Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View

Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

f8c364b72042...
Rafał Miłecki
mac80211: brcmfmac: backport use-after-free fix from 4.11
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
f712db9df632...
Hauke Mehrtens
kernel: bump kernel 4.4 to version 4.4.153
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  • gemini/wiligear: Checking out Git branch failed -  stdio
  • ramips/mt7620: Checking out Git branch failed -  stdio
  • x86/geode: Building packages failed -  stdio
f3865bd4efa8...
Hauke Mehrtens
kernel: bump kernel 4.4 to version 4.4.148
The following patch was integrated upstream:
* target/linux/generic/patches-4.4/005-ext4-fix-check-to-prevent-initializing-reserved-inod.patch

This fixes tries to work around the following security problems:
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
e3bc2e488d03...
Rafał Miłecki
mac80211: brcmfmac: backport important changes from the 4.13
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
d3e325dfeffd...
Rosen Penev
bzip2: Fix CVE-2016-3189
Issue causes a crash with specially crafted bzip2 files.

More info: https://nvd.nist.gov/vuln/detail/CVE-2016-3189

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f9469efbfa7ce892651f9a6da713eacbef66f177)
  • gemini/wiligear: Checking out Git branch failed -  stdio
  • ramips/mt7620: Checking out Git branch failed -  stdio
  • x86/geode: Building packages failed -  stdio
d3b8b5be3455...
Hauke Mehrtens
openssl: update to version 1.0.2p
This fixes the following security problems:
* CVE-2018-0732: Client DoS due to large DH parameter
* CVE-2018-0737: Cache timing vulnerability in RSA Key Generation

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
d35a7bf4b462...
Ansuel Smith
e2fsprogs: bump to 1.44.0
Fix compilation error

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit a9c00578b5c55357117db9dbbbd4e5652b9b4648)
bb7c4cff2086...
Hans Dedecker
dropbear: backport upstream fix for CVE-2018-15599
CVE description :
The recv_msg_userauth_request function in svr-auth.c in Dropbear through
2018.76 is prone to a user enumeration vulnerability because username
validity affects how fields in SSH_MSG_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
b3983323a1f2...
John Crispin
wpa_supplicant: fix CVE-2018-14526
Unauthenticated EAPOL-Key decryption in wpa_supplicant

Published: August 8, 2018
Identifiers:
- CVE-2018-14526
Latest version available from: https://w1.fi/security/2018-1/

Vulnerability

A vulnerability was found in how wpa_supplicant processes EAPOL-Key
frames. It is possible for an attacker to modify the frame in a way that
makes wpa_supplicant decrypt the Key Data field without requiring a
valid MIC value in the frame, i.e., without the frame being
authenticated. This has a potential issue in the case where WPA2/RSN
style of EAPOL-Key construction is used with TKIP negotiated as the
pairwise cipher. It should be noted that WPA2 is not supposed to be used
with TKIP as the pairwise cipher. Instead, CCMP is expected to be used
and with that pairwise cipher, this vulnerability is not applicable in
practice.

When TKIP is negotiated as the pairwise cipher, the EAPOL-Key Key Data
field is encrypted using RC4. This vulnerability allows unauthenticated
EAPOL-Key frames to be processed and due to the RC4 design, this makes
it possible for an attacker to modify the plaintext version of the Key
Data field with bitwise XOR operations without knowing the contents.
This can be used to cause a denial of service attack by modifying
GTK/IGTK on the station (without the attacker learning any of the keys)
which would prevent the station from accepting received group-addressed
frames. Furthermore, this might be abused by making wpa_supplicant act
as a decryption oracle to try to recover some of the Key Data payload
(GTK/IGTK) to get knowledge of the group encryption keys.

Full recovery of the group encryption keys requires multiple attempts
(128 connection attempts per octet) and each attempt results in
disconnection due to a failure to complete the 4-way handshake. These
failures can result in the AP/network getting disabled temporarily or
even permanently (requiring user action to re-enable) which may make it
impractical to perform the attack to recover the keys before the AP has
already changes the group keys. By default, wpa_supplicant is enforcing
at minimum a ten second wait time between each failed connection
attempt, i.e., over 20 minutes waiting to recover each octet while
hostapd AP implementation uses 10 minute default for GTK rekeying when
using TKIP. With such timing behavior, practical attack would need large
number of impacted stations to be trying to connect to the same AP to be
able to recover sufficient information from the GTK to be able to
determine the key before it gets changed.

Vulnerable versions/configurations

All wpa_supplicant versions.

Acknowledgments

Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU
Leuven for discovering and reporting this issue.

