Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
releases:17.01:changelog-17.01.3 [2017/10/02 15:58] – expand subhistories jowreleases:17.01:changelog-17.01.3 [2017/10/02 16:33] – sort CVEs numerically jow
Line 206: Line 206:
  
 ===== Addressed bugs ===== ===== Addressed bugs =====
-=== #7 === 
-**Description:** <nowiki>hostapd fails to start if automatic channel selection is set</nowiki>\\ 
-**Link:** [[https://bugs.lede-project.org/index.php?do=details&task_id=7]]\\ 
-**Commits:**\\ 
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=e08b8255ec41946ed80f77dd551e93af9de01cb9|e08b825]]'' **<nowiki>ramips:</nowiki>** <nowiki>fix wps button gpio for DWR-512</nowiki> //<color #ccc>(</color><color #282>+1</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\ 
-\\ 
 === #577 === === #577 ===
 **Description:** <nowiki>Poweroff command hand Geode system instead of switch off.</nowiki>\\ **Description:** <nowiki>Poweroff command hand Geode system instead of switch off.</nowiki>\\
Line 281: Line 275:
  
 ===== Security fixes ==== ===== Security fixes ====
-=== CVE-2017-1000100 === +=== CVE-2017-7407 === 
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100]]\\+**Description:** <nowiki>The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.</nowiki> 
 + 
 +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407]]\\
 **Commits:**\\ **Commits:**\\
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=f483a35f08741ff0ca373236e6ad1d93edb1ba75|f483a35]]'' **<nowiki>curl:</nowiki>** <nowiki>fix security problems</nowiki> //<color #ccc>(</color><color #282>+75</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\+''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=7ab8bf126ef64f0f8e3bca8385742a0d45185e8f|7ab8bf1]]'' **<nowiki>curl:</nowiki>** <nowiki>fix CVE-2017-7407 and CVE-2017-7468</nowiki> //<color #ccc>(</color><color #282>+430</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\
 \\ \\
-=== CVE-2017-1000101 === +=== CVE-2017-7468 === 
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101]]\\+**Description:** <nowiki>** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.</nowiki> 
 + 
 +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468]]\\
 **Commits:**\\ **Commits:**\\
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=f483a35f08741ff0ca373236e6ad1d93edb1ba75|f483a35]]'' **<nowiki>curl:</nowiki>** <nowiki>fix security problems</nowiki> //<color #ccc>(</color><color #282>+75</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\+''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=7ab8bf126ef64f0f8e3bca8385742a0d45185e8f|7ab8bf1]]'' **<nowiki>curl:</nowiki>** <nowiki>fix CVE-2017-7407 and CVE-2017-7468</nowiki> //<color #ccc>(</color><color #282>+430</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\
 \\ \\
-=== CVE-2017-1000111 === +=== CVE-2017-7508 === 
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000111]]\\+**Description:** <nowiki>OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.</nowiki> 
 + 
 +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7508]]\\
 **Commits:**\\ **Commits:**\\
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=4a1b87aba448fae648bf17830379fde11060927b|4a1b87a]]'' **<nowiki>kernel:</nowiki>** <nowiki>update 4.4 to 4.4.83</nowiki> //<color #ccc>(</color><color #282>+44</color><color #ccc>,</color><color #f00>-62</color><color #ccc>)</color>//\\+''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\
 \\ \\
-=== CVE-2017-1000112 === +=== CVE-2017-7512 === 
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000112]]\\+**Description:** <nowiki>Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in which CVE-2017-7512 maps to an OpenVPN vulnerability. The proper CVE ID for that OpenVPN vulnerability is CVE-2017-7521. Specifically, CVE-2017-7521 is the correct CVE ID for TWO closely related findings in OpenVPN. Any source that lists BOTH CVE-2017-7512 and CVE-2017-7521 for OpenVPN should have listed ONLY CVE-2017-7521.</nowiki> 
 + 
 +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7512]]\\ 
 +**Commits:**\\ 
 +''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\ 
 +\\ 
 +=== CVE-2017-7520 === 
 +**Description:** <nowiki>OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.</nowiki> 
 + 
 +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7520]]\\ 
 +**Commits:**\\ 
 +''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\ 
 +\\ 
 +=== CVE-2017-7521 === 
 +**Description:** <nowiki>OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().</nowiki> 
 + 
 +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7521]]\\ 
 +**Commits:**\\ 
 +''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\ 
 +\\ 
 +=== CVE-2017-7522 === 
 +**Description:** <nowiki>OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.</nowiki> 
 + 
 +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7522]]\\ 
 +**Commits:**\\ 
 +''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\ 
 +\\ 
 +=== CVE-2017-7533 === 
 +**Description:** <nowiki>Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.</nowiki> 
 + 
 +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7533]]\\
 **Commits:**\\ **Commits:**\\
 ''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=4a1b87aba448fae648bf17830379fde11060927b|4a1b87a]]'' **<nowiki>kernel:</nowiki>** <nowiki>update 4.4 to 4.4.83</nowiki> //<color #ccc>(</color><color #282>+44</color><color #ccc>,</color><color #f00>-62</color><color #ccc>)</color>//\\ ''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=4a1b87aba448fae648bf17830379fde11060927b|4a1b87a]]'' **<nowiki>kernel:</nowiki>** <nowiki>update 4.4 to 4.4.83</nowiki> //<color #ccc>(</color><color #282>+44</color><color #ccc>,</color><color #f00>-62</color><color #ccc>)</color>//\\
