This change will make sure that dehydrated will continue if (re-)issuing
one or more certificate fails.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Since the update is not built on the day when people install it, we will
ship an outdated database. For updates, where the firewall is being
reloaded or rebooted, we will have an old database in place until the
next database update job runs.
Secondly, the data is 33 MiB in size, which is useless data shipped as
every system will already have a database that is very likely to be more
recent.
In this update, we are not shipping the location database again, but I
wanted to add this change so it does not get lost next time.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
This changes the old "diff" algorithm that we needed to have before
Unbound was able to reload its own configuration.
Now, it can do this even without dropping the cache. This should
hopefully perform much better and be more reliable than the old way.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
- changes `interface` to `pcap_interface` in pmacct.conf file.
- thank you to @iptom for finding and reporting the issue and
to many others for pitching in and helping debug!
Signed-off-by: Jon Murphy <jon.murphy@ipfire.org>
Originally announced for Core Update 176, this step was postponed until
Core Update 177 due to my fault of having shipped all necessary
dependencies for OpenSSL 3.x in Core Update 175 properly.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
- Removal of lfs file
- Removal of rootfile
- Removal of backup includes file
- Removal of three patches
- Removal of paks files
- Adjustment of make.sh to remove squidclamav
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 20230404 to 20230625
- Update of rootfile carried out based on Peter Mueller's description from last
linux-firmware update.
- It would be good to have it checked that my results are in line with what they should be.
- Changelog
For changes see the commits in the git repo
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/log/
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
There are no functional changes in these files, but they are however
linked against OpenSSL 1.1.1 and need to be re-shipped before we remove
the legacy library.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This reverts commit aa8a659ab7.
This cannot be done, yet, because an updated system still has hundreds
of files using the old libraries. Those will have to be re-shipped first
before we actually remove OpenSSL 1.1.1.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Changelog is too long to include it here, please refer to the ChangeLog
file in the sourcecode tarball.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 1.15.4 to 1.20.4
- Update of x86_64 rootfile
aarch64 rootfile needs to be created on a aarch64 build system
- Changelog is very large. For details see https://go.dev/doc/devel/release
50 mentions of security fixes in the changes from 1.15.4 to 1.20.4
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- In Core Update 175 lvm was updated and 69-dm-lvm-metad.rules was replaced with
69-dm-lvm.rules in the lvm rootfile.
- That previous patch update did not remove the no longer existing 69-dm-lvm-metad.rules
from existing installations. This patch corrects that.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
- Redhat updated lvm udev rule 69-dm-lvm.rules to only work with systemd
- Update 69-dm-lvm.rules to work with IPFire based on input from @Daniel of what worked
to mount an existing lvm volume
Suggested-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
This patch does not include the rootfile for riscv64 because GCC FTBFS.
Bug #13156 has been opened to address this.
But since we don't officially support IPFire riscv64, yet, this should
not delay this going into next.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from version 3.9.0 to 3.10.0
- Update of rootfile
- version 3.9.0 failed to output some of the symbols. This was found as a bug in Fedora but
also seen by some people in IPFire CU175 with flashrom where the version 3.3 symbol is
provided.
Fedora made a patch to resolve this issue for 3.9.0 but 3.10.0 has been released since
then and Fedora removed the patch that was used for 2.9.0 as pciutils has had that bug
fixed - see first item in changelog.
- Changelog
Released as 3.10.0.
Fixed bug in definition of versioned symbol aliases
in shared libpci, which made compiling with link-time
optimization fail.
Filters now accept "0x..." syntax for backward compatibility.
Windows: The cfgmgr32 back-end which provides the list of devices
can be combined with another back-end which provides access
to configuration space.
ECAM (Enhanced Configuration Access Mechanism), which is defined
by the PCIe standard, is now supported. It requires root privileges,
access to physical memory, and also manual configuration on some
systems.
lspci: Tree view now works on multi-domain systems. It now respects
filters properly.
Last but not least, pci.ids were updated to the current snapshot
of the database. This includes overall cleanup of entries with
non-ASCII characters in their names -- such characters are allowed,
but only if they convey interesting information (e.g., umlauts
in German company names, but not the "registered trade mark" sign).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
