- Fix multiple security issues. See http://freeradius.org/security/fuzzer-2017.html Thanks to Guido Vranken for working with us to discover the issues and test the fixes.
- FR-GV-207 Avoid zero-length malloc() in data2vp().
- FR-GV-206 correct decoding of option 60.
- FR-GV-205 check for "too long" WiMAX options.
- FR-GV-204 free VP if decoding fails, so we don't leak memory.
- FR-GV-203 fix memory leak when using decode_tlv().
- FR-GV-202 check for "too long" attributes.
- FR-GV-201 check input/output length in make_secret().
- FR-AD-001 Use strncmp() instead of memcmp() for bounded data.
- Disable in-memory TLS session caches due to OpenSSL API issues.
- Allow issuer_cert to be empty.
- Look for extensions using correct index.
- Fix types.
- Work around OpenSSL 1.0.2 problems, which cause failures in TLS-based EAP methods.
- Revert RedHat contributed bug which removes run-time checks for OpenSSL consistency.
- Allow OCSP responder URL to be later in the packet Fix by Ean Pasternak.
- Catch empty subject and non-existent issuer cert in OCSP Fix by Ean Pasternak.
- Allow non-FIPS for MD5 Fix by Ean Pasternak.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
- Bumps version to 4.0.9. Otherwise about two dozen packages would need
to be backported. There were no ABI/API changes between 4.0.3 and
4.0.9, so this is OK.
- Adds a patch from Jow that addresses a macro issue (already in
master/lede-17.01)
- Adds patches copied from Debian for CVE-2017-18013 and CVE-2017-9935
on top.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
- Add patches copied from Debian to address open CVEs
- Update mail address of maintainer
- Fix a typo
- Add --disable-silent-rules for verbose build output
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
New upstream release includes fixes for the following security issues:
* CVE-2017-3140: With certain RPZ configurations, a response with TTL 0 could
cause named to go into an infinite query loop
* CVE-2017-3142: An error in TSIG handling could permit unauthorized zone
transfers or zone updates.
* CVE-2017-3143: An error in TSIG handling could permit unauthorized zone
transfers or zone updates.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
This change includes fixes for several security issues:
* CVE-2017-3138: rndc "" could trigger an assertion failure in named.
* CVE-2017-3137: Some chaining (i.e., type CNAME or DNAME) responses to
upstream queries could trigger assertion failures.
* CVE-2017-3136: dns64 with break-dnssec yes; can result in an assertion
failure.
* CVE-2017-3135: If a server is configured with a response policy zone
(RPZ) that rewrites an answer with local data, and is also configured
for DNS64 address mapping, a NULL pointer can be read triggering a
server crash.
* CVE-2016-9444: named could mishandle authority sections with missing
RRSIGs, triggering an assertion failure.
* CVE-2016-9131: named mishandled some responses where covering RRSIG
records were returned without the requested data, resulting in an
assertion failure.
* CVE-2016-9131: named incorrectly tried to cache TKEY records which could
trigger an assertion failure when there was a class mismatch.
* CVE-2016-8864: It was possible to trigger assertions when processing
responses containing answers of type DNAME.
* CVE-2016-6170: Added the ability to specify the maximum number of
records permitted in a zone (max-records #;). This provides a mechanism
to block overly large zone transfers, which is a potential risk with
slave zones from other parties.
* CVE-2016-2776: It was possible to trigger an assertion when rendering a
message using a specially crafted request.
* CVE-2016-2775: Calling getrrsetbyname() with a non absolute name could
trigger an infinite recursion bug in lwresd or named with lwres
configured if, when combined with a search list entry from resolv.conf,
the resulting name is too long.
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
This change fixes multiple denial-of-service vulnerabilities:
* CVE-2016-9131: A malformed response to an ANY query can cause an
assertion failure during recursion
* CVE-2016-9147: An error handling a query response containing
inconsistent DNSSEC information could cause an assertion failure
* CVE-2016-9444: An unusually-formed DS record response could cause
an assertion failure
* CVE-2016-9778: An error handling certain queries using the
nxdomain-redirect feature could cause a REQUIRE assertion failure
in db.c
Signed-off-by: Noah Meyerhans <frodo@morgul.net>
If libjson-c is detected during bind-libs configure phase, bind-libs
will be built with libjson support. This results in a missing dependency
error during install phase. Solve this by disabling libjson support.
- Adds bcm43xx-3wire variant.
- Resets UART speed after firmware download.
- Prints chip name when firmware isn't found for bcm43xx.
- Increases timeout for bcm43xx.
- Moves bcm43xx firmware to lib.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Move bluetoothd and related programs and files from bluez-utils into
bluez-daemon package. The main motivation for this is to remove the dependency
to DBus from bluez-utils. The utilities like "hcitool" are useful without it.
Also add kmod-bluetooth dependency to bluez-utils, as the utils don't make much
sense without bluetooth support in the kernel.
Signed-off-by: Bruno Randolf <br1@einfach.org>
Copy mime.conf to temporary directory so squid process can properly read the file. Without it squid cannot access mime.conf and throws a warning during startup.
Signed-off by: Adam Gensler <openwrt@a.gnslr.us>
Daniel Golle