Building cmake uses a high amount of memory (>2G) and
fails to build on my system. Using less processes reduces
memory usage and lets the build succeed.
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This functionality is now available for us since we updated
to GCC 4.9 and just improves the stack smashing protector
in GCC.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Excerpt form 'NEWS':
"It includes fixes for a syntax-highlighting bug and a positionlog bug,
it disables a time-eating multiline regex in the C syntax,
and it adds an escape hatch to the WriteOut menu when
--tempfile is used: the discardbuffer command, ^Q. It
also has translation updates for fifteen languages, and
a small fix in the softwrap code."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
If bridged ipv6 is used, $iface is taken from PHYSIN
In the log line the order of fields is "... IN=XY OUT=XY PHYSIN=XY ..."
Signed-off-by: Michael Eitelwein <michael@eitelwein.net>
3 main changes:
- Fill $iface and $out from PHYSIN and PHYSOUT when looking at bridged packets, othwerwise fill from IN and OUT
- Recognize ipv4 and ipv6 address style for $srcaddr and $dstaddr
- Match color coding of tables to pie charts (see seperate patch sent earlier)
I am using the bridged ipv6 setup as proposed in the wiki. I do not think this breaks anything when not using ipv6. So it would be nice to include this even if ipv6 is not officially supported yet. It is quite useful when using the ipv6 setup.
Signed-off-by: Michael Eitelwein <michael@eitelwein.net>
---
There seem to be some serious C++ issues in this so that
it won't build on ARM.
At the moment I do not have any resources to look further
into this, so I just disable building this package for
all ARM architectures.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The tls-remote directive is deprecated and will be removed with
OpenVPN version 2.4 . Added instead --verify-x509-name HOST name
into ovpnmain.cgi.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Changelog:
[security]
Update allowed OpenSSL versions as named is potentially
vulnerable to CVE-2015-3193.
[maint]
H.ROOT-SERVERS.NET is 198.97.190.53 and 2001:500:1::53. [RT #40556]
[security]
Insufficient testing when parsing a message allowed
records with an incorrect class to be be accepted,
triggering a REQUIRE failure when those records
were subsequently cached. (CVE-2015-8000) [RT #40987]
[security]
Address fetch context reference count handling error
on socket error. (CVE-2015-8461) [RT#40945]
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
