webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-19 07:23:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,545 Commits 2 Branches 1 Tag
4e5802a9be6eb2bcaebcbebecaca5501fda23a32
Commit Graph

2008 Commits

Author SHA1 Message Date
Matthias Fischer
f3959d13e8 bind: Update to 9.11.8 
For Details see:
https://downloads.isc.org/isc/bind9/9.11.8/RELEASE-NOTES-bind-9.11.8.html

"Security Fixes
    A race condition could trigger an assertion failure when a large number
    of incoming packets were being rejected.
    This flaw is disclosed in CVE-2019-6471. [GL #942]"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-21 01:39:18 +01:00
Arne Fitzenreiter
70590cef48 Kernel: update to 4.14.128 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-06-19 21:01:29 +02:00
Matthias Fischer
98f55e136f vim: Update to 8.1 
Please note:
If this gets merged, the update process must deal with the otherwise remaining
files in '/usr/share/vim74' (~16 MB).

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-18 22:34:55 +01:00
Arne Fitzenreiter
15ca18a3d9 Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next 2019-06-18 18:42:02 +02:00
Arne Fitzenreiter
82c279a518 kernel: update to 4.14.127 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-06-18 18:41:19 +02:00
Matthias Fischer
2f278de868 unbound: Update to 1.9.2 
For details see:
https://nlnetlabs.nl/pipermail/unbound-users/2019-June/011632.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-17 17:39:37 +01:00
Michael Tremer
35f12f2998 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-10 09:58:15 +01:00
Michael Tremer
28093c8376 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-08 11:34:37 +01:00
Michael Tremer
09b9910696 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-07 11:14:11 +01:00
Tim FitzGeorge
a5ba473c15 suricata: correct rule actions in IPS mode 
In IPS mode rule actions need to be have the action 'drop' for the
protection to work, however this is not appropriate for all rules.
Modify the generator for oinkmaster-modify-sids.conf to leave
rules with the action 'alert' here this is appropriate.  Also add
a script to be run on update to correct existing downloaded rules.

Fixes #12086

Signed-off-by: Tim FitzGeorge <ipfr@tfitzgeorge.me.uk>
Tested-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-05 12:39:57 +01:00
Michael Tremer
cfbb61a74d Rootfile update for ARM kernels 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:44:49 +01:00
Michael Tremer
236831c0f9 Rootfile update for gcc on i586 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:41:59 +01:00
Matthias Fischer
83d4264eba rrdtool: Update to 1.7.2 
For details see:
https://oss.oetiker.ch/rrdtool/pub/CHANGES

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-04 23:31:11 +01:00
Michael Tremer
c7def60649 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-06-03 09:20:05 +01:00
Michael Tremer
f62f432a27 openssl: Update to 1.1.1c 
Fixes CVE-2019-1543

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-29 13:51:48 +01:00
Michael Tremer
7b6d2972e3 strongswan: Update to 5.8.0 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-28 13:05:50 +01:00
Michael Tremer
71ff23c765 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-28 11:41:46 +01:00
Michael Tremer
81544f8884 hyperscan: Move rootfiles to arch directories 
This package is only compiled on x86_64 and i586 and cannot
be packaged in any of the other architectures.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 15:38:42 +01:00
Stefan Schantl
52ebc66bba hyperscan: New package 
This package adds hyperscan support to suricata

Fixes #12053.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:40:14 +01:00
Stefan Schantl
2348cfffcf ragel: New package 
This is a build dependency of hyperscan

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:40:03 +01:00
Stefan Schantl
1a5f064916 colm: New package 
This is a build dependency of ragel, which is a build dependency of
hyperscan.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:39:32 +01:00
Stefan Schantl
616395f37c jansson: Move to core system and update to 2.12 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:39:00 +01:00
Michael Tremer
f6e18df542 Rootfile update 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-27 14:37:23 +01:00
Michael Tremer
333125abf8 Merge branch 'toolchain' into next 2019-05-24 06:55:03 +01:00
Michael Tremer
9f0295a512 Merge remote-tracking branch 'ms/faster-build' into next 2019-05-24 06:54:16 +01:00
Matthias Fischer
f225f3ee29 bind: Update to 9.11.7 
For details see:
http://ftp.isc.org/isc/bind9/9.11.7/RELEASE-NOTES-bind-9.11.7.html

