1. 03 Oct, 2017 2 commits
  2. 02 Oct, 2017 3 commits
  3. 01 Oct, 2017 2 commits
    • Hauke Mehrtens's avatar
      base-files: create /etc/config/ directory · b8357e87
      Hauke Mehrtens authored
      
      
      The /bin/config_generate script and some other scripts are assuming the
      /etc/config directory exists in the image. This is true in case for
      example the package firewall, dropbear or dnsmasq are included, which
      are adding the files under /etc/config/. Without any of these package
      the system will not boot up fully because the /etc/config/ directory is
      missing and some init scripts just fail.
      
      Make sure all images with the base-files contain a /etc/config/
      directory.
      Signed-off-by: default avatarHauke Mehrtens <hauke@hauke-m.de>
      Acked-by: default avatarJohn Crispin <john@phrozen.org>
      b8357e87
    • Matthias Schiffer's avatar
      sunxi: clean up modules definitions · 3350137b
      Matthias Schiffer authored
      
      
      Module definitions for kmod-wdt-sunxi and kmod-eeprom-sunxi are removed
      (wdt-sunxi was builtin anyways; nvmem-sunxi, which is the new name of
      eeprom-sunxi is changed to builtin). As kmod-eeprom-sunxi was specified
      in DEFAULT_PACKAGES, but not available on kernel 4.4, it was breaking the
      image builder.
      
      Support for kmod-sunxi-ir is added for kernel 4.4 (it is unclear why it
      was disable before, it builds fine with with kernel 4.4).
      
      Condtionals only relevant for pre-4.4 kernels are removed from modules.mk,
      as sunxi does't support older kernels anymore.
      
      Fixes FS#755.
      Signed-off-by: default avatarMatthias Schiffer <mschiffer@universe-factory.net>
      3350137b
  4. 30 Sep, 2017 5 commits
  5. 28 Sep, 2017 2 commits
  6. 25 Sep, 2017 1 commit
  7. 20 Sep, 2017 1 commit
  8. 18 Sep, 2017 4 commits
    • Stijn Tintel's avatar
      tcpdump: noop commit to refer CVEs fixed in 4.9.2 · 12a0da63
      Stijn Tintel authored
      When bumping tcpdump from 4.9.1 to 4.9.2, I did not include the fixed
      CVEs in the commit message. As the list of fixed CVEs is quite long,
      we should probably mention them in the changelogs of the releases to
      come. This commit will make sure this happens.
      
      The following CVEs were fixed in 21014d97
      
      :
      
      CVE-2017-11541
      CVE-2017-11541
      CVE-2017-11542
      CVE-2017-11542
      CVE-2017-11543
      CVE-2017-11543
      CVE-2017-12893
      CVE-2017-12894
      CVE-2017-12895
      CVE-2017-12896
      CVE-2017-12897
      CVE-2017-12898
      CVE-2017-12899
      CVE-2017-12900
      CVE-2017-12901
      CVE-2017-12902
      CVE-2017-12985
      CVE-2017-12986
      CVE-2017-12987
      CVE-2017-12988
      CVE-2017-12989
      CVE-2017-12990
      CVE-2017-12991
      CVE-2017-12992
      CVE-2017-12993
      CVE-2017-12994
      CVE-2017-12995
      CVE-2017-12996
      CVE-2017-12997
      CVE-2017-12998
      CVE-2017-12999
      CVE-2017-13000
      CVE-2017-13001
      CVE-2017-13002
      CVE-2017-13003
      CVE-2017-13004
      CVE-2017-13005
      CVE-2017-13006
      CVE-2017-13007
      CVE-2017-13008
      CVE-2017-13009
      CVE-2017-13010
      CVE-2017-13011
      CVE-2017-13012
      CVE-2017-13013
      CVE-2017-13014
      CVE-2017-13015
      CVE-2017-13016
      CVE-2017-13017
      CVE-2017-13018
      CVE-2017-13019
      CVE-2017-13020
      CVE-2017-13021
      CVE-2017-13022
      CVE-2017-13023
      CVE-2017-13024
      CVE-2017-13025
      CVE-2017-13026
      CVE-2017-13027
      CVE-2017-13028
      CVE-2017-13029
      CVE-2017-13030
      CVE-2017-13031
      CVE-2017-13032
      CVE-2017-13033
      CVE-2017-13034
      CVE-2017-13035
      CVE-2017-13036
      CVE-2017-13037
      CVE-2017-13038
      CVE-2017-13039
      CVE-2017-13040
      CVE-2017-13041
      CVE-2017-13042
      CVE-2017-13043
      CVE-2017-13044
      CVE-2017-13045
      CVE-2017-13046
      CVE-2017-13047
      CVE-2017-13048
      CVE-2017-13049
      CVE-2017-13050
      CVE-2017-13051
      CVE-2017-13052
      CVE-2017-13053
      CVE-2017-13054
      CVE-2017-13055
      CVE-2017-13687
      CVE-2017-13688
      CVE-2017-13689
      CVE-2017-13690
      CVE-2017-13725
      Signed-off-by: default avatarStijn Tintel <stijn@linux-ipv6.be>
      (cherry picked from commit 2375e279)
      12a0da63
    • Stijn Tintel's avatar
      tcpdump: bump to 4.9.2 · f66c6e1d
      Stijn Tintel authored
      
