5 days ago | Nicolò Veronese | uboot-envtools: add support for Zyxel EX5601-T0 ubootmod Signed-off-by: Nicolò Veronese <nicveronese@gmail.com> |
commit | commitdiff | tree |
5 days ago | Valerio 'ftp21'... | mediatek: add Zyxel EX5601-T0 with uboot custom partition Co-authored-by: Nicolò Veronese <nicveronese@gmail.com> Co-developed-by: Nicolò Veronese <nicveronese@gmail.com> Signed-off-by: Nicolò Veronese <nicveronese@gmail.com> |
commit | commitdiff | tree |
5 days ago | Valerio 'ftp21'... | uboot-mediatek: add initial Zyxel EX5601-T0 support Signed-off-by: Nicolò Veronese <nicveronese@gmail.com> |
commit | commitdiff | tree |
2023-10-25 | Hauke Mehrtens | openssl: update to 3.0.12 ...symmetric cipher keys and IVs. (CVE-2023-5363) |
commit | commitdiff | tree |
2023-10-22 | Nicolò Veronese | uboot-mediatek: fix global pll clock override on mtk_spim Signed-off-by: Nicolò Veronese <nicveronese@gmail.com> |
commit | commitdiff | tree |
2023-10-09 | Hauke Mehrtens | bsdiff: Add patches for CVEs bsdiff: Add patches for CVEs Add two patches from Debian fixing CVEs in the bsdiff application. CVE-2014-9862: Heap vulnerability... CVE-2020-14315: Memory Corruption... ...debian/latest/debian/patches/20-CVE-2014-9862.patch ...debian/latest/debian/patches/33-CVE-2020-14315.patch |
commit | commitdiff | tree |
2023-10-08 | Hauke Mehrtens | toolchain: glibc: Update glibc 2.37 to recent HEAD b752934602 CVE-2023-4527: Stack read overflow... ...use after free in getcanonname (CVE-2023-4806) ...getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843] 94ef701365 Document CVE-2023-4806 and CVE-2023-5156 in... ...Terminate if end of input is reached (CVE-2023-4911) |
commit | commitdiff | tree |
2023-09-24 | Ivan Pavlov | openssl: update to 3.0.11 ...corrupting XMM registers on Windows. ([CVE-2023-4807]) |
commit | commitdiff | tree |
2023-08-11 | Hauke Mehrtens | firmware: intel-microcode: update to 20230808 ...for "Downfall" INTEL-SA-00828 (CVE-2022-40982), INTEL-SA-00836 (CVE-2023-23908) and INTEL-SA-00837... |
commit | commitdiff | tree |
2023-08-09 | Ivan Pavlov | openssl: update to 3.0.10 ...checking DH q parameter value ([CVE-2023-3817]) ...time with over sized modulus ([CVE-2023-3446]) ...associated data entries with AES-SIV ([CVE-2023-2975]) |
commit | commitdiff | tree |
2023-08-01 | Nick Hainke | tracecmd: update to v3.2 ...execvp routine to avoid multiple execve syscalls |
commit | commitdiff | tree |
2023-06-09 | Ivan Pavlov | openssl: update to 3.0.9 CVE-2023-2650 fix ...OBJECT IDENTIFIER sub-identities. (CVE-2023-2650) ...decryption on ARM 64 bit platforms (CVE-2023-1255) ...X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466) ...policies in leaf certificates (CVE-2023-0465) ...nodes created in a policy tree (CVE-2023-0464) |
commit | commitdiff | tree |
2023-05-22 | Nick Hainke | libcap: update to 2.69 Fixes: CVE-2023-2602 CVE-2023-2603 |
commit | commitdiff | tree |
2023-05-21 | Christian Lamparter | firmware: intel-microcode: update to 20230512 - INTEL-SA-00700: CVE-2022-21216 - INTEL-SA-00730: CVE-2022-33972 - INTEL-SA-00738: CVE-2022-33196 - INTEL-SA-00767: CVE-2022-38090 |
commit | commitdiff | tree |
2023-05-18 | Nick Hainke | libxml2: update to 2.11.3 Fixes: CVE-2023-28484 CVE-2023-29469 |
commit | commitdiff | tree |
2023-05-18 | Petr Štetiar | ci: fix check kernel patches job ...contains a patched Git version with CVE |
commit | commitdiff | tree |
