Merge branch 'master' into next

config/cfgroot/ids-functions.pl

@@ -572,6 +572,9 @@ sub _cleanup_rulesdir() {
 		# Skip element if it has config as file extension.
 		next if ($file =~ m/\.config$/);
 
+		# Skip rules file for whitelisted hosts.
+		next if ("$rulespath/$file" eq $whitelist_file);
+
 		# Delete the current processed file, if not, exit this function
 		# and return an error message.
 		unlink("$rulespath/$file") or return "Could not delete $rulespath/$file. $!\n";

config/rootfiles/oldcore/132/update.sh

@@ -90,6 +90,8 @@ ldconfig
 
 # create main/security file
 touch /var/ipfire/main/security
+chmod 644 /var/ipfire/main/security
+chown nobody:nobody /var/ipfire/main/security
 
 # Update Language cache
 /usr/local/bin/update-lang-cache

html/cgi-bin/vulnerabilities.cgi

@@ -117,7 +117,7 @@ for my $vuln (sort keys %VULNERABILITIES) {
 	if ($status eq "Not affected") {
 		$status_message = $Lang::tr{'not affected'};
 		$colour = "white";
-		$bgcolour = ${Header::colourblack};
+		$bgcolour = ${Header::colourgreen};
 
 	# Vulnerable
 	} elsif ($status eq "Vulnerable") {
@@ -129,7 +129,7 @@ for my $vuln (sort keys %VULNERABILITIES) {
 	} elsif ($status eq "Mitigation") {
 		$status_message = $Lang::tr{'mitigated'};
 		$colour = "white";
-		$bgcolour = ${Header::colourgreen};
+		$bgcolour = ${Header::colourblue};
 
 	# Unknown report from kernel
 	} else {
@@ -150,7 +150,7 @@ for my $vuln (sort keys %VULNERABILITIES) {
 				<font color="$colour">
 END
 	if ($message) {
-		print "<strong>$status_message</strong>: $message";
+		print "<strong>$status_message</strong> - $message";
 	} else {
 		print "<strong>$status_message</strong>";
 	}
@@ -227,9 +227,11 @@ sub check_status($) {
 	my $status = <FILE>;
 	close(FILE);
 
+	chomp($status);
+
 	# Fix status when something has been mitigated, but not fully, yet
 	if ($status =~ /^(Mitigation): (.*vulnerable.*)$/) {
-		return ("Vulnerable", $2);
+		return ("Vulnerable", $status);
 	}
 
 	if ($status =~ /^(Vulnerable|Mitigation): (.*)$/) {