Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Community maintained packages for difos.
5235 commits 8 branches 0 tags 65 MiB
Makefile 54.9%
Shell 29.9%
C 9%
C++ 2%
Lua 1.3%
Other 2.6%
Find a file
Peter Wagner 82055305b3 ntpd: update to 4.2.8p7 
Fixes the following CVEs:

    Bug 3020 / CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering
        Reported by Matt Street and others of Cisco ASIG
    Bug 3012 / CVE-2016-1549: Sybil vulnerability: ephemeral association attack, AKA: ntp-sybil - MITIGATION ONLY
        Reported by Matthew Van Gundy of Cisco ASIG
    Bug 3011 / CVE-2016-2516: Duplicate IPs on unconfig directives will cause an assertion botch
        Reported by Yihan Lian of the Cloud Security Team, Qihoo 360
    Bug 3010 / CVE-2016-2517: Remote configuration trustedkey/requestkey values are not properly validated
        Reported by Yihan Lian of the Cloud Security Team, Qihoo 360
    Bug 3009 / CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with MATCH_ASSOC
        Reported by Yihan Lian of the Cloud Security Team, Qihoo 360
    Bug 3008 / CVE-2016-2519: ctl_getitem() return value not always checked
        Reported by Yihan Lian of the Cloud Security Team, Qihoo 360
    Bug 3007 / CVE-2016-1547: Validate crypto-NAKs, AKA: nak-dos
        Reported by Stephen Gray and Matthew Van Gundy of Cisco ASIG
    Bug 2978 / CVE-2016-1548: Interleave-pivot - MITIGATION ONLY
        Reported by Miroslav Lichvar of RedHat and separately by Jonathan Gardner of Cisco ASIG
    Bug 2952 / CVE-2015-7704: KoD fix: peer associations were broken by the fix for NtpBug2901, AKA: Symmetric active/passive mode is broken
        Reported by Michael Tatarinov, NTP Project Developer Volunteer
    Bug 2945 / Bug 2901 / CVE-2015-8138: Zero Origin Timestamp Bypass, AKA: Additional KoD Checks
        Reported by Jonathan Gardner of Cisco ASIG
    Bug 2879 / CVE-2016-1550: Improve NTP security against buffer comparison timing attacks, authdecrypt-timing, AKA: authdecrypt-timing
        Reported independently by Loganaden Velvindron, and Matthew Van Gundy and Stephen Gray of Cisco ASIG.

Signed-off-by: Peter Wagner <tripolar@gmx.at>
2016-05-04 18:49:28 +02:00
admin debootstrap: update to version 1.0.80 2016-04-19 14:04:51 +02:00
devel pkg-config: update to 0.29.1 2016-03-07 07:45:55 +01:00
ipv6 all: get rid of kmod-ipv6 dependencies 2015-10-06 09:04:29 +02:00
kernel/exfat-nofuse exfat-nofuse: update version 2016-02-01 12:17:47 +01:00
lang ruby: updated to 2.3.1 2016-05-01 19:56:52 -03:00
libs Merge pull request #2638 from ianchi/libx264 2016-04-29 17:07:06 -04:00
mail postfix: version update to 3.1.0 2016-02-27 15:48:29 +03:00
multimedia Remove whitespace from conffiles definition in Makefile 2016-05-03 10:52:08 +03:00
net ntpd: update to 4.2.8p7 2016-05-04 18:49:28 +02:00
sound shairport-sync: update to 2.8.2 2016-04-17 11:07:57 +02:00
utils utils: Fix some typos (mostly found by codespell) 2016-04-30 09:27:12 +02:00
CONTRIBUTING.md CONTRIBUTING.md: Add advice about pull requests 2015-11-20 16:32:52 +02:00
LICENSE Add GPLv2 pro-forma license 2014-06-16 08:14:04 +02:00
README.md Fixed broken link in README.md 2015-07-10 13:51:22 -05:00

README.md

OpenWrt packages feed

Description

This is the OpenWrt "packages"-feed containing community-maintained build scripts, options and patches for applications, modules and libraries used within OpenWrt.

Installation of pre-built packages is handled directly by the opkg utility within your running OpenWrt system or by using the OpenWrt SDK on a build system.

Usage

This repository is intended to be layered on-top of an OpenWrt buildroot. If you do not have an OpenWrt buildroot installed, see the documentation at: OpenWrt Buildroot Installation on the OpenWrt support site.

This feed is enabled by default. To install all its package definitions, run:

./scripts/feeds update packages
./scripts/feeds install -a -p packages

License

See LICENSE file.

Package Guidelines

See CONTRIBUTING.md file.