webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-01 15:52:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,816 Commits 2 Branches 1 Tag
477e28cf0d33a4a97825ec554ed6e969dbba7e0b
Commit Graph

2027 Commits

Author SHA1 Message Date
Arne Fitzenreiter
4bd2536f4b core59: start/stop ipsec and ssh at update. 2012-05-12 19:40:41 +02:00
Arne Fitzenreiter
c7c8b4aaec GeoIP: update database to 01052012. 2012-05-12 19:35:10 +02:00
Arne Fitzenreiter
db083dd81e dhcpcd: ignore MTU Smaller than 577. 
Normally 576 is the smallest valid mtu but some cable provider set this
also if they support much higher mtu's. Fedora does not accept
this to prevent speed problems with such isp connections so we do the same.
If you really need mtu=576 you can still force at at the setup.
 2012-05-12 19:34:47 +02:00
Arne Fitzenreiter
58574e318b php: security update to 5.3.13 (CVE-2012-2311). 2012-05-12 19:34:19 +02:00
Arne Fitzenreiter
d66d6f8827 strongswan: update to 4.6.3. 2012-05-12 19:31:46 +02:00
Arne Fitzenreiter
36585d00bd python: update to 2.7.3. 2012-05-12 19:31:17 +02:00
Arne Fitzenreiter
8f6a5178e8 fix core58 merge problem. 
Conflicts:

	config/rootfiles/core/58/filelists/files
 2012-05-12 19:30:30 +02:00
Arne Fitzenreiter
5479803667 core59: add openssl to core update. 2012-05-12 19:28:46 +02:00
Arne Fitzenreiter
a6f4183e83 openssl: security update to 0.9.8w. (CVE-2012-2131). 
SN1 BIO incomplete fix (CVE-2012-2131)
=======================================

It was discovered that the fix for CVE-2012-2110 released on 19 Apr
2012 was not sufficient to correct the issue for OpenSSL 0.9.8.

Please see http://www.openssl.org/news/secadv_20120419.txt for details
of that vulnerability.

This issue only affects OpenSSL 0.9.8v.  OpenSSL 1.0.1a and 1.0.0i
already contain a patch sufficient to correct CVE-2012-2110.

Thanks to Red Hat for discovering and fixing this issue.

Affected users should upgrade to 0.9.8w.

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120424.txt
 2012-05-12 19:28:24 +02:00
Arne Fitzenreiter
75c2cf6f51 started core59. 2012-05-12 19:24:46 +02:00
Arne Fitzenreiter
8969d075e0 hwdata: updata usb and pci ids database. 2012-04-07 11:38:23 +02:00
Arne Fitzenreiter
b7d1e1c4a4 GeoIP: update database to 03032012. 2012-04-07 11:37:35 +02:00
Arne Fitzenreiter
2d40b8174b core58: add cryptodev module to updater. 2012-04-07 11:37:03 +02:00
Arne Fitzenreiter
844d37795d clamav: updated to 0.97.4. 2012-04-07 11:35:28 +02:00
Arne Fitzenreiter
ef5d80c033 openssl: update to 0.9.8u. 2012-04-07 11:35:01 +02:00
Michael Tremer
25a063e66d git: Update to 1.7.9.3. 2012-04-07 11:33:52 +02:00
Michael Tremer
88511b6145 fireinfo: Update to 2.1.4. 
Fixes an issue with the detection of online CPUs on ARM.
 2012-04-07 11:32:51 +02:00
Arne Fitzenreiter
d2bbe7f46e usb_modeswitch: update to 1.2.3. 2012-04-07 11:32:16 +02:00
Arne Fitzenreiter
5d934a73dc strongswan: update to 4.6.2. 
fixes #10037
 2012-04-07 11:31:34 +02:00
Michael Tremer
16ada955ac Add libpng update to core update 58. 2012-04-07 11:31:05 +02:00
Michael Tremer
8cbc8e01b3 libpng: Update to 1.2.46. 
Fixes several security issues from 2011.
 2012-04-07 11:30:03 +02:00
Michael Tremer
0f0a5a6e5f Open core update 58 and import changes that were already commited. 2012-04-07 11:23:15 +02:00
Michael Tremer
524fc72621 openvpn: Update to 2.2.2. 
Add --enable-password-save switch that was requested by the
community.

