webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 19:15:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
15,056 Commits 2 Branches 1 Tag
111bbcb3ada255b73d8ddfab1052e030d402aeff
Commit Graph

6459 Commits

Author SHA1 Message Date
Arne Fitzenreiter
962f7923f5 Merge branch 'master' into next 2020-09-24 14:16:16 +00:00
Arne Fitzenreiter
d83422d1c0 toolchain: fix build with gcc<8 on builder. 
gcc-7 not support -fcf-protection so filter it from CFLAGS.
also filter -mtune in first pass because it should optimized for the
actual host.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-24 07:36:01 +02:00
Matthias Fischer
74847444df htop: Update to 3.0.2 
For details see:
https://github.com/htop-dev/htop/blob/master/ChangeLog

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-19 19:04:05 +00:00
Matthias Fischer
b04f532f70 nano: Update to 5.2 
For details see:
https://www.nano-editor.org/news.php

I wasn't sure about the 'extras' - if we need more, feel free to adjust the rootfile.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-17 18:53:16 +00:00
Adolf Belka
ddad38e232 postfix: Update to 3.5.7 
- Update postfix from version 3.5.6 to 3.5.7
  see ftp://ftp.cs.uu.nl/mirror/postfix/postfix-release/official/postfix-3.5.7.RELEASE_NOTES

Supporting request from Peter Müller
Signed-off-by: Adolf Belka<ahb@ipfire@gmail.com
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-17 18:52:43 +00:00
Adolf Belka
ca673f8df6 nagios_nrpe: Fix for bug 12337 
- added pid_file=/var/run to the configure statement
  to give the required pid directory in the default nrpe.cfg file

Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-17 18:51:53 +00:00
Matthias Fischer
99804aaed7 clamav: Update to 0.103.0 
For details see:
https://blog.clamav.net/2020/09/clamav-01030-released.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-17 18:49:44 +00:00
Arne Fitzenreiter
97f1bf4460 kernel: update to 4.14.198 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-12 23:47:49 +02:00
Arne Fitzenreiter
3a69555f90 kernel: add patch agains CVE-2020-14386 
fixes #12483

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-12 09:38:10 +02:00
Arne Fitzenreiter
9dafa28a1c Revert "kernel: add patch against CVE-2020-14386" 
This reverts commit f04023b1ca.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-11 22:16:27 +02:00
Arne Fitzenreiter
1d15fbd440 kernel: cleanup kirkwood patch apply lines 
kirkwood support is removed long time ago and the patch already
removed from tree.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-11 21:30:15 +02:00
Arne Fitzenreiter
f04023b1ca kernel: add patch against CVE-2020-14386 
fixes #12483

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-11 21:27:15 +02:00
Arne Fitzenreiter
10d0489df2 kernel: update to 4.14.197 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-10 20:20:28 +02:00
Arne Fitzenreiter
207b38f1da Kernel: update to 4.14.196 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-09-04 18:12:38 +02:00
Arne Fitzenreiter
3d5c33f057 libvirt: add libtirpc to dependencies 
libvirt is linked against libtirpc so this need to installed.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-08-31 18:41:19 +02:00
Arne Fitzenreiter
0216f1ecdd libvirt: add libtirpc to dependencies 
libvirt is linked against libtirpc so this need to installed.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-08-31 18:39:01 +02:00
Arne Fitzenreiter
ce9f979c01 kernel: update to 4.14.195 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-08-31 06:58:32 +02:00
Arne Fitzenreiter
2c8819992e vim: update to 8.2 and fix crash with gcc-10 
the configure.ac has a bug that detects gcc-10 as gcc-1 and so not use
some quirks. Also there is a bug with FORTIFY-SOURCE=2 that crash
if the matchparen plugin is used (enabled by default).

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2020-08-29 18:08:57 +00:00
Matthias Fischer
9fa6a8d81d squid: Update to 4.13 
For details see:
http://www.squid-cache.org/Versions/v4/changesets/

and

http://lists.squid-cache.org/pipermail/squid-users/2020-August/022566.html

Fixes (excerpt):

"* SQUID-2020:8 HTTP(S) Request Splitting
   (CVE-2020-15811)

This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the browser
cache and any downstream caches with content from an arbitrary
source.