2023-05-09 | Linhui Liu | tools/cpio: update to 2.14 ** Rewrite the fix for CVE-2015-1197. |
commit | commitdiff | tree |
2023-04-29 | Eneas U de Queiroz | openssl: fix low-severity CVE-2023-1255 openssl: fix low-severity CVE-2023-1255 (CVE-2023-1255) |
commit | commitdiff | tree |
2023-04-17 | Nick Hainke | tcpdump: update to 4.99.4 Fixes CVE-2023-1801. |
commit | commitdiff | tree |
2023-04-07 | Eneas U de Queiroz | openssl: fix CVE-2023-464 and CVE-2023-465 openssl: fix CVE-2023-464 and CVE-2023-465 (CVE-2023-0464) (CVE-2023-0465) CVE-2023-466. It is not included... |
commit | commitdiff | tree |
2023-03-30 | Felix Fietkau | mac80211, mt76: add fixes for recently discovered security... Fixes CVE-2022-47522 |
commit | commitdiff | tree |
2023-02-11 | John Audia | openssl: bump to 1.1.1t ...Benjamin for discovering this issue. (CVE-2023-0286) (CVE-2023-0215) (CVE-2022-4450) (CVE-2022-4304) |
commit | commitdiff | tree |
2023-02-07 | Nick Hainke | e2fsprogs: update to 1.46.6 - 004-CVE-2022-1304-libext2fs-add-sanity... |
commit | commitdiff | tree |
2023-02-07 | Nick Hainke | tools/e2fsprogs: update to 1.46.6 - 004-CVE-2022-1304-libext2fs-add-sanity... |
commit | commitdiff | tree |
2023-02-05 | Nick Hainke | tools/pkgconf: update to 1.9.4 Fixes CVE-2023-24056. |
commit | commitdiff | tree |
2023-01-11 | Hauke Mehrtens | ksmbd: Fix ZDI-CAN-18259 ZDI-CAN-18259 ID assigned, but no CVE yet. |
commit | commitdiff | tree |
2022-12-31 | Hauke Mehrtens | mbedtls: update to version 2.28.2 Fixes the following CVEs: * CVE-2022-46393: Fix potential heap... * CVE-2022-46392: An adversary with... |
commit | commitdiff | tree |
2022-12-20 | Stijn Tintel | trusted-firmware-a.mk: use correct CPE ID has a CVE linked to it. Therefore, use the... |
commit | commitdiff | tree |
2022-12-06 | Hauke Mehrtens | e2fsprogs: Fix CVE-2022-1304 e2fsprogs: Fix CVE-2022-1304 This fixes CVE-2022-1304: |
commit | commitdiff | tree |
2022-11-27 | Nick Hainke | wolfssl: update to v5.5.3 Fixes CVE 2022-42905. |
commit | commitdiff | tree |
2022-11-13 | Nick Hainke | zlib: update to 1.2.13 - 006-fix-CVE-2022-37434.patch - 007-fix-null-dereference-in-fix-CVE-2022-37434.patch |
commit | commitdiff | tree |
2022-11-06 | Kevin Darbyshire... | dnsmasq: remove backported CVE patch dnsmasq: remove backported CVE patch |
commit | commitdiff | tree |
2022-11-05 | Hauke Mehrtens | busybox: awk: fix use after free (CVE-2022-30065) busybox: awk: fix use after free (CVE-2022-30065) CVE-2022-30065 description: |
commit | commitdiff | tree |
2022-11-05 | Hauke Mehrtens | dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934) dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934) ...commit from upstream dnsmasq to fix CVE-2022-0934. CVE-2022-0934 description: |
commit | commitdiff | tree |
2022-10-31 | Nick Hainke | expat: update to 2.5.0 Fixes CVE-2022-43680. |
commit | commitdiff | tree |
2022-10-13 | Felix Fietkau | mac80211: backport security fixes Fixes: CVE-2022-41674 Fixes: CVE-2022-42719 Fixes: CVE-2022-42720 Fixes: CVE-2022-42721 Fixes: CVE-2022-42722 |
commit | commitdiff | tree |
2022-10-03 | Petr Štetiar | treewide: fix security issues by bumping all packages... using 5.5.1-stable (CVE-2022-39173)") which fixes several... |
commit | commitdiff | tree |
2022-10-02 | Nick Hainke | tools/expat: update to 2.4.9 Fixes CVE-2022-40674. |
commit | commitdiff | tree |
2022-09-29 | Petr Štetiar | wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable... ...uhttpd by using 5.5.1-stable (CVE-2022-39173) Fixes: CVE-2022-39173 |
