webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-23 09:22:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,135 Commits 2 Branches 1 Tag
5b4464a94478059ceebf266bc31dee4a4ba18fac
Commit Graph

5762 Commits

Author SHA1 Message Date
Matthias Fischer
6f8b156bf0 unbound: Update to 1.9.1 
For details see:
https://nlnetlabs.nl/pipermail/unbound-users/2019-March/011415.html

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-16 12:31:29 +00:00
Matthias Fischer
f81c222519 ntp: Update to 4.2.8p13 
For details see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-16 12:28:58 +00:00
Stefan Schantl
728f3d2e8f suricata: Fix ownership and file permissions of files inside /var/lib/suricata. 
These files needs to have nobody.nobody as owner but requires read-acces from everyone
to allow the suricata user reading-in this files during startup.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-16 12:28:30 +00:00
Michael Tremer
acb718b0bb nut: Disable parallel build 
nut just fails to build when running in parallel

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-14 14:01:45 +00:00
Michael Tremer
01604708c3 Merge remote-tracking branch 'stevee/next-suricata' into next 2019-03-14 13:19:35 +00:00
Peter Müller
4680d554fc run Tor under dedicated user 
This allows more-fine granular firewall rules (see first patch for
further information). Further, it prevents other services running as
"nobody" (Apache, ...) from reading Tor relay keys.

Fixes #11779.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-14 13:15:18 +00:00
Peter Müller
4fc1a0045b amavisd: update to 2.11.1 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-13 09:35:07 +00:00
Peter Müller
867151a8b2 Postfix: update to 3.4.3 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-13 09:35:07 +00:00
Arne Fitzenreiter
eaf004a468 knot: update to 2.8.0 and build/install only kdig 
This fix compile errors on small arm boards. (cc1 internal error)

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-03-13 15:06:23 +01:00
Arne Fitzenreiter
b57220aacd groff: update to 1.22.4 
This fix compile problems on small arm boards. (cc1 internal error)

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-03-13 15:04:40 +01:00
Stefan Schantl
e8b1b397c1 suricata: Remove unneeded stuff during build 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-03-13 10:03:48 +01:00
Arne Fitzenreiter
c448474fc7 Revert "kernel: cleanup unused rpi patch" 
This reverts commit a2d49659f3.

The patch is still needed to prevent strange crashes

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-03-13 09:39:07 +01:00
Peter Müller
04f9321955 Tor WebUI: drop relay bandwith options < 1 MBit/s 
Tor requires at least 1 MBit/s in order to participate.

Fixes #12001

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-11 09:52:54 +00:00
Michael Tremer
199db95a70 dnsdist: Limit to fewer concurrent build processes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-11 09:38:56 +00:00
Peter Müller
9f7524c8b0 less: update to 530 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-10 18:22:53 +00:00
Peter Müller
e29c6d29c9 Postfix: update to 3.4.1 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-10 18:22:39 +00:00
Matthias Fischer
15b1a3e360 slang: revert parallelized build 
This partially reverts https://git.ipfire.org/?p=ipfire-2.x.git;a=blob;f=lfs/slang;h=217e74c77317d4c829913f934458779fd278bf29;hb=23164efba5f57b3d8ccb07a166b613f2f951e1b6

'slang 2.3.0' doesn't like "$(MAKETUNING)"

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-10 18:22:21 +00:00
Stefan Schantl
f717b1dc55 IDS: Set owner of suricata logging directory to correct user 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-03-10 18:52:40 +01:00
Stefan Schantl
2bec60c347 suricata: Update to 4.1.3 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-03-10 17:34:03 +01:00
Alexander Koch
06fc6170a2 zabbix_agentd: New addon 
New addon for monitoring IPFire by Zabbix Monitoring (https://www.zabbix.com/features).
See https://forum.ipfire.org/viewtopic.php?f=52&t=22039 and https://lists.ipfire.org/pipermail/development/2019-February/005324.html for further details.

Best regards,
Alex

Signed-off-by: Alexander Koch <ipfire@starkstromkonsument.de>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-08 09:55:18 +00:00
Michael Tremer
c0ac5ae2a7 installer: Download ISO via HTTPS 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-07 11:27:19 +00:00
Michael Tremer
ea8a02c232 Revert "boost: Build with -O2 only" 
This reverts commit 9ff5b381eb.

