- Jan 30, 2018
-
-
Jiri Slachta authored
libssh2, libxslt, tiff: security bumps (for 15.05)
-
Sebastian Kemper authored
- Bumps version to 4.0.9. Otherwise about two dozen packages would need to be backported. There were no ABI/API changes between 4.0.3 and 4.0.9, so this is OK. - Adds a patch from Jow that addresses a macro issue (already in master/lede-17.01) - Adds patches copied from Debian for CVE-2017-18013 and CVE-2017-9935 on top. Signed-off-by:
Sebastian Kemper <sebastian_ml@gmx.net>
-
Sebastian Kemper authored
- Add patches copied from Debian to address open CVEs - Update mail address of maintainer - Fix a typo - Add --disable-silent-rules for verbose build output Signed-off-by:
Sebastian Kemper <sebastian_ml@gmx.net>
-
Sebastian Kemper authored
- adds patch copied from Debian to address CVE - fixes zlib detection - changes http to https links - updates maintainer's mail address Signed-off-by:
Sebastian Kemper <sebastian_ml@gmx.net>
-
- Jan 29, 2018
-
-
Zoltan Herpai authored
CC: net/irssi: upgrade irssi, update download URL
-
Zoltan Herpai authored
CC: multimedia/xupnpd: move download source and upgrade to 2016-07-06
-
Zoltan Herpai authored
CC: bluez: upgrade to 5.47
-
- Jan 24, 2018
-
-
Marko Ratkaj authored
CC: squid: upgrade to 3.5.27
-
- Dec 07, 2017
-
-
Zoltan Herpai authored
CC: bind: bump to 9.11.2
-
- Dec 06, 2017
-
-
Zoltan HERPAI authored
Signed-off-by:
Zoltan HERPAI <wigyori@uid0.hu>
-
- Nov 19, 2017
-
-
Philip Prindeville authored
Also refresh patches and dependencies. Signed-off-by:
Philip Prindeville <philipp@redfish-solutions.com>
-
Noah Meyerhans authored
New upstream release includes fixes for the following security issues: * CVE-2017-3140: With certain RPZ configurations, a response with TTL 0 could cause named to go into an infinite query loop * CVE-2017-3142: An error in TSIG handling could permit unauthorized zone transfers or zone updates. * CVE-2017-3143: An error in TSIG handling could permit unauthorized zone transfers or zone updates. Signed-off-by:
Noah Meyerhans <frodo@morgul.net>
-
Sami Olmari authored
<net/bind> Maintainer: @nmeyerhans Compile tested: x86_64, OpenWRT 50107 Run tested: x86 / 64, OpenWRT 50107 Description: Added dnssec-settime into bind-dnssec and bind-tools Signed-off-by:
Sami Olmari <sami+git@olmari.fi>
-
Noah Meyerhans authored
This change includes fixes for several security issues: * CVE-2017-3138: rndc "" could trigger an assertion failure in named. * CVE-2017-3137: Some chaining (i.e., type CNAME or DNAME) responses to upstream queries could trigger assertion failures. * CVE-2017-3136: dns64 with break-dnssec yes; can result in an assertion failure. * CVE-2017-3135: If a server is configured with a response policy zone (RPZ) that rewrites an answer with local data, and is also configured for DNS64 address mapping, a NULL pointer can be read triggering a server crash. * CVE-2016-9444: named could mishandle authority sections with missing RRSIGs, triggering an assertion failure. * CVE-2016-9131: named mishandled some responses where covering RRSIG records were returned without the requested data, resulting in an assertion failure. * CVE-2016-9131: named incorrectly tried to cache TKEY records which could trigger an assertion failure when there was a class mismatch. * CVE-2016-8864: It was possible to trigger assertions when processing responses containing answers of type DNAME. * CVE-2016-6170: Added the ability to specify the maximum number of records permitted in a zone (max-records #;). This provides a mechanism to block overly large zone transfers, which is a potential risk with slave zones from other parties. * CVE-2016-2776: It was possible to trigger an assertion when rendering a message using a specially crafted request. * CVE-2016-2775: Calling getrrsetbyname() with a non absolute name could trigger an infinite recursion bug in lwresd or named with lwres configured if, when combined with a search list entry from resolv.conf, the resulting name is too long. Signed-off-by:
Noah Meyerhans <frodo@morgul.net>
-
Noah Meyerhans authored
This change fixes multiple denial-of-service vulnerabilities: * CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion * CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure * CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure * CVE-2016-9778: An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c Signed-off-by:
Noah Meyerhans <frodo@morgul.net>
-
Stijn Tintel authored
If libjson-c is detected during bind-libs configure phase, bind-libs will be built with libjson support. This results in a missing dependency error during install phase. Solve this by disabling libjson support.