commit | commitdiff | tree |
2022-09-29 | Petr Štetiar | Revert "wolfssl: fix TLSv1.3 RCE in uhttpd by using... ...private email, that the issue has CVE-2022-39173 |
commit | commitdiff | tree |
2022-09-24 | Christian Lamparter | firmware: intel-microcode: update to 20220809 * Fixes INTEL-SA-00657, CVE-2022-21233 |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | libsepol: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | libselinux: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | mtd-utils: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | libnfnetlink: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | libmnl: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | f2fs-tools: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | libnl: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | jansson: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | libusb: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | lldpd: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | ethtool: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | tools/bc: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | libcap: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-09-06 | Nick Hainke | nettle: add PKG_CPE_ID Add CPE ID for tracking CVEs. |
commit | commitdiff | tree |
2022-08-20 | Nick Hainke | tools/xz: update to 5.2.6 ...contains a security fix to xzgrep (CVE-2022-1271, |
commit | commitdiff | tree |
2022-08-09 | Petr Štetiar | zlib: backport null dereference fix using zlib patched against CVE-2022-37434, same patch we've backported over-read (CVE-2022-37434)"). So we need to backport... ...issue introduced in that previous CVE-2022-37434 fix. ...for heap-based buffer over-read (CVE-2022-37434)") |
commit | commitdiff | tree |
2022-08-06 | Petr Štetiar | zlib: backport fix for heap-based buffer over-read... ...for heap-based buffer over-read (CVE-2022-37434) Fixes: CVE-2022-37434 |
commit | commitdiff | tree |
2022-07-16 | Eneas U de Queiroz | wolfssl: bump to 5.4.0 -CVE-2022-34293[high]: Potential for... |
commit | commitdiff | tree |
2022-07-15 | Christian Lamparter | firmware: intel-microcode: update to 20220510 * Fixes INTEL-SA-000617, CVE-2022-21151: |
commit | commitdiff | tree |
2022-07-07 | Dustin Lundquist | openssl: bump to 1.1.1q (CVE-2022-2097) |
commit | commitdiff | tree |
2022-07-04 | Andre Heider | openssl: bump to 1.1.1p CVE-2022-1292, further bugs where... When the CVE-2022-1292 was fixed it was not... (CVE-2022-2068) |
commit | commitdiff | tree |
2022-07-03 | Nick Hainke | tcpdump: update to 4.99.1 - 101-CVE-2020-8037.patch - 102-CVE-2018-16301.patch CVE-2018-16301: For the -F option... |
commit | commitdiff | tree |
2022-04-11 | Eneas U de Queiroz | wolfssl: bump to 5.2.0 - CVE-2022-25640: A TLS v1.3 server... - CVE-2022-25638: A TLS v1.3 client... |
commit | commitdiff | tree |
2022-03-28 | Petr Štetiar | tools/zlib: bump to latest stable release 1.2.12 (CVE... ...latest stable release 1.2.12 (CVE-2018-25032) hotfix for CVE-2018-25032 and is now included... Fixes: CVE-2018-25032 |
commit | commitdiff | tree |
2022-03-28 | Petr Štetiar | libs/zlib: bump to latest stable release 1.2.12 (CVE... ...latest stable release 1.2.12 (CVE-2018-25032) hotfix for CVE-2018-25032 and is now included... Fixes: CVE-2018-25032 |
commit | commitdiff | tree |
