librecmc/librecmc.git
6 years agoBump OpenSSL to 1.0.2o
RISCi_ATOM [Mon, 2 Apr 2018 05:45:22 +0000 (01:45 -0400)]
Bump OpenSSL to 1.0.2o

6 years agoAdd flock to procd dep v1.4.3
RISCi_ATOM [Sun, 1 Apr 2018 09:04:24 +0000 (05:04 -0400)]
Add flock to procd dep

6 years agoRevert opkg
RISCi_ATOM [Sun, 1 Apr 2018 06:10:32 +0000 (02:10 -0400)]
Revert opkg

6 years agoBump mbedtls to 2.8.0 with upstream patch
RISCi_ATOM [Fri, 30 Mar 2018 18:00:32 +0000 (14:00 -0400)]
Bump mbedtls to 2.8.0 with upstream patch

6 years agoAdds Soft Brick Recovery doc
Christopher Howard [Wed, 28 Mar 2018 23:28:47 +0000 (15:28 -0800)]
Adds Soft Brick Recovery doc

6 years agoAdd Shell-in-a-box support to libreCMC
RISCi_ATOM [Thu, 29 Mar 2018 16:16:06 +0000 (12:16 -0400)]
Add Shell-in-a-box support to libreCMC

6 years agoBump OpenVPN to 4.4.5 (fix)
RISCi_ATOM [Wed, 28 Mar 2018 20:25:13 +0000 (16:25 -0400)]
Bump OpenVPN to 4.4.5 (fix)

6 years agoRevert "Bump OpenVPN to 4.4.5"
RISCi_ATOM [Wed, 28 Mar 2018 19:38:22 +0000 (15:38 -0400)]
Revert "Bump OpenVPN to 4.4.5"

This reverts commit 3a07a7db1c019cf1405117fd5787382b1317e0f5.

6 years agoBump OpenVPN to 4.4.5
RISCi_ATOM [Wed, 28 Mar 2018 18:05:54 +0000 (14:05 -0400)]
Bump OpenVPN to 4.4.5

6 years ago mbedtls: update to version 2.7.0
RISCi_ATOM [Tue, 20 Mar 2018 19:45:16 +0000 (15:45 -0400)]
mbedtls: update to version 2.7.0

    This fixes the following security problems:
    * CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled
    * CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures

    This release is also ABI incompatible with the previous one, but it is
    API compatible.

    Some functions used by a lot of other software was renamed and the old
    function names are provided as a static inline now, but they are only
    active when deprecated functions are allowed, deactivate the removal of
    deprecated functions for now.

    Also increase the PKG_RELEASE version to force a rebuild and update of
    packages depending on mbedtls to handle the changed ABI.

    Picked from upstream commit : f609913b5c60f7c65c462730993cd1c752083fd6

6 years agoBump x86 config
RISCi_ATOM [Fri, 16 Mar 2018 16:21:03 +0000 (12:21 -0400)]
Bump x86 config

6 years agoRemove 4.4.115 ref. and bump libreCMC version to v1.4.3
RISCi_ATOM [Thu, 15 Mar 2018 21:25:08 +0000 (17:25 -0400)]
Remove 4.4.115 ref. and bump libreCMC version to v1.4.3

6 years agoBump kernel to 4.4.120 and update e2fsprogs
RISCi_ATOM [Thu, 15 Mar 2018 21:23:16 +0000 (17:23 -0400)]
Bump kernel to 4.4.120 and update e2fsprogs

6 years agoChange the ref to libreCMC wiki since all docs have been moved to /docs folder.
RISCI_ATOM [Fri, 9 Mar 2018 19:09:42 +0000 (14:09 -0500)]
Change the ref to libreCMC wiki since all docs have been moved to /docs folder.

6 years agoRevert OpenVPN version bump (broken wait patch)...
RISCi_ATOM [Fri, 9 Mar 2018 02:02:24 +0000 (21:02 -0500)]
Revert OpenVPN version bump (broken wait patch)...

This reverts commit 536c73f53360577cd7a6481ca8091198f120cb0e.

