Commit graph

11403 commits

Author SHA1 Message Date
124
82dfd10035
syslinux: fix #86846: build on i686
vcunat tried tests.boot.biosCdrom.i686-linux - after small local
modification to make that attribute even exist.  Installed file list
also looks fine in comparison with state before the breaking change;
hopefully it will work just fine.
2020-05-05 10:25:44 +02:00
Jörg Thalheim
c5bcac2999
Merge pull request #86779 from r-ryantm/auto-update/bcc
linuxPackages_hardened.bcc: 0.13.0 -> 0.14.0
2020-05-04 17:01:22 +01:00
R. RyanTM
bd1846f7f4 linuxPackages_hardened.bcc: 0.13.0 -> 0.14.0 2020-05-04 13:33:51 +00:00
Tim Steinbach
b6456e528e
linux: 5.7-rc3 -> 5.7-rc4 2020-05-04 08:41:50 -04:00
Maximilian Bosch
8536aeb415
Merge pull request #86605 from BKPepe/wireguard
wireguard-compat: 1.0.20200426 -> 1.0.20200429
2020-05-03 19:38:23 +02:00
Tim Steinbach
d51998798f
linux/hardened-patches/4.14: 4.14.177.a -> 4.14.178.a 2020-05-03 13:17:07 -04:00
Tim Steinbach
4df77514e7
linux/hardened-patches/4.19: 4.19.119.a -> 4.19.120.a 2020-05-03 13:17:03 -04:00
Tim Steinbach
c5d56b1790
linux/hardened-patches/5.4: 5.4.36.a -> 5.4.38.a 2020-05-03 13:16:59 -04:00
Tim Steinbach
e7b54c19de
linux/hardened-patches/5.6: 5.6.8.a -> 5.6.10.a 2020-05-03 13:16:49 -04:00
Josef Schlehofer
e008d5fc98
wireguard-compat: 1.0.20200426 -> 1.0.20200429 2020-05-03 18:39:08 +02:00
Linus Heckemann
88e07d3a96
Merge pull request #86598 from Valodim/aarch64-hidraw
linux: CONFIG_HIDRAW=y
2020-05-03 11:04:56 +02:00
Peter Hoeg
4310c1a4a0
Merge pull request #85094 from helsinki-systems/syslinux_efi
syslinux: add uefi support
2020-05-03 12:33:54 +08:00
ajs124
a09878c205 syslinux: fix UEFI support 2020-05-03 02:18:46 +02:00
Vincent Breitmoser
bdd2d3ccb2 linux: CONFIG_HIDRAW=y 2020-05-02 17:43:43 +02:00
Tim Steinbach
c46b55e640
linux: 5.6.8 -> 5.6.10 2020-05-02 14:46:24 -04:00
Tim Steinbach
ba19c248b7
linux: 5.4.36 -> 5.4.38 2020-05-02 14:46:24 -04:00
Tim Steinbach
13e51bb636
linux: 4.9.220 -> 4.9.221 2020-05-02 14:46:23 -04:00
Tim Steinbach
7e200a0177
linux: 4.4.220 -> 4.4.221 2020-05-02 14:46:23 -04:00
Tim Steinbach
92c2abe85f
linux: 4.19.119 -> 4.19.120 2020-05-02 14:46:23 -04:00
Tim Steinbach
163e5a8d0c
linux: 4.14.177 -> 4.14.178 2020-05-02 14:46:22 -04:00
R. RyanTM
9f2ecb211d setools: 4.2.2 -> 4.3.0 2020-05-02 10:13:48 +02:00
Tim Steinbach
61b97c17d6
linux: 5.7-rc2 -> 5.7-rc3 2020-05-01 11:43:43 -04:00
Daniel Fullmer
45c0523b77 rtl8812au: 5.2.20.2_28373.20190903 -> 5.6.4.2_35491.20200318 2020-05-01 09:25:36 +02:00
Tim Steinbach
5fa90ed9e2
linux/hardened-patches/4.19: 4.19.118.a -> 4.19.119.a 2020-04-30 10:05:58 -04:00
Tim Steinbach
22c0c49d61
linux/hardened-patches/5.4: 5.4.35.a -> 5.4.36.a 2020-04-30 10:05:56 -04:00
Tim Steinbach
53ea32be28
linux/hardened-patches/5.6: 5.6.7.a -> 5.6.8.a 2020-04-30 10:05:50 -04:00
Tim Steinbach
bbf8ce13eb
linux: 5.6.7 -> 5.6.8 2020-04-29 15:38:11 -04:00
Tim Steinbach
100e81982d
linux: 5.4.35 -> 5.4.36 2020-04-29 15:38:11 -04:00
Tim Steinbach
ca44d3eb1e
linux: 4.19.118 -> 4.19.119 2020-04-29 15:38:11 -04:00
Matthieu Coudron
8ce65087c3 broadcom_sta: fix build on 5.6 2020-04-29 11:57:03 +02:00
Jan Tojnar
2b5e2ffe0a
Merge pull request #86165 from jtojnar/libusb-compat-rename 2020-04-29 08:26:08 +02:00
jakobrs
d21cc14114 v4l2loopback: 0.12.4 -> 0.12.5 2020-04-29 07:19:01 +02:00
worldofpeace
d85aabfb5f
Merge pull request #84449 from doronbehar/improve-guvcview
guvcview: fix gsettings filechooser errors
2020-04-28 13:32:13 -04:00
Bruno Bzeznik
75a3a9af8d libfabric: init at 1.10.0 2020-04-28 17:09:15 +02:00
Bruno Bzeznik
5a16436ffb
libpsm2: init at 11.2.156 (#85920)
* libpsm2: init at 11.2.156
2020-04-28 11:38:21 +02:00
Jan Tojnar
e89e2edc73
libusb-compat-0_1: rename from libusb 2020-04-28 05:33:41 +02:00
David Terry
e9c44e8956
wireguard-compat: 1.0.20200413 -> 1.0.20200426
https://lists.zx2c4.com/pipermail/wireguard/2020-April/005237.html
2020-04-27 08:15:39 +02:00
Tim Steinbach
a9fa6028ad
linux/hardened-patches/4.19: 4.19.117.a -> 4.19.118.a 2020-04-26 12:23:07 -04:00
Tim Steinbach
4af476e2b3
linux/hardened-patches/5.4: 5.4.34.a -> 5.4.35.a 2020-04-26 12:23:05 -04:00
Tim Steinbach
334627d92f
linux/hardened-patches/5.6: 5.6.6.a -> 5.6.7.a 2020-04-26 12:23:03 -04:00
Tim Steinbach
be48bf2ba8
linux/hardened-patches/4.14: 4.14.176.a -> 4.14.177.a 2020-04-26 12:23:01 -04:00
Tim Steinbach
4883dde6b7
linux: 4.9.219 -> 4.9.220 2020-04-26 12:22:41 -04:00
Tim Steinbach
6efb2ba2bf
linux: 4.4.219 -> 4.4.220 2020-04-26 12:22:05 -04:00
Tim Steinbach
6617a79ba3
linux: 4.14.176 -> 4.14.177 2020-04-26 12:21:32 -04:00
Jörg Thalheim
ef959a1d9b
Merge pull request #85984 from Mic92/wireguard 2020-04-26 11:28:55 +01:00
Doron Behar
59588b68cd guvcview: use libsForQt5.callPackage 2020-04-25 21:14:40 +03:00
Martin Weinelt
3e9f3a3ebd
hostapd: apply patch for CVE-2019-16275
AP mode PMF disconnection protection bypass

