git.openwrt.org Git - feed/routing.git/commit

author	Rob White <rob@blue-wave.net>
	Mon, 28 Aug 2023 15:19:06 +0000 (16:19 +0100)
committer	Josef Schlehofer <pepe.schlehofer@gmail.com>
	Sun, 3 Sep 2023 07:48:17 +0000 (09:48 +0200)
commit	0b19771fb2dd81e7c428759610aed583171eed80
tree	2e52e8aa5ced96e025ffdb94efbfa6c7e7a287ce	tree \| snapshot
parent	fa833a0d976448f61e42e91afd4af2811b2b0e73	commit \| diff

opennds: update to version 10.1.3

Maintainer: Rob White rob@blue-wave.net

Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64

Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03

Description:
opennds (10.1.3)

Security Advisory. This version contains fixes for multiple potential security vulnerabilities
Credit - Stanislav Dashevskyi - standash.github.io [standash]
It also contains some minor bug fixes

  * Fix - Buffer overflow causing segfault - CVE-2023-41101 [bluewavenet]
  * Fix - Memory leaks due to passing allocated buffer into safe_asprintf() - CVE-2023-41102 [bluewavenet]
  * Fix - Remove deprecated preauth option [bluewavenet]
  * Fix - missing free in show_preauth_page if MHD does not respond [bluewavenet]
  * Fix - more safe_asprintf memory leaks [bluewavenet]
  * Fix - missing free for mark_auth [bluewavenet]
  * Fix - memory leak after starting authmon daemon [bluewavenet]
  * Fix - memory leak in encode_and_redirect_to_splashpage [bluewavenet]
  * Fix - Community themespec, voucher css and logo image [bluewavenet]
  * Fix - ThemeSpec, path to logo in page footer [bluewavenet]
  * Fix - ensure gatewayurl is urldecoded to fix broken css and images in themespec [bluewavenet]
  * Add - set default fas remote fqdn to disabled [bluewavenet]

Signed-off-by: Rob White <rob@blue-wave.net>
(cherry picked from commit 88c98c910acccab694b3afb6d36d70ca429118a6)