bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-12 20:16:49 +02:00

Author	SHA1	Message	Date
Stefan Schantl	79af9f6938	ruleset-sources: Update snort dl urls. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:48:15 +01:00
Michael Tremer	21f2107697	tor: Ship updated CGI Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:47:02 +01:00
Erik Kapfer	ac2fdbb15e	tor.cgi: Disable debugging output Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:46:45 +01:00
Michael Tremer	f6104aa1e0	core133: Drop metadata for jansson package Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:42:50 +01:00
Michael Tremer	86efc510f9	core133: Ship hyperscan Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:40:31 +01:00
Michael Tremer	81544f8884	hyperscan: Move rootfiles to arch directories This package is only compiled on x86_64 and i586 and cannot be packaged in any of the other architectures. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 15:38:42 +01:00
Stefan Schantl	52ebc66bba	hyperscan: New package This package adds hyperscan support to suricata Fixes #12053. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:40:14 +01:00
Stefan Schantl	2348cfffcf	ragel: New package This is a build dependency of hyperscan Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:40:03 +01:00
Stefan Schantl	1a5f064916	colm: New package This is a build dependency of ragel, which is a build dependency of hyperscan. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:39:32 +01:00
Stefan Schantl	0f75603f23	asterisk: Remove dependency to jansson. The package has become part of the main system. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:39:19 +01:00
Stefan Schantl	616395f37c	jansson: Move to core system and update to 2.12 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:39:00 +01:00
Michael Tremer	f6e18df542	Rootfile update Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-27 14:37:23 +01:00
Arne Fitzenreiter	8a104d7f02	core133: readd late core132 changes to core133 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-26 17:27:16 +02:00
Arne Fitzenreiter	83809af1fb	Merge branch 'master' into next	2019-05-26 17:23:54 +02:00
Arne Fitzenreiter	637885839b	core132: security conf should not executable Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-26 16:17:04 +02:00
Michael Tremer	8fad3a5941	tor: Depend on libseccomp Suggested-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-26 16:12:48 +02:00
Stefan Schantl	fefb5173cf	ids-functions.pl: Do not delete the whitelist file on rulesdir cleanup. Fixes #12087. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-26 16:09:21 +02:00
Arne Fitzenreiter	d0db7550ed	core132: set correct permissions of security settings file. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-26 16:05:41 +02:00
Arne Fitzenreiter	29abc2d07c	vulnerabilities.cgi: again change colours red - vulnerable blue - mitigated green - not affected because we not really trust the mitigations so they shound not green. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-25 07:39:38 +02:00
Arne Fitzenreiter	e896a9bd3d	vulnerabilities.cgi fix string handling remove lf at the end for correct matching and not strip "Mitigated:" if it was not full working and still vulnerable. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-25 06:54:35 +02:00
Michael Tremer	413f84e988	vulnerabilities.cgi: Regard mitigations that only mitigate something still as vulnerable Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-25 06:51:53 +02:00
Michael Tremer	a96bcf413a	vulnerabilities.cgi: Simplify regexes We can do the split in one. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-25 06:51:06 +02:00
Michael Tremer	333125abf8	Merge branch 'toolchain' into next	2019-05-24 06:55:03 +01:00
Michael Tremer	9f0295a512	Merge remote-tracking branch 'ms/faster-build' into next	2019-05-24 06:54:16 +01:00
Michael Tremer	8feb0db430	core133: Ship updated squid Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:39:37 +01:00
Matthias Fischer	d2b5f03631	squid: Update to 4.7 For details see: http://www.squid-cache.org/Versions/v4/changesets/ Fixes among other things the old 'filedescriptors' problem, so this patch was deleted. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:37:50 +01:00
Michael Tremer	53ef2a0ffe	core133: Ship updated bind Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:37:21 +01:00
Matthias Fischer	f225f3ee29	bind: Update to 9.11.7 For details see: http://ftp.isc.org/isc/bind9/9.11.7/RELEASE-NOTES-bind-9.11.7.html "Security Fixes The TCP client quota set using the tcp-clients option could be exceeded in some cases. This could lead to exhaustion of file descriptors. This flaw is disclosed in CVE-2018-5743. [GL #615]" Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:36:55 +01:00
Michael Tremer	79967ee9c4	Start Core Update 133 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:35:46 +01:00
Michael Tremer	90194d7f7b	.gitignore: Ignore some backup files Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-24 06:30:46 +01:00
Michael Tremer	f8c23b43b7	tor: Depend on libseccomp Suggested-by: Erik Kapfer <erik.kapfer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-23 01:50:29 +01:00
Michael Tremer	f617fd912b	unbound: Safe Search: Enable Restrict-Moderate for YouTube Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:29:32 +01:00
Michael Tremer	6d653734fb	Update German translations Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:18:31 +01:00
Michael Tremer	61498b76b6	vulnerabilities.cgi: Regard mitigations that only mitigate something still as vulnerable Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:18:31 +01:00
Michael Tremer	144ff7605d	vulnerabilities.cgi: Simplify regexes We can do the split in one. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-22 15:17:59 +01:00
Arne Fitzenreiter	2f34103d47	Merge branch 'master' into next	2019-05-22 12:34:41 +02:00
Arne Fitzenreiter	984a6cabe4	vulnerablities: change to logic colours Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 12:34:03 +02:00
Arne Fitzenreiter	16e13262d9	Merge branch 'next'	2019-05-22 10:38:02 +02:00
Arne Fitzenreiter	3858a4b5b8	finish: core132 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 10:33:20 +02:00
Arne Fitzenreiter	b23db9b97b	vulnerablities.cgi: add colours for vuln,smt and unknown output. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-22 10:30:08 +02:00
Arne Fitzenreiter	716f00b116	kernel: update to 4.14.121 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 20:42:51 +02:00
Arne Fitzenreiter	b0d31edbd6	vnstat: fix errormessage at first boot Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 20:36:16 +02:00
Arne Fitzenreiter	6d37280f3e	configroot: create main/security settings file Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 15:03:21 +02:00
Arne Fitzenreiter	405f69fc9c	web-user-interface: update rootfile Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 15:02:54 +02:00
Michael Tremer	a087f4f586	core132: Ship vulnerabilities.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:55:55 +01:00
Michael Tremer	1cbcd044af	SMT: Show status on vulnerabilities.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:54:05 +01:00
Michael Tremer	f238e25172	vulnerabilities.cgi: Disable debugging output Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:39:03 +01:00
Michael Tremer	6f626b9ba0	Add the new vulnerabilities CGI file to the System menu Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:38:20 +01:00
Michael Tremer	6a83dbb451	SMT: Apply settings according to configuration SMT can be forced on. By default, all systems that are vulnerable to RIDL/Fallout will have SMT disabled by default. Systems that are not vulnerable to that will keep SMT enabled. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:30:26 +01:00
Michael Tremer	65871d1a0c	Add new CGI file to show CPU vulnerability status This is supposed to help users to have an idea about the status of the used hardware. Additionally, it allows users to enable/disable SMT. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-05-20 21:17:17 +01:00

1 2 3 4 5 ...

13456 Commits