2022-03-24 | Petr Štetiar | zlib: backport security fix for a reproducible crash... he knows, nobody ever assigned it a CVE. |
commit | commitdiff | tree |
2022-03-16 | Martin Schiller | openssl: bump to 1.1.1n ...forever for non-prime moduli. (CVE-2022-0778) |
commit | commitdiff | tree |
2022-03-13 | Rosen Penev | tools/expat: update to 2.4.7 Mostly a bug fix to the bug fix to CVE-2022-25236 |
commit | commitdiff | tree |
2022-02-28 | Rosen Penev | tools/expat: update to 2.4.6 This release fixes various CVEs. |
commit | commitdiff | tree |
2022-02-26 | Christian Lamparter | firmware: intel-microcode: update to 20220207 CVE-2021-0146, INTEL-SA-00528: VT... * Mitigates CVE-2021-0127, INTEL-SA-00532: an... * Mitigates CVE-2021-0145, INTEL-SA-00561: information... * Mitigates CVE-2021-33120, INTEL-SA-00589: out... mitigation for CVE-2020-8694, CVE-2020-8695, INTEL... |
commit | commitdiff | tree |
2022-02-12 | Hauke Mehrtens | tcpdump: Fix CVE-2018-16301 tcpdump: Fix CVE-2018-16301 |
commit | commitdiff | tree |
2022-02-01 | Hauke Mehrtens | util-linux: Update to version 2.37.3 CVE-2021-3996 CVE-2021-3995 |
commit | commitdiff | tree |
2022-02-01 | Hauke Mehrtens | mbedtls: Update to version 2.16.12 be free()'d twice. CVE-2021-44732 |
commit | commitdiff | tree |
2022-01-30 | Hans Dedecker | glibc: update to 2.34 HEAD ...overwriting preexisting error (CVE-2021-3998) ...errno to ERANGE for size == 1 (CVE-2021-3999) 6890b8a3ae CVE-2022-23218: Buffer overflow in... 7b5d433fd0 CVE-2022-23219: Buffer overflow in... |
commit | commitdiff | tree |
2021-12-03 | Tan Zien | firmware: intel-microcode: update to 20210608 * Correct INTEL-SA-00442 CVE id to CVE-2020-24489 in changelog and * Implements mitigations for CVE-2020-24511 CVE-2020-24512 * Implements mitigations for CVE-2020-24513 (INTEL-SA-00465), * Implements mitigations for CVE-2020-24489 (INTEL-SA-00442), Intel * Implements mitigation for CVE-2020-8696 and CVE-2020-8698, * Implements mitigation for CVE-2020-8695, Intel SGX information ...Reintroduces SRBDS mitigations(CVE-2020-0543, INTEL-SA-00320) |
commit | commitdiff | tree |
2021-11-14 | Stijn Tintel | lldpd: bump to 1.0.13 Fixes CVE-2021-43612. |
commit | commitdiff | tree |
2021-10-31 | Nicolò Veronese | ath79: fix UBNT Aircube AC gpios Signed-off-by: Nicolò Veronese <nicveronese@gmail.com> |
commit | commitdiff | tree |
2021-09-22 | Hauke Mehrtens | mac80211: Update to backports-5.10.68 This contains fixes for CVE-2020-3702 CVE-2020-3702 [1] similar to KrØØk... [1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702 |
commit | commitdiff | tree |
2021-08-26 | Eneas U de Queiroz | openssl: bump to 1.1.1l - SM2 Decryption Buffer Overflow (CVE-2021-3711) ...overruns processing ASN.1 strings (CVE-2021-3712) |
commit | commitdiff | tree |
2021-06-21 | Dirk Neukirchen | grub2: update to 2.06 -300-CVE-2015-8370.patch is upstreamed... |
commit | commitdiff | tree |
2021-06-05 | Josef Schlehofer | linux-firmware: update to version 20210315 and trim... (CVE-2019-15126), because Cypress released... |
commit | commitdiff | tree |
2021-05-16 | Stijn Tintel | grub2: bump to 2.06-rc1 As one of the fixes for the CVEs causes grub to crash on some x86 Fixes the following CVEs: - CVE-2020-14372 - CVE-2020-25632 - CVE-2020-25647 - CVE-2020-27749 - CVE-2020-27779 - CVE-2021-3418 - CVE-2021-20225 - CVE-2021-20233 |
commit | commitdiff | tree |
2021-05-13 | Felix Fietkau | mt76: update to the latest version Includes fix for CVE-2020-24588 |
commit | commitdiff | tree |
