<feed xmlns='http://www.w3.org/2005/Atom'>
<title>staging/xback/package/system, branch master</title>
<subtitle>Staging tree of Koen Vandeputte</subtitle>
<id>https://git.openwrt.org/openwrt/staging/xback/atom?h=master</id>
<link rel='self' href='https://git.openwrt.org/openwrt/staging/xback/atom?h=master'/>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/'/>
<updated>2026-06-24T09:21:28Z</updated>
<entry>
<title>procd: update to Git HEAD (2026-06-17)</title>
<updated>2026-06-24T09:21:28Z</updated>
<author>
<name>Felix Fietkau</name>
</author>
<published>2026-06-17T10:01:52Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=2010cfde392e6038121c87dd52767ea6d4c75fd3'/>
<id>urn:sha1:2010cfde392e6038121c87dd52767ea6d4c75fd3</id>
<content type='text'>
9ff6e43bb75f service: notify instance exit details via ubus
4f42296dc4f0 jail: mount rootfs overlay with userxattr in user namespace
60fdbf00e924 jail: chown rootfs overlay dir to mapped root in user namespace

Signed-off-by: Felix Fietkau &lt;nbd@nbd.name&gt;
</content>
</entry>
<entry>
<title>mtd: bump package release</title>
<updated>2026-06-16T09:32:52Z</updated>
<author>
<name>Paul Spooren</name>
</author>
<published>2026-06-16T09:20:05Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=45b8cb0ce4fe9c12ce1e7fac03db2346e76e0f6d'/>
<id>urn:sha1:45b8cb0ce4fe9c12ce1e7fac03db2346e76e0f6d</id>
<content type='text'>
This commit fixes "a5107ad58c6 mtd: fix buffer leak and fd leak in mtd_dump()"
which changed the code but did not increase the release. This causes two
packages with the same version to have different content and thereby hashes.

Signed-off-by: Paul Spooren &lt;mail@aparcar.org&gt;
Link: https://github.com/openwrt/openwrt/pull/23827
Signed-off-by: Christian Marangi &lt;ansuelsmth@gmail.com&gt;
</content>
</entry>
<entry>
<title>package: make APK embedded help gzip reproducible</title>
<updated>2026-06-10T18:15:15Z</updated>
<author>
<name>Paul Spooren</name>
</author>
<published>2026-06-10T15:18:37Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=353e23dfbc15feb9557bf09095cf54ab77f3042b'/>
<id>urn:sha1:353e23dfbc15feb9557bf09095cf54ab77f3042b</id>
<content type='text'>
APK compresses it's helptext using LUA and require `zlib`, which isn't
available on the Buildbots. It thens falls back to `gzip`, which embeds the
MTIME, making the binary itself unreproducible.

This commits adds a downstream patch to run `gzip` with `-n`, setting the time
to 0.

Link: https://github.com/openwrt/openwrt/pull/23736
Signed-off-by: Paul Spooren &lt;mail@aparcar.org&gt;
</content>
</entry>
<entry>
<title>mtd: fix buffer leak and fd leak in mtd_dump()</title>
<updated>2026-06-08T14:18:23Z</updated>
<author>
<name>Anna Kiri</name>
</author>
<published>2026-06-08T09:07:05Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=a5107ad58c6162a70a56ada1822c3c3e6ba09a12'/>
<id>urn:sha1:a5107ad58c6162a70a56ada1822c3c3e6ba09a12</id>
<content type='text'>
Two leaks in mtd_dump():

- The buffer allocated with malloc(erasesize) is never freed before
  returning, leaking erasesize bytes on every call.
- The pre-existing malloc-NULL early return path also leaked the just-
  opened fd by returning directly instead of going through cleanup.

Initialize buf to NULL, route the malloc-NULL case through the
existing 'out:' label, and add free(buf) on the cleanup path so both
fd and buf are released consistently on every exit.

Signed-off-by: Anna Kiri &lt;bredcorn@gmail.com&gt;
Link: https://github.com/openwrt/openwrt/pull/23706
Signed-off-by: Jonas Jelonek &lt;jelonek.jonas@gmail.com&gt;
</content>
</entry>
<entry>
<title>mtd: check malloc() return value in mtd_check()</title>
<updated>2026-06-08T14:17:42Z</updated>
<author>
<name>Anna Kiri</name>
</author>
<published>2026-06-08T09:06:32Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=2818ac5ccd0cc7c44176010691929b843b7cb566'/>
<id>urn:sha1:2818ac5ccd0cc7c44176010691929b843b7cb566</id>
<content type='text'>
After malloc(erasesize) in mtd_check(), the result was never checked
for NULL. On allocation failure, the buf pointer remained NULL and
would later be used in image_check() via read(imagefd, buf + buflen,
...), causing a NULL pointer dereference.

