-
Notifications
You must be signed in to change notification settings - Fork 377
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
opennds: Release v10.1.2 #1005
opennds: Release v10.1.2 #1005
Conversation
Maintainer: Rob White rob@blue-wave.net Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64 Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03 Description: opennds (10.1.2) Security Advisory. This version contains fixes for multiple potential security vulnerabilities Credit - Stanislav Dashevskyi - standash.github.io [standash] It also contains some minor bug fixes * Fix - Generate unique sha256 faskey if not set in config - CVE-2023-38324 [bluewavenet] * Fix - NULL pointer dereference if user_agent is NULL - CVE-2023-38320, CVE-2023-38322 [bluewavenet] * Fix - NULL pointer dereference if authdir is called with an incomplete or missing query string - CVE-2023-38313, CVE-2023-38314, CVE-2023-38315 [bluewavenet] * Fix - remove deprecated and non-functioning unescape callback - CVE-2023-38316 [bluewavenet] * Fix - prevent potential recursive dependency and detect if conflicting package is installed [bluewavenet] Signed-off-by: Rob White <rob@blue-wave.net>
@mwarning @PolynomialDivision @BKPepe |
Can you add a notice that you removed the conflict for nodogslpash in the commit message and why you removed it? |
Implicitly, that is what this means:
I have updated it ;-) |
@PolynomialDivision @mwarning @BKPepe It is a different matter if the operating system is not OpenWrt, so some detection code has been added to opennds to mitigate that case. |
Still, I do think that there should be that conflict in the Makefile as we can not relay that it won't be changed in the future in your source code. I haven't followed your recent discussion about nodogosplash closely. |
Arrrgh |
Reinstate CONFLICTS:=nodogsplash Signed-off-by: Rob White <rob@blue-wave.net>
@BKPepe |
No need to create PRs to stable branches. I will do cherry picks, there.
Dne po 31. 7. 2023 13:54 uživatel Rob White ***@***.***>
napsal:
… @BKPepe <https://github.com/BKPepe>
Thank you!
—
Reply to this email directly, view it on GitHub
<#1005 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AA7IDVEFJ6XPJQM6Q4NEWXLXS6MFVANCNFSM6AAAAAA24VA2UE>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
@BKPepe
If you are sure you have time, that's excellent, thank you. |
@BKPepe |
Maintainer: Rob White rob@blue-wave.net
Compile tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64
Run tested: arm_cortex-a7_neon-vfpv4, mipsel_24kc, x86-64; on snapshot, 23.05, 22.03
Description:
opennds (10.1.2)
Security Advisory - This version contains fixes for multiple potential security vulnerabilities
Credit - Stanislav Dashevskyi - standash.github.io [standash]
It also contains some minor bug fixes
CONFLICTS: nodogsplash
line in the makefile, code was added to check for the presence of nodogsplash on opennds startup) [bluewavenet]Signed-off-by: Rob White rob@blue-wave.net