-
Noah Meyerhans authored
Signed-off-by:
Noah Meyerhans <frodo@morgul.net>
-
- Nov 18, 2017
-
-
Zoltan Herpai authored
CC: upgrade mxml, update download URL
-
Zoltan Herpai authored
CC: wifidog: upgrade to 1.3.0 to fix build
-
Hirokazu MORIKAWA authored
http://www.bluez.org/release-of-bluez-5-47/ Signed-off-by:
Hirokazu MORIKAWA <morikw2@gmail.com>
-
Álvaro Fernández Rojas authored
Fixes https://github.com/openwrt/packages/issues/2523 Closes https://github.com/openwrt/packages/pull/2545 Signed-off-by:
Álvaro Fernández Rojas <noltari@gmail.com>
-
Álvaro Fernández Rojas authored
- Adds bcm43xx-3wire variant. - Resets UART speed after firmware download. - Prints chip name when firmware isn't found for bcm43xx. - Increases timeout for bcm43xx. - Moves bcm43xx firmware to lib. Signed-off-by:
Álvaro Fernández Rojas <noltari@gmail.com>
-
Álvaro Fernández Rojas authored
Signed-off-by:
Álvaro Fernández Rojas <noltari@gmail.com>
-
Hauke Mehrtens authored
Signed-off-by:
Hauke Mehrtens <hauke@hauke-m.de>
-
Hauke Mehrtens authored
Signed-off-by:
Hauke Mehrtens <hauke@hauke-m.de>
-
Hauke Mehrtens authored
The btmgmt tool is needed to activate BL LE support. Currently it is not installed. Signed-off-by:
Hauke Mehrtens <hauke@hauke-m.de>
-
Bruno Randolf authored
Move bluetoothd and related programs and files from bluez-utils into bluez-daemon package. The main motivation for this is to remove the dependency to DBus from bluez-utils. The utilities like "hcitool" are useful without it. Also add kmod-bluetooth dependency to bluez-utils, as the utils don't make much sense without bluetooth support in the kernel. Signed-off-by:
Bruno Randolf <br1@einfach.org>
-
Zoltan Herpai authored
CC: mail/fdm: update download URL
-
Zoltan Herpai authored
CC: utils/taskwarrior: upgrade to 2.4.4
-
Zoltan Herpai authored
CC: upgrade a couple perl packages
-
Zoltan Herpai authored
CC: net/tor: fix build and upgrade to 0.2.9.11
-
- Nov 13, 2017
-
-
Michael Heimpold authored
CC: php: upgrade to 5.6.32 LGTM2, thanks.
-
Thomas Heil authored
CC: nginx: upgrade to 1.12.1
-
Zoltan Herpai authored
CC: update download URLs for various packages
-
Zoltan Herpai authored
CC: upgrade libs/neon
-
Zoltan Herpai authored
CC: fix pianod build
-
- Nov 12, 2017
-
-
Marko Ratkaj authored
Bump Squid to version 3.5.27 and fix broken menuconfig menu. Signed-off-by:
Marko Ratkaj <marko.ratkaj@sartura.hr>
-
Adam Gensler authored
Copy mime.conf to temporary directory so squid process can properly read the file. Without it squid cannot access mime.conf and throws a warning during startup. Signed-off by: Adam Gensler <openwrt@a.gnslr.us>
-
Zoltan Herpai authored
CC: net/stunnel: fix download source and upgrade
-
Zoltan Herpai authored
CC: upmpdcli/libupnpp upgrade
-