This fixes the following security problems in dnsmasq:
* CVE-2020-25681:
Dnsmasq versions before 2.83 is susceptible to a heap-based buffer
overflow in sort_rrset() when DNSSEC is used. This can allow a remote
attacker to write arbitrary data into target device's memory that can
lead to memory corruption and other unexpected behaviors on the target
device.
* CVE-2020-25682:
Dnsmasq versions before 2.83 is susceptible to buffer overflow in
extract_name() function due to missing length check, when DNSSEC is
enabled. This can allow a remote attacker to cause memory corruption
on the target device.
* CVE-2020-25683:
Dnsmasq version before 2.83 is susceptible to a heap-based buffer
overflow when DNSSEC is enabled. A remote attacker, who can create
valid DNS replies, could use this flaw to cause an overflow in a heap-
allocated memory. This flaw is caused by the lack of length checks in
rtc1035.c:extract_name(), which could be abused to make the code
execute memcpy() with a negative size in get_rdata() and cause a crash
in Dnsmasq, resulting in a Denial of Service.
* CVE-2020-25684:
A lack of proper address/port check implemented in Dnsmasq version <
2.83 reply_query function makes forging replies easier to an off-path
attacker.
* CVE-2020-25685:
A lack of query resource name (RRNAME) checks implemented in Dnsmasq's
versions before 2.83 reply_query function allows remote attackers to
spoof DNS traffic that can lead to DNS cache poisoning.
* CVE-2020-25686:
Multiple DNS query requests for the same resource name (RRNAME) by
Dnsmasq versions before 2.83 allows for remote attackers to spoof DNS
traffic, using a birthday attack (RFC 5452), that can lead to DNS
cache poisoning.
* CVE-2020-25687:
Dnsmasq versions before 2.83 is vulnerable to a heap-based buffer
overflow with large memcpy in sort_rrset() when DNSSEC is enabled. A
remote attacker, who can create valid DNS replies, could use this flaw
to cause an overflow in a heap-allocated memory. This flaw is caused
by the lack of length checks in rtc1035.c:extract_name(), which could
be abused to make the code execute memcpy() with a negative size in
sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of
Service.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
* mt7615: try wext and cfg80211
* iwinfo: support ra frequency offset
* iwinfo: ra support assolist, support AC bandwidth, read device id from mtd
* mt7615: clean code
* k2p: wireless interface should not add to bridge, wifi system will handle this
* mt7615: adapt for modern luci
* mt7615: fix Makefile, conflicts with luci-app-mtwifi
* mt_wifi: conflicts with mt7615d
* iwinfo: fix ra probe, scan list
* iwinfo: fix ra scan list
* mt7615: speed up wifi reload
* mt7615: fix bug
* mt7615: fix isolate
* mt7615: clean code
* mt7615: fix CE without cfg80211
* mt7615: split dbdc variant
* mt7615: revert config for non dbdc variant devices
* mt7615: move maccalc dependency to dbdc variant
* mt7615: append author info
* mt7615: move config generation to uci-defaults
[mac80211]
5b29614 mac80211: another fix for the sta connection monitor
1ed6eb1 mac80211: backport sched_set_fifo_low
cba4120 mac80211: add support for specifying a per-device scan list
e0d482f rt2x00: mt7620: differentiate based on SoC's CHIP_VER
[package]
amd64-microcode/intel-microcode/linux-firmware: update version
[mac80211]
ca5ee6e mac80211: Fix potential endless loop
2c14710 mac80211: add more AQL fixes/improvements
91fb3ce mac80211: remove an obsolete patch that is no longer doing anything useful
acf1733 mac80211: add preliminary support for enabling 802.11ax in config
d717343 mac80211: update encap offload patches to the latest version
673062f mac80211: allow bigger A-MSDU sizes in VHT, even if HT is limited
caf7277 mac80211: do not allow bigger VHT MPDUs than the hardware supports
cd36c0d mac80211: select the first available channel for 5GHz interfaces
1c6d456 mac80211: fix regression in station connection monitor optimization
4bd7689 mac80211: update sta connection monitor regression fix
[target]
Sync: at91, ath25, ath79, lantiq, mediatek, mvebu.
kernel: bump to 4.14.193, 4.19.138, 5.4.59 (#5350)
431fb8c mac80211: add AQL improvements
6bdd4c9 mac80211: add missing backports for building with 4.14 kernels
0106820 mac80211: add missing return code checks in AQL improvements
e7f7101 mac80211: rework encapsulation offload support
[package]
base-files: add function for generating random MAC
dnsmasq: abort dhcp_check on interface state
boot: sync upstream source code
ath10k-ct-firmware/mt76/sch_cake: update to latest git HEAD
[script]
download: add China Mirror Station
[target]
Sync: arc770, ath79, bcm63xx, kirkwood, lantiq, layerscape,
mediatek, mvebu, octeon, oxnas, pistachio, uml
Sync most of the target patches.
Run-compiled-on: ipq40xx (4.19 & 5.4), ramips
* mac80211: bump to 5.8-rc2
changelog:
dfe0bc8 mac80211: allow ACS restriction with fixed channel
727685c mac80211: rt2x00: define RF5592 in init_eeprom routine
cfd2f3b mac80211: create channel list for fixed channel operation
d1100c7 mac80211: Update to version 5.7.5-1
ed2015c mac80211: Update to version 5.8-rc2-1
a956c14 mac80211: util: don't warn on missing sband iftype data
8b3e170 hostapd: fix incorrect service name
68bf5a9 mac80211: don't kill wireless daemon on teardown
25e0ae6 mac80211: make cfg80211 testmode support optional (and disabled by default)
b7727a8 mac80211: fix AQL issues
3d731fc mac80211: merge performance improvement patches
* mt76: update to 2020-07-22
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: allow VHT on 2.4GHz
Allow VHT rate on 2.4GHz in order to use 256-QAM
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* ath10k: allow VHT on 2.4GHz
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* hostapd: add vendor_vht option
hostapd has vendor_vht option to enable VHT (256-QAM) on 2.4GHz
Add this option to hostapd.sh so users can enable it via uci
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* ipq807x: Refresh kernel configuration
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ipq807x: Add WCSS bus
This is needed to build ath11k.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: Add ath11k
This adds the Qualcomm 802.11ax wireless chipset support.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Co-authored-by: Felix Fietkau <nbd@nbd.name>
Co-authored-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
Set new option 'reconf' in 'wifi-device' section to enable dynamic re-configuration on that radio. Also fix wifi relay and 'netifd: radio1 (9654): Command failed'.