Possible mitigation steps

- Remove TKIP as an allowed pairwise cipher in RSN/WPA2 networks. This
can be done also on the AP side.

- Merge the following commits to wpa_supplicant and rebuild:

WPA: Ignore unauthenticated encrypted EAPOL-Key data

This patch is available from https://w1.fi/security/2018-1/

- Update to wpa_supplicant v2.7 or newer, once available

Signed-off-by: John Crispin <john@phrozen.org>
a964738a5c88...
Matthias Schiffer
Revert "tools/e2fsprogs: fix building on a glibc 2.27 host"
This reverts commit 58a95f0f8ff768b43d68eed2b6a786e0f40f723b.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
9e864bfccea5...
Rafał Miłecki
mac80211: brcmfmac: fix compilation with SDIO support
This fixes following error when compiling with CONFIG_BRCMFMAC_SDIO=y:
drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c:1100:23: error: 'sdiod' undeclared (first use in this function)
  brcmf_dev_coredump(&sdiod->func1->dev);

Fixes: 9d8940c5b92f ("mac80211: brcmfmac: backport important changes from the 4.18")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
9d8940c5b92f...
Rafał Miłecki
mac80211: brcmfmac: backport important changes from the 4.18
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
9d3825a0279a...
Jo-Philipp Wich
scripts: bundle-libraries: fix logic flaw
Previous refactoring of the script moved the LDSO detection into a
file-not-exists condition, causing onyl the very first executable to
get bundled.

Solve the problem by unconditionally checking for LDSO again.

Fixes: 9030a78a71 ("scripts: bundle-libraries: prevent loading host locales")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5ebcd32997b6d10abcd29c8795a598fdcaf4521d)
  • gemini/wiligear: Checking out Git branch failed -  stdio
  • ramips/mt7620: Checking out Git branch failed -  stdio
  • x86/geode: Building packages failed -  stdio
9c0bab0059f7...
Hauke Mehrtens
kernel: bump kernel 4.4 to version 4.4.150
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
9bc43f3e65bc...
Hauke Mehrtens
curl: fix some security problems
This fixes the following security problems:
* CVE-2017-1000254: FTP PWD response parser out of bounds read
* CVE-2017-1000257: IMAP FETCH response out of bounds read
* CVE-2018-1000005: HTTP/2 trailer out-of-bounds read
* CVE-2018-1000007: HTTP authentication leak in redirects
* CVE-2018-1000120: FTP path trickery leads to NIL byte out of bounds write
* CVE-2018-1000121: LDAP NULL pointer dereference
* CVE-2018-1000122: RTSP RTP buffer over-read
* CVE-2018-1000301: RTSP bad headers buffer over-read

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
9a96ec08a953...
Hauke Mehrtens
LEDE v17.01.6: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
8f5c55f63ece...
Paul Wassi
tools/e2fsprogs: update to 1.44.1
Update e2fsprogs to upstream 1.44.1 (feature and bugfix release)

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
(cherry picked from commit 8262179f4a007035a531bb913261f5f91115fad8)
8a72a868fd80...
Hauke Mehrtens
kernel: bump kernel 4.4 to version 4.4.151
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
866e5b495677...
Daniel Engberg
tools/e2fsprogs: Update to 1.43.4
* Update to 1.43.4
* Refresh patches
* xz tarball which saves about 2M in size

Changelog: http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.43.4

Tested by Etienne Haarsma (ar71xx), Daniel Engberg (kirkwood)

Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [use @KERNEL instead of harcoded URL]
(cherry picked from commit 34ba64fe708e45b7c042e2d273e66d4ce03df4e3)
85e6ac468efc...
Rafał Miłecki
mac80211: brcmfmac: group 4.11 backport patches
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
84ef414bd422...
Rafał Miłecki
mac80211: brcmfmac: backport important changes from the 4.16
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
79ac69d9c926...
Rosen Penev
tools/e2fsprogs: Update to 1.43.7
Compile tested on Fedora 27.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 08cc9a2ca8536e9808b60145cd0e10bdcfc98aca)
7955fab22ac4...
Daniel Engberg
tools/e2fsprogs: Update to 1.43.5
Update e2fsprogs to 1.43.5

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit 8477d5454531a35306d57c123c89602fee71a07f)
6e8f1c387892...
Jo-Philipp Wich
scripts: bundle-libraries: prevent loading host locales (FS#1803)
Binary patch the bundled glibc library to inhibit loading of host locale
archives in order to avoid triggering internal libc assertions when
invoking shipped, bundled executables.

The problem has been solved with upstream Glibc commit
0062ace229 ("Gracefully handle incompatible locale data") but we still
need to deal with older Glibc binaries for some time to come.

