webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-07 05:26:10 +02:00
Code Issues Packages Projects Releases Wiki Activity
16,107 Commits 2 Branches 1 Tag
93462cab63b80a12782d7cc10c8e0b33a4b98b5d
Commit Graph

48 Commits

Author SHA1 Message Date
Michael Tremer
439dc621e3 core156: Ship Text-Tabs+Wrap 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 16:03:06 +00:00
Michael Tremer
01a662e206 core156: Ship URI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 16:02:39 +00:00
Michael Tremer
68373c9c1b core156: Ship Unix-Syslog 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 16:02:12 +00:00
Michael Tremer
e01c94a34a core156: Ship XML-Parser 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 16:01:48 +00:00
Michael Tremer
7142f9d45c core156: Ship libwww-perl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 16:01:05 +00:00
Michael Tremer
8d4c689f0a core156: Ship liboping 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 16:00:36 +00:00
Michael Tremer
8ce85a8510 core156: Ship perl-Apache-Htpasswd 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:59:35 +00:00
Michael Tremer
22b906f387 core156: Ship perl-CGI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:59:07 +00:00
Michael Tremer
59b6a4e1a2 core156: Ship perl-DBD-SQLite 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:58:32 +00:00
Michael Tremer
b1f7a1a12a core156: Ship perl-DBI 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:57:51 +00:00
Michael Tremer
ad8882f073 core156: Ship perl-Device-Modem 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:57:25 +00:00
Michael Tremer
b0dbc1a60b core156: Ship perl-Device-SerialPort 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:56:46 +00:00
Michael Tremer
7301dd4759 core156: Ship perl-Email-Date-Format 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:55:31 +00:00
Michael Tremer
0ddfe125bc core156: Ship perl-Font-TTF 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:54:00 +00:00
Michael Tremer
bd8a94969f core156: Ship perl-GD 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:53:30 +00:00
Michael Tremer
736e1bf724 core156: Ship perl-IO-String 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:52:55 +00:00
Michael Tremer
fb04560f9f core156: Ship perl-MIME-Lite 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:52:21 +00:00
Michael Tremer
61d7a01291 core156: Ship perl-Net-CIDR-Lite 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:51:52 +00:00
Michael Tremer
480f09bf3f core156: Ship perl-NetAddr-IP 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:51:14 +00:00
Michael Tremer
5f86f3d332 core156: Ship perl-PDF-API2 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:50:30 +00:00
Michael Tremer
8ee4fe9e56 core156: Ship perl-Sort-Naturally 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:49:51 +00:00
Michael Tremer
c04ad954ba core156: Ship perl-Switch 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:49:14 +00:00
Michael Tremer
4022ceef62 core156: Ship perl-Text-CSV_XS 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:47:12 +00:00
Michael Tremer
228cb4b78d core156: Ship rrdtool 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:45:50 +00:00
Michael Tremer
20ac27af71 core156: Ship perl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:41:28 +00:00
Michael Tremer
f78eb45c09 suricata: Use iptables lock to ensure rules are being inserted 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-04-02 15:33:42 +00:00
Michael Tremer
ec77442f18 libloc: Update to 0.9.6 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-31 16:00:00 +00:00
Michael Tremer
e1176c3be6 core156: Ship strongswan 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-31 12:12:05 +00:00
Michael Tremer
7f52b94f2d core156: Ship Net::DNS 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-30 10:08:11 +00:00
Michael Tremer
39cfa7d72e core156: Ship gawk 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-29 12:57:56 +00:00
Michael Tremer
cb85f8b8c8 core156: Ship ed 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-29 12:55:28 +00:00
Michael Tremer
799cca48a1 core156: Ship diffutils 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-29 12:54:35 +00:00
Michael Tremer
c8dd8b783e core156: Ship bzip2 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-29 12:53:36 +00:00
Michael Tremer
ad173413e3 core156: Ship suricata 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-29 10:31:34 +00:00
Michael Tremer
8ada7e9b51 core156: Ship header.pl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-29 10:28:40 +00:00
Michael Tremer
e3e38ee611 core156: Drop snortupdateutility.js 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-29 10:27:53 +00:00
Michael Tremer
9a11c96b8a openssl: Update to 1.1.1k 
From https://www.openssl.org/news/secadv/20210325.txt:

OpenSSL Security Advisory [25 March 2021]
=========================================

CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)
========================================================================

Severity: High

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the
certificates present in a certificate chain. It is not set by default.

Starting from OpenSSL version 1.1.1h a check to disallow certificates in
the chain that have explicitly encoded elliptic curve parameters was added
as an additional strict check.

An error in the implementation of this check meant that the result of a
previous check to confirm that certificates in the chain are valid CA
certificates was overwritten. This effectively bypasses the check
that non-CA certificates must not be able to issue other certificates.

If a "purpose" has been configured then there is a subsequent opportunity
for checks that the certificate is a valid CA.  All of the named "purpose"
values implemented in libcrypto perform this check.  Therefore, where
a purpose is set the certificate chain will still be rejected even when the
strict flag has been used. A purpose is set by default in libssl client and
server certificate verification routines, but it can be overridden or
removed by an application.

In order to be affected, an application must explicitly set the
X509_V_FLAG_X509_STRICT verification flag and either not set a purpose
for the certificate verification or, in the case of TLS client or server
applications, override the default purpose.

OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these
versions should upgrade to OpenSSL 1.1.1k.

OpenSSL 1.0.2 is not impacted by this issue.

This issue was reported to OpenSSL on 18th March 2021 by Benjamin Kaduk
from Akamai and was discovered by Xiang Ding and others at Akamai. The fix was
developed by Tomáš Mráz.

NULL pointer deref in signature_algorithms processing (CVE-2021-3449)
=====================================================================

Severity: High

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation
ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits
the signature_algorithms extension (where it was present in the initial
ClientHello), but includes a signature_algorithms_cert extension then a NULL
pointer dereference will result, leading to a crash and a denial of service
attack.

A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which
is the default configuration). OpenSSL TLS clients are not impacted by this
issue.

All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions
should upgrade to OpenSSL 1.1.1k.

OpenSSL 1.0.2 is not impacted by this issue.

This issue was reported to OpenSSL on 17th March 2021 by Nokia. The fix was
developed by Peter Kästle and Samuel Sapalski from Nokia.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-25 14:37:45 +00:00
Michael Tremer
1ac60db42e core156: Ship network-functions.pl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-25 09:22:42 +00:00
Michael Tremer
4961dd3c94 core156: Ship crda 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-22 10:44:10 +00:00
Michael Tremer
834614c7e3 core156: Ship sysvinit 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-22 10:39:31 +00:00
Michael Tremer
95632cda51 core156: Ship zoneconf.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-22 10:38:27 +00:00
Michael Tremer
c5977469be core156: Ship bind 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-22 10:37:35 +00:00
Michael Tremer
a76e7dc582 core156: Ship firewall.cgi 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-22 10:37:04 +00:00
Michael Tremer
9f75f3b430 core156: Ship jQuery 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-19 10:02:27 +00:00
Michael Tremer
1e080b8a80 core156: Ship sudo 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-18 11:21:12 +00:00
Michael Tremer
e47742c02f core156: Ship attr 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-18 11:20:45 +00:00
Michael Tremer
a861e02508 core156: Ship acl 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-18 11:20:23 +00:00
Michael Tremer
00facd0112 Start Core Update 156 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2021-03-16 11:29:27 +00:00