* SQUID-2020:9 Denial of Service processing Cache Digest Response
   (CVE pending allocation)

This problem allows a trusted peer to deliver to perform Denial
of Service by consuming all available CPU cycles on the machine
running Squid when handling a crafted Cache Digest response
message.

* SQUID-2020:10 HTTP(S) Request Smuggling
   (CVE-2020-15810)

This problem is serious because it allows any client, including
browser scripts, to bypass local security and poison the proxy
cache and any downstream caches with content from an arbitrary
source.

* Bug 5051: Some collapsed revalidation responses never expire

* SSL-Bump: Support parsing GREASEd (and future) TLS handshakes

* Honor on_unsupported_protocol for intercepted https_port"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-24 09:47:40 +00:00
Michael Tremer
9a62b6daac libvirt: Depend on ebtables 
libvirtd requires this to create some custom firewall rules

Reported-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-19 14:08:54 +00:00
Michael Tremer
882ab515f9 libvirt: Ship all CPU maps 
Reported-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-19 14:08:53 +00:00
Matthias Fischer
9a2685f326 rsync: Update to 3.2.3 
For details see:
https://download.samba.org/pub/rsync/NEWS#3.2.3

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-19 12:02:51 +00:00
Erik Kapfer
3caa418097 tshark: Update to version 3.2.6 
The version jump from 3.2.3 to 3.2.6 includes several changes.
3.2.4 includes only bugfixes.
3.2.5 includes bugfixes and updated protocols.
3.2.6 includes also bugfixes and updated protocols.

For a full overview, the release notes can be found in here -->
https://www.wireshark.org/docs/relnotes/ .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-18 15:42:05 +00:00
Peter Müller
10771d94ad Postfix: update to 3.5.6 
Please refer to http://www.postfix.org/announcements/postfix-3.5.6.html
for release announcements.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-18 10:19:49 +00:00
Michael Tremer
c67ff7d72c zstd: Make this part of the core distributions 
Many packages link against it and we should make use of it
when we have it.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-18 10:13:01 +00:00
Matthias Fischer
7dcea61621 popt: Update to 1.18 
Recommended for 'rsync 3.2.1'.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:55:35 +00:00
Matthias Fischer
73202b3976 rsync: Update to 3.2.1 
For details see:
https://download.samba.org/pub/rsync/NEWS#3.2.1

Although 3.2.2 is in "release testing", I decided to push this release now to get things running.

I activated zstd-support and added 'DEPS = zstd'.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:55:26 +00:00
Matthias Fischer
6b264af51b zstd 1.4.5: New package 
This packages adds a "lossless compression algorithm" - supported by 'rsync 3.2.1'.

For details see:
https://github.com/facebook/zstd/releases/tag/v1.4.5

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:54:55 +00:00
Matthias Fischer
112d36f00e qemu: Update to 5.0.0 
For details see:
https://wiki.qemu.org/ChangeLog/5.0

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:53:41 +00:00
Matthias Fischer
665261f56f usbredir: Update to 0.8.0 
For details see:
https://gitlab.freedesktop.org/spice/usbredir/-/blob/master/ChangeLog

"-Source code and bug tracker hosted in Freedesktop's instance of Gitlab
 -https://gitlab.freedesktop.org/spice/usbredir
-usbredirfilter
 -Fix busy wait due endless recursion when interface_count is zero
-usbredirhost:
 -Fix leak on error
-usbredirserver:
 -Use 'busnum-devnum' instead of 'usbbus-usbaddr'
 -Add support for bind specific address -4 for ipv4, -6 for ipv6
 -Reject empty vendorid from command line
 -Enable TCP keepalive"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:53:40 +00:00
Matthias Fischer
196cdadab8 libvirt: Update to 6.5.0 
For details see:
https://libvirt.org/news.html

This update "just came my way" - I hope its somehow useful.