6 years agoBump OpenVPN to 2.4.5 (testing)
RISCi_ATOM [Thu, 8 Mar 2018 18:25:39 +0000 (13:25 -0500)]
Bump OpenVPN to 2.4.5 (testing)

6 years agoFix TL-WR1043ND link
RISCI_ATOM [Thu, 1 Mar 2018 17:30:15 +0000 (12:30 -0500)]
Fix TL-WR1043ND link

6 years agoAdds server interface setup details
Christopher Howard [Tue, 27 Feb 2018 17:10:29 +0000 (08:10 -0900)]
Adds server interface setup details

6 years agoMerge branch 'v1.4' of pi31415/libreCMC-cmh into v1.4
RISCI_ATOM [Fri, 23 Feb 2018 03:23:35 +0000 (22:23 -0500)]
Merge branch 'v1.4' of pi31415/libreCMC-cmh into v1.4

6 years agoTweaks to server config of L2 VPN guide 41/head
Christopher Howard [Thu, 22 Feb 2018 20:52:45 +0000 (11:52 -0900)]
Tweaks to server config of L2 VPN guide

6 years agoPull in updated system / network components from upstream (stage 1)
RISCi_ATOM [Wed, 21 Feb 2018 21:21:52 +0000 (16:21 -0500)]
Pull in updated system / network components from upstream (stage 1)

6 years agoPull nfs-server support into core
RISCi_ATOM [Wed, 21 Feb 2018 20:22:56 +0000 (15:22 -0500)]
Pull nfs-server support into core

6 years agoFix grammar issue
RISCi_ATOM [Fri, 16 Feb 2018 20:41:28 +0000 (15:41 -0500)]
Fix grammar issue

6 years agoAdd libreCMC banner / shell prompt with a few corrections
RISCi_ATOM [Fri, 16 Feb 2018 20:39:59 +0000 (15:39 -0500)]
Add libreCMC banner / shell prompt with a few corrections

6 years agoFix typo : dialup vs dialout group
RISCi_ATOM [Fri, 16 Feb 2018 20:26:17 +0000 (15:26 -0500)]
Fix typo : dialup vs dialout group

6 years agoAdd basic serial console documentation (still needs work).
RISCi_ATOM [Fri, 16 Feb 2018 20:23:58 +0000 (15:23 -0500)]
Add basic serial console documentation (still needs work).

6 years agoAdd experimental Tor support to base libreCMC
RISCi_ATOM [Fri, 16 Feb 2018 17:21:02 +0000 (12:21 -0500)]
Add experimental Tor support to base libreCMC

Pulled in libcap and tor from upstream master.

6 years agoMinor edits to System Log doc for consistency
Christopher Howard [Mon, 12 Feb 2018 19:01:16 +0000 (10:01 -0900)]
Minor edits to System Log doc for consistency

6 years agoSystem Log doc: Changes prompt for MD readability
Christopher Howard [Mon, 12 Feb 2018 18:58:27 +0000 (09:58 -0900)]
System Log doc: Changes prompt for MD readability

6 years agoTests markup keywords
Christopher Howard [Mon, 12 Feb 2018 18:55:40 +0000 (09:55 -0900)]
Tests markup keywords

6 years agoFixes type in System Log documentation
Christopher Howard [Mon, 12 Feb 2018 18:54:40 +0000 (09:54 -0900)]
Fixes type in System Log documentation

6 years agoFixes broken image links in System Log documentation
Christopher Howard [Mon, 12 Feb 2018 18:51:57 +0000 (09:51 -0900)]
Fixes broken image links in System Log documentation

6 years agoAdds System Log documentation
Christopher Howard [Mon, 12 Feb 2018 18:48:10 +0000 (09:48 -0900)]
Adds System Log documentation

6 years agoAdd / fix carl9170 firmware
RISCi_ATOM [Mon, 12 Feb 2018 17:48:04 +0000 (12:48 -0500)]
Add / fix carl9170 firmware

6 years agoBump kernel to 4.4.115
RISCi_ATOM [Mon, 5 Feb 2018 02:09:55 +0000 (21:09 -0500)]
Bump kernel to 4.4.115

6 years agoFix CVE 2018-5332
RISCi_ATOM [Tue, 30 Jan 2018 11:28:54 +0000 (06:28 -0500)]
Fix CVE 2018-5332

The Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not
validate a value that is used during DMA page allocation, leading to a heap-based
out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

Patch based upon:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c095508770aebf1b9218e77026e48345d719b17c

6 years agoMerge branch 'fix_ar300m_flashing' of somenut/libreCMC into v1.4
RISCI_ATOM [Tue, 23 Jan 2018 19:51:53 +0000 (14:51 -0500)]
Merge branch 'fix_ar300m_flashing' of somenut/libreCMC into v1.4

