webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-21 00:12:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,791 Commits 2 Branches 1 Tag
27279edffcbf6fec56563b052d1ef08f9341185f
Commit Graph

11791 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Arne Fitzenreiter
26d09124b9 Merge branch 'kernel-5.14' of git.ipfire.org:/pub/git/people/arne_f/ipfire-2.x into kernel-4.14 2018-04-14 18:45:02 +02:00
Arne Fitzenreiter
0245f3b6e1 screen: build before elfutils 
if it buils after elfutils it links against libelf which is an addon

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-14 18:42:52 +02:00
Arne Fitzenreiter
69acde2ecd acpid: build also on arm 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-14 18:42:00 +02:00
Arne Fitzenreiter
3509cd985f bump packages 
the old packages are linked against removed libs

fixes: 11685

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-14 16:17:48 +02:00
Arne Fitzenreiter
2c1a6768d0 bump packages 
the old packages are linked against removed libs

fixes: 11685

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-14 16:14:31 +02:00
Arne Fitzenreiter
9a2ac6c3da kernel: update to 4.14.34 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-12 17:17:08 +02:00
Arne Fitzenreiter
6b56624445 flash-images: merge normal and scon to one image. 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-12 16:36:31 +02:00
Wolfgang Apolinarski
ff2b65c193 Updated Apache 2.4 
- Updated Apache from 2.4.29 to 2.4.33
- Updated Apr from 1.6.1 to 1.6.3
- Updated Apr-Util from 1.6.0 to 1.6.1

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-11 20:03:53 +01:00
Matthias Fischer
4217b4b6d8 beep 1.3: Fixes for CVE-2018-0492 
For details see:
https://src.fedoraproject.org/cgit/rpms/beep.git
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-0492

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-11 20:03:19 +01:00
Arne Fitzenreiter
d1d06e66c0 kernel: update to 4.14.33 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-11 19:39:48 +02:00
Arne Fitzenreiter
96a2ff029e kernel: update config 
disable isdn
disable audit
disable profiling on arm
disable scsi driver on arm

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-11 18:36:57 +02:00
Arne Fitzenreiter
98ae3af844 Merge branch 'master' into core120 2018-04-09 22:25:53 +02:00
Michael Tremer
c79cbc1594 core120: Update OepnVPN configurations for PMTU changes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-09 11:36:46 +01:00
Michael Tremer
f5b2d0a14a OpenVPN: Drop Path MTU discovery settings 
These have to be dropped since the entire system does not
support Path MTU discovery any more. This should not have
any disadvantage on any tunnels since PMTU didn't really
work in the first place.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-09 11:32:07 +01:00
Arne Fitzenreiter
f46d604de2 kernel: fix kirkwood config 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-09 07:52:46 +00:00
Arne Fitzenreiter
a554acea16 core120: don't (re)move old packfire/gpg databases 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-04 21:38:24 +02:00
Arne Fitzenreiter
072a19ec64 Merge branch 'master' into core119 2018-04-03 20:13:34 +02:00
Michael Tremer
d6d058a56b core120: Update pakfire keystore 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-03 17:34:24 +01:00
Michael Tremer
6ae5439e5c core120: Ship changed pakfire files 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-03 17:33:04 +01:00
Michael Tremer
9a507db2cb pakfire: Store key material in own directory 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-03 17:31:50 +01:00
Arne Fitzenreiter
592896d2f4 u-boot: update bootscript to boot from other devices than mmc 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-03 05:26:54 +00:00
Arne Fitzenreiter
783f6aa36d Merge remote-tracking branch 'origin/master' into kernel-4.14 2018-04-03 20:15:58 +02:00
Arne Fitzenreiter
6703371d2d Merge remote-tracking branch 'origin/core120' into kernel-4.14 2018-04-02 17:11:45 +02:00
Arne Fitzenreiter
718119b897 Merge branch 'master' into core119 2018-04-02 16:56:02 +02:00
Michael Tremer
4d888e6854 curl: Drop old compatibility symlink 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-02 15:50:09 +01:00
Michael Tremer
e7cda9ac7f curl: Rootfile update 
Main library was missing

