bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 03:25:54 +02:00

Author	SHA1	Message	Date
Michael Tremer	7bdfa67a4b	python3: Rootfile update for i586 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 16:21:09 +00:00
Michael Tremer	5f6f2e0b7c	python3: Update rootfile for armv5tel Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 15:13:54 +00:00
Michael Tremer	bcbcd15f64	Revert "core152: Load changed /etc/sysctl.conf" This reverts commit `b125988d3f`. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:26:43 +00:00
Michael Tremer	a9d90b1b3f	Revert "sysctl.conf: prevent autoloading of TTY line disciplines" This reverts commit `14c65ab71c`. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:26:26 +00:00
Arne Fitzenreiter	42fca29033	libtalloc: add new package because samba4 not provide this anymore Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:20:09 +00:00
Arne Fitzenreiter	1dd31d858e	samba: update to 4.13.0 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:19:04 +00:00
Arne Fitzenreiter	b3e5529459	samba: remove SO_xxxBUF size definitions from default config this option is not recommended for samba4 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:19:01 +00:00
Arne Fitzenreiter	9584917795	rpcsvc-proto: build before samba samba4 depends on this package Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:19:00 +00:00
Arne Fitzenreiter	bbcaca5662	perl-Parse-Yapp: add package samba4 depends on this perl module Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:18:58 +00:00
Arne Fitzenreiter	b5efeaa092	samba initskript: create needed subdirs for pipes in /var/run/samba Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:18:56 +00:00
Arne Fitzenreiter	2598b19088	samba: default.global: remove unsuppoted "map to guest = false" Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:18:56 +00:00
Arne Fitzenreiter	e4ee298623	samba.cgi: remove unsupported DISPLAY CHARSET Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:18:50 +00:00
Arne Fitzenreiter	c771fe7c4f	samba.cgi: remove unsupported security = share Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:18:42 +00:00
Michael Tremer	6d5de038d0	core152: Ship Python 3 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:16:46 +00:00
Peter Müller	2ab916576f	Python3: update to 3.8.2 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:14:32 +00:00
Peter Müller	3c73b7fbf0	python3-botocore: update to 1.16.1 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:13:06 +00:00
Peter Müller	33e86e2d4e	python3-colorama: update to 0.4.3 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:12:59 +00:00
Peter Müller	a1e3c67cad	python3-dateutil: update to 2.8.1 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:12:54 +00:00
Peter Müller	85bf02ab09	python3-docutils: update to 0.16 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:12:45 +00:00
Peter Müller	7597a209ea	python3-jmespath: update to 0.9.5 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:12:36 +00:00
Peter Müller	a4de7e7b0a	python3-pyasn1: update to 0.4.8 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:10:26 +00:00
Peter Müller	1be989f46d	python3-rsa: update to 4.0 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:10:18 +00:00
Peter Müller	9a2f6c5d8a	python3-s3transfer: update to 0.3.3 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:09:57 +00:00
Peter Müller	06c3032442	python3-six: update to 1.14.0 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:09:37 +00:00
Michael Tremer	27bd3dfcef	core152: Ship Python Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:09:07 +00:00
Arne Fitzenreiter	8f19090504	python: update to 2.7.18 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:07:34 +00:00
Michael Tremer	b125988d3f	core152: Load changed /etc/sysctl.conf Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:05:11 +00:00
Peter Müller	14c65ab71c	sysctl.conf: prevent autoloading of TTY line disciplines Malicious/vulnerable TTY line disciplines have been subject of some kernel exploits such as CVE-2017-2636, and since - to put it in Greg Kroah-Hatrman's words - we do not "trust the userspace to do the right thing", this reduces local kernel attack surface. Further, there is no legitimate reason why an unprivileged user should load kernel modules during runtime, anyway. See also: - https://lkml.org/lkml/2019/4/15/890 - https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Cc: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:04:14 +00:00
Michael Tremer	6ec99a3372	Start Core Update 152 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-06 12:03:34 +00:00
Peter Müller	b7b65e736e	sysctl.conf: prevent unintentional writes into attacker-controlled files and FIFOs Similar to hard- and symlink protection introduced a while ago, this patch enables protections against unintentional writes into attacker-controlled regular files or FIFOs, where a program expected to create new ones. This makes exploiting TOCTOU flaws harder. See also: https://www.kernel.org/doc/Documentation/sysctl/fs.txt Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-05 15:07:47 +00:00
Erik Kapfer	22a6277fc9	freeradius: Update to version 3.0.21 Update includes several fixes (incl. CVE-2019-17185) and feature improvements. A full overview of all changes can be found in here --> https://raw.githubusercontent.com/FreeRADIUS/freeradius-server/v3.0.x/doc/ChangeLog . The freeradius-no-buildtime-cert-gen patch applies also with this version. Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-02 14:59:23 +00:00