6 years agoFix flash as RISC_ATOM's sugguestions 37/head
hungrymonkey [Tue, 23 Jan 2018 17:39:54 +0000 (09:39 -0800)]
Fix flash as RISC_ATOM's sugguestions

change the last step to reflect the two buttons

6 years agoMerge branch 'v1.4' of somenut/libreCMC into v1.4
RISCI_ATOM [Tue, 23 Jan 2018 17:21:00 +0000 (12:21 -0500)]
Merge branch 'v1.4' of somenut/libreCMC into v1.4

6 years agoAdded GL-AR300M documentation. 36/head
hungrymonkey [Tue, 23 Jan 2018 07:04:53 +0000 (23:04 -0800)]
Added GL-AR300M documentation.
The router is currently unsupported by Librecmc at the moment

6 years agoMerge branch 'v1.4' of https://gogs.librecmc.org/libreCMC/libreCMC into v1.4
RISCi_ATOM [Tue, 23 Jan 2018 00:25:31 +0000 (19:25 -0500)]
Merge branch 'v1.4' of https://gogs.librecmc.org/libreCMC/libreCMC into v1.4

6 years agoFix broken link
RISCI_ATOM [Sun, 21 Jan 2018 07:20:39 +0000 (02:20 -0500)]
Fix broken link

6 years agodnsmasq: backport validation fix in dnssec security fix
Kevin Darbyshire-Bryant [Sat, 20 Jan 2018 08:46:28 +0000 (08:46 +0000)]
dnsmasq: backport validation fix in dnssec security fix

A DNSSEC validation error was introduced in the fix for CVE-2017-15107

Backport the upstream fix to the fix (a simple typo)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(backported from commit adaf1cbcc8b253ea807dbe0416b4b04c33dceadf)

6 years agodnsmasq: backport dnssec security fix for 17.01
Kevin Darbyshire-Bryant [Fri, 19 Jan 2018 17:15:41 +0000 (17:15 +0000)]
dnsmasq: backport dnssec security fix for 17.01

CVE-2017-15107

An interesting problem has turned up in DNSSEC validation. It turns out
that NSEC records expanded from wildcards are allowed, so a domain can
include an NSEC record for *.example.org and an actual query reply could
expand that to anything in example.org  and still have it signed by the
signature for the wildcard. So, for example

!.example.org NSEC zz.example.org

is fine.

The problem is that most implementers (your author included, but also
the Google public DNS people, powerdns and Unbound) then took that
record to prove the nothing exists between !.example.org and
zz.example.org, whereas in fact it only provides that proof between
*.example.org and zz.example.org.

This gives an attacker a way to prove that anything between
!.example.org and *.example.org doesn't exists, when it may well do so.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoMerge branch 'port-forwarding-doc' of pi31415/libreCMC-cmh into v1.4
RISCI_ATOM [Thu, 18 Jan 2018 01:06:08 +0000 (20:06 -0500)]
Merge branch 'port-forwarding-doc' of pi31415/libreCMC-cmh into v1.4

6 years agoMinor edits to Port Forwards doc 33/head
Christopher Howard [Wed, 17 Jan 2018 19:03:17 +0000 (10:03 -0900)]
Minor edits to Port Forwards doc

6 years agoAdds images and corrections to Port Forwards doc
Christopher Howard [Wed, 17 Jan 2018 18:51:29 +0000 (09:51 -0900)]
Adds images and corrections to Port Forwards doc

6 years agoAdds initial Port Forwarding doc
Christopher Howard [Mon, 15 Jan 2018 17:32:41 +0000 (08:32 -0900)]
Adds initial Port Forwarding doc

6 years agoUpdate 'docs/unbrick_with_uboot_mod.md'
RISCI_ATOM [Sun, 14 Jan 2018 17:21:27 +0000 (12:21 -0500)]
Update 'docs/unbrick_with_uboot_mod.md'

Fix missing .1

6 years agoFix table
RISCI_ATOM [Thu, 11 Jan 2018 19:47:15 +0000 (14:47 -0500)]
Fix table

6 years agoTesting Image_support.md page...
RISCi_ATOM [Thu, 11 Jan 2018 19:38:44 +0000 (14:38 -0500)]
Testing Image_support.md page...

