mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-23 23:42:43 +00:00
b5cde26048
critical fixes: - libtommath: possible integer overflow (CVE-2023-36328) - implement Strict KEX mode (CVE-2023-48795) various fixes: - fix DROPBEAR_DSS and DROPBEAR_RSA config options - y2038 issues - remove SO_LINGER socket option - make banner reading failure non-fatal - fix "noremotetcp" behavior - don't try to shutdown a pty - fix test for multiuser kernels adds new features: - option to bind to interface - allow inetd with non-syslog - ignore unsupported command line options with dropbearkey Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> |
||
---|---|---|
.. | ||
001-add-if-DROPBEAR_RSA-guards.patch | ||
002-fix-y2038-issues.patch | ||
003-fix-DROPBEAR_DSS.patch | ||
004-allow-users-s-own-gid-in-pty-permission-check.patch | ||
005-const-parameter-mp_int.patch | ||
006-dropbearkey-add-missing-break-in-switch.patch | ||
007-fix-building-only-client-or-server.patch | ||
008-disable-rsa-signatures-when-no-rsa-hostkey.patch | ||
009-use-write-rather-than-fprintf-in-segv-handler.patch | ||
010-remove-SO_LINGER.patch | ||
011-add-option-to-bind-to-interface.patch | ||
012-add-ifdef-guards-for-SO_BINDTODEVICE.patch | ||
013-make-banner-reading-failure-non-fatal.patch | ||
014-dropbearkey-ignore-unsupported-command-line-option.patch | ||
015-libtommath-fix-possible-integer-overflow.patch | ||
016-src-svr-tcpfwd-Fix-noremotetcp-behavior.patch | ||
017-Don-t-try-to-shutdown-a-pty.patch | ||
018-dropbearkey-add-alias-to-ssh-keygen.patch | ||
019-Allow-inetd-with-non-syslog.patch | ||
020-Fix-test-for-multiuser-kernels.patch | ||
021-Implement-Strict-KEX-mode.patch | ||
100-pubkey_path.patch | ||
110-change_user.patch | ||
130-ssh_ignore_x_args.patch | ||
140-disable_assert.patch | ||
160-lto-jobserver.patch | ||
600-allow-blank-root-password.patch | ||
900-configure-hardening.patch | ||
901-bundled-libs-cflags.patch | ||
910-signkey-fix-use-of-rsa-sha2-256-pubkeys.patch |