Boost wants to build with -O3 no matter what

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-07 10:29:31 +00:00
Michael Tremer
9ff5b381eb boost: Build with -O2 only 
This should increase build speed

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 17:20:52 +00:00
Michael Tremer
d53537ced9 Config: Builds don't seem to like the space 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:57:22 +00:00
Michael Tremer
a843073c8e perl: Limit build to 23 parallel processes 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:52:34 +00:00
Michael Tremer
7691a1bfe7 make.sh: Introduce MAX_PARALLELISM 
This will now adjust MAKETUNING to not launch more processes
than MAX_PARALLELISM. Handy to limit builds that use a lot of memory.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:51:08 +00:00
Michael Tremer
77c863a2f1 make.sh: Introduce DEFAULT_PARALLELISM 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:43:47 +00:00
Michael Tremer
8556093359 make.sh: Pass number of processors and total memory so that we can adjust MAKETUNING 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:33:50 +00:00
Wolfgang Apolinarski
23164efba5 Parallelized build for several packages 
Added $(MAKETUNING) to several packages.
Marked packages that do not support parallel build.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 11:02:03 +00:00
Matthias Fischer
b2ee5e8aa4 wpa_supplicant: Update to 2.7 
For details see:
https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 09:26:58 +00:00
Matthias Fischer
d6d5999af1 hostapd: Update to 2.7 
For details see:
https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog

This patch sticks to 'wpa_supplicant: Update to 2.7'.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 09:26:58 +00:00
Erik Kapfer
758a1893a1 netsnmpd: Update to version 5.8 
Overview of the changes can be found in here https://sourceforge.net/p/net-snmp/mailman/message/36386084/ .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 09:26:58 +00:00
Erik Kapfer
3f2341da8d iptables: Update to 1.8.2 
netfilter-layer7 has also been updated to v2.23 .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-04 09:26:58 +00:00
Stefan Schantl
b051eb68b6 libcap-ng: New package 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2019-03-03 15:10:02 +01:00
Erik Kapfer
46a073f1b5 ipset: Update to version 7.1 
Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-02 14:11:19 +00:00
Matthias Fischer
6ca3265c41 tar: Update to 1.32 
For details see:
http://git.savannah.gnu.org/cgit/tar.git/log/

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-02 14:10:39 +00:00
Matthias Fischer
ae45fb5193 bind: Update to 9.11.6 
For details see:
http://ftp.isc.org/isc/bind9/9.11.6/RELEASE-NOTES-bind-9.11.6.html

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-02 14:10:03 +00:00
Matthias Fischer
aa88b2ef59 squid: Update to 4.6 
For details see:
http://www.squid-cache.org/Versions/v4/changesets/

The 'configure'-option "--disable-ipv6" was removed, it is no longer necessary.

See:
https://lists.ipfire.org/pipermail/development/2016-April/002046.html

"The --disable-ipv6 build option is now deprecated.
...
Squid-3.5.7 and later will perform IPv6 availability tests on startup in
all builds.

- Where IPv6 is unavailable Squid will continue exactly as it would
have had the build option not been used.

These Squid can have the build option removed now."

The warning message concerning a "BCP 177 violation" while
starting 'squid' can be ignored.

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-02 14:07:38 +00:00
Michael Tremer
e1982c695c spectre-meltdown-checker: New package 
This makes it easy to install the script and check the vulnerability status
of a system IPFire is running on.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-03-02 13:24:44 +00:00
Michael Tremer
7c85ff1362 openssl: Update to 1.1.1b 
This is a bug fix only release

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-26 17:24:08 +00:00
Erik Kapfer
ab83c4876a OpenVPN: Update to version 2.4.7 
Changelog can be found in here https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24 .

Signed-off-by: Erik Kapfer <ummeegge@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 02:24:28 +00:00
Peter Müller
82b405615f update Tor to 0.3.5.8 
See https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312
for release notes.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 01:03:01 +00:00
Peter Müller
b66c2faac2 libgcrypt: update to 1.8.4 
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 00:57:18 +00:00
Matthias Fischer
97a238f4bf unbound: Update to 1.9.0 
For details see:
https://nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-25 00:56:05 +00:00
Michael Tremer
50d1bbf0f5 Merge branch 'ipsec' into next 2019-02-25 00:48:08 +00:00
Michael Tremer
001481edf3 cups: Depends on bluetooth library 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2019-02-24 04:04:51 +00:00
Arne Fitzenreiter
c09758302b kernel: update to 4.14.103 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-23 15:56:21 +01:00
Arne Fitzenreiter
173844d352 kernel: import cve-2019-8912 patch 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-22 21:20:57 +01:00
Arne Fitzenreiter
a2d49659f3 kernel: cleanup unused rpi patch 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-21 19:13:27 +01:00
Arne Fitzenreiter
8c8b4b2154 kernel: update to 4.14.102 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2019-02-21 10:52:38 +01:00