6 years agoMerge branch 'basic-wifi-settings' of pi31415/libreCMC-cmh into v1.4
RISCI_ATOM [Wed, 10 Jan 2018 19:03:51 +0000 (14:03 -0500)]
Merge branch 'basic-wifi-settings' of pi31415/libreCMC-cmh into v1.4

6 years agoAdds images plus several edits to Basic Wireless Settings doc 32/head
Christopher Howard [Wed, 10 Jan 2018 17:38:00 +0000 (08:38 -0900)]
Adds images plus several edits to Basic Wireless Settings doc

6 years agoFixes typo in Basic Wireless Settings doc
Christopher Howard [Wed, 10 Jan 2018 17:07:04 +0000 (08:07 -0900)]
Fixes typo in Basic Wireless Settings doc

6 years agoAdds core content for Basic Wireless Settings doc
Christopher Howard [Wed, 10 Jan 2018 16:59:29 +0000 (07:59 -0900)]
Adds core content for Basic Wireless Settings doc

6 years agoMerge branch 'bridge-mode-doc' of pi31415/libreCMC-cmh into v1.4
RISCI_ATOM [Fri, 5 Jan 2018 21:36:48 +0000 (16:36 -0500)]
Merge branch 'bridge-mode-doc' of pi31415/libreCMC-cmh into v1.4

6 years agoFixes a small typo in Bridge Mode doc 30/head
Christopher Howard [Fri, 5 Jan 2018 17:22:14 +0000 (08:22 -0900)]
Fixes a small typo in Bridge Mode doc

6 years agoA correction to the last edit in Bridge Mode doc
Christopher Howard [Fri, 5 Jan 2018 17:14:50 +0000 (08:14 -0900)]
A correction to the last edit in Bridge Mode doc

6 years agoMoves a misplaced image in Bridge Mode doc
Christopher Howard [Fri, 5 Jan 2018 17:12:05 +0000 (08:12 -0900)]
Moves a misplaced image in Bridge Mode doc

6 years agoAdds edits and more material for Bridge Mod doc
Christopher Howard [Fri, 5 Jan 2018 17:08:07 +0000 (08:08 -0900)]
Adds edits and more material for Bridge Mod doc

6 years agoAdds Bridge_Mode doc
Christopher Howard [Fri, 5 Jan 2018 16:39:59 +0000 (07:39 -0900)]
Adds Bridge_Mode doc

6 years agoAdds images for planned bridging mode doc
Christopher Howard [Thu, 4 Jan 2018 18:25:36 +0000 (09:25 -0900)]
Adds images for planned bridging mode doc

6 years agoMerge branch 'v1.4' of pi31415/libreCMC-cmh into v1.4
RISCI_ATOM [Tue, 2 Jan 2018 20:41:51 +0000 (15:41 -0500)]
Merge branch 'v1.4' of pi31415/libreCMC-cmh into v1.4

6 years agoOpenVPN docs: converted to utf-8-unix encoding to remove DOS line endings 28/head
Christopher Howard [Tue, 2 Jan 2018 20:07:57 +0000 (11:07 -0900)]
OpenVPN docs: converted to utf-8-unix encoding to remove DOS line endings

6 years agoOpenVPN docs: tweaks and additional material
Christopher Howard [Tue, 2 Jan 2018 19:57:00 +0000 (10:57 -0900)]
OpenVPN docs: tweaks and additional material

- Adds introductory material and warnings
- Removes references to LEDE project

6 years agoLink fix in TPE-R1100 documentation
Christopher Howard [Mon, 1 Jan 2018 19:13:23 +0000 (10:13 -0900)]
Link fix in TPE-R1100 documentation

6 years agoAdds more material to OpenVPN Layer 2 Server doc
Christopher Howard [Mon, 1 Jan 2018 17:36:41 +0000 (08:36 -0900)]
Adds more material to OpenVPN Layer 2 Server doc

6 years agoAdd README.md to /docs
RISCi_ATOM [Mon, 1 Jan 2018 15:34:16 +0000 (10:34 -0500)]
Add README.md to /docs

6 years agoFix uboot-ar71xx uboot pkg. version v1.4.2
RISCi_ATOM [Mon, 1 Jan 2018 02:50:55 +0000 (21:50 -0500)]
Fix uboot-ar71xx uboot pkg. version

6 years agoBump openvpn and wireguard
RISCi_ATOM [Sun, 31 Dec 2017 16:21:40 +0000 (11:21 -0500)]
Bump openvpn and wireguard

6 years agoAdd basic unbrick inst. for u-boot_mod
RISCi_ATOM [Sun, 31 Dec 2017 16:03:56 +0000 (11:03 -0500)]
Add basic unbrick inst. for u-boot_mod