Erik Kapfer	b789edf973	lynis: Update to version 3.0.0 Several Fixes (incl. CVE-2019-13033 and CVE-2020-13882) and features has been added since the last version 2.6.4 . For a full overview of the changes take a look in here --> https://cisofy.com/changelog/lynis/ . Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-02 14:59:09 +00:00
Erik Kapfer	44bbc60696	libsolv: Update to version 0.7.14 Several fixes and features has been added. A full overview of all changes can be found in here --> https://github.com/openSUSE/libsolv/blob/master/package/libsolv.changes . Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-02 14:54:18 +00:00
Michael Tremer	b637be144c	haproxy: Update to 2.2.4 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-01 09:30:48 +00:00
Michael Tremer	eed7b35ba5	dnsdist: Update to 1.5.1 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-10-01 09:20:48 +00:00
Michael Tremer	74f47b18b1	core151: Ship & load /etc/sysctl.conf Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 17:16:12 +00:00
Peter Müller	dc5a89c948	sysctl.conf: drop RST packets for sockets in TIME-WAIT state RFC 1337 describes various TCP (side channel) attacks against prematurely closed connections stalling in TIME-WAIT state, such as DoS or injecting arbitrary TCP segments, and recommends to silently discard RST packets for sockets in this state. While applications still tied to such sockets should tolerate invalid input (thanks to Jon Postel), there is little legitimate reason to send such RST packets altogether. At the time of writing, no collateral damage related to active RFC 1337 implementations is known. Measuerements in productive environments did not reveal any side effects either, which is why I consider enabling RFC 1337 implementation to be a safe change. See also: https://tools.ietf.org/html/rfc1337 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 17:14:07 +00:00
Michael Tremer	a839e63f74	stunnel: Package /var/lib/stunnel Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 17:10:39 +00:00
Erik Kapfer	70f6a96b46	stunnel: Update to version 5.56 The version jump from 5.44 to 5.56 includes several 'LOW' and 'HIGH' urgent bugfixes which are also secure relevant. A full overview of fixes and new features can be found in here --> https://www.stunnel.org/NEWS.html . Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 17:10:23 +00:00
Erik Kapfer	327ded3408	keepalived: Update to version 2.1.5 The version jump from 2.0.20 to 2.1.5 includes several improvemnts and fixes. The release notes can be overviewed in here --> https://www.keepalived.org/release-notes/Release-2.1.4.html . Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 13:32:38 +00:00
Michael Tremer	9e870fcb76	Update contributors Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 10:30:14 +00:00
Stéphane Pautrel	b0a707e5a1	Update French translation Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 10:26:33 +00:00
Michael Tremer	54f0daca3f	core151: Ship OpenSSH Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 10:01:37 +00:00
Adolf Belka	13e20ecfc5	openssh: Update to 8.4p1 - Update openssh from version 8.3p1 to 8.4p1 See https://www.openssh.com/releasenotes.html See https://www.openssh.com/portable.html#http for mirrors for source file - No change to rootfiles - Installed on virtual ipfire testbed and ssh connection successfully operated Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 10:00:17 +00:00
Adolf Belka	501defe601	bacula: Update to 9.6.6 - Update bacula from version 9.6.5 to 9.6.6 This is a minor bug release See https://sourceforge.net/projects/bacula/files/bacula/9.6.6/ReleaseNotes/ Source file available at https://sourceforge.net/projects/bacula/files/bacula/9.6.6/bacula-9.6.6.tar.gz Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 10:00:03 +00:00
Adolf Belka	d8f992b349	bacula: Update to backup/includes definition - Modified backup/includes file to backup the /var/bacula/working directory contents rather than explicitly naming the state filename. State filename could be varied if user modifies the port number for the file daemon as the port number is part of the state filename Signed-off-by: Adolf Belka <ahb.ipfire@gmail.com> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 10:00:01 +00:00
Erik Kapfer	aa4ed7637c	iptraf-ng: Update to version 1.2.1 Update includes several fixes and enhancements. The full overview of changes are located in here --> https://github.com/iptraf-ng/iptraf-ng/blob/master/CHANGES . rvnamed has been merged into iptraf-ng. Fix division by zero patch has been merged into new version, patch is not needed anymore. logrotate configuration for iptraf-ng has been included. Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 09:58:51 +00:00
Erik Kapfer	74a8a84316	nginx: Update to version 1.19.2 Several bugfixes and features has been integrated since version 1.17.8. A full overview of all changes are located in here --> https://github.com/nginx/nginx-releases/blob/master/CHANGES . Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 09:58:42 +00:00
Erik Kapfer	dba1a21403	git: Update to version 2.28.0 Several changes s been made since version 2.12.2 . The documentation RelNotes of Git can be found in here --> https://github.com/git/git/tree/master/Documentation/RelNotes . Signed-off-by: Erik Kapfer <ummeegge@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-30 09:58:26 +00:00
Michael Tremer	1ebd84f438	netother.cgi: Fix typo in Connection Tracking headline Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-09-29 13:49:59 +00:00

1 2 3 4 5 ...

15228 Commits