      Signed-off-by: default avatarStijn Tintel <stijn@linux-ipv6.be>
      (cherry picked from commit 21014d97)
      f66c6e1d
    • Daniel Engberg's avatar
      utils/tcpdump: Rework URLs · a131f7cb
      Daniel Engberg authored
      Add actual mirror and use main site as last resport
      Source: http://www.tcpdump.org/mirrors.html
      
      Signed-off-by: default avatarDaniel Engberg <daniel.engberg.lists@pyret.net>
      (cherry picked from commit fd95397e
      
      )
      Signed-off-by: default avatarStijn Tintel <stijn@linux-ipv6.be>
      
      Conflicts:
      	package/network/utils/tcpdump/Makefile
      a131f7cb
    • Hans Dedecker's avatar
      base-files: fix wan6 interface config generation for pppoe · 7f1359c1
      Hans Dedecker authored
      
      
      Setting ipv6 to auto in case of a pppoe interface will trigger the
      creation of a dynamic wan_6 interface meaning two IPv6 interfaces
      (wan6 and wan_6) will be active on top of the pppoe interface.
      This leads to unpredictable behavior in the network; therefore set
      ipv6 to 1 which will prevent the dynamic creation of the wan_6
      interface.
      Further alias the wan6 interface on top of the wan interface for pppoe
      as the wan6 interface can only be started when the link local address is
      ready. In case of pppoe the link local address is negotiated during the
      Internet Protocol Control Protocol when the PPP link is setup meaning
      all the IP address info is only available when the wan interface is up.
      Signed-off-by: default avatarHans Dedecker <dedeckeh@gmail.com>
      7f1359c1
  9. 14 Sep, 2017 1 commit
  10. 13 Sep, 2017 2 commits
  11. 11 Sep, 2017 1 commit
  12. 10 Sep, 2017 1 commit
  13. 08 Sep, 2017 2 commits
  14. 07 Sep, 2017 1 commit
  15. 06 Sep, 2017 1 commit
  16. 04 Sep, 2017 2 commits
  17. 03 Sep, 2017 4 commits
  18. 30 Aug, 2017 1 commit
    • Kevin Darbyshire-Bryant's avatar
      dnsmasq: forward.c: fix CVE-2017-13704 · a006b48c
      Kevin Darbyshire-Bryant authored
      
      
      Fix SIGSEGV in rfc1035.c answer_request() line 1228 where memset()
      is called with header & limit pointing at the same address and thus
      tries to clear memory from before the buffer begins.
      
      answer_request() is called with an invalid edns packet size provided by
      the client.  Ensure the udp_size provided by the client is bounded by
      512 and configured maximum as per RFC 6891 6.2.3 "Values lower than 512
      MUST be treated as equal to 512"
      
      The client that exposed the problem provided a payload udp size of 0.
      Signed-off-by: default avatarKevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
      Acked-by: default avatarHans Dedecker <dedeckeh@gmail.com>
      a006b48c
  19. 21 Aug, 2017 2 commits
  20. 17 Aug, 2017 2 commits