Add a NULL check after the allocation and return early. The early
return path also closes the just-opened fd and frees the strdup'd
colon-separated device-list copy to avoid leaks.

Signed-off-by: Anna Kiri &lt;bredcorn@gmail.com&gt;
Link: https://github.com/openwrt/openwrt/pull/23705
Signed-off-by: Jonas Jelonek &lt;jelonek.jonas@gmail.com&gt;
</content>
</entry>
<entry>
<title>mtd: check return values of lseek() and write() in mtd_write_buffer()</title>
<updated>2026-06-08T14:17:02Z</updated>
<author>
<name>Anna Kiri</name>
</author>
<published>2026-06-08T09:05:55Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=2f809f9cff578141def1fd00baf22384afd75c21'/>
<id>urn:sha1:2f809f9cff578141def1fd00baf22384afd75c21</id>
<content type='text'>
Two ignored return values in mtd_write_buffer() caused silent failures:

- lseek() return value was ignored. A failed seek (e.g. EBADF, ESPIPE)
  followed by write() would silently write at the wrong offset.
- write() return value was ignored, silently discarding write errors.
  This could lead to data corruption on the MTD device without any
  indication.

Check both return values, report errors to stderr and return -1 on
failure.

Signed-off-by: Anna Kiri &lt;bredcorn@gmail.com&gt;
Link: https://github.com/openwrt/openwrt/pull/23552
Signed-off-by: Jonas Jelonek &lt;jelonek.jonas@gmail.com&gt;
</content>
</entry>
<entry>
<title>ca-certificates: update to 20260601</title>
<updated>2026-06-07T08:47:20Z</updated>
<author>
<name>Fengyu Wu</name>
</author>
<published>2026-06-06T01:51:54Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=8aaa8d401308d32806c080aab458c3f08208cbf0'/>
<id>urn:sha1:8aaa8d401308d32806c080aab458c3f08208cbf0</id>
<content type='text'>
changelog: https://salsa.debian.org/debian/ca-certificates/-/blob/master/debian/changelog

  * Remove ca-certificates-local example (closes: #988912, #1127101).
  * Update Mozilla certificate authority bundle to version 2.86
    The following certificate authority was added (+):
    + e-Szigno TLS Root CA 2023
    The following certificate authorities were removed (-):
    - QuoVadis Root CA 2
    - QuoVadis Root CA 3
    - DigiCert Assured ID Root CA
    - DigiCert Global Root CA
    - DigiCert High Assurance EV Root CA
    - SwissSign Gold CA - G2
    - SecureTrust CA
    - Secure Global CA
    - COMODO Certification Authority
    - Certigna
    - certSIGN ROOT CA
    - AffirmTrust Commercial
    - AffirmTrust Networking
    - AffirmTrust Premium
    - AffirmTrust Premium ECC
    - TeliaSonera Root CA v1
    - Entrust Root Certification Authority - G2
    - Entrust Root Certification Authority - EC1
    - Trustwave Global Certification Authority
    - Trustwave Global ECC P256 Certification Authority
    - Trustwave Global ECC P384 Certification Authority
    - GLOBALTRUST 2020
    - GTS Root R2
    - FIRMAPROFESIONAL CA ROOT-A WEB
    The following certificate authority was renamed (~):
    ~ "OISTE Server Root RSA G1" (removed leading space)

