply upstream patch for CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

https://nvd.nist.gov/vuln/detail/CVE-2019-13636

Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry picked from commit 995bcc5329)
2019-08-14 09:12:23 +02:00
Koen Vandeputte
89808e211c kernel: bump 4.14 to 4.14.137
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-09 18:34:08 +02:00