modules: bump OpenWrt packages
a2673dc53 fastd: fix buffer leak when receiving invalid packets 51bf00834 logrotate: update to version 3.17.0 8715cef64 logrotate: update to 3.16.0 acb77d5be python3: Update to 3.7.9, refresh/remove backported patches 4af889f20 travelmate: bugfix single radio mode cb3bab180 netdata: update to version 1.26.0 70bb0b4c8 bind: update to version 9.16.7 d05698fae freeradius3: move "release_" from PKG_VERSION 93360e625 freeradius3: add meta-package for default modules 2f7338b62 python-urllib3: update to version 1.25.10 (security fix) 50a67ed74 nextdns: Update to version 1.8.6 b48575ef4 chrony: update to 3.5.1 35e6986a0 nextdns: mark /etc/config/nextdns as configuration file 418e3b294 simple-adblock: config update file fix 9ac587ca8 libuv: update to 1.40.0 613d21085 nano: update to 5.3 992746571 btrfs-progs: update to version 5.7 cedba1ca2 btrfs-progs: update to version 5.6 25b2751f8 python-pytz: update to 2019.03 f3b424139 adblock: refresh blocklist sources ec628b10d syslog-ng: bump version in config file d0a74afad syslog-ng: tweak shell code of network_localhost little bit f705a5a93 python-sentry-sdk: Update to version 0.12.3 2976a5a0e haproxy: Update HAProxy to v2.0.18 eec7bd646 tor: update to version 0.4.4.5 91af4cf72 mariadb: Update to the latest version from 10.2 branch 9461ae47a Werkzeug: Update to version 0.16.0 f9d9ae8c8 Flask: update to version 1.1.2 4a833e3a8 Flask: Update to version 1.1.1 a4534f160 gstreamer1: enable build options necessary for most applications 8a71cdd6a python-ifaddr: update to version 0.1.7 05ea7dfc6 nextdns: Update to version 1.8.5 9069ad925 ipmitool: fix CVE-2020-5208 826fc8921 nextdns: Update to version 1.8.4 ac7f78285 openconnect: updated to 8.10 to address CVE-2020-12823 3f0e26637 python-zeroconf: update to version 0.28.0 fe7ceaa65 python-zeroconf: update to version 0.24.4 49459505e mwan3: fix typo in mwan3_set_sticky_iptables cae961784 ocserv: include ocserv-worker 2af61c9a4 vpnbypass: README update, code cleanup b00feac4b ocserv: updated to 1.1.1 c614914da miniupnpd: add miniupnpd ipv6_disable option, #11971 close 70e57317b simple-adblock: add config auto-update feature 94866d76a collectd: update to 5.12.0 b60fa2de9 collectd: update PKG_RELEASE aeefbbe34 collectd: remove quotation on interval this is an number b0ad32a3e collectd: move include line fbe7abcd5 collectd: update PKG_RELEASE f53b79ced collectd: fix ubi data source type 67a403bfe collectd: add ubi uci and plugin info 37335cf65 collectd: enable ubi plugin
This commit is contained in:
parent
88ec9cbedf
commit
65e5aeed2c
2
modules
2
modules
@ -6,7 +6,7 @@ OPENWRT_COMMIT=29b4104d69bf91db17764dd885e9e111a373f08c
|
|||||||
|
|
||||||
PACKAGES_PACKAGES_REPO=https://github.com/openwrt/packages.git
|
PACKAGES_PACKAGES_REPO=https://github.com/openwrt/packages.git
|
||||||
PACKAGES_PACKAGES_BRANCH=openwrt-19.07
|
PACKAGES_PACKAGES_BRANCH=openwrt-19.07
|
||||||
PACKAGES_PACKAGES_COMMIT=03425a0d2f5967639d15a3ef1f0407859768917d
|
PACKAGES_PACKAGES_COMMIT=a2673dc53c4689798c1d70d7342cb3efadb0af74
|
||||||
|
|
||||||
PACKAGES_ROUTING_REPO=https://github.com/openwrt-routing/packages.git
|
PACKAGES_ROUTING_REPO=https://github.com/openwrt-routing/packages.git
|
||||||
PACKAGES_ROUTING_BRANCH=openwrt-19.07
|
PACKAGES_ROUTING_BRANCH=openwrt-19.07
|
||||||
|
@ -27,7 +27,7 @@ index 3350eb3099a26c870d70373c0712a8b59881ee5c..e6440075e561093c86543943cb982d01
|
|||||||
config FASTD_ENABLE_CIPHER_NULL
|
config FASTD_ENABLE_CIPHER_NULL
|
