mtk-20170518/package/network/utils, branch v17.01.4 MTK 20170518 : Mediatek SDK based on OpenWRT Barrier Breaker curl: fix security problems 2017-09-30T13:27:29+00:00 Hauke Mehrtens hauke@hauke-m.de 2017-09-30T13:23:07+00:00 f483a35f08741ff0ca373236e6ad1d93edb1ba75 This fixes the following security problems: * CVE-2017-1000100 TFTP sends more than buffer size * CVE-2017-1000101 URL globbing out of bounds read Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 
This fixes the following security problems:
 * CVE-2017-1000100 TFTP sends more than buffer size
 * CVE-2017-1000101 URL globbing out of bounds read

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
tcpdump: noop commit to refer CVEs fixed in 4.9.2 2017-09-18T13:50:07+00:00 Stijn Tintel stijn@linux-ipv6.be 2017-09-17T22:26:44+00:00 12a0da6315e66045be68270b6e564316c14a3347 When bumping tcpdump from 4.9.1 to 4.9.2, I did not include the fixed CVEs in the commit message. As the list of fixed CVEs is quite long, we should probably mention them in the changelogs of the releases to come. This commit will make sure this happens. The following CVEs were fixed in 21014d9708d586becbd62da571effadb488da9fc: CVE-2017-11541 CVE-2017-11541 CVE-2017-11542 CVE-2017-11542 CVE-2017-11543 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit 2375e279a7cb462d62fd6028cb3fbd56217222de) 
When bumping tcpdump from 4.9.1 to 4.9.2, I did not include the fixed
CVEs in the commit message. As the list of fixed CVEs is quite long,
we should probably mention them in the changelogs of the releases to
come. This commit will make sure this happens.

The following CVEs were fixed in 21014d9708d586becbd62da571effadb488da9fc:

CVE-2017-11541
CVE-2017-11541
CVE-2017-11542
CVE-2017-11542
CVE-2017-11543
CVE-2017-11543
CVE-2017-12893
CVE-2017-12894
CVE-2017-12895
CVE-2017-12896
CVE-2017-12897
CVE-2017-12898
CVE-2017-12899
CVE-2017-12900
CVE-2017-12901
CVE-2017-12902
CVE-2017-12985
CVE-2017-12986
CVE-2017-12987
CVE-2017-12988
CVE-2017-12989
CVE-2017-12990
CVE-2017-12991
CVE-2017-12992
CVE-2017-12993
CVE-2017-12994
CVE-2017-12995
CVE-2017-12996
CVE-2017-12997
CVE-2017-12998
CVE-2017-12999
CVE-2017-13000
CVE-2017-13001
CVE-2017-13002
CVE-2017-13003
CVE-2017-13004
CVE-2017-13005
CVE-2017-13006
CVE-2017-13007
CVE-2017-13008
CVE-2017-13009
CVE-2017-13010
CVE-2017-13011
CVE-2017-13012
CVE-2017-13013
CVE-2017-13014
CVE-2017-13015
CVE-2017-13016
CVE-2017-13017
CVE-2017-13018
CVE-2017-13019
CVE-2017-13020
CVE-2017-13021
CVE-2017-13022
CVE-2017-13023
CVE-2017-13024
CVE-2017-13025
CVE-2017-13026
CVE-2017-13027
CVE-2017-13028
CVE-2017-13029
CVE-2017-13030
CVE-2017-13031
CVE-2017-13032
CVE-2017-13033
CVE-2017-13034
CVE-2017-13035
CVE-2017-13036
CVE-2017-13037
CVE-2017-13038
CVE-2017-13039
CVE-2017-13040
CVE-2017-13041
CVE-2017-13042
CVE-2017-13043
CVE-2017-13044
CVE-2017-13045
CVE-2017-13046
CVE-2017-13047
CVE-2017-13048
CVE-2017-13049
CVE-2017-13050
CVE-2017-13051
CVE-2017-13052
CVE-2017-13053
CVE-2017-13054
CVE-2017-13055
CVE-2017-13687
CVE-2017-13688
CVE-2017-13689
CVE-2017-13690
CVE-2017-13725