I also checked updates for dependencies - 'libusbredir 0.8.0' and 'qemu 5.0.0' follow.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:53:38 +00:00
Peter Müller
454a21d8b0 Postfix: update to 3.5.4 
Please refer to http://www.postfix.org/announcements/postfix-3.5.4.html
for release announcements.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:53:14 +00:00
Peter Müller
4591f94bc5 Tor: update to 0.4.3.6 
Please refer to https://blog.torproject.org/new-release-tor-03511-0428-0436-security-fixes
for release announcements.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:53:03 +00:00
Matthias Fischer
2ebd7ec758 clamav: Update to 0.102.4 
Fixes CVE-2020-3350, CVE-2020-3327, CVE-2020-3481

For details see:
https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:52:28 +00:00
Matthias Fischer
d690f2a7ce bind: Update to 9.11.21 
For details see:
https://downloads.isc.org/isc/bind9/9.11.21/RELEASE-NOTES-bind-9.11.21.html

"Bug Fixes

    named could crash when cleaning dead nodes in lib/dns/rbtdb.c that
    were being reused. [GL #1968]

    Properly handle missing kyua command so that make check does not
    fail unexpectedly when CMocka is installed, but Kyua is not. [GL
    #1950]

    The validator could fail to accept a properly signed RRset if an
    unsupported algorithm appeared earlier in the DNSKEY RRset than
    a supported algorithm. It could also stop if it detected a malformed
    public key. [GL #1689]"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:52:06 +00:00
Peter Müller
04b39060f7 intel-microcode: update to 20200616 
Ice Lake Intel CPUs have been found of being vulnerable to MDS, thus
requiring new microcodes for them. <sarcasm>Yay!</sarcasm> Please refer to
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20200616
for further information.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:49:24 +00:00
Matthias Fischer
53e1abbb57 unbound: Update to 1.11.0 
For details see:
https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-July/006921.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:47:36 +00:00
Michael Tremer
c2607bc492 7zip: Move files to /usr 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 17:23:37 +00:00
Michael Tremer
6168163681 u-boot: Fix build with GCC 10 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 15:09:51 +00:00
Michael Tremer
9b34655840 grub: Run autoreconf after applying patches 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 15:09:24 +00:00
Marcel Follert
6992457365 socat: New package 
Signed-off-by: Marcel Follert (Smooky) <smooky@v16.de>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:10:11 +00:00
Matthias Fischer
db376b5895 iproute2: Update to 5.8.0 
For details see:
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/log/?h=v5.8.0

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:09:25 +00:00
Matthias Fischer
2fa9dfa8d9 apache: Update to 2.4.46 
For details see:
https://mirrors.ae-online.de/apache//httpd/CHANGES_2.4.46

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:09:20 +00:00
Matthias Fischer
62e68ad323 logrotate: Update to 3.17.0 
For details see:
https://github.com/logrotate/logrotate/releases/tag/3.17.0

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:09:17 +00:00
Erik Kapfer
0d1054abc9 curl: Update to version 7.71.1 
Several bugfixes and vulnerabilities has been fixed since the current available version 7.64.0 .

For a full overview, the changelog is located in here --> https://curl.haxx.se/changes.html,
a security problem overview in here --> https://curl.haxx.se/docs/security.html .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:09:10 +00:00
Stefan Schantl
80dd69380d hyperscan: Update to 5.3.0 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <Michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:09:08 +00:00
Michael Tremer
b970ae902a haproxy: Update to 2.2.2 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:08:25 +00:00
Stephan Feddersen
6408a43c0d WIO. new version 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:08:17 +00:00
Michael Tremer
44bfc40640 glibc: aarch64: Ignore uninitialised variables in the stage2 build, too 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-17 10:05:40 +00:00
Michael Tremer
6d6f306179 perl: Fix build in toolchain stage 
perl searches for headers and libraries in the wrong paths
and detects GCC 10 as GCC 1.x.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2020-08-16 10:29:43 +00:00