See bug #10036.
 2012-04-07 11:22:53 +02:00
Arne Fitzenreiter
42fb65f0f3 core57: stop/start ipsec at update. 2012-04-07 11:21:31 +02:00
Arne Fitzenreiter
fa4762fbf8 network: don't set ip address "1.1.1.1". 
This change made also green-only with dhcp possible.
configure green to 1.1.1.1 and red to dhcp client and RED_DEV=green0.
 2012-02-19 12:48:42 +01:00
Dirk Wagner
38d3bcd5c1 nut: fixed wrong version in filename 2012-02-10 22:23:44 +01:00
Michael Tremer
a73f60abb8 strongswan: Customize the welcome banner. 
References:
 http://forum.ipfire.org/index.php/topic,5993.0.html
 http://forum.ipfire.org/index.php/topic,3329.0.html
 2012-02-10 11:01:42 +01:00
Michael Tremer
d02a7f9d05 vim: Create configuration files for better usage. 
This commits also ships all syntax highlighting information
and among others in /usr/share/vim.

References bug #10021.
 2012-02-08 22:35:30 +01:00
Arne Fitzenreiter
2b5d1d8f70 cups: update to 1.4.8. 2012-02-08 07:50:17 +01:00
Arne Fitzenreiter
da997327ad core57: add apache and squid to updater. 2012-02-08 07:49:48 +01:00
Arne Fitzenreiter
7e4506e9c7 apache: security update to 2.2.22. 
Fix six low and moderate security flaws. Most of them are not important for ipfire.
low: mod_setenvif .htaccess privilege escalation CVE-2011-3607
low: mod_log_config crash CVE-2012-0021
low: scoreboard parent DoS CVE-2012-0031
moderate: mod_proxy reverse proxy exposure CVE-2011-4317
moderate: error responses can expose cookies CVE-2012-0053
moderate: mod_proxy reverse proxy exposure CVE-2011-3368

For details check: http://httpd.apache.org/security/vulnerabilities_22.html
 2012-02-08 07:43:48 +01:00
Arne Fitzenreiter
7d5fdf7954 core57: add php update to updater. 2012-02-05 19:11:17 +01:00
Arne Fitzenreiter
144815dabe php: security update to 5.3.10. 
5.3.10 Fixes arbitary remote code execution CVE-2012-0830
5.3.9 Fixes for CVE-2011-4566 and CVE-2011-4885
...
 2012-02-05 19:05:18 +01:00
Arne Fitzenreiter
6acda73be0 started core57. 2012-02-05 16:49:37 +01:00
Arne Fitzenreiter
184bee29d0 core56: add static-rules startfiles to updater. 2012-02-05 16:46:57 +01:00
Arne Fitzenreiter
792ff4fa0b core56: don't reset ssh/ssl config at update. 2012-01-28 12:26:03 +01:00
Arne Fitzenreiter
5db3741f37 Merge branch 'master' into core56 2012-01-26 17:46:56 +01:00
Arne Fitzenreiter
834ca786da initscripts: rootfile update. 2012-01-26 17:39:00 +01:00
Michael Tremer
e247eb7cec Allow : character in configuration files. 
According to bug #10006, it is needed in some DSL credentials.

As : is not a special character in shell code (at least if
{} is not allowed either) we can safely use it.
 2012-01-23 22:17:10 +01:00
Arne Fitzenreiter
55bec7f58f core56: stop/start sshd and apache while updateing. 2012-01-21 20:26:26 +01:00
Arne Fitzenreiter
9f212a9607 core56: add openvpnctrl to updater. 2012-01-21 20:24:09 +01:00
Arne Fitzenreiter
4de55e0b3d initskripts: add disc sync before unmounting filesystems. 2012-01-21 20:20:57 +01:00
Arne Fitzenreiter
9347464405 core56: add Crypt-PasswdMD5 to updater. 2012-01-21 20:19:25 +01:00
Arne Fitzenreiter
18e7404874 chpasswd.cgi: fixed for new MD5 password hashes. 2012-01-21 20:13:54 +01:00
Arne Fitzenreiter
d8799d9280 Crypt-PasswdMD5: add new perl modul to use apache md5 passwords. 2012-01-21 20:11:01 +01:00
Arne Fitzenreiter
120cedf285 python-m2crypto: rootfile update. 2012-01-21 17:17:35 +01:00
Arne Fitzenreiter
18252bf794 usb-modeswitch: update to 1.2.2 and data 20120120. 2012-01-21 17:10:05 +01:00
Arne Fitzenreiter
a6d0d790eb flash-image: add automatic resizing /var partition at first boot. 2012-01-20 08:02:31 +01:00
Arne Fitzenreiter
6333b4e725 openssl: security update to 0.9.8t. 
prevent DTLS DoS attak (CVE-2012-0050)
 2012-01-19 21:39:58 +01:00
Arne Fitzenreiter
a6b7619bab serial console: set baudrate to 115200. 2012-01-17 20:29:36 +01:00