This backports a commit which fixes a use after free bug in awk.
CVE-2022-30065 description:
A use-after-free in Busybox 1.35-x's awk applet leads to denial of
service and possibly code execution when processing a crafted awk
pattern in the copyvar function.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This backports a commit from upstream dnsmasq to fix CVE-2022-0934.
CVE-2022-0934 description:
A single-byte, non-arbitrary write/use-after-free flaw was found in
dnsmasq. This flaw allows an attacker who sends a crafted packet
processed by dnsmasq, potentially causing a denial of service.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
*) Fixed a regression introduced in 1.1.1r version not refreshing the
certificate data to be signed before signing the certificate.
[Gibeom Gwon]
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
*) Fixed the linux-mips64 Configure target which was missing the
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
platform.
[Adam Joseph]
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
causing incorrect results in some cases as a result.
[Paul Dale]
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
report correct results in some cases
[Matt Caswell]
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
different key sizes
[Todd Short]
*) Added the loongarch64 target
[Shi Pujin]
*) Fixed a DRBG seed propagation thread safety issue
[Bernd Edlinger]
*) Fixed a memory leak in tls13_generate_secret
[Bernd Edlinger]
*) Fixed reported performance degradation on aarch64. Restored the
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
The new algorithm is still used for 32 bit targets.
[Bernd Edlinger]
*) Added a missing header for memcmp that caused compilation failure on some
platforms
[Gregor Jasny]
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
Similar to the implementation for the BPi-R3 use the same logic also
for determining the device to look for the U-Boot environment of the
BPi-R64.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
CONFIG_MAC80211_MESH isn't defined for this package, rendering the patch
useless. Match protecting the access of sta_info.mesh with the very same
define declaring it.
Fixes 45109f69a6 "mac80211: fix compile error when mesh is disabled"
Signed-off-by: Andre Heider <a.heider@gmail.com>
Fix accessing the environment in case no OS is installed on the flash
media selected for boot as this is possible when booting initramfs.
In case of relying on the device specified to be mounted as rootfs to
be present, rather just use the kernel cmdline 'root' variable as a
hint to decide where to read/write the U-Boot environment.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Remove patches adding support for MT7621 which have been merged upsteam.
Patches for MT7981 and MT7986 have been merged too, but not in time to
be included in the 2022.10 release, so we have to keep carrying them
until the 2023.01 release.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This fixes following compile error seen when
building mac80211 with mesh disabled:
.../backports-5.15.58-1/net/mac80211/agg-rx.c: In function 'ieee80211_send_addba_resp':
...backports-5.15.58-1/net/mac80211/agg-rx.c:255:17: error: 'struct sta_info' has no member named 'mesh'
255 | if (!sta->mesh)
| ^~
sta_info.h shows this item as being optional based on flags:
struct mesh_sta *mesh;
Guard the check to fix this.
Fixes: f96744ba6b ("mac80211: mask nested A-MSDU support for mesh")
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
mac80211 incorrectly processes A-MSDUs contained in A-MPDU frames. This
results in dropped packets and severely impacted throughput.
As a workaround, don't indicate support for A-MSDUs contained in
A-MPDUs. This improves throughput over mesh links by factor 10.
Signed-off-by: David Bauer <mail@david-bauer.net>
When installing additional rpcd modules, a restart of rpcd is required.
This often confuses users as even after installing rpcd-mod-rpcsys the
relevant ubus objects are still missing until rpcd has been reloaded
(or the system has been rebooted, obviously).
Let rpcd-mod-* reload rpcd as post-install action.
Fixes: #10220
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
