Tomato ARM 139 - @kille72

1. Forked off from Tomato-ARM by Shibby, builds compiled by @kille72
2. PL: https://openlinksys.info/forum/viewthread.php?thread_id=20829
3. EN: https://www.linksysinfo.org/index.php?threads/fork-tomato-by-shibby-compiled-by-kille72.73397
4. Source code: https://bitbucket.org/kille72/tomato-arm-kille72
5. Downloads: https://mega.nz/#F!bAcVXCSY!DgPc0zfhunujKblc1qsQ0w
6.  
7. *Disclaimer: I am not responsible for any bricked routers nor do I encourage other people to flash alternative firmwares on their routers. Use at your own risk!
8.  
9. 139
10. - AdBlock: Autoupdate will be randomly launch between 2:00-2.59 AM every day (to reduce server load at the same time)
11. - kernel-arm: Disable router anycast address for /127 and /128 prefixes - https://goo.gl/BvNfzq
12. - dnsmasq: reverting rfc2131.c to previous version - https://goo.gl/N8xNUS
13. - nano: Updated to 2.8.1
14. - libcurl: Updated to 7.54.0
15. - tinc: Add daemon poll option to check if the daemon is running, similar to OpenVPN - https://goo.gl/YHfAaz
16. - fix "Enable DSCP Fix", and make it MultiWan aware - https://goo.gl/7oQQh9
17. - Cleaned/Modified UI files according to the Web Consortium W3C standard 1/2
18. - Added extended 4G signal info to log, corrected watchdog script, fixed wan-up problems on 4G modems, improved vpnrouting script logic, other small changes
19. - Possibility to select LTE band and roaming in 4G/LTE connection
20. - tomatoanon: auto update feature changed to check for new versions by kille72
21. - tor: updated to 0.3.0.6
22. - httpd: Updated gencert.sh script - https://goo.gl/uA769V
23. - router/Makefile: Following AsusWRT on OpenSSL compilation https://goo.gl/ntqfq1
24. - OpenSSL: clean sources version 1.0.2k (No more hacks)
25. - OpenSSL: Added -startdate & -enddate arguments in req command - https://goo.gl/YZtDS1
26. - mssl: Copied AsusWRT code, has some more allowedCiphers defined https://goo.gl/LdbMpz
27. - mssl: disable all 3DES ciphers - https://goo.gl/S45mWR
28. - Updated basic-network.asp so with LTE modem using qmi_wwan module one can only choose 'Auto' or '4G Only' network type
29. - Changed on openvpn client configuration page 'tls-remote' option to 'remote-cert-tls', because 'tls-remote' name is DEPRECATED in newest openvpn 2.4.x versions
30. - Fixed Save button on basic-static.asp page
31. - Cosmetics in tools-shell.asp script (line break in results)
32. - UI cosmetics
33.  
34. 138.14
35. - OpenVPN: updated to 2.4.1
36. - OpenVPN: upgrade bundled LZ4 library to 1.7.5
37. - /rom/etc/trust-anchors.conf: Added new digest ID
38. - stop_transmission.sh: Added additional logging and modified SIGTERM/SIGKILL logic
39. - xl2tpd: Re-apply Tomato-specific hacks (fixed problem with L2TP in v138.13)
40. - tinc: updated to 1.1pre14
41. - sqlite: Updated to 3.18.0
42. - nano: Updated to 2.8.0
43. - Patched kernel against CVE-2016-10229
44. - nginx: updated to 1.10.3
45. - AdBlock: Autoupdate will be launch on 2:00AM every day (changed value due to slow downloads at 1.00AM)
46. - about.asp: changed link to my forum thread https://openlinksys.info/forum/viewthread.php?thread_id=20829
47. - TomatoAnon: changed Tomato MOD information to "Kille72"
48. - GUI: Added information: "by Kille72 - forked off from Tomato-ARM by Shibby"
49. - Cosmetics
50.  
51. 138.13
52. - security update for samba, CVE-2012-0870
53. - security update for samba, CVE-2015-5252
54. - usb_modeswitch: updated usb-modeswitch-data package to 2017-02-05
55. - sqlite: Updated to 3.17.0
56. - zlib: Updated to 1.2.11
57. - libjson-c: Updated to 0.12.1
58. - libiconv: Updated to 1.15
59. - ipset: Updated to 6.31
60. - libcurl: Updated to 7.53.0
61. - Add -N flag to httpd (always send no-cache)
62. - nano: Updated to 2.7.5
63. - e2fsprogs: Updated to 1.43.4
64. - libcurl: Updated to 7.53.1
65. - tor: Updated to 0.2.9.10
66. - Tor: make fw GeoIP friendly This make link from /usr/share/tor to /tmp/tor
67. - fix full OpenSSL build
68. - ipset: Updated to 6.32
69. - xl2tpd: Updated to 1.3.9
70. - stealthMode and Optware no longer to be installed
71. - libsodium: Updated to 1.0.12
72. - Collection of patches from M_ars to hopefully correct IPTraffic/Bandwidth monitor
73. - Ensure both UDP and TCP DNS requests are intercepted for all LAN interfaces
74. - Don't send AT+CGDCONT if APN field is empty
75. - kernel: (backport) fix reuse-after-free in DCCP
76. - R1D: Turn off USB 3.0 option
77. - Updated mymotd script
78. - USB: Cleanup and tweaks
79. - dnsmasq: Many changes ported from upstream
80. - Cosmetics
81. Info for developers:
82. - router/Makefile: Added autoreconf to libnfsidmap
83. - router/Makefile: Added autoreconf to dnscrypt and sqlite
84. - ~/router/Makefile: add PARALLEL_BUILD directive to OpenSSL and xl2tpd
85. - router/Makefile: fix udpxy rebuild / install
86. - router/Makefike: remove --enable-all for nano
87. - libcurl: Remove /docs/* directories and related stuff out of compiling process to resolve compilation issues
88. - rc: remove deprecated Tor options This will make tor config more flexible
89. - fix build on ubuntu
90. - Workaround to fix VPN build
91.  