2021-05-12 | Nick Hainke | busybox: update to 1.33.1 - 005-backport-CVE-2021-28831.patch |
commit | commitdiff | tree |
2021-05-12 | Felix Fietkau | mac80211: backport upstream fixes for FragAttacks Specifically, the following CVEs were assigned: * CVE-2020-24586 - Fragmentation cache... * CVE-2020-24587 - Reassembling fragments... * CVE-2020-24588 - Accepting non-SPP... * CVE-2020-26139 - Forwarding EAPOL... * CVE-2020-26140 - Accepting plaintext... * CVE-2020-26141 - Not verifying TKIP... * CVE-2020-26142 - Processing fragmented... * CVE-2020-26143 - Accepting fragmented... * CVE-2020-26144 - Always accepting... * CVE-2020-26145 - Accepting plaintext... * CVE-2020-26146 - Reassembling encrypted... * CVE-2020-26147 - Reassembling mixed... ...all of them reference the exact CVE IDs. |
commit | commitdiff | tree |
2021-05-05 | Alan Swanson | dnsmasq: Update to version 2.85 * CVE-2021-3448: |
commit | commitdiff | tree |
2021-05-02 | Hauke Mehrtens | busybox: backport fix for CVE-2021-28831 busybox: backport fix for CVE-2021-28831 ...backports a fix for the low priority CVE-2021-28831: |
commit | commitdiff | tree |
2021-04-05 | Stijn Tintel | lldpd: bump to 1.0.9 Contains fixes related to CVE-2020-27827. |
commit | commitdiff | tree |
2021-03-26 | Eneas U de Queiroz | openssl: bump to 1.1.1k - CVE-2021-3450: problem with verifying... - CVE-2021-3449: OpenSSL TLS server... |
commit | commitdiff | tree |
2021-02-28 | Stefan Lippers-Hollmann | hostapd: P2P: Fix a corner case in peer addition based... - CVE-2021-27803 - A vulnerability was... |
commit | commitdiff | tree |
2021-02-23 | Eneas U de Queiroz | wolfssl: bump to v4.7.0-stable Biggest fix for this version is CVE-2021-3336, which has already been |
commit | commitdiff | tree |
2021-02-17 | Eneas U de Queiroz | openssl: bump to 1.1.1j - CVE-2021-2839 - SSLv2 vulnerability... - CVE-2021-2840 - calls EVP_CipherUpdate... - CVE-2021-2841 - The X509_issuer_and_serial_... The 3 CVEs above are currently awaiting... |
commit | commitdiff | tree |
2021-02-09 | Hauke Mehrtens | wolfssl: Backport fix for CVE-2021-3336 wolfssl: Backport fix for CVE-2021-3336 This should fix CVE-2021-3336: |
commit | commitdiff | tree |
2021-01-19 | Hauke Mehrtens | dnsmasq: Update to version 2.83 * CVE-2020-25681: * CVE-2020-25682: * CVE-2020-25683: * CVE-2020-25684: * CVE-2020-25685: * CVE-2020-25686: * CVE-2020-25687: |
commit | commitdiff | tree |
2020-12-11 | Eneas U de Queiroz | openssl: update to 1.1.1i Fixes: CVE-2020-1971, defined as high severity... |
commit | commitdiff | tree |
2020-11-25 | Jan Pavlinec | tcpdump: patch CVE-2020-8037 tcpdump: patch CVE-2020-8037 ...PR backports upstream fix for CVE-2020-8037. This fix is only |
commit | commitdiff | tree |
2020-11-20 | Petr Štetiar | musl: handle wcsnrtombs destination buffer overflow... ...wcsnrtombs destination buffer overflow (CVE-2020-28928) |
commit | commitdiff | tree |
2020-09-18 | Tan Zien | firmware: intel-microcode: update to 20200616 * Implements mitigation for CVE-2020-0543 Special Register Buffer... * Implements mitigation for CVE-2020-0548 Vector Register Data... * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117 ...mitigation (TSX TAA), INTEL-SA-00270, CVE-2019-11135 CVE-2019-11139 ...vulnerabilities and errata (including CVE-2019-0117) |
commit | commitdiff | tree |
2020-09-17 | David Bauer | libjson-c: update to 0.15 * 001-Fix-CVE-2020-12762.patch |
commit | commitdiff | tree |
next |