Signed-off-by: Fengyu Wu &lt;saldry@proton.me&gt;
Link: https://github.com/openwrt/openwrt/pull/23675
Signed-off-by: Jonas Jelonek &lt;jelonek.jonas@gmail.com&gt;
</content>
</entry>
<entry>
<title>rpcd: update to Git HEAD (2026-06-04)</title>
<updated>2026-06-05T14:35:07Z</updated>
<author>
<name>Hauke Mehrtens</name>
</author>
<published>2026-06-03T23:41:05Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=b49a369fa90c9ac9ea0eb4fb06e17acd8eacbf27'/>
<id>urn:sha1:b49a369fa90c9ac9ea0eb4fb06e17acd8eacbf27</id>
<content type='text'>
69b62b1990bc rpc-sys: packagelist: increase input buffer size
e655a0d69492 exec: defer async reply teardown to avoid use-after-free
5b078674a592 optimize by reusing timeout member
d005c885dbe4 session: clamp uloop timeout to avoid int overflow
a545f008da91 ucode: add request.defer() for async method handling
ab6549a99c7c file: avoid sending uninitialized stack memory for broken symlinks
7af2dd81cd53 main: prevent integer overflow when parsing -t timeout argument
680705e4b76d plugin: use snprintf in ubus lookup callback to prevent buffer overflow
fb0302dc0e51 session: detect short read of /dev/urandom in rpc_random()
dc091afa5860 rpc-sys: packagelist: check calloc() result for world array
4fbd48515d6a rpc-sys: packagelist: avoid size_t underflow when stripping ABI version
46fce7d5efc9 ucode: fix off-by-one truncation of generated ubus object type name
26dba5206e17 exec: prevent double close() of exec pipe descriptors
af5d6f431186 uci: prevent integer overflow of client supplied apply timeout
d06d2a81dc29 rc: fix memory leak of list request context
0de666811559 rc: copy list "name" filter to avoid use-after-free
75470f4b5124 rc: use a per-request blob_buf for the list reply
3037a0e36856 treat exec failures in forked children with _exit() instead of return
f5ffec54d7c7 rc: reap killed child on list "running" check timeout
fd4fcdeb186b rpc-sys: packagelist: close status file on world parsing error paths
e22aea1a51df rpc-sys: packagelist: read world file instead of mmap to avoid SIGBUS
79c8087c8e8e file: avoid zero-length b64_decode() on empty write data
cd1d9588da63 ucode: bound recursion when converting blob arguments to ucode values
2decaec3ef1b iwinfo: fix error handling and backend leak in survey
28faf6403792 cast char arguments to unsigned char for ctype.h functions

Link: https://github.com/openwrt/openwrt/pull/23650
Signed-off-by: Hauke Mehrtens &lt;hauke@hauke-m.de&gt;
</content>
</entry>
<entry>
<title>procd: update to Git HEAD (2026-05-22)</title>
<updated>2026-06-03T11:18:29Z</updated>
<author>
<name>Felix Fietkau</name>
</author>
<published>2026-05-22T17:25:35Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=4b7d5538bc0b4a51a1c236fc89fc1e7a680d2853'/>
<id>urn:sha1:4b7d5538bc0b4a51a1c236fc89fc1e7a680d2853</id>
<content type='text'>
ac5cc72f6cfa jail: mount ucode related bits into netifd jail
81119d3f249d instance: disable console logging
8013c0cd2755 jail: mount tools used by dhcp.sh in the netifd jail
876981d0516d jail: fix reading the oci device gid value
c92dbcd460d7 jail: make /dev/tty accessible by others
74bfbee8adb8 service: fix calloc_a argument

Signed-off-by: Felix Fietkau &lt;nbd@nbd.name&gt;
</content>
</entry>
<entry>
<title>mtd: imagetag: remove unused imagestart variable</title>
<updated>2026-06-02T19:32:27Z</updated>
<author>
<name>Anna Kiri</name>
</author>
<published>2026-05-26T17:10:36Z</published>
<link rel='alternate' type='text/html' href='https://git.openwrt.org/openwrt/staging/xback/commit/?id=2b4e46345f5e1fbf90167d9bb13c4d97c7c2fbdf'/>
<id>urn:sha1:2b4e46345f5e1fbf90167d9bb13c4d97c7c2fbdf</id>
<content type='text'>
The imagestart variable was assigned sizeof(tag) (which incorrectly
computed the pointer size rather than the struct size), but was never
actually read after the assignment in either trx_fixup() or
mtd_fixtrx(). The CRC calculations that follow use
offsetof(struct bcm_tag, header_crc) directly.

Remove the dead variable and its assignments entirely rather than fixing
the sizeof expression. No functional change.

Signed-off-by: Anna Kiri &lt;bredcorn@gmail.com&gt;
Link: https://github.com/openwrt/openwrt/pull/23546
Signed-off-by: Jonas Jelonek &lt;jelonek.jonas@gmail.com&gt;
</content>
</entry>
</feed>