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-02 15:48:50 +01:00
Michael Tremer
0471d32b85 core120: Import new pakfire keys 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-02 15:46:40 +01:00
Michael Tremer
74e715a5a2 pakfire: Import old key, too 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-02 15:46:40 +01:00
Michael Tremer
397d3a8e15 pakfire: Rename new key to pakfire-2018.key 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-02 15:46:40 +01:00
Michael Tremer
3e29608f82 pakfire: Validate signatures when multiple are available 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-04-02 15:45:48 +01:00
Arne Fitzenreiter
3e7dee5951 core120: add pakfire script to updater 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-02 11:22:19 +02:00
Arne Fitzenreiter
0d98de5a44 kernel: update to 4.14.32 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-04-01 16:15:27 +02:00
Arne Fitzenreiter
1b06675c00 openssl: update rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-03-31 10:02:01 +02:00
Arne Fitzenreiter
e12d216eec kernel: x86_64 rootfile update 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-03-31 09:56:48 +02:00
Arne Fitzenreiter
b465322d7c kernel: x86_64 enable DEVFREQ modules 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-03-30 16:39:02 +02:00
Arne Fitzenreiter
302dba205b Merge remote-tracking branch 'origin/master' into kernel-4.14 2018-03-30 10:26:01 +02:00
Arne Fitzenreiter
018a19af64 kernel: update to 4.14.31 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-03-30 10:21:49 +02:00
Arne Fitzenreiter
36600cef36 Merge branch 'core119' into next 2018-03-30 09:35:28 +02:00
Arne Fitzenreiter
6a8b2ef977 core120: set pafire version to 120 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2018-03-30 09:25:06 +02:00
Michael Tremer
f7e9c14842 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-29 13:49:44 +01:00
Michael Tremer
4b072d640e pakfire: Use upstream proxy for HTTPS, too 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-28 16:55:18 +01:00
Peter Müller
66a0f3646a use protocol defined in server-list.db for mirror communication 
For each mirror server, a protocol can be specified in the
server-list.db database. However, it was not used for the
actual URL query to a mirror before.

This might be useful for deploy HTTPS pinning for Pakfire.
If a mirror is known to support HTTPS, all queries to it
will be made with this protocol.

This saves some overhead if HTTPS is enforced on a mirror
via 301 redirects. To enable this, the server-list.db
needs to be adjusted.

The second version of this patch only handles protocols
HTTP and HTTPS, since we do not expect anything else here
at the moment.

Partially fixes #11661.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-28 16:42:21 +01:00
Michael Tremer
9f0999325d unbound: Fix crash on startup 
Zone names should not be terminated with a dot.

Fixes: #11689

Reported-by: Pontus Larsson <pontuslarsson51@yahoo.se>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-28 16:39:35 +01:00
Michael Tremer
d97f43b309 Rootfile update for curl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-28 11:22:06 +01:00
Michael Tremer
d9e656bb82 asterisk: Ship documentation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-27 20:56:31 +01:00
Michael Tremer
d3cd99830a fetchmail: Permit building without SSLv3 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-27 20:53:31 +01:00
Michael Tremer
76f422025f openssl: Update to 1.0.2o 
CVE-2018-0739 (OpenSSL advisory) [Moderate severity] 27 March 2018:

Constructed ASN.1 types with a recursive definition (such as can be
found in PKCS7) could eventually exceed the stack given malicious
input with excessive recursion. This could result in a Denial Of
Service attack. There are no such structures used within SSL/TLS
that come from untrusted sources so this is considered safe.
Reported by OSS-fuzz.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-27 16:05:07 +01:00
Michael Tremer
166ceacd6b openssl: Update to 1.1.0h 
CVE-2018-0739 (OpenSSL advisory) [Moderate severity] 27 March 2018:

Constructed ASN.1 types with a recursive definition (such as can be
found in PKCS7) could eventually exceed the stack given malicious
input with excessive recursion. This could result in a Denial Of
Service attack. There are no such structures used within SSL/TLS
that come from untrusted sources so this is considered safe.
Reported by OSS-fuzz.

This patch also entirely removes support for SSLv3. The patch to
disable it didn't apply and since nobody has been using this before,
we will not compile it into OpenSSL any more.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-27 16:03:44 +01:00
Michael Tremer
c98304604b core120: Ship updated QoS script and gnupg 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-26 19:04:41 +01:00
Matthias Fischer
be7878d5c9 Fix typo in 'makeqosscripts.pl' 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2018-03-26 19:03:30 +01:00