||||||
bool "Enable the null cipher"
|
bool "Enable the null cipher"
|
||||||
diff --git a/net/fastd/Makefile b/net/fastd/Makefile
|
diff --git a/net/fastd/Makefile b/net/fastd/Makefile
|
||||||
index 44b37b6ca300ba43f15d7a116fb654ccd0a69e99..8eabc34db6f3b906ddb1b5df5c232309e85d2ffb 100644
|
index f4890b56931a75849229d25fe78720e19d493383..8eabc34db6f3b906ddb1b5df5c232309e85d2ffb 100644
|
||||||
--- a/net/fastd/Makefile
|
--- a/net/fastd/Makefile
|
||||||
+++ b/net/fastd/Makefile
|
+++ b/net/fastd/Makefile
|
||||||
@@ -8,13 +8,13 @@
|
@@ -8,13 +8,13 @@
|
||||||
@ -35,7 +35,7 @@ index 44b37b6ca300ba43f15d7a116fb654ccd0a69e99..8eabc34db6f3b906ddb1b5df5c232309
|
|||||||
|
|
||||||
PKG_NAME:=fastd
|
PKG_NAME:=fastd
|
||||||
-PKG_VERSION:=18
|
-PKG_VERSION:=18
|
||||||
-PKG_RELEASE:=4
|
-PKG_RELEASE:=5
|
||||||
+PKG_VERSION:=19
|
+PKG_VERSION:=19
|
||||||
+PKG_RELEASE:=1
|
+PKG_RELEASE:=1
|
||||||
|
|
||||||
@ -163,3 +163,51 @@ index b576a987369e93f3cd14fbc83f3c4bffe5cc97d1..00000000000000000000000000000000
|
|||||||
---
|
---
|
||||||
-2.23.0
|
-2.23.0
|
||||||
-
|
-
|
||||||
|
diff --git a/net/fastd/patches/0003-receive-fix-buffer-leak-when-receiving-invalid-packe.patch b/net/fastd/patches/0003-receive-fix-buffer-leak-when-receiving-invalid-packe.patch
|
||||||
|
deleted file mode 100644
|
||||||
|
index b67a85c4e4f8ca1ef72d3216afa1ad4e9370cd02..0000000000000000000000000000000000000000
|
||||||
|
--- a/net/fastd/patches/0003-receive-fix-buffer-leak-when-receiving-invalid-packe.patch
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,42 +0,0 @@
|
||||||
|
-From f6a2651fa91c472d04cb34264718f761669c8aa1 Mon Sep 17 00:00:00 2001
|
||||||
|
-Message-Id: <f6a2651fa91c472d04cb34264718f761669c8aa1.1603136280.git.mschiffer@universe-factory.net>
|
||||||
|
-From: Matthias Schiffer <mschiffer@universe-factory.net>
|
||||||
|
-Date: Mon, 19 Oct 2020 21:08:16 +0200
|
||||||
|
-Subject: [PATCH] receive: fix buffer leak when receiving invalid packets
|
||||||
|
-
|
||||||
|
-For fastd versions before v20, this was just a memory leak (which could
|
||||||
|
-still be used for DoS, as it's remotely triggerable). With the new
|
||||||
|
-buffer management of fastd v20, this will trigger an assertion failure
|
||||||
|
-instead as soon as the buffer pool is empty.
|
||||||
|
-
|
||||||
|
-(cherry picked from commit 737925113363b6130879729cdff9ccc46c33eaea)
|
||||||
|
----
|
||||||
|
- src/receive.c | 10 ++++++++++
|
||||||
|
- 1 file changed, 10 insertions(+)
|
||||||
|
-
|
||||||
|
---- a/src/receive.c
|
||||||
|
-+++ b/src/receive.c
|
||||||
|
-@@ -186,6 +186,11 @@ static inline void handle_socket_receive
|
||||||
|
-
|
||||||
|
- case PACKET_HANDSHAKE:
|
||||||
|
- fastd_handshake_handle(sock, local_addr, remote_addr, peer, buffer);
|
||||||
|
-+ break;
|
||||||
|
-+
|
||||||
|
-+ default:
|
||||||
|
-+ fastd_buffer_free(buffer);
|
||||||
|
-+ pr_debug("received packet with invalid type from %P[%I]", peer, remote_addr);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
-@@ -211,6 +216,11 @@ static inline void handle_socket_receive
|
||||||
|
-
|
||||||
|
- case PACKET_HANDSHAKE:
|
||||||
|
- fastd_handshake_handle(sock, local_addr, remote_addr, NULL, buffer);
|
||||||
|
-+ break;
|
||||||
|
-+
|
||||||
|
-+ default:
|
||||||
|
-+ fastd_buffer_free(buffer);
|
||||||
|
-+ pr_debug("received packet with invalid type from unknown address %I", remote_addr);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
Loading…
Reference in New Issue
Block a user