92. 138.12
93. - OpenSSL: Updated to 1.0.2k
94. - kernel-arm: Fix Broadcom nvram_commit() function (ported from DD-WRT) (Broadcom bug)
95. - tor: updated to 0.2.9.9
96. - dnscrypt: updated to 1.9.4
97. - about.asp: Cosmetics
98. - pcre: updated to 8.40
99. - usb_modeswitch: updated to 2.50, and data package to 2017-01-20
100. - router/Makefile: Tor - disable unit-tests
101. - AdBlock: improvements (problem with downloading blacklists after reboot)
102.  
103. 138.11
104. - sqlite: updated to 3.16.2
105. - dnscrypt: updated to 1.9.1
106. - nano: updated to 2.7.4
107. - tor: updated to 0.2.9.8
108. - Fix some display issues in wireless rates
109. - libcurl: updated CA certificate bundle as of 2017-01-18
110. - Fix for "Dead loop on virtual device" message
111. - Fix lack of BWM stats for WAN when using PPPoE
112. - Add job control and $RANDOM to Busybox shell
113. - Samba Patch - Denial of service - CPU loop and memory allocation
114.  
115. 138.10
116. - root's authorized_keys should be perm 0600 (u=rw)
117. - Add generation/use of ECDSA keys for SSH/Dropbear
118. - Fixup for 25acdf: restore per-VIF adjustment
119. - OpenVPN: default port for server 2 changed to 1195, so both servers on default settings can be started at the same time
120. - OpenVPN: updated to 2.4.0
121. - Confirm dhcpv6 IP/prefix address has actually changed before restarting dnsmasq/httpd.
122. - Remove hard coded rapid-commit option. Rapid-commit reduces the messages required for dhcpv6 leases from 4 to 2.
123. - Fix several ARM nvram utility bugs, nvram save/nvram restore/nvram usage syntax
124. - sqlite: updated to 3.15.2
125. - libcurl: updated to 7.52.1
126. - gmp: updated to 6.1.2
127. - dnscrypt: updated to 1.8.1
128. - nano: updated to 2.7.2
129. - tor: updated to 0.2.8.12
130.  
131. 138.9
132. - OpenVPN: updated to 2.3.14
133. - tor: updated to 0.2.8.11
134. - QoS: Fix inbound QoS problem (transmission control)
135. - Make browser caching much longer
136. - Heavily increase caching of static assets like CSS, SVG, GIF, PNG, JPG, etc...
137. - Simplify handling + enable caching for favicon.ico
138. - nginx: updated to 1.10.2
139.  
140. 138.8
141. - tor: updated to 0.2.8.10
142. - sqlite: updated to 3.15.1
143. - nettle: updated to 3.3
144. - libcurl: updated CA certificate bundle as of 2016-11-02
145. - Fixed invalid redirect after uploading new "Captive Portal" HTML page
146. - Add support for user-defined interfaces for Samba
147.  
148. 138.7
149. - OpenVPN: updated to 2.3.13
150. - OpenVPN: Change the "default" sever Encryption cipher from BF-CBC to more secure AES-128-CBC
151. - busybox: update to 1.25.1
152. - revert "fix" in busybox (CONFIG_ASH_EXPAND_PRMT=y)
153. - Advanced-wireless: Transmit Power changed to 0 (hardware default)
154. - OUI Lookup changed to macvendors.com
155. - nano: updated to 2.7.1
156. - ipset: updated to 6.30
157. - libcurl: updated to 7.51.0
158.  
159. 138.6
160. - nginx: remove duplicated line in nginx.c
161. - sqlite: updated to 3.15.0
162. - libnfsidmap: updated to 0.26
163. - dropbear: disable MD5 support, for security reasons
164. - kernel-arm: Patched against CVE-2016-5195 (Dirty Cow)
165. - tor: updated to 0.2.8.9
166.  
167. 138.5
168. - ~/router/rc/mysql.c: Fix typo
169. - ~/router/nfs-utils/nfs.rc: Fix typo
170. - udev: Deleted test directory (There are symlinks that result in a recursion loop)
171. - udev: Removing test stuff and udevstart code and references
172. - nettle: Increase optimization level to -O2, to speed up crypto for dnssec validation
173. - igmpproxy: Reverted to previous version. IGMPv3 implementation seems to break existing IGMPv2 clients
174. - pcre: updated to 8.39
175. - libcurl: Add CA bundle support
176. - libcurl: updated CA certificate bundle as of 2016-09-14
177.  
178. 138.4
179. - tor: updated to 0.2.8.8
180. - OpenSSL: updated to 1.0.2j
181. - libcurl: updated to 7.50.3
182. - MiniDLNA: updated to 1.1.6
183. - sqlite: updated to 3.14.1
184. - libsodium: updated to 1.0.11
185. - gmp: updated to 6.1.1
186. - DNScrypt: updated to 1.7.0
187. - usb_modeswitch: updated to 20160803 - http://www.draisberghof.de/usb_modeswitch/ChangeLogData
188.  
189. 138.3
190. - Changes in the Busybox configuration to get the Midnight Commander work properly - (CONFIG_ASH_EXPAND_PRMT=y)
191.  
192. 138.2
193. - TOR: updated to 0.2.8.7
194.  
195. 138.1
196. - Fixed VLAN
197. - OpenVPN: updated to 2.3.12