6 years agoRevert package feed back to v1.4
RISCi_ATOM [Sun, 31 Dec 2017 03:33:15 +0000 (22:33 -0500)]
Revert package feed back to v1.4

6 years agoupdate kmod-sched-cake and iproute2
RISCi_ATOM [Sat, 30 Dec 2017 17:43:36 +0000 (12:43 -0500)]
update kmod-sched-cake and iproute2

6 years agoMerge branch 'v1.4' of https://gogs.librecmc.org/libreCMC/libreCMC into v1.4
RISCi_ATOM [Sat, 30 Dec 2017 17:30:29 +0000 (12:30 -0500)]
Merge branch 'v1.4' of https://gogs.librecmc.org/libreCMC/libreCMC into v1.4

6 years agoBump kernel to 4.4.108
RISCi_ATOM [Sat, 30 Dec 2017 17:30:14 +0000 (12:30 -0500)]
Bump kernel to 4.4.108

6 years agoMerge branch 'v1.4' of pi31415/libreCMC-cmh into v1.4
libreCMC [Fri, 29 Dec 2017 19:16:10 +0000 (14:16 -0500)]
Merge branch 'v1.4' of pi31415/libreCMC-cmh into v1.4

6 years agoSeed commit of OpenVPN Layer 2 Server documention 27/head
Christopher Howard [Fri, 29 Dec 2017 19:04:57 +0000 (10:04 -0900)]
Seed commit of OpenVPN Layer 2 Server documention

6 years agoTesting markdown
RISCi_ATOM [Fri, 29 Dec 2017 18:53:17 +0000 (13:53 -0500)]
Testing markdown

6 years agoTesting markdown
RISCi_ATOM [Fri, 29 Dec 2017 18:51:40 +0000 (13:51 -0500)]
Testing markdown

6 years agoTesting markdown
RISCi_ATOM [Fri, 29 Dec 2017 18:50:32 +0000 (13:50 -0500)]
Testing markdown

6 years agoTesting markdown
RISCi_ATOM [Fri, 29 Dec 2017 18:49:07 +0000 (13:49 -0500)]
Testing markdown

6 years agoTesting markdown
RISCi_ATOM [Fri, 29 Dec 2017 18:48:11 +0000 (13:48 -0500)]
Testing markdown

6 years agoFix LINUX_KERNEL_HASH to reflect version bump
RISCi_ATOM [Thu, 28 Dec 2017 18:46:38 +0000 (13:46 -0500)]
Fix LINUX_KERNEL_HASH to reflect version bump

6 years agoBump kernel to 4.4.107
RISCi_ATOM [Wed, 27 Dec 2017 19:23:22 +0000 (14:23 -0500)]
Bump kernel to 4.4.107

6 years agoFixes GL AR150 (breaks GL USB150) Fix later...
RISCi_ATOM [Wed, 20 Dec 2017 23:17:21 +0000 (18:17 -0500)]
Fixes GL AR150 (breaks GL USB150) Fix later...

6 years agoBump openssl to 1.0.2n
RISCi_ATOM [Tue, 19 Dec 2017 22:51:39 +0000 (17:51 -0500)]
Bump openssl to 1.0.2n

6 years agoAdd ath9k_htc firmware
RISCi_ATOM [Thu, 14 Dec 2017 22:43:08 +0000 (17:43 -0500)]
Add ath9k_htc firmware

6 years agoRemove linux-libre-firmware until rework
RISCi_ATOM [Wed, 13 Dec 2017 19:55:15 +0000 (14:55 -0500)]
Remove linux-libre-firmware until rework

6 years agoAdd ath9k_htc and carl9170fw firmware to librecmc (does not build on some distros)
RISCi_ATOM [Wed, 13 Dec 2017 17:43:08 +0000 (12:43 -0500)]
Add ath9k_htc and carl9170fw firmware to librecmc (does not build on some distros)

6 years agoUpdate 'docs/Ben_Nanonote.md'
RISCI_ATOM [Tue, 12 Dec 2017 18:30:55 +0000 (13:30 -0500)]
Update 'docs/Ben_Nanonote.md'

Start cleaning up Ben Nanonote page.

