Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs. (CVE-2023-5363)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The option 31 in the RA specifies the DNS search list, the support
to configure this via UCI is missing in case dnsmasq-dhcpv6 is used.
This commit uses the uci option domain (same as is done by odhcpd) to
read and pass the DNS search list to dnsmasq, which is then used by RA.
Hence, with this commit, we are able to configure DNS search list for the
RA messages via the uci config when dnsmsaq-dhcpv6 is used.
Signed-off-by: Rahul Thakur <rahul.thakur@iopsys.eu>
Fixed the problem that even if br-netfilter is disabled in package/kernel/linux/files/sysctl-br-netfilter.conf, NAT loopback will still fail. This applies to OpenWrt with Docker
Changes between 3.0.10 and 3.0.11 [19 Sep 2023]
* Fix POLY1305 MAC implementation corrupting XMM registers on Windows. ([CVE-2023-4807])
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
General support for 9P is desirable on platforms without virtualization.
This decouples the 9P general networking support for use on more platforms.
Signed-off-by: Daniel Maslowski <info@orangecms.org>
This updates the Intel iwlwifi firmware for AX200 and AX210 from version
66 to version 72. Version 72 is the latest version supported by iwlwifi
from kernel 6.1.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Major changes between OpenSSL 1.1.1u and OpenSSL 1.1.1v [1 Aug 2023]
o Fix excessive time spent checking DH q parameter value (CVE-2023-3817)
o Fix DH_check() excessive time with over sized modulus (CVE-2023-3446)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This patch will only force mac80211 loss detection upon ath10k by
masking the driver-specific loss-detection bit.
Ref: commit ed816f6ba8b5 ("mac80211: always use mac80211 loss detection")
Signed-off-by: David Bauer <mail@david-bauer.net>
