- This code ensures that all existing N2N connections have no-pass in key 41 in place
of disabled for some of them.
- Tested out and confirmed on my vm testbed.
Fixes: Bug#13548
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Adds Zabbix Agent userparameters `ipfire.ovpn.clientcert` and `ipfire.ovpn.cacert` for the agent to get details about openvpn client, server and ca certificates.
- Moves all `ipfire.ovpn.*` userparameters to a separate config file `userparameter_ovpn.conf` to enable users to selectively disable openvpn items when not needed
- Includes `ipfire_certificate_detail.sh` script in sudoers for Zabbix Agent as it needs root permission to read openvpn certificate details.
- Adapts lfs install script to install new script and configfile
- Adds new script and configfile to rootfiles
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 1.47 to 1.48
- Update of rootfile
- Changelog
1.48
* New configure option --with-libtool-modification. [T6619]
* New option parser flag to detect commands given without a double
dash. There is also the new meta command "command-mode" to set
this flag via a config file. [T6978]
* Added an es_fopen mode flag "sequential" with support on Windows.
[rE7a42ff0ec9]
* Added an es_fopen mode flag "wipe" to cleanup internal buffers at
close time. [T6954]
* New function gpgrt_wipememory. [T6964]
* Improvements to setenv on Windows. [rE89e53ad90f]
* Fixed call to estream-printf string filters. [T6737]
* Many improvements to the yat2m tool.
* Updates to the build system.
* Interface changes relative to the 1.47 release:
ARGPARSE_FLAG_COMMAND NEW.
gpgrt_wipememory NEW.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 3.4.4 to 3.4.6
- Update of rootfile
- Changelog
3.4.6
Fix long double regression on mips64 and alpha.
3.4.5
Add support for wasm32.
Add support for aarch64 branch target identification (bti).
Add support for ARCv3: ARC32 & ARC64.
Add support for HPPA64, and many HPPA fixes.
Add support for Haikuos on PowerPC.
Fixes for AIX, loongson, MIPS, power, sparc64, and x86 Darwin.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 2.43.0 to 2.44.0
- Update of rootfile
- Changelog is too large to include here.
See the files 2.43.1.txt, 2.43.2.txt, 2.43.3.txt & 2.44.0.txt in the source tarball in
directory Documentation/RelNotes
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
we had discussed this on december telco but it is not so
easy because our menusystem only shows entry's existing cgi's.
so i add a cgi redirect to http://$ENV{SERVER_ADDR}:3000
this add the entry under pakfire and also to service page.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
- Update from version 6.0.15 to 7.0.2
- Update of rootfile
- suricata 7.0.2 requires libhtp >= 0.5.45
it also requires libelf.so.1 for execution. Previous suricata versions only required
libelf for building. libelf or elfutils are not mentioned anywhere in the changelog
- Without elfutils available during starting then suricata fails to start due to
libelf.so.1 not being available.
- Tested out suricata7 with elfutils on my vm testbed and it successfully started.
- The suricata-5.0.8 patch has been removed as it got applied to configure.ac but this
is not available in suricata-7.0.2. It looks like that patch was never actually used in
suricata as all the builds I checked used the configure file from the source tarball
and the configure was never created by running autoconf on the configure.ac
- Changelog is too large to include here. Details can be found in the ChangeLog file in
the source tarball
Fixes: Bug#13516
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
For details see:
https://blog.clamav.net/2023/11/clamav-130-122-105-released.html
Excerpts from changelog:
"Major changes
Added support for extracting and scanning attachments found in
Microsoft OneNote section files. OneNote parsing will be enabled by
default, but may be optionally disabled using one of the following
options:
a. The clamscan command line option: --scan-onenote=no,
b. The clamd.conf config option: ScanOneNote no,
c. The libclamav scan option options.parse &= ~CL_SCAN_PARSE_ONENOTE;,
d. A signature change to the daily.cfg dynamic configuration (DCONF).
Other improvements
Fixed issue when building ClamAV on the Haiku (BeOS-like) operating
system. Patch courtesy of Luca D'Amico
ClamD: When starting, ClamD will now check if the directory specified
by TemporaryDirectory in clamd.conf exists. If it doesn't, ClamD will
print an error message and will exit with exit code 1. Patch courtesy
of Andrew Kiggins.
CMake: If configured to build static libraries, CMake will now also
install the libclamav_rust, libclammspack, libclamunrar_iface, and
libclamunrar static libraries required by libclamav.
Note: These libraries are all linked into the clamscan, clamd, sigtool,
and freshclam programs, which is why they did not need to be installed
to function. However, these libraries would be required if you wish to
build some other program that uses the libclamav static library.
Added file type recognition for compiled Python (`.pyc`) files.
The file type appears as a string parameter for these callback
functions:
- clcb_pre_cache
- clcb_pre_scan
- clcb_file_inspection
When scanning a `.pyc` file, the `type` parameter will now show
"CL_TYPE_PYTHON_COMPILED" instead of "CL_TYPE_BINARY_DATA".
Improved support for decrypting PDFs with empty passwords.
Assorted minor improvements and typo fixes.
Bug fixes
Fixed a warning when scanning some HTML files.
Fixed an issue decrypting some PDF's with an empty password.
ClamOnAcc: Fixed an infinite loop when a watched directory does not
exist.
ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
scan.
Patch courtesy of gsuehiro.
Fixed a possible crash when processing VBA files on HP-UX/IA 64bit.
Patch courtesy of Albert Chin-A-Young.
ClamConf: Fixed an issue printing `MaxScanSize` introduced with the
change to allow a `MaxScanSize` greater than 4 GB.
Fix courtesy of teoberi.
Fixed an issue building a ClamAV RPM in some configurations.
The issue was caused by faulty CMake logic that intended to create an
empty database directory during the installation."
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