Fixes FS#1803
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9030a78a716b0a2eeed4510d4a314393262255c2)
  • gemini/wiligear: Checking out Git branch failed -  stdio
  • ramips/mt7620: Checking out Git branch failed -  stdio
  • x86/geode: Building packages failed -  stdio
6e78c5502c94...
Luis Araneda
tools: m4: fix compilation with glibc 2.28
Add a temporary workaround to compile with glibc 2.28
as some constants were removed and others made private

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
6aae528cc3b7...
Rosen Penev
grub2: Fix CVE-2015-8370
This CVE is a culmination of multiple integer overflow issues that cause
multiple issues like Denial of Service and authentication bypass.

More info: https://nvd.nist.gov/vuln/detail/CVE-2015-8370

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 7e73e9128f6a63b9198c88eea97c267810447be4)
  • gemini/wiligear: Checking out Git branch failed -  stdio
  • ramips/mt7620: Checking out Git branch failed -  stdio
  • x86/geode: Building packages failed -  stdio
6805e44004b7...
Rafał Miłecki
mac80211: brcmfmac: backport important changes from the 4.14
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6449ed155301...
Luis Araneda
tools: findutils: fix compilation with glibc 2.28
Add a temporary workaround to compile with glibc 2.28
as some constants were removed and others made private

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
5d9114c9cb3b...
Daniel Engberg
tools/e2fsprogs: Update to 1.43.6
Update e2fsprogs to 1.43.6
* Remove FreeBSD patch as it's not needed, FreeBSD 9.1 is EoL and this
  is compiling on FreeBSD 11.1.
* Remove libmagic patch, RHEL 5 is EoL (End of Production Phase) since
  March 31, 2017.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit ed617fd8f2f39e18ad435883db5b4100e6f7f977)
5886a5060a4c...
Hauke Mehrtens
mbedtls: update to version 2.7.5
This fixes the following security problems:
* CVE-2018-0497: Remote plaintext recovery on use of CBC based ciphersuites through a timing side-channel
* CVE-2018-0498: Plaintext recovery on use of CBC based ciphersuites through a cache based side-channel

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
583fd4b229b0...
Rafał Miłecki
brcm47xx: revert upstream commit breaking BCM4718A1
This fixes kernel hang when booting on BCM4718A1 (& probably BCM4717A1).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 4c1aa64b4d804e77dfaa8d53e5ef699fcced4b18)
Fixes: aaecfecdcde5 ("kernel: bump kernel 4.4 to version 4.4.139")
57102f6c0633...
Rafał Miłecki
mac80211: brcmfmac: backport important changes from the 4.15
Two more patches that may be worth backporting in the future:
fdd0bd88ceae brcmfmac: add CLM download support
cc124d5cc8d8 brcmfmac: fix CLM load error for legacy chips when user helper is enabled

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
55840040dfcc...
Hauke Mehrtens
mt76: Fix mirror hash
The mirror hash added in this commit was wrong.
The file on the mirror server and the newly generated file from git have
a different hash value, use that one.

Fixes: 4b5861c47 ("mt76: update to the latest version")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
  • gemini/wiligear: Checking out Git branch failed -  stdio
  • ramips/mt7620: Checking out Git branch failed -  stdio
  • x86/geode: Building packages failed -  stdio
2252731af43d...
Jo-Philipp Wich
grub2: rebase patches
Patch 300-CVE-2015-8370.patch was added without proper rebasing on the
version used by OpenWrt, make it apply and refresh the patch to fix
compilation.

Fixes: 7e73e9128f ("grub2: Fix CVE-2015-8370")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9ffbe84ea49fc643f41bfdf687de99aee17c9154)
  • gemini/wiligear: Checking out Git branch failed -  stdio
  • ramips/mt7620: Checking out Git branch failed -  stdio
1e09cbf11844...
Daniel Engberg
tools/bison: Update to 3.0.5
Update bison to 3.0.5
Bugfix release
Remove 001-fix-macos-vasnprintf.patch as it is fixed upstream

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
184fe11483b9...
Hauke Mehrtens
LEDE v17.01.6: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
13f219569d4c...
Rafał Miłecki
mac80211: brcmfmac: backport patch setting WIPHY_FLAG_HAVE_AP_SME
It's an important hint for authenticator (e.g. hostapd) about hardware
capabilities.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
0c76265d0819...
Rafał Miłecki
mac80211: brcmfmac: backport important changes from the 4.19
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
01a8f0e444c9...
Rafał Miłecki
mac80211: brcmfmac: backport first important changes from the 4.20
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
00b4e6567726...
Rafał Miłecki
mac80211: brcmfmac: backport important changes from the 4.12
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>