Fix CCR ROAIPAddressFamily sort order
RFC 9582 section 4.3.3 defines the canonical form of ipAddrBlocks.
Thanks to Bart Bakker from RIPE NCC for reporting.
OK tb@
Update to vaultwarden-1.35.6
The previous release contained an issue where Two Factor Remember Tokens
and Recovery Tokens were not accepted at all. This has been fixed now in
this release.
Changes: https://github.com/dani-garcia/vaultwarden/releases/tag/1.35.6
rpki-client: fix incorrect error exit in x509_get_time()
A UTCTime represents a time between Jan 1, 1950 and Dec 31, 2049. This
includes Dec 31, 1969, 23:59:59 UTC, which translates to epoch -1 when
converted as a time_t. timegm()'s in-band error conflates this time with
its error return, so a hard error for this creates a DoS.
Instead, return an error for ASN.1 times that translate to negative time_t
and bubble up the error to reject the RPKI product as malformed. Real life
notBefore (or equivalent) are in the ongoing millenium, although strictly
speaking this is not guaranteed since Validity windows need not nest.
Thanks to Yuheng Zhang, Qi Wang, Jianjun Chen from Tsinghua University,
and Teatime Lab for reporting.
ok claudio job
rpki-client: ignore malformed revocationDate in CRLs
Do not treat x509_get_time() failure as a hard error in file mode.
Just skip the entry we can't format and emit a warning.
ok claudio
check the prefix (cidr) len for an allowedip is valid.
ie, don't allow prefixes greater than 32 or 128 bits for ipv4 and
ipv6 respectively.
found by Daniel Wade (danjwade95 at gmail dot com), who also suggested
the fix.
ok deraadt@ jmatthew@
These programs spin if they receive a RA from the local network with
ND option with length 0. from Daniel Wade
ok florian
this will be errata 7.7/036_v6daemons.patch and 7.8/030_v6daemons.patch
drm/amd/display: Fix DCE LVDS handling
From Alex Deucher
24ce568f7553a55404cddf8f0fca2a7c0ea9451c in linux-6.18.y/6.18.22
90d239cc53723c1a3f89ce08eac17bf3a9e9f2d4 in mainline linux
drm/amd/pm: disable OD_FAN_CURVE if temp or pwm range invalid for smu v13
From Yang Wang
ba9be472a438ea348f0fffaaebf541960ee643db in linux-6.18.y/6.18.22
3e6dd28a11083e83e11a284d99fcc9eb748c321c in mainline linux
drm/amdgpu/pm: drop SMU driver if version not matched messages
From Alex Deucher
2b8ae82d85d75347984297ed60d5005622992f6b in linux-6.18.y/6.18.22
a3ffaa5b397f4df9d6ac16b10583e9df8e6fa471 in mainline linux
drm/amdgpu: Change AMDGPU_VA_RESERVED_TRAP_SIZE to 64KB
From Donet Tom
77c918eaa4c916751769242567407f61c6af142a in linux-6.18.y/6.18.22
4487571ef17a30d274600b3bd6965f497a881299 in mainline linux
drm/amdgpu: validate doorbell_offset in user queue creation
From Junrui Luo
3543005a42d7e8e12b21897ef6798541bf7cbcd3 in linux-6.18.y/6.18.22
a018d1819f158991b7308e4f74609c6c029b670c in mainline linux