6 years agoAdd back cve2017-16544 busybox patch from master
RISCi_ATOM [Tue, 12 Dec 2017 17:09:01 +0000 (12:09 -0500)]
Add back cve2017-16544 busybox patch from master

6 years agoAdd cjdns, sqm-scripts and adblock to core
RISCi_ATOM [Tue, 12 Dec 2017 17:01:05 +0000 (12:01 -0500)]
Add cjdns, sqm-scripts and adblock to core

6 years agoFix uboot-envtools and mkimage
RISCi_ATOM [Tue, 12 Dec 2017 02:09:53 +0000 (21:09 -0500)]
Fix uboot-envtools and mkimage

6 years agoopkg: bump to version 2017-12-08
Rafał Miłecki [Fri, 8 Dec 2017 12:57:46 +0000 (13:57 +0100)]
opkg: bump to version 2017-12-08

This updates package to the latest commit from the lede-17.01 branch. It
contains few fixes backported from the master:
1) SHA256 fix
2) URL encoding which allows hosting packages on some more picky servers

Changes:
9f61f7a opkg_download: decode file:/ URLs
3c46c88 file_util: implement urldecode_path()
79908c2 file_util: consolidate hex/unhex routines
793fbac opkg: encode archive filenames while constructing download URLs
a6bb5cb file_util: implement urlencode_path() helper
098e774 libopkg: fix SHA256 calculation for big endian system

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agohostapd: backport fix for wnm_sleep_mode=0
Timo Sigurdsson [Tue, 14 Nov 2017 20:41:30 +0000 (21:41 +0100)]
hostapd: backport fix for wnm_sleep_mode=0

wpa_disable_eapol_key_retries can't prevent attacks against the Wireless
Network Management (WNM) Sleep Mode handshake. Currently, hostapd
processes WNM Sleep Mode requests from clients regardless of the setting
wnm_sleep_mode. Backport Jouni Malinen's upstream patch 114f2830 in
order to ignore such requests by clients when wnm_sleep_mode is disabled
(which is the default).

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
[rewrite commit subject (<= 50 characters), bump PKG_RELEASE]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit bd45e15d0afe64dfed5a02a50a634f7947b50144
 fixed PKG_RELEASE and renumbered patch)

Conflicts:
package/network/services/hostapd/Makefile

6 years agohostapd: Expose the tdls_prohibit option to UCI
Timo Sigurdsson [Tue, 14 Nov 2017 20:41:29 +0000 (21:41 +0100)]
hostapd: Expose the tdls_prohibit option to UCI

wpa_disable_eapol_key_retries can't prevent attacks against the
Tunneled Direct-Link Setup (TDLS) handshake. Jouni Malinen suggested
that the existing hostapd option tdls_prohibit can be used to further
complicate this possibility at the AP side. tdls_prohibit=1 makes
hostapd advertise that use of TDLS is not allowed in the BSS.

Note: If an attacker manages to lure both TDLS peers into a fake
AP, hiding the tdls_prohibit advertisement from them, it might be
possible to bypass this protection.

Make this option configurable via UCI, but disabled by default.

Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
(cherry picked from commit 6515887ed9b3f312635409702113dca7c14043e5)

6 years agodnsmasq: backport infinite dns retries fix
Hans Dedecker [Wed, 6 Dec 2017 13:22:59 +0000 (14:22 +0100)]
dnsmasq: backport infinite dns retries fix

If all configured dns servers return refused in response to a query in
strict mode; dnsmasq will end up in an infinite loop retransmitting the
dns query resulting into high CPU load.
Problem is fixed by checking for the end of a dns server list iteration
in strict mode.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agocurl: apply CVE 2017-8816 and 2017-8817 security patches
Stijn Segers [Sun, 3 Dec 2017 11:09:20 +0000 (12:09 +0100)]
curl: apply CVE 2017-8816 and 2017-8817 security patches

This commit adds the upstream patches for CVE 2017-8816 and 2017-8817 to the 17.01
Curl package.

Compile-tested on ar71xx, ramips and x86.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
6 years agosamba36: backport an upstream fix for an information leak (CVE-2017-15275)
Felix Fietkau [Mon, 4 Dec 2017 08:56:32 +0000 (09:56 +0100)]
samba36: backport an upstream fix for an information leak (CVE-2017-15275)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agoAdd patch from domino-team to add support for later rev. gl-ar300M (spi nand flash)
RISCi_ATOM [Wed, 6 Dec 2017 15:48:43 +0000 (10:48 -0500)]
Add patch from domino-team to add support for later rev. gl-ar300M (spi nand flash)