OpenWrt: bump to v21.02.5 #265

Closed
fbl wants to merge 1 commits from fbl:wrt21025 into master
Owner

Bump core, packages and routing.

Signed-off-by: Fabian Bläse fabian@blaese.de

Bump core, packages and routing. Signed-off-by: Fabian Bläse <fabian@blaese.de>
fbl added the
upstream
security
labels 2022-10-18 15:28:27 +02:00
fbl self-assigned this 2022-10-18 15:28:27 +02:00
Author
Owner

This fixes the following recently released CVEs found in the Linux wireless stack:

  • CVE-2022-41674: fix u8 overflow in cfg80211_update_notlisted_nontrans (max 256 byte overwrite) (RCE)
  • CVE-2022-42719: wifi: mac80211: fix MBSSID parsing use-after-free use after free condition (RCE)
  • CVE-2022-42720: wifi: cfg80211: fix BSS refcounting bugs ref counting use-after-free possibilities (RCE)
  • CVE-2022-42721: wifi: cfg80211: avoid nontransmitted BSS list corruption list corruption (DOS)
  • CVE-2022-42722: wifi: mac80211: fix crash in beacon protection for P2P-device NULL ptr dereference crash (DOS)
This fixes the following recently released CVEs found in the Linux wireless stack: * [CVE-2022-41674](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41674): fix u8 overflow in cfg80211_update_notlisted_nontrans (max 256 byte overwrite) (RCE) * [CVE-2022-42719](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42719): wifi: mac80211: fix MBSSID parsing use-after-free use after free condition (RCE) * [CVE-2022-42720](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42720): wifi: cfg80211: fix BSS refcounting bugs ref counting use-after-free possibilities (RCE) * [CVE-2022-42721](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42721): wifi: cfg80211: avoid nontransmitted BSS list corruption list corruption (DOS) * [CVE-2022-42722](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42722): wifi: mac80211: fix crash in beacon protection for P2P-device NULL ptr dereference crash (DOS)
fbl force-pushed wrt21025 from 647e34d437 to 76e4beb59f 2022-10-18 15:32:38 +02:00 Compare
Author
Owner

Changes:

  • Fix commit message (v21.02.3 -> v21.02.5)
Changes: - Fix commit message (v21.02.3 -> v21.02.5)
fbl changed title from OpenWrt: bump to v21.02.3 to OpenWrt: bump to v21.02.5 2022-10-18 15:33:02 +02:00
fbl force-pushed wrt21025 from 76e4beb59f to bb0ed7747c 2022-10-18 15:41:25 +02:00 Compare
Author
Owner

Changes:

  • Refresh ipq40xx lan/wan separation build patch
Changes: - Refresh ipq40xx lan/wan separation build patch
fbl force-pushed wrt21025 from bb0ed7747c to 9dc1d0780f 2022-10-18 15:55:35 +02:00 Compare
Author
Owner

Changes:

  • Add missing change due to forgotten git add
Changes: - Add missing change due to forgotten `git add`
fbl added this to the 20221019 milestone 2022-10-18 19:30:22 +02:00
Owner

ER-X:

  • Installation von OpenWRT aus
  • IPv6-only config (manuell fdff Netz entfernen wieder nötig)
  • bird2

Grundsätzlich
Acked-by: Johannes Kimmel fff@bareminimum.eu

Und eingeschränkt fuer ER-X
Tested-by: Johannes Kimmel fff@bareminimum.eu

ER-X: - [x] Installation von OpenWRT aus - [x] IPv6-only config (manuell `fdff` Netz entfernen wieder nötig) - [x] `bird2` Grundsätzlich `Acked-by: Johannes Kimmel fff@bareminimum.eu` Und eingeschränkt fuer ER-X `Tested-by: Johannes Kimmel fff@bareminimum.eu`
Author
Owner

applied.

applied.
fbl closed this pull request 2022-10-20 00:46:53 +02:00

Pull request closed

Sign in to join this conversation.
No description provided.