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 2375e279a7cb462d62fd6028cb3fbd56217222de)
tcpdump: bump to 4.9.2 2017-09-18T13:50:07+00:00 Stijn Tintel stijn@linux-ipv6.be 2017-09-10T19:27:26+00:00 f66c6e1d8ace0f2d4cdb1c319d542946cf0bf4e3 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit 21014d9708d586becbd62da571effadb488da9fc) 
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 21014d9708d586becbd62da571effadb488da9fc)
utils/tcpdump: Rework URLs 2017-09-18T13:50:07+00:00 Daniel Engberg daniel.engberg.lists@pyret.net 2017-03-22T07:01:04+00:00 a131f7cb69ae0c1e7b468bc914fd2b46a0dd3b69 Add actual mirror and use main site as last resport Source: http://www.tcpdump.org/mirrors.html Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> (cherry picked from commit fd95397ee33a34704771de2ab26a5910b1a88c6f) Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Conflicts: package/network/utils/tcpdump/Makefile 
Add actual mirror and use main site as last resport
Source: http://www.tcpdump.org/mirrors.html

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit fd95397ee33a34704771de2ab26a5910b1a88c6f)
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

Conflicts:
	package/network/utils/tcpdump/Makefile
treewide: fix shellscript syntax errors/typos 2017-09-13T06:07:39+00:00 Lorenzo Santina lorenzo.santina@edu.unito.it 2017-09-11T13:27:53+00:00 d33f7905dfb39458ff2127237be22a54e806bdc9 Fix multiple syntax errors in shelscripts (of packages only) These errors were causing many conditions to not working properly Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it> [increase PKG_RELEASE, drop command substitution from directip.sh] Signed-off-by: Mathias Kresin <dev@kresin.em> 
Fix multiple syntax errors in shelscripts (of packages only)
These errors were causing many conditions to not working properly

Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
[increase PKG_RELEASE, drop command substitution from directip.sh]
Signed-off-by: Mathias Kresin <dev@kresin.em>
tcpdump: Update to 4.9.1 2017-08-15T16:31:10+00:00 Daniel Engberg daniel.engberg.lists@pyret.net 2017-07-24T22:10:58+00:00 ae3c55666d7fcb72eee149237076ebc4f57a3ca7 Fixes: * CVE-2017-11108: Fix bounds checking for STP. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> 
Fixes:
 * CVE-2017-11108: Fix bounds checking for STP.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
curl: fix CVE-2017-7407 and CVE-2017-7468 2017-07-28T21:49:39+00:00 Hauke Mehrtens hauke@hauke-m.de 2017-07-23T14:08:47+00:00 7ab8bf126ef64f0f8e3bca8385742a0d45185e8f This fixes the following security problems: * CVE-2017-7407: https://curl.haxx.se/docs/adv_20170403.html * CVE-2017-7468: https://curl.haxx.se/docs/adv_20170419.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 
This fixes the following security problems:
* CVE-2017-7407: https://curl.haxx.se/docs/adv_20170403.html
* CVE-2017-7468: https://curl.haxx.se/docs/adv_20170419.html

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
iw: enable MESH ID in scan output 2017-03-25T13:55:10+00:00 Matthias Schiffer mschiffer@universe-factory.net 2017-03-25T12:43:29+00:00 1b94737824bb046bd9796aa6ab01a56dacc49622 Make scan output useful for 802.11s meshes. The common print_ssid function is used, so this doesn't add any additional code. Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de> Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> 
Make scan output useful for 802.11s meshes. The common print_ssid function
is used, so this doesn't add any additional code.

Based-on-patch-by: Jan-Tarek Butt <tarek@ring0.de>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
iproute2: fix ip monitor can't work when NET_NS is not enabled 2017-03-19T04:42:16+00:00 Yousong Zhou yszhou4tech@gmail.com 2017-03-17T09:49:29+00:00 0f23e80c272be4eaaa3e898f9e427886203be720 The bug appeared in v4.1.0 and was fixed since v4.8.0 Fixes FS#620 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> 
The bug appeared in v4.1.0 and was fixed since v4.8.0

Fixes FS#620

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
curl: fix CVE-2017-2629 SSL_VERIFYSTATUS ignored 2017-03-13T21:51:20+00:00 Hauke Mehrtens hauke@hauke-m.de 2017-03-13T21:51:20+00:00 111cf1b9f37b902dbc4ac2934f38ee6418600f69 This fixes the following security problem: https://curl.haxx.se/docs/adv_20170222.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 
This fixes the following security problem:
https://curl.haxx.se/docs/adv_20170222.html

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>