Line 953: Line 983:
 ''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=e232c6754d6e0cbde3892aa1fa243f4707d7ad5e|e232c67]]'' **<nowiki>mbedtls:</nowiki>** <nowiki>update to 2.6.0 CVE-2017-14032</nowiki> //<color #ccc>(</color><color #282>+30</color><color #ccc>,</color><color #f00>-30</color><color #ccc>)</color>//\\ ''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=e232c6754d6e0cbde3892aa1fa243f4707d7ad5e|e232c67]]'' **<nowiki>mbedtls:</nowiki>** <nowiki>update to 2.6.0 CVE-2017-14032</nowiki> //<color #ccc>(</color><color #282>+30</color><color #ccc>,</color><color #f00>-30</color><color #ccc>)</color>//\\
 \\ \\
-=== CVE-2017-7407 === +=== CVE-2017-1000100 === 
-**Description:** <nowiki>The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a heap-based buffer over-read.</nowiki> +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100]]\\
- +
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7407]]\\+
 **Commits:**\\ **Commits:**\\
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=7ab8bf126ef64f0f8e3bca8385742a0d45185e8f|7ab8bf1]]'' **<nowiki>curl:</nowiki>** <nowiki>fix CVE-2017-7407 and CVE-2017-7468</nowiki> //<color #ccc>(</color><color #282>+430</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\+''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=f483a35f08741ff0ca373236e6ad1d93edb1ba75|f483a35]]'' **<nowiki>curl:</nowiki>** <nowiki>fix security problems</nowiki> //<color #ccc>(</color><color #282>+75</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\
 \\ \\
-=== CVE-2017-7468 === +=== CVE-2017-1000101 === 
-**Description:** <nowiki>** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.</nowiki> +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101]]\\
- +
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468]]\\+
 **Commits:**\\ **Commits:**\\
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=7ab8bf126ef64f0f8e3bca8385742a0d45185e8f|7ab8bf1]]'' **<nowiki>curl:</nowiki>** <nowiki>fix CVE-2017-7407 and CVE-2017-7468</nowiki> //<color #ccc>(</color><color #282>+430</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\+''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=f483a35f08741ff0ca373236e6ad1d93edb1ba75|f483a35]]'' **<nowiki>curl:</nowiki>** <nowiki>fix security problems</nowiki> //<color #ccc>(</color><color #282>+75</color><color #ccc>,</color><color #f00>-1</color><color #ccc>)</color>//\\
 \\ \\
-=== CVE-2017-7508 === +=== CVE-2017-1000111 === 
-**Description:** <nowiki>OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.</nowiki> +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000111]]\\
- +
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7508]]\\+
 **Commits:**\\ **Commits:**\\
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\+''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=4a1b87aba448fae648bf17830379fde11060927b|4a1b87a]]'' **<nowiki>kernel:</nowiki>** <nowiki>update 4.4 to 4.4.83</nowiki> //<color #ccc>(</color><color #282>+44</color><color #ccc>,</color><color #f00>-62</color><color #ccc>)</color>//\\
 \\ \\
-=== CVE-2017-7512 === +=== CVE-2017-1000112 === 
-**Description:** <nowiki>Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in which CVE-2017-7512 maps to an OpenVPN vulnerability. The proper CVE ID for that OpenVPN vulnerability is CVE-2017-7521. Specifically, CVE-2017-7521 is the correct CVE ID for TWO closely related findings in OpenVPN. Any source that lists BOTH CVE-2017-7512 and CVE-2017-7521 for OpenVPN should have listed ONLY CVE-2017-7521.</nowiki> +**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000112]]\\
- +
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7512]]\\ +
-**Commits:**\\ +
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\ +
-\\ +
-=== CVE-2017-7520 === +
-**Description:** <nowiki>OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.</nowiki> +
- +
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7520]]\\ +
-**Commits:**\\ +
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\ +
-\\ +
-=== CVE-2017-7521 === +
-**Description:** <nowiki>OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().</nowiki> +
- +
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7521]]\\ +
-**Commits:**\\ +
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\ +
-\\ +
-=== CVE-2017-7522 === +
-**Description:** <nowiki>OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.</nowiki> +
- +
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7522]]\\ +
-**Commits:**\\ +
-''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=57289ae6403d9d03a419337f266194d3ae6909d0|57289ae]]'' **<nowiki>openvpn:</nowiki>** <nowiki>update to 2.4.3</nowiki> //<color #ccc>(</color><color #282>+14</color><color #ccc>,</color><color #f00>-13</color><color #ccc>)</color>//\\ +
-\\ +
-=== CVE-2017-7533 === +
-**Description:** <nowiki>Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.</nowiki> +
- +
-**Link:** [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7533]]\\+
 **Commits:**\\ **Commits:**\\
 ''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=4a1b87aba448fae648bf17830379fde11060927b|4a1b87a]]'' **<nowiki>kernel:</nowiki>** <nowiki>update 4.4 to 4.4.83</nowiki> //<color #ccc>(</color><color #282>+44</color><color #ccc>,</color><color #f00>-62</color><color #ccc>)</color>//\\ ''[[https://git.lede-project.org/?p=source.git;a=commitdiff;h=4a1b87aba448fae648bf17830379fde11060927b|4a1b87a]]'' **<nowiki>kernel:</nowiki>** <nowiki>update 4.4 to 4.4.83</nowiki> //<color #ccc>(</color><color #282>+44</color><color #ccc>,</color><color #f00>-62</color><color #ccc>)</color>//\\
 \\ \\
  • Last modified: 2017/10/03 12:36
  • by stintel