"Security Fixes

  The TCP client quota set using the tcp-clients option could be exceeded in some cases.
  This could lead to exhaustion of file descriptors.
  This flaw is disclosed in CVE-2018-5743. [GL #615]"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-24 06:36:55 +01:00
Arne Fitzenreiter
b0d31edbd6 vnstat: fix errormessage at first boot 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-05-21 20:36:16 +02:00
Arne Fitzenreiter
6d37280f3e configroot: create main/security settings file 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-05-21 15:03:21 +02:00
Arne Fitzenreiter
405f69fc9c web-user-interface: update rootfile 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-05-21 15:02:54 +02:00
Michael Tremer
6a83dbb451 SMT: Apply settings according to configuration 
SMT can be forced on.

By default, all systems that are vulnerable to RIDL/Fallout
will have SMT disabled by default.

Systems that are not vulnerable to that will keep SMT enabled.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-20 21:30:26 +01:00
Arne Fitzenreiter
29b907c677 intel-microcode: update to 20190514 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-05-15 13:17:26 +02:00
Michael Tremer
54fc710b99 Update kernel rootfiles for armv5tel 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-14 10:02:03 +01:00
Michael Tremer
da636bd8b7 Update kernel rootfiles for aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-13 16:31:14 +01:00
Michael Tremer
d04ab223c7 web-user-interface: Ship new zoneconf.cgi file 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-09 15:47:42 +01:00
Matthias Fischer
f302e31ae2 libedit: Update to 20190324-3.1 
For details see:
https://thrysoee.dk/editline/

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-07 23:50:03 +01:00
Matthias Fischer
9177b69830 bind: Update to 9.11.6-P1 
For details see:
http://ftp.isc.org/isc/bind9/9.11.6-P1/RELEASE-NOTES-bind-9.11.6-P1.html

"Security Fixes

 The TCP client quota set using the tcp-clients option could be exceeded in some cases.
 This could lead to exhaustion of file descriptors. This flaw is disclosed in CVE-2018-5743.
 [GL #615]"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-05-07 23:48:24 +01:00
Michael Tremer
68e0cf6714 grub: Update rootfile on i586 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-30 10:45:02 +01:00
Michael Tremer
5085356151 glibc: Update rootfile for i586 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-29 13:44:28 +01:00
Michael Tremer
864a5befd9 glibc: Update to 2.29 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:38 +01:00
Michael Tremer
e81233173f gcc: Update rootfile for aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:38 +01:00
Michael Tremer
ecc9e5efb4 binutils: Update rootfile for aarch64 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:37 +01:00
Michael Tremer
525f5d2959 gcc: Update to 8.3.0 
This patch carries the rootfile for x86_64 only.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:37 +01:00
Michael Tremer
3596937440 binutils: Update to 2.32 
This patch carries the rootfile for x86_64 only.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:44:37 +01:00
Michael Tremer
a7e185c590 grub: Fix rootfile 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-28 09:43:48 +01:00
Michael Tremer
452d2b6eaa grub: Disable efiemu on PC builds 
This won't compile with GCC 8 and we do not need it

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-26 16:19:42 +01:00
Arne Fitzenreiter
5fa063f859 kernel: update to 4.14.112 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-17 22:30:19 +02:00
Arne Fitzenreiter
e91c83490b wireless-regdb: update to 2019.03.01 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-04-16 18:05:18 +02:00
Matthias Fischer
a4cc65bc48 nettle: Update to 3.4.1 
For details see:
https://fossies.org/linux/nettle/ChangeLog

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-04 02:06:19 +01:00
Matthias Fischer
34bbcff61f gnutls: Update to 3.6.7.1 
For details see:
https://lists.gnupg.org/pipermail/gnutls-help/2019-March/004497.html

Please note:
A few days after the "3.6.7" release, "3.6.7.1" came out.

See:
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/

But the compressed directory version is still versioned 3.6.7.

Because of this, the fourth (sub)-version number required some lfs adjustments.

And:
This version requires "nettle 3.4.1", which is sent in another commit.

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-04 02:05:18 +01:00
Matthias Fischer
5f2e713ec8 apache: Update to 2.4.39 
For details see:
http://mirror.checkdomain.de/apache//httpd/CHANGES_2.4.39

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-04-04 02:03:22 +01:00