webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-11 09:48:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,883 Commits 2 Branches 1 Tag
0b4976e2934f961cda0805e5438d1b8349808447
Commit Graph

899 Commits

Author SHA1 Message Date
Michael Tremer
27957a3f2b Merge remote-tracking branch 'ms/x86_64' into next 2015-09-11 15:06:09 +01:00
Michael Tremer
257ce821ee fireinfo: Import upstream fixes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-09-09 15:32:09 +01:00
Michael Tremer
71940784ef fireinfo: Import upstream patch 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-09-01 00:12:31 +01:00
matthias.fischer@ipfire.org
f10a246946 squid 3.4.14: Import latest patch from upstream 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-31 23:26:38 +01:00
Michael Tremer
377eaee288 openssl: Fix build on x86_64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-22 23:29:45 +02:00
Michael Tremer
612c14d58b glibc: Fix build with make version 4.0 and greater 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-22 17:22:16 +01:00
Michael Tremer
191976efbd pcre: Fix more buffer overflows 
This reverts commit cec620efdf.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-21 21:29:46 +01:00
Michael Tremer
cec620efdf Revert "pcre: Fix more buffer overflows" 
This reverts commit b62425e3e3.
 2015-08-19 20:30:50 +01:00
Michael Tremer
b62425e3e3 pcre: Fix more buffer overflows 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-17 23:36:36 +01:00
Matthias Fischer
f831e573d4 dnsmasq: latest upstream patches 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-17 20:53:21 +01:00
Michael Tremer
9eb008dc92 glibc: Import security fixes from upstream 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-17 20:49:34 +01:00
Michael Tremer
e628f99413 Remove left-over squid patch file 2015-08-07 20:37:53 +01:00
Michael Tremer
d08045eaa6 dnsmasq: Update to 2.75 
Rather severe regression in handling DNSSEC with CNAMEs.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-08-01 20:23:34 +01:00
Michael Tremer
a722eae9dd ddns: Update to version 008 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-07-16 12:02:08 +02:00
Michael Tremer
b720e70288 cups: Update to 1.7.5 and fix for CVE-2015-1158 and CVE-2015-1159 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-07-14 17:15:00 +02:00
Michael Tremer
5929298ea1 pcre: Fix CVE-2015-5073 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-07-14 17:14:13 +02:00
Arne Fitzenreiter
c9ab30c5d3 kernel: fix trim dataloss on some solid state discs 
disable trim on SuperSSpeed S238
update queued trim blacklist from kernel 4.2rc1
(add Samsung SSD 8xx and some Crucial and Micron SSD)
 2015-07-13 22:00:57 +02:00
Michael Tremer
8c8383e55e Remove dnsmasq patches 
These are not applied any more because dnsmasq was updated
to the latest release version.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-07-09 13:10:46 +02:00
Michael Tremer
d6c40f585d squid: Apply fix for Squid Advisory SQUID-2015:2 
Squid configured with cache_peer and operating on explicit proxy
traffic does not correctly handle CONNECT method peer responses.

The bug is important because it allows remote clients to bypass
security in an explicit gateway proxy.

However, the bug is exploitable only if you have configured
cache_peer to receive CONNECT requests.

  http://www.squid-cache.org/Advisories/SQUID-2015_2.txt

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-07-09 13:10:38 +02:00
Michael Tremer
15d5073d5b Merge branch 'next' 2015-07-07 10:42:56 +02:00
Michael Tremer
3a9a74d839 python: Cleanup patches 
I accidentially added a wrong patch and left in a reference
to a removed one.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-06-18 21:22:51 +02:00
Michael Tremer
67bc7ab222 python: Build libffi before python and link against it 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-06-18 21:04:19 +02:00
Michael Tremer
1ae0db1a74 Python: Update to 2.7.9 
This reverts commit 3d9b9dd30e.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-06-18 21:04:18 +02:00
Michael Tremer
dff6612b02 Merge remote-tracking branch 'mfischer/dnsmasq' into next 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

Conflicts:
	lfs/dnsmasq
 2015-06-18 13:12:33 +02:00
Michael Tremer
697b4f04bf dnsmasq: Import patches from upstream 
These fix minor bugs and contain smaller improvements.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-06-18 12:38:38 +02:00
Matthias Fischer
348334b6eb Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into dnsmasq 2015-06-16 21:40:16 +02:00
Michael Tremer
c3e1954331 strongswan: Update to 5.3.2 
This release fixes a security issue filed under CVE-2015-4171.