Published: September 11, 2019
Identifiers:
- CVE-2019-16275
Latest version available from: https://w1.fi/security/2019-7/

Vulnerability

hostapd (and wpa_supplicant when controlling AP mode) did not perform
sufficient source address validation for some received Management frames
and this could result in ending up sending a frame that caused
associated stations to incorrectly believe they were disconnected from
the network even if management frame protection (also known as PMF) was
negotiated for the association. This could be considered to be a denial
of service vulnerability since PMF is supposed to protect from this type
of issues. It should be noted that if PMF is not enabled, there would be
no protocol level protection against this type of denial service
attacks.

An attacker in radio range of the access point could inject a specially
constructed unauthenticated IEEE 802.11 frame to the access point to
cause associated stations to be disconnected and require a reconnection
to the network.

Vulnerable versions/configurations

All hostapd and wpa_supplicants versions with PMF support
(CONFIG_IEEE80211W=y) and a runtime configuration enabled AP mode with
PMF being enabled (optional or required). In addition, this would be
applicable only when using user space based MLME/SME in AP mode, i.e.,
when hostapd (or wpa_supplicant when controlling AP mode) would process
authentication and association management frames. This condition would
be applicable mainly with drivers that use mac80211.

Possible mitigation steps

- Merge the following commit to wpa_supplicant/hostapd and rebuild:

  AP: Silently ignore management frame from unexpected source address

  This patch is available from https://w1.fi/security/2019-7/

- Update to wpa_supplicant/hostapd v2.10 or newer, once available
2020-04-25 14:35:20 +02:00
Jörg Thalheim
21ec1f5ead
wireguard: 1.0.20200401 -> 1.0.20200413 2020-04-25 11:16:10 +01:00
Maximilian Bosch
61c95a2eec
iwd: 1.6 -> 1.7 2020-04-25 12:13:01 +02:00
Maximilian Bosch
74fcd4f2d6
ell: 0.30 -> 0.31 2020-04-25 12:12:54 +02:00