https://www.strongswan.org/blog/2015/06/08/strongswan-vulnerability-(cve-2015-4171).html

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-06-12 17:15:51 +02:00
Arne Fitzenreiter
3d9b9dd30e Revert "Python: Update to 2.7.9" 
This reverts commit 765423cebe.

build fails.
 2015-06-10 14:49:40 +02:00
Michael Tremer
41ed4795fe strongswan: Update to 5.3.1 
Fixed a denial-of-service and potential remote code execution vulnerability
triggered by IKEv1/IKEv2 messages that contain payloads for the respective
other IKE version. Such payload are treated specially since 5.2.2 but because
they were still identified by their original payload type they were used as
such in some places causing invalid function pointer dereferences.
The vulnerability has been registered as CVE-2015-3991.

https://www.strongswan.org/blog/2015/06/01/strongswan-vulnerability-%28cve-2015-3991%29.html

The increased buffer size has been fixed in bug #943 upstream
  https://wiki.strongswan.org/issues/943
 2015-06-04 19:26:44 +02:00
Michael Tremer
1292598207 Merge remote-tracking branch 'mfischer/python' into next 2015-05-26 14:30:27 +02:00
Michael Tremer
efbd3a9abc dnsmasq: Import patches from upstream 2015-05-20 23:35:38 +02:00
Matthias Fischer
bbe4537de3 dnsmasq: again - latest upstream patches 2015-05-17 00:39:39 +02:00
Matthias Fischer
7cbd533265 dnsmasq: import latest upstream patches 2015-05-09 21:21:34 +02:00
Michael Tremer
d81456730c strongswan: Use --wait option for iptables commands 2015-05-07 22:40:08 +02:00
Arne Fitzenreiter
ad39b30985 qemu: update to 2.3.0 2015-05-06 19:12:06 +02:00
Arne Fitzenreiter
5ea73f5660 dracut: add sdhci-pci module to initrd. 
fixes #10792
 2015-05-05 22:34:30 +02:00
Michael Tremer
afa91a4df5 fireinfo: Fix SEGV on QEMU without KVM 2015-05-04 16:02:39 +02:00
Michael Tremer
6caea1086d Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2015-04-29 11:26:35 +02:00
Michael Tremer
85a6f39c39 Merge remote-tracking branch 'stevee/core-90-ddnsctrl' into next 2015-04-29 11:26:20 +02:00
Michael Tremer
5f20677864 dnsmasq: Import more upstream fixes 
Fixes: #10786

Fixes DNSSEC validation when falling back to TCP.
 2015-04-29 11:24:23 +02:00
Stefan Schantl
2bcd81934d ddns: Add more upstream patches. 2015-04-28 21:06:19 +02:00
Arne Fitzenreiter
0e2f9b011b openssl: disable ssse3 on amd cpu's 
amd with ssse3 (bulldozer and fusion) has serious performance problems
with the vpaes code. (-evp is 40% slower)
 2015-04-28 20:51:03 +02:00
Michael Tremer
1cbc5ca0a4 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next 2015-04-28 11:14:45 +02:00
Arne Fitzenreiter
f68ae02d39 openssl: auto enable padlock engine. 2015-04-27 22:15:20 +02:00
Michael Tremer
30ca037fb3 glibc: Fix CVE-2013-7423 and CVE-2015-1781 
CVE-2013-7423: Fix invalid file descriptor reuse while sending DNS query
CVE-2015-1781: Fix buffer overflow in gethostbyname_r with misaligned buffer
 2015-04-27 21:20:46 +02:00
Michael Tremer
ffe32bf7ae strongswan: Increase stroke buffer size to 8k 2015-04-27 20:58:45 +02:00
Michael Tremer
6ac0a1a38f dnsmasq: Import latest fixes from upstream 2015-04-27 18:10:34 +02:00
Stefan Schantl
1b1401b9df Drop obsolete ddns patches. 2015-04-26 17:14:36 +02:00
Stefan Schantl
b0b8729a32 ddns: Add upstream patch for fixing bug 10815. 2015-04-26 17:12:55 +02:00
Michael Tremer
37de68c965 openssl: Enable all assembly optimisations build SSE2 optimised version 
Fixes #10814
 2015-04-23 13:33:35 +02:00